diff --git a/.ci/gcb-pr-downstream-generation-and-test.yml b/.ci/gcb-pr-downstream-generation-and-test.yml index 9e753b8d5174..0d09caaadd5e 100644 --- a/.ci/gcb-pr-downstream-generation-and-test.yml +++ b/.ci/gcb-pr-downstream-generation-and-test.yml @@ -264,7 +264,11 @@ steps: - $COMMIT_SHA - $BUILD_ID - $PROJECT_ID +<<<<<<< HEAD + - "22" # Build step +======= - "23" # Build step +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 - name: 'gcr.io/graphite-docker-images/go-plus' entrypoint: '/workspace/.ci/scripts/go-plus/magician/exec.sh' diff --git a/.ci/magician/cmd/check_cassettes.go b/.ci/magician/cmd/check_cassettes.go index e149dd370844..49c6204da7c6 100644 --- a/.ci/magician/cmd/check_cassettes.go +++ b/.ci/magician/cmd/check_cassettes.go @@ -64,7 +64,11 @@ var checkCassettesCmd = &cobra.Command{ ctlr := source.NewController(env["GOPATH"], "modular-magician", githubToken, rnr) +<<<<<<< HEAD + vt, err := vcr.NewTester(env, "vcr-check-cassettes", "ci-vcr-cassettes", rnr) +======= vt, err := vcr.NewTester(env, "ci-vcr-cassettes", "vcr-check-cassettes", rnr) +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 if err != nil { return fmt.Errorf("error creating VCR tester: %w", err) } diff --git a/.ci/magician/cmd/generate_comment.go b/.ci/magician/cmd/generate_comment.go index 20a5d41b5d2d..538bf4aa2606 100644 --- a/.ci/magician/cmd/generate_comment.go +++ b/.ci/magician/cmd/generate_comment.go @@ -504,9 +504,15 @@ func detectMissingTests(diffProcessorPath, tpgbLocalPath string, rnr ExecRunner) } func formatDiffComment(data diffCommentData) (string, error) { +<<<<<<< HEAD + tmpl, err := template.New("DIFF_COMMENT.md").Parse(diffComment) + if err != nil { + panic(fmt.Sprintf("Unable to parse DIFF_COMMENT.md: %s", err)) +======= tmpl, err := template.New("DIFF_COMMENT.md.tmpl").Parse(diffComment) if err != nil { return "", fmt.Errorf("unable to parse template DIFF_COMMENT.md.tmpl: %s", err) +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 } sb := new(strings.Builder) err = tmpl.Execute(sb, data) diff --git a/.ci/magician/cmd/templates/vcr/record_replay.tmpl b/.ci/magician/cmd/templates/vcr/record_replay.tmpl index 522a56c698a2..b74186071c25 100644 --- a/.ci/magician/cmd/templates/vcr/record_replay.tmpl +++ b/.ci/magician/cmd/templates/vcr/record_replay.tmpl @@ -1,10 +1,18 @@ {{- if gt (len .RecordingResult.PassedTests) 0 -}} +<<<<<<< HEAD +$\textcolor{green}{\textsf{Tests passed during RECORDING mode:}}$ +======= {{color "green" "Tests passed during RECORDING mode:"}} +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 {{range .RecordingResult.PassedTests}}`{{.}}`[[Debug log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-{{$.PRNumber}}/artifacts/{{$.BuildID}}/recording/{{.}}.log)] {{end}} {{- if gt (len .ReplayingAfterRecordingResult.FailedTests ) 0 -}} +<<<<<<< HEAD +$\textcolor{red}{\textsf{Tests failed when rerunning REPLAYING mode:}}$ +======= {{color "red" "Tests failed when rerunning REPLAYING mode:"}} +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 {{range .ReplayingAfterRecordingResult.FailedTests}}`{{.}}`[[Error message](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-{{$.PRNumber}}/artifacts/{{$.BuildID}}/build-log/replaying_build_after_recording/{{.}}_replaying_test.log)] [[Debug log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-{{$.PRNumber}}/artifacts/{{$.BuildID}}/replaying_after_recording/{{.}}.log)] {{end}} @@ -13,19 +21,33 @@ Tests failed due to non-determinism or randomness when the VCR replayed the resp Please fix these to complete your PR. If you believe these test failures to be incorrect or unrelated to your change, or if you have any questions, please raise the concern with your reviewer. {{else}} +<<<<<<< HEAD +$\textcolor{green}{\textsf{No issues found for passed tests after REPLAYING rerun.}}$ +======= {{color "green" "No issues found for passed tests after REPLAYING rerun."}} +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 {{end}}{{/* end of if gt (len .ReplayingAfterRecordingResult.FailedTests ) 0 */}} --- {{end}}{{/* end of if gt (len .RecordingResult.PassedTests) 0 */}} {{if gt (len .RecordingResult.FailedTests) 0 -}} +<<<<<<< HEAD +$\textcolor{red}{\textsf{Tests failed during RECORDING mode:}}$ +======= {{color "red" "Tests failed during RECORDING mode:"}} +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 {{range .RecordingResult.FailedTests}}`{{.}}`[[Error message](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-{{$.PRNumber}}/artifacts/{{$.BuildID}}/build-log/recording_build/{{.}}_recording_test.log)] [[Debug log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-{{$.PRNumber}}/artifacts/{{$.BuildID}}/recording/{{.}}.log)] {{end}} {{end}} {{- /* end of if gt (len .RecordingResult.FailedTests) 0 */ -}} +<<<<<<< HEAD +{{if .HasTerminatedTests}}$\textcolor{red}{\textsf{Several tests got terminated during RECORDING mode.}}${{end}} +{{if .RecordingErr}}$\textcolor{red}{\textsf{Errors occurred during RECORDING mode. Please fix them to complete your PR.}}${{end}} +{{if .AllRecordingPassed}}$\textcolor{green}{\textsf{All tests passed!}}${{end}} +======= {{if .HasTerminatedTests}}{{color "red" "Several tests got terminated during RECORDING mode."}}{{end}} {{if .RecordingErr}}{{color "red" "Errors occurred during RECORDING mode. Please fix them to complete your PR."}}{{end}} {{if .AllRecordingPassed}}{{color "green" "All tests passed!"}}{{end}} +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 View the [build log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-{{.PRNumber}}/artifacts/{{.BuildID}}/build-log/recording_test.log) or the [debug log](https://console.cloud.google.com/storage/browser/ci-vcr-logs/beta/refs/heads/auto-pr-{{.PRNumber}}/artifacts/{{.BuildID}}/recording) for each test diff --git a/.ci/magician/cmd/templates/vcr/without_replay_failed_tests.tmpl b/.ci/magician/cmd/templates/vcr/without_replay_failed_tests.tmpl index 215c5f3ef5ce..aa54a016a610 100644 --- a/.ci/magician/cmd/templates/vcr/without_replay_failed_tests.tmpl +++ b/.ci/magician/cmd/templates/vcr/without_replay_failed_tests.tmpl @@ -1,7 +1,13 @@ {{- if .ReplayingErr -}} +<<<<<<< HEAD +$\textcolor{red}{\textsf{Errors occurred during REPLAYING mode. Please fix them to complete your PR.}}$ +{{- else -}} +$\textcolor{green}{\textsf{All tests passed!}}$ +======= {{color "red" "Errors occurred during REPLAYING mode. Please fix them to complete your PR."}} {{- else -}} {{color "green" "All tests passed!"}} +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 {{- end}} View the [build log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-{{.PRNumber}}/artifacts/{{.BuildID}}/build-log/replaying_test.log) diff --git a/.ci/magician/cmd/test_terraform_vcr.go b/.ci/magician/cmd/test_terraform_vcr.go index db192b878e50..17405cc49694 100644 --- a/.ci/magician/cmd/test_terraform_vcr.go +++ b/.ci/magician/cmd/test_terraform_vcr.go @@ -120,7 +120,11 @@ var testTerraformVCRCmd = &cobra.Command{ } ctlr := source.NewController(env["GOPATH"], "modular-magician", env["GITHUB_TOKEN_DOWNSTREAMS"], rnr) +<<<<<<< HEAD + vt, err := vcr.NewTester(env, "ci-vcr-logs", "ci-vcr-cassettes", rnr) +======= vt, err := vcr.NewTester(env, "ci-vcr-cassettes", "ci-vcr-logs", rnr) +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 if err != nil { return fmt.Errorf("error creating VCR tester: %w", err) } @@ -180,7 +184,11 @@ func execTestTerraformVCR(prNumber, mmCommitSha, buildID, projectID, buildStep, } fmt.Println("Running tests: Go files or test fixtures changed") +<<<<<<< HEAD + if err := vt.FetchCassettes(provider.Beta, baseBranch, prNumber); err != nil { +======= if err := vt.FetchCassettes(provider.Beta, baseBranch, newBranch); err != nil { +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 return fmt.Errorf("error fetching cassettes: %w", err) } @@ -196,10 +204,17 @@ func execTestTerraformVCR(prNumber, mmCommitSha, buildID, projectID, buildStep, } if err := vt.UploadLogs(vcr.UploadLogsOptions{ +<<<<<<< HEAD + PRNumber: prNumber, + BuildID: buildID, + Mode: vcr.Replaying, + Version: provider.Beta, +======= Head: newBranch, BuildID: buildID, Mode: vcr.Replaying, Version: provider.Beta, +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 }); err != nil { return fmt.Errorf("error uploading replaying logs: %w", err) } @@ -261,12 +276,20 @@ func execTestTerraformVCR(prNumber, mmCommitSha, buildID, projectID, buildStep, testState = "success" } +<<<<<<< HEAD + if err := vt.UploadCassettes(prNumber, provider.Beta); err != nil { +======= if err := vt.UploadCassettes(newBranch, provider.Beta); err != nil { +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 return fmt.Errorf("error uploading cassettes: %w", err) } if err := vt.UploadLogs(vcr.UploadLogsOptions{ +<<<<<<< HEAD + PRNumber: prNumber, +======= Head: newBranch, +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 BuildID: buildID, Parallel: true, Mode: vcr.Recording, @@ -295,10 +318,17 @@ func execTestTerraformVCR(prNumber, mmCommitSha, buildID, projectID, buildStep, } if err := vt.UploadLogs(vcr.UploadLogsOptions{ +<<<<<<< HEAD + PRNumber: prNumber, + BuildID: buildID, + Parallel: true, + AfterRecording: true, +======= Head: newBranch, BuildID: buildID, AfterRecording: true, Parallel: true, +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 Mode: vcr.Replaying, Version: provider.Beta, }); err != nil { @@ -477,7 +507,10 @@ func formatComment(fileName string, tmplText string, data any) (string, error) { funcs := template.FuncMap{ "join": strings.Join, "add": func(i, j int) int { return i + j }, +<<<<<<< HEAD +======= "color": color, +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 } tmpl, err := template.New(fileName).Funcs(funcs).Parse(tmplText) if err != nil { @@ -492,6 +525,25 @@ func formatComment(fileName string, tmplText string, data any) (string, error) { } func formatTestsAnalytics(data analytics) (string, error) { +<<<<<<< HEAD + return formatComment("test_terraform_vcr_test_analytics.tmpl", testsAnalyticsTmplText, data) +} + +func formatNonExercisedTests(data nonExercisedTests) (string, error) { + return formatComment("test_terraform_vcr_recording_mode_results.tmpl", nonExercisedTestsTmplText, data) +} + +func formatWithReplayFailedTests(data withReplayFailedTests) (string, error) { + return formatComment("test_terraform_vcr_with_replay_failed_tests.tmpl", withReplayFailedTestsTmplText, data) +} + +func formatWithoutReplayFailedTests(data withoutReplayFailedTests) (string, error) { + return formatComment("test_terraform_vcr_without_replay_failed_tests.tmpl", withoutReplayFailedTestsTmplText, data) +} + +func formatRecordReplay(data recordReplay) (string, error) { + return formatComment("test_terraform_vcr_record_replay.tmpl", recordReplayTmplText, data) +======= return formatComment("test_analytics.tmpl", testsAnalyticsTmplText, data) } @@ -509,4 +561,5 @@ func formatWithoutReplayFailedTests(data withoutReplayFailedTests) (string, erro func formatRecordReplay(data recordReplay) (string, error) { return formatComment("record_replay.tmpl", recordReplayTmplText, data) +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 } diff --git a/.ci/magician/cmd/vcr_cassette_update.go b/.ci/magician/cmd/vcr_cassette_update.go index 91588e676195..0296d830b39a 100644 --- a/.ci/magician/cmd/vcr_cassette_update.go +++ b/.ci/magician/cmd/vcr_cassette_update.go @@ -90,7 +90,11 @@ var vcrCassetteUpdateCmd = &cobra.Command{ } ctlr := source.NewController(env["GOPATH"], "hashicorp", env["GITHUB_TOKEN_CLASSIC"], rnr) +<<<<<<< HEAD + vt, err := vcr.NewTester(env, "", "ci-vcr-cassettes", rnr) +======= vt, err := vcr.NewTester(env, "ci-vcr-cassettes", "", rnr) +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 if err != nil { return fmt.Errorf("error creating VCR tester: %w", err) } diff --git a/.ci/magician/cmd/vcr_cassette_update_test.go b/.ci/magician/cmd/vcr_cassette_update_test.go index beb96423869f..48088e6a62f6 100644 --- a/.ci/magician/cmd/vcr_cassette_update_test.go +++ b/.ci/magician/cmd/vcr_cassette_update_test.go @@ -401,7 +401,11 @@ func TestExecVCRCassetteUpdate(t *testing.T) { ctlr := source.NewController("gopath", "hashicorp", "token", rnr) vt, err := vcr.NewTester(map[string]string{ "SA_KEY": "sa_key", +<<<<<<< HEAD + }, "", "ci-vcr-cassettes", rnr) +======= }, "ci-vcr-cassettes", "", rnr) +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 if err != nil { t.Fatalf("Failed to create new tester: %v", err) } diff --git a/.ci/magician/provider/version.go b/.ci/magician/provider/version.go index 6372ff7fd297..defd4a675e14 100644 --- a/.ci/magician/provider/version.go +++ b/.ci/magician/provider/version.go @@ -6,10 +6,16 @@ const ( None Version = iota GA Beta +<<<<<<< HEAD +) + +const NumVersions = 2 +======= Alpha ) const NumVersions = 3 +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 func (v Version) String() string { switch v { @@ -17,8 +23,11 @@ func (v Version) String() string { return "ga" case Beta: return "beta" +<<<<<<< HEAD +======= case Alpha: return "alpha" +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 } return "unknown" } @@ -36,8 +45,11 @@ func (v Version) RepoName() string { return "terraform-provider-google" case Beta: return "terraform-provider-google-beta" +<<<<<<< HEAD +======= case Alpha: return "terraform-next" +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 } return "unknown" } diff --git a/.ci/magician/vcr/tester.go b/.ci/magician/vcr/tester.go index 471f4448bbcd..9f76cdca5dcd 100644 --- a/.ci/magician/vcr/tester.go +++ b/.ci/magician/vcr/tester.go @@ -50,8 +50,13 @@ type logKey struct { type Tester struct { env map[string]string // shared environment variables for running tests rnr ExecRunner // for running commands and manipulating files +<<<<<<< HEAD + logBucket string // GCS bucket name to store logs + cassetteBucket string // GCS bucket name to store cassettes +======= cassetteBucket string // name of GCS bucket to store cassettes logBucket string // name of GCS bucket to store logs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 baseDir string // the directory in which this tester was created saKeyPath string // where sa_key.json is relative to baseDir cassettePaths map[provider.Version]string // where cassettes are relative to baseDir by version @@ -68,6 +73,10 @@ var testResultsExpression = regexp.MustCompile(`(?m:^--- (PASS|FAIL|SKIP): (Test var testPanicExpression = regexp.MustCompile(`^panic: .*`) +<<<<<<< HEAD +// Create a new tester in the current working directory and write the service account key file. +func NewTester(env map[string]string, logBucket, cassetteBucket string, rnr ExecRunner) (*Tester, error) { +======= var safeToLog = map[string]bool{ "ACCTEST_PARALLELISM": true, "COMMIT_SHA": true, @@ -108,6 +117,7 @@ var safeToLog = map[string]bool{ // Create a new tester in the current working directory and write the service account key file. func NewTester(env map[string]string, cassetteBucket, logBucket string, rnr ExecRunner) (*Tester, error) { +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 var saKeyPath string if saKeyVal, ok := env["SA_KEY"]; ok { saKeyPath = "sa_key.json" @@ -118,8 +128,13 @@ func NewTester(env map[string]string, cassetteBucket, logBucket string, rnr Exec return &Tester{ env: env, rnr: rnr, +<<<<<<< HEAD + logBucket: logBucket, + cassetteBucket: cassetteBucket, +======= cassetteBucket: cassetteBucket, logBucket: logBucket, +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 baseDir: rnr.GetCWD(), saKeyPath: saKeyPath, cassettePaths: make(map[provider.Version]string, provider.NumVersions), @@ -134,7 +149,11 @@ func (vt *Tester) SetRepoPath(version provider.Version, repoPath string) { // Fetch the cassettes for the current version if not already fetched. // Should be run from the base dir. +<<<<<<< HEAD +func (vt *Tester) FetchCassettes(version provider.Version, baseBranch, prNumber string) error { +======= func (vt *Tester) FetchCassettes(version provider.Version, baseBranch, head string) error { +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 _, ok := vt.cassettePaths[version] if ok { return nil @@ -154,8 +173,13 @@ func (vt *Tester) FetchCassettes(version provider.Version, baseBranch, head stri fmt.Println("Error fetching cassettes: ", err) } } +<<<<<<< HEAD + if prNumber != "" { + bucketPath := fmt.Sprintf("gs://%s/%srefs/heads/auto-pr-%s/fixtures/*", vt.cassetteBucket, version.BucketPath(), prNumber) +======= if head != "" { bucketPath := fmt.Sprintf("gs://%s/%srefs/heads/%s/fixtures/*", vt.cassetteBucket, version.BucketPath(), head) +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 if err := vt.fetchBucketPath(bucketPath, cassettePath); err != nil { fmt.Println("Error fetching cassettes: ", err) } @@ -169,7 +193,11 @@ func (vt *Tester) fetchBucketPath(bucketPath, cassettePath string) error { args := []string{"-m", "-q", "cp", bucketPath, cassettePath} fmt.Println("Fetching cassettes:\n", "gsutil", strings.Join(args, " ")) if _, err := vt.rnr.Run("gsutil", args, nil); err != nil { +<<<<<<< HEAD + return err +======= return fmt.Errorf("error running gsutil: %v", err) +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 } return nil } @@ -263,7 +291,11 @@ func (vt *Tester) Run(opt RunOptions) (Result, error) { } var printedEnv string for ev, val := range env { +<<<<<<< HEAD + if ev == "SA_KEY" || ev == "GOOGLE_CREDENTIALS" || strings.HasPrefix(ev, "GITHUB_TOKEN") { +======= if !safeToLog[ev] { +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 val = "{hidden}" } printedEnv += fmt.Sprintf("%s=%s\n", ev, val) @@ -441,8 +473,14 @@ func (vt *Tester) getLogPath(mode Mode, version provider.Version) (string, error return logPath, nil } +<<<<<<< HEAD +// UploadLogsOptions defines options for uploading logs. +type UploadLogsOptions struct { + PRNumber string +======= type UploadLogsOptions struct { Head string +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 BuildID string Parallel bool AfterRecording bool @@ -450,10 +488,18 @@ type UploadLogsOptions struct { Version provider.Version } +<<<<<<< HEAD +// UploadLogs uploads logs to Google Cloud Storage. +func (vt *Tester) UploadLogs(opts UploadLogsOptions) error { + bucketPath := fmt.Sprintf("gs://%s/%s/", vt.logBucket, opts.Version) + if opts.PRNumber != "" { + bucketPath += fmt.Sprintf("refs/heads/auto-pr-%s/", opts.PRNumber) +======= func (vt *Tester) UploadLogs(opts UploadLogsOptions) error { bucketPath := fmt.Sprintf("gs://%s/%s/", vt.logBucket, opts.Version) if opts.Head != "" { bucketPath += fmt.Sprintf("refs/heads/%s/", opts.Head) +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 } if opts.BuildID != "" { bucketPath += fmt.Sprintf("artifacts/%s/", opts.BuildID) @@ -514,7 +560,11 @@ func (vt *Tester) UploadLogs(opts UploadLogsOptions) error { return nil } +<<<<<<< HEAD +func (vt *Tester) UploadCassettes(prNumber string, version provider.Version) error { +======= func (vt *Tester) UploadCassettes(head string, version provider.Version) error { +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 cassettePath, ok := vt.cassettePaths[version] if !ok { return fmt.Errorf("no cassettes found for version %s", version) @@ -524,7 +574,11 @@ func (vt *Tester) UploadCassettes(head string, version provider.Version) error { "-q", "cp", filepath.Join(cassettePath, "*"), +<<<<<<< HEAD + fmt.Sprintf("gs://%s/%s/refs/heads/auto-pr-%s/fixtures/", vt.cassetteBucket, version, prNumber), +======= fmt.Sprintf("gs://%s/%s/refs/heads/%s/fixtures/", vt.cassetteBucket, version, head), +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 } fmt.Println("Uploading cassettes:\n", "gsutil", strings.Join(args, " ")) if _, err := vt.rnr.Run("gsutil", args, nil); err != nil { diff --git a/GNUmakefile b/GNUmakefile index 894d1a65ad34..649457135058 100644 --- a/GNUmakefile +++ b/GNUmakefile @@ -9,7 +9,13 @@ ifeq ($(ENGINE),tpgtools) # exist so exclusively build base tpgtools implementation mmv1_compile=-p does-not-exist else ifneq ($(PRODUCT),) +<<<<<<< HEAD + mmv1_compile=-p products/$(PRODUCT) +else + mmv1_compile=-a +======= mmv1_compile=--product $(PRODUCT) +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 endif # tpgtools setup @@ -24,12 +30,20 @@ else endif ifneq ($(RESOURCE),) +<<<<<<< HEAD + mmv1_compile += -t $(RESOURCE) +======= mmv1_compile += --resource $(RESOURCE) +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 tpgtools_compile += --resource $(RESOURCE) endif ifneq ($(OVERRIDES),) +<<<<<<< HEAD + mmv1_compile += -r $(OVERRIDES) +======= mmv1_compile += --overrides $(OVERRIDES) +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 tpgtools_compile += --overrides $(OVERRIDES)/tpgtools/overrides --path $(OVERRIDES)/tpgtools/api serialize_compile = --overrides $(OVERRIDES)/tpgtools/overrides --path $(OVERRIDES)/tpgtools/api else @@ -60,11 +74,20 @@ terraform build provider: mmv1: cd mmv1;\ +<<<<<<< HEAD + bundle; \ + if [ "$(VERSION)" = "ga" ]; then \ + bundle exec compiler.rb -e terraform -o $(OUTPUT_PATH) -v ga --no-docs $(mmv1_compile); \ + bundle exec compiler.rb -e terraform -o $(OUTPUT_PATH) -v beta --no-code $(mmv1_compile); \ + else \ + bundle exec compiler.rb -e terraform -o $(OUTPUT_PATH) -v $(VERSION) $(mmv1_compile); \ +======= if [ "$(VERSION)" = "ga" ]; then \ go run . --output $(OUTPUT_PATH) --version ga --no-docs $(mmv1_compile); \ go run . --output $(OUTPUT_PATH) --version beta --no-code $(mmv1_compile); \ else \ go run . --output $(OUTPUT_PATH) --version $(VERSION) $(mmv1_compile); \ +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 fi tpgtools: @@ -88,6 +111,26 @@ clean-tgc: tgc: cd mmv1;\ +<<<<<<< HEAD + bundle;\ + bundle exec compiler -e terraform -f tgc -v beta -o $(OUTPUT_PATH)/tfplan2cai $(mmv1_compile);\ + bundle exec compiler -e terraform -f tgc_cai2hcl -v beta -o $(OUTPUT_PATH)/cai2hcl $(mmv1_compile);\ + +tgc-go: + cd mmv1;\ + go run . --version beta --provider tgc --output $(OUTPUT_PATH)/tfplan2cai;\ + go run . --version beta --provider tgc_cai2hcl --output $(OUTPUT_PATH)/cai2hcl;\ + +tf-oics: + cd mmv1;\ + bundle;\ + bundle exec compiler.rb -e terraform -f oics -o $(OUTPUT_PATH) $(mmv1_compile);\ + +test: + cd mmv1; \ + bundle; \ + bundle exec rake test +======= go run . --version beta --provider tgc --output $(OUTPUT_PATH)/tfplan2cai $(mmv1_compile);\ go run . --version beta --provider tgc_cai2hcl --output $(OUTPUT_PATH)/cai2hcl $(mmv1_compile);\ @@ -98,6 +141,7 @@ tf-oics: test: cd mmv1; \ go test ./... +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 serialize: cd tpgtools;\ diff --git a/mmv1/api/product.go b/mmv1/api/product.go index 7539fa5eda9f..eda0fb1b1d5b 100644 --- a/mmv1/api/product.go +++ b/mmv1/api/product.go @@ -240,8 +240,12 @@ func Merge(self, otherObj reflect.Value) { // skip if the override is the "empty" value emptyOverrideValue := reflect.DeepEqual(reflect.Zero(otherObj.Field(i).Type()).Interface(), otherObj.Field(i).Interface()) +<<<<<<< HEAD + if emptyOverrideValue { +======= if emptyOverrideValue && selfObj.Type().Field(i).Name != "Required" { +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 continue } diff --git a/mmv1/api/resource.go b/mmv1/api/resource.go index e52477e68788..98465877f59a 100644 --- a/mmv1/api/resource.go +++ b/mmv1/api/resource.go @@ -42,8 +42,13 @@ type Resource struct { // // references: // guides: +<<<<<<< HEAD + // 'Guide name': 'official_documentation_url' + // api: 'rest_api_reference_url/version' +======= // 'Guide name': 'official_documentation_url' // api: 'rest_api_reference_url/version' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 // References resource.ReferenceLinks @@ -190,7 +195,11 @@ type Resource struct { // // import_format: // - example_import_one +<<<<<<< HEAD + // - example_import_two +======= // - example_import_two +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 // ImportFormat []string `yaml:"import_format"` @@ -760,7 +769,11 @@ func getLabelsFieldNote(title string) string { } func (r Resource) StateMigrationFile() string { +<<<<<<< HEAD + return fmt.Sprintf("templates/terraform/state_migrations/go/%s_%s.go.tmpl", google.Underscore(r.ProductMetadata.Name), google.Underscore(r.Name)) +======= return fmt.Sprintf("templates/terraform/state_migrations/%s_%s.go.tmpl", google.Underscore(r.ProductMetadata.Name), google.Underscore(r.Name)) +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 } // ==================== @@ -1618,6 +1631,11 @@ func (r Resource) TestExamples() []resource.Examples { } func (r Resource) VersionedProvider(exampleVersion string) bool { +<<<<<<< HEAD + vp := r.MinVersion + if exampleVersion != "" { + vp = exampleVersion +======= var vp string if exampleVersion != "" { vp = exampleVersion @@ -1625,6 +1643,7 @@ func (r Resource) VersionedProvider(exampleVersion string) bool { vp = r.ProductMetadata.lowestVersion().Name } else { vp = r.MinVersion +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 } return vp != "" && vp != "ga" } diff --git a/mmv1/api/resource/examples.go b/mmv1/api/resource/examples.go index 52975ea28847..b2607e0285be 100644 --- a/mmv1/api/resource/examples.go +++ b/mmv1/api/resource/examples.go @@ -170,7 +170,11 @@ func (e *Examples) UnmarshalYAML(unmarshal func(any) error) error { } if e.ConfigPath == "" { +<<<<<<< HEAD + e.ConfigPath = fmt.Sprintf("templates/terraform/examples/go/%s.tf.tmpl", e.Name) +======= e.ConfigPath = fmt.Sprintf("templates/terraform/examples/%s.tf.tmpl", e.Name) +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 } e.SetHCLText() @@ -286,7 +290,11 @@ func ExecuteTemplate(e any, templatePath string, appendNewline bool) string { templates := []string{ templatePath, "templates/terraform/expand_resource_ref.tmpl", +<<<<<<< HEAD + "templates/terraform/custom_flatten/go/bigquery_table_ref.go.tmpl", +======= "templates/terraform/custom_flatten/bigquery_table_ref.go.tmpl", +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 "templates/terraform/flatten_property_method.go.tmpl", "templates/terraform/expand_property_method.go.tmpl", "templates/terraform/update_mask.go.tmpl", diff --git a/mmv1/api/resource/iam_policy.go b/mmv1/api/resource/iam_policy.go index 37973ee462ae..d8631859d6a3 100644 --- a/mmv1/api/resource/iam_policy.go +++ b/mmv1/api/resource/iam_policy.go @@ -125,7 +125,11 @@ func (p *IamPolicy) UnmarshalYAML(unmarshal func(any) error) error { p.WrappedPolicyObj = true p.AllowedIamRole = "roles/viewer" p.ParentResourceAttribute = "id" +<<<<<<< HEAD + p.ExampleConfigBody = "templates/terraform/iam/go/iam_attributes.go.tmpl" +======= p.ExampleConfigBody = "templates/terraform/iam/iam_attributes.go.tmpl" +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 p.SubstituteZoneValue = true type iamPolicyAlias IamPolicy diff --git a/mmv1/api/type.go b/mmv1/api/type.go index 4d81f796f784..10179c421428 100644 --- a/mmv1/api/type.go +++ b/mmv1/api/type.go @@ -335,11 +335,14 @@ func (t *Type) SetDefault(r *Resource) { if t.Description == "" { t.Description = fmt.Sprintf("A reference to %s resource", t.Resource) } +<<<<<<< HEAD +======= case t.IsA("Fingerprint"): // Represents a fingerprint. A fingerprint is an output-only // field used for optimistic locking during updates. // They are fetched from the GCP response. t.Output = true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 default: } @@ -653,6 +656,20 @@ func (t *Type) GetDescription() string { } // TODO rewrite: validation +<<<<<<< HEAD +// Represents a fingerprint. A fingerprint is an output-only +// field used for optimistic locking during updates. +// They are fetched from the GCP response. +// class Fingerprint < FetchedExternal +// func (t *Type) validate +// super +// @output = true if @output.nil? +// end +// end + +// TODO rewrite: validation +======= +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 // class Array < Composite // check :item_type, type: [::String, NestedObject, ResourceRef, Enum], required: true diff --git a/mmv1/main.go b/mmv1/main.go index d7af7dec68c0..8ff80dabdc80 100644 --- a/mmv1/main.go +++ b/mmv1/main.go @@ -30,7 +30,11 @@ var outputPath = flag.String("output", "", "path to output generated files to") // Example usage: --version beta var version = flag.String("version", "", "optional version name. If specified, this version is preferred for resource generation when applicable") +<<<<<<< HEAD +var overrideDirectory = flag.String("override", "", "directory containing yaml overrides") +======= var overrideDirectory = flag.String("overrides", "", "directory containing yaml overrides") +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 var product = flag.String("product", "", "optional product name. If specified, the resources under the specific product will be generated. Otherwise, resources under all products will be generated.") @@ -200,11 +204,19 @@ func GenerateProduct(productChannel chan string, providerToGenerate provider.Pro defer wg.Done() productName := <-productChannel +<<<<<<< HEAD + productYamlPath := path.Join(productName, "go_product.yaml") + + var productOverridePath string + if overrideDirectory != "" { + productOverridePath = filepath.Join(overrideDirectory, productName, "go_product.yaml") +======= productYamlPath := path.Join(productName, "product.yaml") var productOverridePath string if overrideDirectory != "" { productOverridePath = filepath.Join(overrideDirectory, productName, "product.yaml") +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 } _, baseProductErr := os.Stat(productYamlPath) @@ -250,6 +262,14 @@ func GenerateProduct(productChannel chan string, providerToGenerate provider.Pro continue } +<<<<<<< HEAD + // Prepend "go_" to the Go yaml files' name to distinguish with the ruby yaml files + if filepath.Base(resourceYamlPath) == "go_product.yaml" || !strings.HasPrefix(filepath.Base(resourceYamlPath), "go_") { + continue + } + +======= +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 if overrideDirectory != "" { // skip if resource will be merged in the override loop resourceOverridePath := filepath.Join(overrideDirectory, resourceYamlPath) @@ -282,6 +302,14 @@ func GenerateProduct(productChannel chan string, providerToGenerate provider.Pro continue } +<<<<<<< HEAD + // Prepend "go_" to the Go yaml files' name to distinguish with the ruby yaml files + if filepath.Base(overrideYamlPath) == "go_product.yaml" || !strings.HasPrefix(filepath.Base(overrideYamlPath), "go_") { + continue + } + +======= +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 resource := &api.Resource{} baseResourcePath := filepath.Join(productName, filepath.Base(overrideYamlPath)) diff --git a/mmv1/products/accessapproval/FolderSettings.yaml b/mmv1/products/accessapproval/FolderSettings.yaml index a1dd54828251..a91b19d1de23 100644 --- a/mmv1/products/accessapproval/FolderSettings.yaml +++ b/mmv1/products/accessapproval/FolderSettings.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,25 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: FolderSettings +base_url: 'folders/{{folder_id}}/accessApprovalSettings' +self_link: 'folders/{{folder_id}}/accessApprovalSettings' +create_verb: :PATCH +update_verb: :PATCH +update_mask: true +description: | + Access Approval enables you to require your explicit approval whenever Google support and engineering need to access your customer content. +references: !ruby/object:Api::Resource::ReferenceLinks + api: 'https://cloud.google.com/access-approval/docs/reference/rest/v1/folders' +legacy_name: 'google_folder_access_approval_settings' +import_format: ['folders/{{folder_id}}/accessApprovalSettings'] +examples: + - !ruby/object:Provider::Terraform::Examples + skip_test: true + name: 'folder_access_approval_full' +======= --- name: 'FolderSettings' legacy_name: 'google_folder_access_approval_settings' @@ -37,17 +60,48 @@ custom_code: custom_delete: 'templates/terraform/custom_delete/clear_folder_access_approval_settings.go.tmpl' examples: - name: 'folder_access_approval_full' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'folder_access_approval' vars: folder_name: 'my-folder' test_env_vars: +<<<<<<< HEAD + org_id: :ORG_ID + - !ruby/object:Provider::Terraform::Examples + skip_test: true + name: 'folder_access_approval_active_key_version' +======= org_id: 'ORG_ID' exclude_test: true - name: 'folder_access_approval_active_key_version' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'folder_access_approval' vars: folder_name: 'my-folder' test_env_vars: +<<<<<<< HEAD + org_id: :ORG_ID +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_delete: templates/terraform/custom_delete/clear_folder_access_approval_settings.go.erb + pre_create: templates/terraform/update_mask.erb + constants: templates/terraform/constants/access_approval.go.erb +parameters: + - !ruby/object:Api::Type::String + name: folder_id + description: | + ID of the folder of the access approval settings. + required: true + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: name + description: | + The resource name of the settings. Format is "folders/{folder_id}/accessApprovalSettings" + output: true + - !ruby/object:Api::Type::Array + name: notificationEmails +======= org_id: 'ORG_ID' exclude_test: true parameters: @@ -66,10 +120,20 @@ properties: output: true - name: 'notificationEmails' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of email addresses to which notifications relating to approval requests should be sent. Notifications relating to a resource will be sent to all emails in the settings of ancestor resources of that resource. A maximum of 50 email addresses are allowed. +<<<<<<< HEAD + max_size: 50 + item_type: Api::Type::String + is_set: true + default_from_api: true + - !ruby/object:Api::Type::Array + name: enrolledServices + required: true +======= is_set: true default_from_api: true item_type: @@ -77,6 +141,7 @@ properties: max_size: 50 - name: 'enrolledServices' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of Google Cloud Services for which the given resource has Access Approval enrolled. Access requests for the resource given by name against any of these services contained here will be required @@ -84,6 +149,14 @@ properties: A maximum of 10 enrolled services will be enforced, to be expanded as the set of supported services is expanded. is_set: true +<<<<<<< HEAD + set_hash_func: accessApprovalEnrolledServicesHash + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: cloudProduct + required: true +======= required: true set_hash_func: accessApprovalEnrolledServicesHash item_type: @@ -91,6 +164,7 @@ properties: properties: - name: 'cloudProduct' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The product for which Access Approval will be enrolled. Allowed values are listed (case-sensitive): * all @@ -116,6 +190,22 @@ properties: * iam.googleapis.com * pubsub.googleapis.com * storage.googleapis.com +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: enrollmentLevel + description: | + The enrollment level of the service. + default_value: :BLOCK_ALL + values: + - :BLOCK_ALL + - !ruby/object:Api::Type::Boolean + name: enrolledAncestor + output: true + description: | + If the field is true, that indicates that at least one service is enrolled for Access Approval in one or more ancestors of the Folder. + - !ruby/object:Api::Type::String + name: activeKeyVersion +======= required: true - name: 'enrollmentLevel' type: Enum @@ -131,10 +221,21 @@ properties: output: true - name: 'activeKeyVersion' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The asymmetric crypto key version to use for signing approval requests. Empty active_key_version indicates that a Google-managed key should be used for signing. This property will be ignored if set by an ancestor of the resource, and new non-empty values may not be set. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: ancestorHasActiveKeyVersion + output: true + description: | + If the field is true, that indicates that an ancestor of this Folder has set active_key_version. + - !ruby/object:Api::Type::Boolean + name: invalidKeyVersion + output: true +======= - name: 'ancestorHasActiveKeyVersion' type: Boolean description: | @@ -142,9 +243,13 @@ properties: output: true - name: 'invalidKeyVersion' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If the field is true, that indicates that there is some configuration issue with the active_key_version configured on this Folder (e.g. it doesn't exist or the Access Approval service account doesn't have the correct permissions on it, etc.) This key version is not necessarily the effective key version at this level, as key versions are inherited top-down. +<<<<<<< HEAD +======= output: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/accessapproval/OrganizationSettings.yaml b/mmv1/products/accessapproval/OrganizationSettings.yaml index 5503efb7d19e..3c535103a801 100644 --- a/mmv1/products/accessapproval/OrganizationSettings.yaml +++ b/mmv1/products/accessapproval/OrganizationSettings.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,53 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: OrganizationSettings +base_url: 'organizations/{{organization_id}}/accessApprovalSettings' +self_link: 'organizations/{{organization_id}}/accessApprovalSettings' +create_verb: :PATCH +update_verb: :PATCH +update_mask: true +description: | + Access Approval enables you to require your explicit approval whenever Google support and engineering need to access your customer content. +references: !ruby/object:Api::Resource::ReferenceLinks + api: 'https://cloud.google.com/access-approval/docs/reference/rest/v1/organizations' +legacy_name: 'google_organization_access_approval_settings' +import_format: ['organizations/{{organization_id}}/accessApprovalSettings'] +examples: + - !ruby/object:Provider::Terraform::Examples + skip_test: true + name: 'organization_access_approval_full' + primary_resource_id: 'organization_access_approval' + test_env_vars: + org_id: :ORG_ID + - !ruby/object:Provider::Terraform::Examples + skip_test: true + name: 'organization_access_approval_active_key_version' + primary_resource_id: 'organization_access_approval' + test_env_vars: + org_id: :ORG_ID +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_delete: templates/terraform/custom_delete/clear_organization_access_approval_settings.go.erb + pre_create: templates/terraform/update_mask.erb +parameters: + - !ruby/object:Api::Type::String + name: organization_id + description: | + ID of the organization of the access approval settings. + required: true + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: name + description: | + The resource name of the settings. Format is "organizations/{organization_id}/accessApprovalSettings" + output: true + - !ruby/object:Api::Type::Array + name: notificationEmails +======= --- name: 'OrganizationSettings' legacy_name: 'google_organization_access_approval_settings' @@ -61,10 +112,20 @@ properties: output: true - name: 'notificationEmails' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of email addresses to which notifications relating to approval requests should be sent. Notifications relating to a resource will be sent to all emails in the settings of ancestor resources of that resource. A maximum of 50 email addresses are allowed. +<<<<<<< HEAD + max_size: 50 + item_type: Api::Type::String + is_set: true + default_from_api: true + - !ruby/object:Api::Type::Array + name: enrolledServices + required: true +======= is_set: true default_from_api: true item_type: @@ -72,6 +133,7 @@ properties: max_size: 50 - name: 'enrolledServices' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of Google Cloud Services for which the given resource has Access Approval enrolled. Access requests for the resource given by name against any of these services contained here will be required @@ -79,6 +141,14 @@ properties: A maximum of 10 enrolled services will be enforced, to be expanded as the set of supported services is expanded. is_set: true +<<<<<<< HEAD + set_hash_func: accessApprovalEnrolledServicesHash + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: cloudProduct + required: true +======= required: true set_hash_func: accessApprovalEnrolledServicesHash item_type: @@ -86,6 +156,7 @@ properties: properties: - name: 'cloudProduct' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The product for which Access Approval will be enrolled. Allowed values are listed (case-sensitive): all @@ -98,6 +169,33 @@ properties: iam.googleapis.com pubsub.googleapis.com storage.googleapis.com +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: enrollmentLevel + description: | + The enrollment level of the service. + default_value: :BLOCK_ALL + values: + - :BLOCK_ALL + - !ruby/object:Api::Type::Boolean + name: enrolledAncestor + output: true + description: | + This field will always be unset for the organization since organizations do not have ancestors. + - !ruby/object:Api::Type::String + name: activeKeyVersion + description: | + The asymmetric crypto key version to use for signing approval requests. + Empty active_key_version indicates that a Google-managed key should be used for signing. + - !ruby/object:Api::Type::Boolean + name: ancestorHasActiveKeyVersion + output: true + description: | + This field will always be unset for the organization since organizations do not have ancestors. + - !ruby/object:Api::Type::Boolean + name: invalidKeyVersion + output: true +======= required: true - name: 'enrollmentLevel' type: Enum @@ -123,8 +221,12 @@ properties: output: true - name: 'invalidKeyVersion' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If the field is true, that indicates that there is some configuration issue with the active_key_version configured on this Organization (e.g. it doesn't exist or the Access Approval service account doesn't have the correct permissions on it, etc.). +<<<<<<< HEAD +======= output: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/accessapproval/ProjectSettings.yaml b/mmv1/products/accessapproval/ProjectSettings.yaml index adaa591ac172..b2a2976f1260 100644 --- a/mmv1/products/accessapproval/ProjectSettings.yaml +++ b/mmv1/products/accessapproval/ProjectSettings.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,55 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: ProjectSettings +base_url: 'projects/{{project_id}}/accessApprovalSettings' +self_link: 'projects/{{project_id}}/accessApprovalSettings' +create_verb: :PATCH +update_verb: :PATCH +update_mask: true +description: | + Access Approval enables you to require your explicit approval whenever Google support and engineering need to access your customer content. +references: !ruby/object:Api::Resource::ReferenceLinks + api: 'https://cloud.google.com/access-approval/docs/reference/rest/v1/projects' +legacy_name: 'google_project_access_approval_settings' +import_format: ['projects/{{project_id}}/accessApprovalSettings'] +examples: + - !ruby/object:Provider::Terraform::Examples + skip_test: true + name: 'project_access_approval_full' + primary_resource_id: 'project_access_approval' + test_env_vars: + project: :PROJECT_NAME + org_id: :ORG_ID + - !ruby/object:Provider::Terraform::Examples + skip_test: true + name: 'project_access_approval_active_key_version' + primary_resource_id: 'project_access_approval' + test_env_vars: + project: :PROJECT_NAME + org_id: :ORG_ID +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_delete: templates/terraform/custom_delete/clear_project_access_approval_settings.go.erb + pre_create: templates/terraform/update_mask.erb +parameters: + - !ruby/object:Api::Type::String + name: project_id + description: | + ID of the project of the access approval settings. + required: true + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: name + description: | + The resource name of the settings. Format is "projects/{project_id}/accessApprovalSettings" + output: true + - !ruby/object:Api::Type::Array + name: notificationEmails +======= --- name: 'ProjectSettings' legacy_name: 'google_project_access_approval_settings' @@ -63,10 +116,20 @@ properties: output: true - name: 'notificationEmails' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of email addresses to which notifications relating to approval requests should be sent. Notifications relating to a resource will be sent to all emails in the settings of ancestor resources of that resource. A maximum of 50 email addresses are allowed. +<<<<<<< HEAD + max_size: 50 + item_type: Api::Type::String + is_set: true + default_from_api: true + - !ruby/object:Api::Type::Array + name: enrolledServices + required: true +======= is_set: true default_from_api: true item_type: @@ -74,6 +137,7 @@ properties: max_size: 50 - name: 'enrolledServices' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of Google Cloud Services for which the given resource has Access Approval enrolled. Access requests for the resource given by name against any of these services contained here will be required @@ -81,6 +145,14 @@ properties: A maximum of 10 enrolled services will be enforced, to be expanded as the set of supported services is expanded. is_set: true +<<<<<<< HEAD + set_hash_func: accessApprovalEnrolledServicesHash + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: cloudProduct + required: true +======= required: true set_hash_func: accessApprovalEnrolledServicesHash item_type: @@ -88,6 +160,7 @@ properties: properties: - name: 'cloudProduct' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The product for which Access Approval will be enrolled. Allowed values are listed (case-sensitive): all @@ -100,6 +173,22 @@ properties: iam.googleapis.com pubsub.googleapis.com storage.googleapis.com +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: enrollmentLevel + description: | + The enrollment level of the service. + default_value: :BLOCK_ALL + values: + - :BLOCK_ALL + - !ruby/object:Api::Type::Boolean + name: enrolledAncestor + output: true + description: | + If the field is true, that indicates that at least one service is enrolled for Access Approval in one or more ancestors of the Project. + - !ruby/object:Api::Type::String + name: activeKeyVersion +======= required: true - name: 'enrollmentLevel' type: Enum @@ -115,10 +204,21 @@ properties: output: true - name: 'activeKeyVersion' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The asymmetric crypto key version to use for signing approval requests. Empty active_key_version indicates that a Google-managed key should be used for signing. This property will be ignored if set by an ancestor of the resource, and new non-empty values may not be set. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: ancestorHasActiveKeyVersion + output: true + description: | + If the field is true, that indicates that an ancestor of this Project has set active_key_version. + - !ruby/object:Api::Type::Boolean + name: invalidKeyVersion + output: true +======= - name: 'ancestorHasActiveKeyVersion' type: Boolean description: | @@ -126,14 +226,24 @@ properties: output: true - name: 'invalidKeyVersion' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If the field is true, that indicates that there is some configuration issue with the active_key_version configured on this Project (e.g. it doesn't exist or the Access Approval service account doesn't have the correct permissions on it, etc.) This key version is not necessarily the effective key version at this level, as key versions are inherited top-down. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: project + description: | + Project id. + deprecation_message: >- + `project` is deprecated and will be removed in a future major release. Use `project_id` instead. +======= output: true - name: 'project' type: String description: | Project id. deprecation_message: '`project` is deprecated and will be removed in a future major release. Use `project_id` instead.' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/accessapproval/go_FolderSettings.yaml b/mmv1/products/accessapproval/go_FolderSettings.yaml new file mode 100644 index 000000000000..006de8425241 --- /dev/null +++ b/mmv1/products/accessapproval/go_FolderSettings.yaml @@ -0,0 +1,151 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'FolderSettings' +legacy_name: 'google_folder_access_approval_settings' +description: | + Access Approval enables you to require your explicit approval whenever Google support and engineering need to access your customer content. +references: + guides: + api: 'https://cloud.google.com/access-approval/docs/reference/rest/v1/folders' +docs: +base_url: 'folders/{{folder_id}}/accessApprovalSettings' +self_link: 'folders/{{folder_id}}/accessApprovalSettings' +create_verb: 'PATCH' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'folders/{{folder_id}}/accessApprovalSettings' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + constants: 'templates/terraform/constants/go/access_approval.go.tmpl' + pre_create: 'templates/terraform/update_mask.go.tmpl' + custom_delete: 'templates/terraform/custom_delete/go/clear_folder_access_approval_settings.go.tmpl' +examples: + - name: 'folder_access_approval_full' + primary_resource_id: 'folder_access_approval' + vars: + folder_name: 'my-folder' + test_env_vars: + org_id: 'ORG_ID' + exclude_test: true + - name: 'folder_access_approval_active_key_version' + primary_resource_id: 'folder_access_approval' + vars: + folder_name: 'my-folder' + test_env_vars: + org_id: 'ORG_ID' + exclude_test: true +parameters: + - name: 'folder_id' + type: String + description: | + ID of the folder of the access approval settings. + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: | + The resource name of the settings. Format is "folders/{folder_id}/accessApprovalSettings" + output: true + - name: 'notificationEmails' + type: Array + description: | + A list of email addresses to which notifications relating to approval requests should be sent. + Notifications relating to a resource will be sent to all emails in the settings of ancestor + resources of that resource. A maximum of 50 email addresses are allowed. + is_set: true + default_from_api: true + item_type: + type: String + max_size: 50 + - name: 'enrolledServices' + type: Array + description: | + A list of Google Cloud Services for which the given resource has Access Approval enrolled. + Access requests for the resource given by name against any of these services contained here will be required + to have explicit approval. Enrollment can only be done on an all or nothing basis. + + A maximum of 10 enrolled services will be enforced, to be expanded as the set of supported services is expanded. + is_set: true + required: true + set_hash_func: accessApprovalEnrolledServicesHash + item_type: + type: NestedObject + properties: + - name: 'cloudProduct' + type: String + description: | + The product for which Access Approval will be enrolled. Allowed values are listed (case-sensitive): + * all + * App Engine + * BigQuery + * Cloud Bigtable + * Cloud Key Management Service + * Compute Engine + * Cloud Dataflow + * Cloud Identity and Access Management + * Cloud Pub/Sub + * Cloud Storage + * Persistent Disk + + Note: These values are supported as input, but considered a legacy format: + * all + * appengine.googleapis.com + * bigquery.googleapis.com + * bigtable.googleapis.com + * cloudkms.googleapis.com + * compute.googleapis.com + * dataflow.googleapis.com + * iam.googleapis.com + * pubsub.googleapis.com + * storage.googleapis.com + required: true + - name: 'enrollmentLevel' + type: Enum + description: | + The enrollment level of the service. + default_value: "BLOCK_ALL" + enum_values: + - 'BLOCK_ALL' + - name: 'enrolledAncestor' + type: Boolean + description: | + If the field is true, that indicates that at least one service is enrolled for Access Approval in one or more ancestors of the Folder. + output: true + - name: 'activeKeyVersion' + type: String + description: | + The asymmetric crypto key version to use for signing approval requests. + Empty active_key_version indicates that a Google-managed key should be used for signing. + This property will be ignored if set by an ancestor of the resource, and new non-empty values may not be set. + - name: 'ancestorHasActiveKeyVersion' + type: Boolean + description: | + If the field is true, that indicates that an ancestor of this Folder has set active_key_version. + output: true + - name: 'invalidKeyVersion' + type: Boolean + description: | + If the field is true, that indicates that there is some configuration issue with the active_key_version + configured on this Folder (e.g. it doesn't exist or the Access Approval service account doesn't have the + correct permissions on it, etc.) This key version is not necessarily the effective key version at this level, + as key versions are inherited top-down. + output: true diff --git a/mmv1/products/accessapproval/go_OrganizationSettings.yaml b/mmv1/products/accessapproval/go_OrganizationSettings.yaml new file mode 100644 index 000000000000..0404ea73b658 --- /dev/null +++ b/mmv1/products/accessapproval/go_OrganizationSettings.yaml @@ -0,0 +1,131 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'OrganizationSettings' +legacy_name: 'google_organization_access_approval_settings' +description: | + Access Approval enables you to require your explicit approval whenever Google support and engineering need to access your customer content. +references: + guides: + api: 'https://cloud.google.com/access-approval/docs/reference/rest/v1/organizations' +docs: +base_url: 'organizations/{{organization_id}}/accessApprovalSettings' +self_link: 'organizations/{{organization_id}}/accessApprovalSettings' +create_verb: 'PATCH' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'organizations/{{organization_id}}/accessApprovalSettings' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + pre_create: 'templates/terraform/update_mask.go.tmpl' + custom_delete: 'templates/terraform/custom_delete/go/clear_organization_access_approval_settings.go.tmpl' +examples: + - name: 'organization_access_approval_full' + primary_resource_id: 'organization_access_approval' + test_env_vars: + org_id: 'ORG_ID' + exclude_test: true + - name: 'organization_access_approval_active_key_version' + primary_resource_id: 'organization_access_approval' + test_env_vars: + org_id: 'ORG_ID' + exclude_test: true +parameters: + - name: 'organization_id' + type: String + description: | + ID of the organization of the access approval settings. + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: | + The resource name of the settings. Format is "organizations/{organization_id}/accessApprovalSettings" + output: true + - name: 'notificationEmails' + type: Array + description: | + A list of email addresses to which notifications relating to approval requests should be sent. + Notifications relating to a resource will be sent to all emails in the settings of ancestor + resources of that resource. A maximum of 50 email addresses are allowed. + is_set: true + default_from_api: true + item_type: + type: String + max_size: 50 + - name: 'enrolledServices' + type: Array + description: | + A list of Google Cloud Services for which the given resource has Access Approval enrolled. + Access requests for the resource given by name against any of these services contained here will be required + to have explicit approval. Enrollment can be done for individual services. + + A maximum of 10 enrolled services will be enforced, to be expanded as the set of supported services is expanded. + is_set: true + required: true + set_hash_func: accessApprovalEnrolledServicesHash + item_type: + type: NestedObject + properties: + - name: 'cloudProduct' + type: String + description: | + The product for which Access Approval will be enrolled. Allowed values are listed (case-sensitive): + all + appengine.googleapis.com + bigquery.googleapis.com + bigtable.googleapis.com + cloudkms.googleapis.com + compute.googleapis.com + dataflow.googleapis.com + iam.googleapis.com + pubsub.googleapis.com + storage.googleapis.com + required: true + - name: 'enrollmentLevel' + type: Enum + description: | + The enrollment level of the service. + default_value: "BLOCK_ALL" + enum_values: + - 'BLOCK_ALL' + - name: 'enrolledAncestor' + type: Boolean + description: | + This field will always be unset for the organization since organizations do not have ancestors. + output: true + - name: 'activeKeyVersion' + type: String + description: | + The asymmetric crypto key version to use for signing approval requests. + Empty active_key_version indicates that a Google-managed key should be used for signing. + - name: 'ancestorHasActiveKeyVersion' + type: Boolean + description: | + This field will always be unset for the organization since organizations do not have ancestors. + output: true + - name: 'invalidKeyVersion' + type: Boolean + description: | + If the field is true, that indicates that there is some configuration issue with the active_key_version + configured on this Organization (e.g. it doesn't exist or the Access Approval service account doesn't have the + correct permissions on it, etc.). + output: true diff --git a/mmv1/products/accessapproval/go_ProjectSettings.yaml b/mmv1/products/accessapproval/go_ProjectSettings.yaml new file mode 100644 index 000000000000..fb007277b682 --- /dev/null +++ b/mmv1/products/accessapproval/go_ProjectSettings.yaml @@ -0,0 +1,140 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'ProjectSettings' +legacy_name: 'google_project_access_approval_settings' +description: | + Access Approval enables you to require your explicit approval whenever Google support and engineering need to access your customer content. +references: + guides: + api: 'https://cloud.google.com/access-approval/docs/reference/rest/v1/projects' +docs: +base_url: 'projects/{{project_id}}/accessApprovalSettings' +self_link: 'projects/{{project_id}}/accessApprovalSettings' +create_verb: 'PATCH' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project_id}}/accessApprovalSettings' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + pre_create: 'templates/terraform/update_mask.go.tmpl' + custom_delete: 'templates/terraform/custom_delete/go/clear_project_access_approval_settings.go.tmpl' +examples: + - name: 'project_access_approval_full' + primary_resource_id: 'project_access_approval' + test_env_vars: + project: 'PROJECT_NAME' + org_id: 'ORG_ID' + exclude_test: true + - name: 'project_access_approval_active_key_version' + primary_resource_id: 'project_access_approval' + test_env_vars: + project: 'PROJECT_NAME' + org_id: 'ORG_ID' + exclude_test: true +parameters: + - name: 'project_id' + type: String + description: | + ID of the project of the access approval settings. + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: | + The resource name of the settings. Format is "projects/{project_id}/accessApprovalSettings" + output: true + - name: 'notificationEmails' + type: Array + description: | + A list of email addresses to which notifications relating to approval requests should be sent. + Notifications relating to a resource will be sent to all emails in the settings of ancestor + resources of that resource. A maximum of 50 email addresses are allowed. + is_set: true + default_from_api: true + item_type: + type: String + max_size: 50 + - name: 'enrolledServices' + type: Array + description: | + A list of Google Cloud Services for which the given resource has Access Approval enrolled. + Access requests for the resource given by name against any of these services contained here will be required + to have explicit approval. Enrollment can only be done on an all or nothing basis. + + A maximum of 10 enrolled services will be enforced, to be expanded as the set of supported services is expanded. + is_set: true + required: true + set_hash_func: accessApprovalEnrolledServicesHash + item_type: + type: NestedObject + properties: + - name: 'cloudProduct' + type: String + description: | + The product for which Access Approval will be enrolled. Allowed values are listed (case-sensitive): + all + appengine.googleapis.com + bigquery.googleapis.com + bigtable.googleapis.com + cloudkms.googleapis.com + compute.googleapis.com + dataflow.googleapis.com + iam.googleapis.com + pubsub.googleapis.com + storage.googleapis.com + required: true + - name: 'enrollmentLevel' + type: Enum + description: | + The enrollment level of the service. + default_value: "BLOCK_ALL" + enum_values: + - 'BLOCK_ALL' + - name: 'enrolledAncestor' + type: Boolean + description: | + If the field is true, that indicates that at least one service is enrolled for Access Approval in one or more ancestors of the Project. + output: true + - name: 'activeKeyVersion' + type: String + description: | + The asymmetric crypto key version to use for signing approval requests. + Empty active_key_version indicates that a Google-managed key should be used for signing. + This property will be ignored if set by an ancestor of the resource, and new non-empty values may not be set. + - name: 'ancestorHasActiveKeyVersion' + type: Boolean + description: | + If the field is true, that indicates that an ancestor of this Project has set active_key_version. + output: true + - name: 'invalidKeyVersion' + type: Boolean + description: | + If the field is true, that indicates that there is some configuration issue with the active_key_version + configured on this Project (e.g. it doesn't exist or the Access Approval service account doesn't have the + correct permissions on it, etc.) This key version is not necessarily the effective key version at this level, + as key versions are inherited top-down. + output: true + - name: 'project' + type: String + description: | + Project id. + deprecation_message: '`project` is deprecated and will be removed in a future major release. Use `project_id` instead.' diff --git a/mmv1/products/accessapproval/go_product.yaml b/mmv1/products/accessapproval/go_product.yaml new file mode 100644 index 000000000000..d925b1742897 --- /dev/null +++ b/mmv1/products/accessapproval/go_product.yaml @@ -0,0 +1,22 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'AccessApproval' +display_name: 'Access Approval' +versions: + - name: 'ga' + base_url: 'https://accessapproval.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/accessapproval/product.yaml b/mmv1/products/accessapproval/product.yaml index e79e232839c3..11d4e054f039 100644 --- a/mmv1/products/accessapproval/product.yaml +++ b/mmv1/products/accessapproval/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2020 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,17 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: AccessApproval +display_name: Access Approval +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://accessapproval.googleapis.com/v1/ +scopes: + - https://www.googleapis.com/auth/cloud-platform +======= --- name: 'AccessApproval' display_name: 'Access Approval' @@ -19,3 +34,4 @@ versions: base_url: 'https://accessapproval.googleapis.com/v1/' scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/accesscontextmanager/AccessLevel.yaml b/mmv1/products/accesscontextmanager/AccessLevel.yaml index f18ee80cf48e..38a60197cdc0 100644 --- a/mmv1/products/accesscontextmanager/AccessLevel.yaml +++ b/mmv1/products/accesscontextmanager/AccessLevel.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2018 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,29 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +# This is the singular of `AccessLevels`, any changes here should be made to `AccessLevels` as well +name: 'AccessLevel' +# This is an unusual API, so we need to use a few fields to map the methods +# to the right URL. +# create_url is the Create URL +# base_url is the Get and Delete and Patch URL. It is empty on purpose. +# List won't work yet. It should share a URL with Create. +create_url: '{{parent}}/accessLevels' +base_url: '' +self_link: '{{name}}' +update_verb: :PATCH +update_mask: true +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Access Policy Quickstart': 'https://cloud.google.com/access-context-manager/docs/quickstart' + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.accessLevels' +description: | + An AccessLevel is a label that can be applied to requests to GCP services, + along with a list of requirements necessary for the label to be applied. +docs: !ruby/object:Provider::Terraform::Docs +======= --- # This is the singular of `AccessLevels`, any changes here should be made to `AccessLevels` as well name: 'AccessLevel' @@ -22,12 +49,45 @@ references: 'Access Policy Quickstart': 'https://cloud.google.com/access-context-manager/docs/quickstart' api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.accessLevels' docs: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 warning: | If you are using User ADCs (Application Default Credentials) with this resource, you must specify a `billing_project` and set `user_project_override` to true in the provider configuration. Otherwise the ACM API will return a 403 error. Your account must have the `serviceusage.services.use` permission on the `billing_project` you defined. +<<<<<<< HEAD +autogen_async: true +id_format: '{{name}}' +import_format: ['{{name}}'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'access_context_manager_access_level_basic' + skip_test: true + primary_resource_id: 'access-level' + vars: + access_level_name: 'chromeos_no_lock' +# Skipping the sweeper due to the non-standard base_url +skip_sweeper: true +custom_code: !ruby/object:Provider::Terraform::CustomCode + encoder: templates/terraform/encoders/access_level_never_send_parent.go.erb + custom_import: templates/terraform/custom_import/set_access_policy_parent_from_self_link.go.erb +parameters: + # Parent is a path parameter that _cannot_ be read or sent in the request at all. + # This must be done at the provider level. + - !ruby/object:Api::Type::String + name: parent + immutable: true + required: true + description: | + The AccessPolicy this AccessLevel lives in. + Format: accessPolicies/{policy_id} + ignore_read: true + - !ruby/object:Api::Type::String + name: name + immutable: true + required: true +======= id_format: '{{name}}' base_url: '' self_link: '{{name}}' @@ -83,10 +143,25 @@ parameters: ignore_read: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Resource name for the Access Level. The short_name component must begin with a letter and only include alphanumeric and '_'. Format: accessPolicies/{policy_id}/accessLevels/{short_name} +<<<<<<< HEAD +properties: + - !ruby/object:Api::Type::String + name: title + required: true + description: | + Human readable title. Must be unique within the Policy. + - !ruby/object:Api::Type::String + name: 'description' + description: | + Description of the AccessLevel and its use. Does not affect behavior. + - !ruby/object:Api::Type::NestedObject + name: 'basic' +======= required: true immutable: true properties: @@ -101,19 +176,44 @@ properties: Description of the AccessLevel and its use. Does not affect behavior. - name: 'basic' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A set of predefined conditions for the access level and a combining function. conflicts: - custom properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'combiningFunction' +======= - name: 'combiningFunction' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | How the conditions list should be combined to determine if a request is granted this AccessLevel. If AND is used, each Condition in conditions must be satisfied for the AccessLevel to be applied. If OR is used, at least one Condition in conditions must be satisfied for the AccessLevel to be applied. +<<<<<<< HEAD + default_value: :AND + values: + - :AND + - :OR + custom_flatten: templates/terraform/custom_flatten/default_if_empty.erb + # All of the false defaults below here are omitted on purpose. + # Let's keep this as simple as possible, since they will all be set by the API. + - !ruby/object:Api::Type::Array + name: 'conditions' + required: true + min_size: 1 + description: | + A set of requirements for the AccessLevel to be granted. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Array + name: 'ipSubnetworks' +======= custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' default_value: "AND" enum_values: @@ -131,6 +231,7 @@ properties: properties: - name: 'ipSubnetworks' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of CIDR block IP subnetwork specification. May be IPv4 or IPv6. @@ -142,20 +243,32 @@ properties: is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed. +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'requiredAccessLevels' +======= item_type: type: String - name: 'requiredAccessLevels' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of other access levels defined in the same Policy, referenced by resource name. Referencing an AccessLevel which does not exist is an error. All access levels listed must be granted for the Condition to be true. Format: accessPolicies/{policy_id}/accessLevels/{short_name} +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'members' +======= item_type: type: String - name: 'members' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An allowed list of members (users, service accounts). Using groups is not supported yet. @@ -165,21 +278,79 @@ properties: from any user (logged in/not logged in, not present in any groups, etc.). Formats: `user:{emailid}`, `serviceAccount:{emailid}` +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Boolean + name: 'negate' +======= item_type: type: String - name: 'negate' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields, each field must be false for the Condition overall to be satisfied. Defaults to false. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'devicePolicy' +======= - name: 'devicePolicy' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'requireScreenLock' + api_name: 'requireScreenlock' + description: | + Whether or not screenlock is required for the DevicePolicy + to be true. Defaults to false. + - !ruby/object:Api::Type::Array + name: 'allowedEncryptionStatuses' + description: | + A list of allowed encryptions statuses. + An empty list allows all statuses. + item_type: !ruby/object:Api::Type::Enum + name: 'undefined' + description: | + This field only has a name and description because of MM + limitations. It should not appear in downstreams. + values: + - :ENCRYPTION_UNSPECIFIED + - :ENCRYPTION_UNSUPPORTED + - :UNENCRYPTED + - :ENCRYPTED + - !ruby/object:Api::Type::Array + name: 'allowedDeviceManagementLevels' + description: | + A list of allowed device management levels. + An empty list allows all management levels. + item_type: !ruby/object:Api::Type::Enum + name: 'undefined' + description: | + This field only has a name and description because of MM + limitations. It should not appear in downstreams. + values: + - :MANAGEMENT_UNSPECIFIED + - :NONE + - :BASIC + - :COMPLETE + - !ruby/object:Api::Type::Array + name: 'osConstraints' + description: | + A list of allowed OS versions. + An empty list allows all types and all versions. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'minimumVersion' +======= - name: 'requireScreenLock' type: Boolean description: | @@ -226,16 +397,47 @@ properties: properties: - name: 'minimumVersion' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: "major.minor.patch" such as "10.5.301", "9.2.1". +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'requireVerifiedChromeOs' +======= - name: 'requireVerifiedChromeOs' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: If you specify DESKTOP_CHROME_OS for osType, you can optionally include requireVerifiedChromeOs to require Chrome Verified Access. +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'osType' + required: true + description: | + The operating system type of the device. + values: + - :OS_UNSPECIFIED + - :DESKTOP_MAC + - :DESKTOP_WINDOWS + - :DESKTOP_LINUX + - :DESKTOP_CHROME_OS + - :ANDROID + - :IOS + - !ruby/object:Api::Type::Boolean + name: 'requireAdminApproval' + description: | + Whether the device needs to be approved by the customer admin. + - !ruby/object:Api::Type::Boolean + name: 'requireCorpOwned' + description: | + Whether the device needs to be corp owned. + - !ruby/object:Api::Type::Array + name: 'regions' +======= - name: 'osType' type: Enum description: | @@ -259,10 +461,33 @@ properties: Whether the device needs to be corp owned. - name: 'regions' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The request must originate from one of the provided countries/regions. Format: A valid ISO 3166-1 alpha-2 code. +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'vpcNetworkSources' + description: 'The request must originate from one of the provided VPC networks in Google Cloud. Cannot specify this field together with `ip_subnetworks`.' + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::NestedObject + name: 'vpcSubnetwork' + description: 'Sub networks within a VPC network.' + properties: + - !ruby/object:Api::Type::String + name: 'network' + required: true + description: 'Required. Network name to be allowed by this Access Level. Networks of foreign organizations requires `compute.network.get` permission to be granted to caller.' + - !ruby/object:Api::Type::Array + name: 'vpcIpSubnetworks' + description: 'CIDR block IP subnetwork specification. Must be IPv4.' + item_type: Api::Type::String + - !ruby/object:Api::Type::NestedObject + name: 'custom' +======= item_type: type: String - name: 'vpcNetworkSources' @@ -287,18 +512,44 @@ properties: min_size: 1 - name: 'custom' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Custom access level conditions are set using the Cloud Common Expression Language to represent the necessary conditions for the level to apply to a request. See CEL spec at: https://github.com/google/cel-spec. conflicts: - basic properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'expr' + required: true +======= - name: 'expr' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. This page details the objects and attributes that are used to the build the CEL expressions for custom access levels - https://cloud.google.com/access-context-manager/docs/custom-access-level-spec. +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::String + name: 'expression' + required: true + description: + Textual representation of an expression in Common Expression + Language syntax. + - !ruby/object:Api::Type::String + name: 'title' + description: + Title for the expression, i.e. a short string describing its + purpose. + - !ruby/object:Api::Type::String + name: 'description' + description: Description of the expression + - !ruby/object:Api::Type::String + name: 'location' +======= required: true properties: - name: 'expression' @@ -317,6 +568,7 @@ properties: description: Description of the expression - name: 'location' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: String indicating the location of the expression for error reporting, e.g. a file name and a position in the file diff --git a/mmv1/products/accesscontextmanager/AccessLevelCondition.yaml b/mmv1/products/accesscontextmanager/AccessLevelCondition.yaml index 8fc07a0f06a8..85dc93e1dcd1 100644 --- a/mmv1/products/accesscontextmanager/AccessLevelCondition.yaml +++ b/mmv1/products/accesscontextmanager/AccessLevelCondition.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2018 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,8 +15,41 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'AccessLevelCondition' +# This is an unusual API, so we need to use a few fields to map the methods +# to the right URL. +# create_url is the Create URL +# base_url is the Get and Delete and Patch URL. It is empty on purpose. +# List won't work yet. It should share a URL with Create. +create_url: '{{access_level}}' +base_url: '' +self_link: '{{access_level}}' +create_verb: :PATCH +delete_verb: :PATCH +immutable: true +update_mask: true +identity: + - ipSubnetworks + - requiredAccessLevels + - members + - negate + - devicePolicy + - regions +nested_query: !ruby/object:Api::Resource::NestedQuery + modify_by_patch: true + keys: + - basic + - conditions +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Access Policy Quickstart': 'https://cloud.google.com/access-context-manager/docs/quickstart' + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.accessLevels' +======= --- name: 'AccessLevelCondition' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Allows configuring a single access level condition to be appended to an access level's conditions. This resource is intended to be used in cases where it is not possible to compile a full list @@ -22,17 +59,38 @@ description: | ~> **Note:** If this resource is used alongside a `google_access_context_manager_access_level` resource, the access level resource must have a `lifecycle` block with `ignore_changes = [basic[0].conditions]` so they don't fight over which service accounts should be included. +<<<<<<< HEAD +docs: !ruby/object:Provider::Terraform::Docs +======= references: guides: 'Access Policy Quickstart': 'https://cloud.google.com/access-context-manager/docs/quickstart' api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.accessLevels' docs: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 warning: | If you are using User ADCs (Application Default Credentials) with this resource, you must specify a `billing_project` and set `user_project_override` to true in the provider configuration. Otherwise the ACM API will return a 403 error. Your account must have the `serviceusage.services.use` permission on the `billing_project` you defined. +<<<<<<< HEAD +async: !ruby/object:Provider::Terraform::PollAsync + check_response_func_existence: transport_tpg.PollCheckForExistence + actions: ['create'] +autogen_async: true +exclude_tgc: true +exclude_import: true # no unique way to specify +# Skipping the sweeper due to the non-standard base_url and because this is fine-grained under AccessLevel +skip_sweeper: true +id_format: '{{access_level}}' +import_format: ['{{access_level}}'] +mutex: '{{access_level}}' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'access_context_manager_access_level_condition_basic' + skip_test: true +======= id_format: '{{access_level}}' base_url: '' self_link: '{{access_level}}' @@ -82,10 +140,26 @@ exclude_tgc: true exclude_sweeper: true examples: - name: 'access_context_manager_access_level_condition_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'access-level-condition' vars: access_level_name: 'chromeos_no_lock' account_id: 'my-account-id' +<<<<<<< HEAD +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'accessLevel' + resource: 'AccessLevel' + imports: 'name' + description: | + The name of the Access Level to add this condition to. + required: true + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::Array + name: 'ipSubnetworks' +======= exclude_test: true parameters: - name: 'accessLevel' @@ -100,6 +174,7 @@ parameters: properties: - name: 'ipSubnetworks' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of CIDR block IP subnetwork specification. May be IPv4 or IPv6. @@ -111,20 +186,32 @@ properties: is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed. +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'requiredAccessLevels' +======= item_type: type: String - name: 'requiredAccessLevels' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of other access levels defined in the same Policy, referenced by resource name. Referencing an AccessLevel which does not exist is an error. All access levels listed must be granted for the Condition to be true. Format: accessPolicies/{policy_id}/accessLevels/{short_name} +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'members' +======= item_type: type: String - name: 'members' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An allowed list of members (users, service accounts). Using groups is not supported yet. @@ -134,21 +221,79 @@ properties: from any user (logged in/not logged in, not present in any groups, etc.). Formats: `user:{emailid}`, `serviceAccount:{emailid}` +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Boolean + name: 'negate' +======= item_type: type: String - name: 'negate' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields, each field must be false for the Condition overall to be satisfied. Defaults to false. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'devicePolicy' +======= - name: 'devicePolicy' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'requireScreenLock' + api_name: 'requireScreenlock' + description: | + Whether or not screenlock is required for the DevicePolicy + to be true. Defaults to false. + - !ruby/object:Api::Type::Array + name: 'allowedEncryptionStatuses' + description: | + A list of allowed encryptions statuses. + An empty list allows all statuses. + item_type: !ruby/object:Api::Type::Enum + name: 'undefined' + description: | + This field only has a name and description because of MM + limitations. It should not appear in downstreams. + values: + - :ENCRYPTION_UNSPECIFIED + - :ENCRYPTION_UNSUPPORTED + - :UNENCRYPTED + - :ENCRYPTED + - !ruby/object:Api::Type::Array + name: 'allowedDeviceManagementLevels' + description: | + A list of allowed device management levels. + An empty list allows all management levels. + item_type: !ruby/object:Api::Type::Enum + name: 'undefined' + description: | + This field only has a name and description because of MM + limitations. It should not appear in downstreams. + values: + - :MANAGEMENT_UNSPECIFIED + - :NONE + - :BASIC + - :COMPLETE + - !ruby/object:Api::Type::Array + name: 'osConstraints' + description: | + A list of allowed OS versions. + An empty list allows all types and all versions. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'minimumVersion' +======= - name: 'requireScreenLock' type: Boolean description: | @@ -195,10 +340,36 @@ properties: properties: - name: 'minimumVersion' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: "major.minor.patch" such as "10.5.301", "9.2.1". +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'osType' + required: true + description: | + The operating system type of the device. + values: + - :OS_UNSPECIFIED + - :DESKTOP_MAC + - :DESKTOP_WINDOWS + - :DESKTOP_LINUX + - :DESKTOP_CHROME_OS + - :ANDROID + - :IOS + - !ruby/object:Api::Type::Boolean + name: 'requireAdminApproval' + description: | + Whether the device needs to be approved by the customer admin. + - !ruby/object:Api::Type::Boolean + name: 'requireCorpOwned' + description: | + Whether the device needs to be corp owned. + - !ruby/object:Api::Type::Array + name: 'regions' +======= - name: 'osType' type: Enum description: | @@ -222,10 +393,31 @@ properties: Whether the device needs to be corp owned. - name: 'regions' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The request must originate from one of the provided countries/regions. Format: A valid ISO 3166-1 alpha-2 code. +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'vpcNetworkSources' + description: 'The request must originate from one of the provided VPC networks in Google Cloud. Cannot specify this field together with `ip_subnetworks`.' + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::NestedObject + name: 'vpcSubnetwork' + description: 'Sub networks within a VPC network.' + properties: + - !ruby/object:Api::Type::String + name: 'network' + required: true + description: 'Required. Network name to be allowed by this Access Level. Networks of foreign organizations requires `compute.network.get` permission to be granted to caller.' + - !ruby/object:Api::Type::Array + name: 'vpcIpSubnetworks' + description: 'CIDR block IP subnetwork specification. Must be IPv4.' + item_type: Api::Type::String +======= item_type: type: String - name: 'vpcNetworkSources' @@ -247,3 +439,4 @@ properties: description: 'CIDR block IP subnetwork specification. Must be IPv4.' item_type: type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/accesscontextmanager/AccessLevels.yaml b/mmv1/products/accesscontextmanager/AccessLevels.yaml index 6db368f12d28..df79389b526b 100644 --- a/mmv1/products/accesscontextmanager/AccessLevels.yaml +++ b/mmv1/products/accesscontextmanager/AccessLevels.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2018 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,20 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +# This is the plural of `AccessLevel`, any changes here should be made to `AccessLevel` as well +name: 'AccessLevels' +base_url: '{{parent}}/accessLevels:replaceAll' +update_url: '{{parent}}/accessLevels:replaceAll' +self_link: '{{parent}}/accessLevels' +update_verb: :POST +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Access Policy Quickstart': 'https://cloud.google.com/access-context-manager/docs/quickstart' + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.accessLevels' +docs: !ruby/object:Provider::Terraform::Docs +======= --- # This is the plural of `AccessLevel`, any changes here should be made to `AccessLevel` as well name: 'AccessLevels' @@ -23,12 +41,26 @@ references: 'Access Policy Quickstart': 'https://cloud.google.com/access-context-manager/docs/quickstart' api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.accessLevels' docs: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 warning: | This resource is authoritative over the access levels under an access policy. Due to a limitation in Terraform, it will overwrite all preexisting access levels during a create opration without displaying the old values on the left side of plan. To prevent this, we recommend importing the resource before applying it if overwriting preexisting rules, as the plan will correctly display the complete changes to your access policy if the resource is present in state. +<<<<<<< HEAD +description: | + Replace all existing Access Levels in an Access Policy with the Access Levels provided. This is done atomically. + This is a bulk edit of all Access Levels and may override existing Access Levels created by `google_access_context_manager_access_level`, + thus causing a permadiff if used alongside `google_access_context_manager_access_level` on the same parent. +autogen_async: true +id_format: '{{parent}}/accessLevels' +import_format: ['{{parent}}/accessLevels'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'access_context_manager_access_levels_basic' + skip_test: true +======= id_format: '{{parent}}/accessLevels' base_url: '{{parent}}/accessLevels:replaceAll' self_link: '{{parent}}/accessLevels' @@ -61,10 +93,42 @@ custom_code: exclude_sweeper: true examples: - name: 'access_context_manager_access_levels_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'access-levels' vars: access_level_name1: 'chromeos_no_lock' access_level_name2: 'mac_no_lock' +<<<<<<< HEAD +# Skipping the sweeper due to the non-standard base_url +skip_sweeper: true +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/set_access_policy_parent_from_access_policy.go.erb + custom_delete: templates/terraform/custom_delete/replace_all_access_levels_empty_list.go.erb +parameters: + # Parent is a path parameter that _cannot_ be read or sent in the request at all. + # This must be done at the provider level. + - !ruby/object:Api::Type::String + name: parent + immutable: true + required: true + url_param_only: true + description: | + The AccessPolicy this AccessLevel lives in. + Format: accessPolicies/{policy_id} + ignore_read: true +properties: + - !ruby/object:Api::Type::Array + name: 'accessLevels' + description: | + The desired Access Levels that should replace all existing Access Levels in the Access Policy. + is_set: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: name + immutable: true + required: true +======= exclude_test: true parameters: # Parent is a path parameter that _cannot_ be read or sent in the request at all. @@ -89,10 +153,24 @@ properties: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Resource name for the Access Level. The short_name component must begin with a letter and only include alphanumeric and '_'. Format: accessPolicies/{policy_id}/accessLevels/{short_name} +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: title + required: true + description: | + Human readable title. Must be unique within the Policy. + - !ruby/object:Api::Type::String + name: 'description' + description: | + Description of the AccessLevel and its use. Does not affect behavior. + - !ruby/object:Api::Type::NestedObject + name: 'basic' +======= required: true immutable: true - name: 'title' @@ -106,19 +184,44 @@ properties: Description of the AccessLevel and its use. Does not affect behavior. - name: 'basic' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A set of predefined conditions for the access level and a combining function. # conflicts: # - custom properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'combiningFunction' +======= - name: 'combiningFunction' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | How the conditions list should be combined to determine if a request is granted this AccessLevel. If AND is used, each Condition in conditions must be satisfied for the AccessLevel to be applied. If OR is used, at least one Condition in conditions must be satisfied for the AccessLevel to be applied. +<<<<<<< HEAD + default_value: :AND + values: + - :AND + - :OR + custom_flatten: templates/terraform/custom_flatten/default_if_empty.erb + # All of the false defaults below here are omitted on purpose. + # Let's keep this as simple as possible, since they will all be set by the API. + - !ruby/object:Api::Type::Array + name: 'conditions' + required: true + min_size: 1 + description: | + A set of requirements for the AccessLevel to be granted. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Array + name: 'ipSubnetworks' +======= custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' default_value: "AND" enum_values: @@ -136,6 +239,7 @@ properties: properties: - name: 'ipSubnetworks' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of CIDR block IP subnetwork specification. May be IPv4 or IPv6. @@ -147,20 +251,32 @@ properties: is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed. +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'requiredAccessLevels' +======= item_type: type: String - name: 'requiredAccessLevels' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of other access levels defined in the same Policy, referenced by resource name. Referencing an AccessLevel which does not exist is an error. All access levels listed must be granted for the Condition to be true. Format: accessPolicies/{policy_id}/accessLevels/{short_name} +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'members' +======= item_type: type: String - name: 'members' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An allowed list of members (users, service accounts). Using groups is not supported yet. @@ -170,21 +286,79 @@ properties: from any user (logged in/not logged in, not present in any groups, etc.). Formats: `user:{emailid}`, `serviceAccount:{emailid}` +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Boolean + name: 'negate' +======= item_type: type: String - name: 'negate' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields, each field must be false for the Condition overall to be satisfied. Defaults to false. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'devicePolicy' +======= - name: 'devicePolicy' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'requireScreenLock' + api_name: 'requireScreenlock' + description: | + Whether or not screenlock is required for the DevicePolicy + to be true. Defaults to false. + - !ruby/object:Api::Type::Array + name: 'allowedEncryptionStatuses' + description: | + A list of allowed encryptions statuses. + An empty list allows all statuses. + item_type: !ruby/object:Api::Type::Enum + name: 'undefined' + description: | + This field only has a name and description because of MM + limitations. It should not appear in downstreams. + values: + - :ENCRYPTION_UNSPECIFIED + - :ENCRYPTION_UNSUPPORTED + - :UNENCRYPTED + - :ENCRYPTED + - !ruby/object:Api::Type::Array + name: 'allowedDeviceManagementLevels' + description: | + A list of allowed device management levels. + An empty list allows all management levels. + item_type: !ruby/object:Api::Type::Enum + name: 'undefined' + description: | + This field only has a name and description because of MM + limitations. It should not appear in downstreams. + values: + - :MANAGEMENT_UNSPECIFIED + - :NONE + - :BASIC + - :COMPLETE + - !ruby/object:Api::Type::Array + name: 'osConstraints' + description: | + A list of allowed OS versions. + An empty list allows all types and all versions. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'minimumVersion' +======= - name: 'requireScreenLock' type: Boolean description: | @@ -231,10 +405,36 @@ properties: properties: - name: 'minimumVersion' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: "major.minor.patch" such as "10.5.301", "9.2.1". +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'osType' + required: true + description: | + The operating system type of the device. + values: + - :OS_UNSPECIFIED + - :DESKTOP_MAC + - :DESKTOP_WINDOWS + - :DESKTOP_LINUX + - :DESKTOP_CHROME_OS + - :ANDROID + - :IOS + - !ruby/object:Api::Type::Boolean + name: 'requireAdminApproval' + description: | + Whether the device needs to be approved by the customer admin. + - !ruby/object:Api::Type::Boolean + name: 'requireCorpOwned' + description: | + Whether the device needs to be corp owned. + - !ruby/object:Api::Type::Array + name: 'regions' +======= - name: 'osType' type: Enum description: | @@ -258,10 +458,33 @@ properties: Whether the device needs to be corp owned. - name: 'regions' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The request must originate from one of the provided countries/regions. Format: A valid ISO 3166-1 alpha-2 code. +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'vpcNetworkSources' + description: 'The request must originate from one of the provided VPC networks in Google Cloud. Cannot specify this field together with `ip_subnetworks`.' + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::NestedObject + name: 'vpcSubnetwork' + description: 'Sub networks within a VPC network.' + properties: + - !ruby/object:Api::Type::String + name: 'network' + required: true + description: 'Required. Network name to be allowed by this Access Level. Networks of foreign organizations requires `compute.network.get` permission to be granted to caller.' + - !ruby/object:Api::Type::Array + name: 'vpcIpSubnetworks' + description: 'CIDR block IP subnetwork specification. Must be IPv4.' + item_type: Api::Type::String + - !ruby/object:Api::Type::NestedObject + name: 'custom' +======= item_type: type: String - name: 'vpcNetworkSources' @@ -286,18 +509,44 @@ properties: min_size: 1 - name: 'custom' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Custom access level conditions are set using the Cloud Common Expression Language to represent the necessary conditions for the level to apply to a request. See CEL spec at: https://github.com/google/cel-spec. # conflicts: # - basic properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'expr' + required: true +======= - name: 'expr' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. This page details the objects and attributes that are used to the build the CEL expressions for custom access levels - https://cloud.google.com/access-context-manager/docs/custom-access-level-spec. +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::String + name: 'expression' + required: true + description: + Textual representation of an expression in Common Expression + Language syntax. + - !ruby/object:Api::Type::String + name: 'title' + description: + Title for the expression, i.e. a short string describing its + purpose. + - !ruby/object:Api::Type::String + name: 'description' + description: Description of the expression + - !ruby/object:Api::Type::String + name: 'location' +======= required: true properties: - name: 'expression' @@ -316,6 +565,7 @@ properties: description: Description of the expression - name: 'location' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: String indicating the location of the expression for error reporting, e.g. a file name and a position in the file diff --git a/mmv1/products/accesscontextmanager/AccessPolicy.yaml b/mmv1/products/accesscontextmanager/AccessPolicy.yaml index d554c8d05ebc..1b59ef614e6d 100644 --- a/mmv1/products/accesscontextmanager/AccessPolicy.yaml +++ b/mmv1/products/accesscontextmanager/AccessPolicy.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2018 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,25 +15,105 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'AccessPolicy' +base_url: accessPolicies +self_link: 'accessPolicies/{{name}}' +update_verb: :PATCH +update_mask: true +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Access Policy Quickstart': 'https://cloud.google.com/access-context-manager/docs/quickstart' + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies' +======= --- name: 'AccessPolicy' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | AccessPolicy is a container for AccessLevels (which define the necessary attributes to use GCP services) and ServicePerimeters (which define regions of services able to freely pass data within a perimeter). An access policy is globally visible within an organization, and the restrictions it specifies apply to all projects within an organization. +<<<<<<< HEAD +docs: !ruby/object:Provider::Terraform::Docs +======= references: guides: 'Access Policy Quickstart': 'https://cloud.google.com/access-context-manager/docs/quickstart' api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies' docs: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 warning: | If you are using User ADCs (Application Default Credentials) with this resource, you must specify a `billing_project` and set `user_project_override` to true in the provider configuration. Otherwise the ACM API will return a 403 error. Your account must have the `serviceusage.services.use` permission on the `billing_project` you defined. +<<<<<<< HEAD +autogen_async: true +id_format: '{{name}}' +import_format: ['{{name}}'] +iam_policy: !ruby/object:Api::Resource::IamPolicy + parent_resource_attribute: 'name' + allowed_iam_role: 'roles/accesscontextmanager.policyAdmin' + method_name_separator: ':' + fetch_iam_policy_verb: :POST + import_format: ['accessPolicies/{{name}}', '{{name}}'] + iam_conditions_request_type: null +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'access_context_manager_access_policy_basic' + skip_test: true + primary_resource_id: 'access-policy' + - !ruby/object:Provider::Terraform::Examples + name: 'access_context_manager_access_policy_scoped' + skip_test: true + skip_import_test: true + primary_resource_id: 'access-policy' + test_env_vars: + org_id: :ORG_ID + project: :PROJECT_NAME +# Skipping the sweeper due to the non-standard base_url +skip_sweeper: true +custom_code: !ruby/object:Provider::Terraform::CustomCode + post_create: templates/terraform/post_create/accesspolicy.erb +parameters: + - !ruby/object:Api::Type::String + name: parent + immutable: true + required: true + description: | + The parent of this AccessPolicy in the Cloud Resource Hierarchy. + Format: 'organizations/{{organization_id}}' + - !ruby/object:Api::Type::String + name: title + required: true + description: | + Human readable title. Does not affect behavior. + - !ruby/object:Api::Type::Array + name: scopes + description: | + Folder or project on which this policy is applicable. + Format: 'folders/{{folder_id}}' or 'projects/{{project_number}}' + item_type: Api::Type::String + max_size: 1 +properties: + - !ruby/object:Api::Type::String + name: name + description: | + Resource name of the AccessPolicy. Format: '{{policy_id}}' + output: true + custom_flatten: templates/terraform/custom_flatten/name_from_self_link.erb + - !ruby/object:Api::Type::Time + name: 'createTime' + description: | + Time the AccessPolicy was created in UTC. + output: true + - !ruby/object:Api::Type::Time + name: 'updateTime' +======= id_format: '{{name}}' base_url: 'accessPolicies' self_link: 'accessPolicies/{{name}}' @@ -114,6 +198,7 @@ properties: output: true - name: 'updateTime' type: Time +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Time the AccessPolicy was updated in UTC. output: true diff --git a/mmv1/products/accesscontextmanager/AuthorizedOrgsDesc.yaml b/mmv1/products/accesscontextmanager/AuthorizedOrgsDesc.yaml index c9cf4c94c9d9..cdd50c5e94ed 100644 --- a/mmv1/products/accesscontextmanager/AuthorizedOrgsDesc.yaml +++ b/mmv1/products/accesscontextmanager/AuthorizedOrgsDesc.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,25 +15,71 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'AuthorizedOrgsDesc' +base_url: '' +create_url: '{{parent}}/authorizedOrgsDescs' +self_link: '{{name}}' +update_verb: :PATCH +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'gcloud docs': 'https://cloud.google.com/beyondcorp-enterprise/docs/cross-org-authorization' + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.authorizedOrgsDescs' +======= --- name: 'AuthorizedOrgsDesc' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An authorized organizations description describes a list of organizations (1) that have been authorized to use certain asset (for example, device) data owned by different organizations at the enforcement points, or (2) with certain asset (for example, device) have been authorized to access the resources in another organization at the enforcement points. +<<<<<<< HEAD +docs: !ruby/object:Provider::Terraform::Docs +======= references: guides: 'gcloud docs': 'https://cloud.google.com/beyondcorp-enterprise/docs/cross-org-authorization' api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.authorizedOrgsDescs' docs: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 warning: | If you are using User ADCs (Application Default Credentials) with this resource, you must specify a `billing_project` and set `user_project_override` to true in the provider configuration. Otherwise the ACM API will return a 403 error. Your account must have the `serviceusage.services.use` permission on the `billing_project` you defined. +<<<<<<< HEAD +autogen_async: true +id_format: '{{name}}' +import_format: ['{{name}}'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'access_context_manager_authorized_orgs_desc_basic' + primary_resource_id: 'authorized-orgs-desc' + skip_test: true +# Skipping the sweeper due to the non-standard base_url +skip_sweeper: true +custom_code: !ruby/object:Provider::Terraform::CustomCode + encoder: templates/terraform/encoders/access_level_never_send_parent.go.erb + pre_update: templates/terraform/update_mask.erb + post_create: templates/terraform/post_create/sleep_2_min.go.erb + custom_import: templates/terraform/custom_import/set_access_policy_parent_from_self_link.go.erb +parameters: + - !ruby/object:Api::Type::String + name: parent + immutable: true + required: true + description: | + Required. Resource name for the access policy which owns this `AuthorizedOrgsDesc`. + ignore_read: true + - !ruby/object:Api::Type::String + name: name + immutable: true + required: true +======= id_format: '{{name}}' base_url: '' self_link: '{{name}}' @@ -76,34 +126,56 @@ parameters: ignore_read: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Resource name for the `AuthorizedOrgsDesc`. Format: `accessPolicies/{access_policy}/authorizedOrgsDescs/{authorized_orgs_desc}`. The `authorized_orgs_desc` component must begin with a letter, followed by alphanumeric characters or `_`. After you create an `AuthorizedOrgsDesc`, you cannot change its `name`. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: orgs +======= required: true immutable: true - name: 'orgs' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The list of organization ids in this AuthorizedOrgsDesc. Format: `organizations/` Example: `organizations/123456` +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Enum + name: assetType + immutable: true +======= item_type: type: String - name: 'assetType' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The type of entities that need to use the authorization relationship during evaluation, such as a device. Valid values are "ASSET_TYPE_DEVICE" and "ASSET_TYPE_CREDENTIAL_STRENGTH". +<<<<<<< HEAD + values: + - :ASSET_TYPE_DEVICE + - :ASSET_TYPE_CREDENTIAL_STRENGTH + - !ruby/object:Api::Type::Enum + name: authorizationDirection + immutable: true +======= immutable: true enum_values: - 'ASSET_TYPE_DEVICE' - 'ASSET_TYPE_CREDENTIAL_STRENGTH' - name: 'authorizationDirection' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The direction of the authorization relationship between this organization and the organizations listed in the "orgs" field. The valid values for this @@ -122,6 +194,26 @@ parameters: direction, organizations B and C must specify "AUTHORIZATION_DIRECTION_FROM" as the authorization direction in their "AuthorizedOrgsDesc" resource. +<<<<<<< HEAD + values: + - :AUTHORIZATION_DIRECTION_TO + - :AUTHORIZATION_DIRECTION_FROM + - !ruby/object:Api::Type::Enum + name: authorizationType + immutable: true + description: | + A granular control type for authorization levels. Valid value is "AUTHORIZATION_TYPE_TRUST". + values: + - :AUTHORIZATION_TYPE_TRUST +properties: + - !ruby/object:Api::Type::Time + name: 'createTime' + description: | + Time the AuthorizedOrgsDesc was created in UTC. + output: true + - !ruby/object:Api::Type::Time + name: 'updateTime' +======= immutable: true enum_values: - 'AUTHORIZATION_DIRECTION_TO' @@ -141,6 +233,7 @@ properties: output: true - name: 'updateTime' type: Time +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Time the AuthorizedOrgsDesc was updated in UTC. output: true diff --git a/mmv1/products/accesscontextmanager/EgressPolicy.yaml b/mmv1/products/accesscontextmanager/EgressPolicy.yaml index 26f89b895f1a..dcef25195f62 100644 --- a/mmv1/products/accesscontextmanager/EgressPolicy.yaml +++ b/mmv1/products/accesscontextmanager/EgressPolicy.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2018 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,50 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'EgressPolicy' +create_url: '{{egress_policy_name}}' +base_url: '' +self_link: '{{egress_policy_name}}' +create_verb: :PATCH +delete_verb: :PATCH +immutable: true +update_mask: true +identity: + - resource +nested_query: !ruby/object:Api::Resource::NestedQuery + modify_by_patch: true + is_list_of_ids: true + keys: + - status + - resources +references: !ruby/object:Api::Resource::ReferenceLinks + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#egresspolicy' +description: | + This resource has been deprecated, please refer to ServicePerimeterEgressPolicy. +autogen_async: true +exclude_tgc: true +# Skipping the sweeper due to the non-standard base_url and because this is fine-grained under ServicePerimeter/IngressPolicy +skip_sweeper: true +id_format: '{{egress_policy_name}}/{{resource}}' +import_format: ['{{egress_policy_name}}/{{resource}}'] +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/access_context_manager_service_perimeter_egress_policy.go.erb +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'egressPolicyName' + resource: 'ServicePerimeter' + imports: 'name' + description: | + The name of the Service Perimeter to add this resource to. + required: true + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'resource' +======= --- name: 'EgressPolicy' description: | @@ -73,6 +121,7 @@ parameters: properties: - name: 'resource' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A GCP resource that is inside of the service perimeter. required: true diff --git a/mmv1/products/accesscontextmanager/GcpUserAccessBinding.yaml b/mmv1/products/accesscontextmanager/GcpUserAccessBinding.yaml index 0c07c39a9e92..dfc0c5877b9e 100644 --- a/mmv1/products/accesscontextmanager/GcpUserAccessBinding.yaml +++ b/mmv1/products/accesscontextmanager/GcpUserAccessBinding.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2018 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,27 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'GcpUserAccessBinding' +base_url: 'organizations/{{organization_id}}/gcpUserAccessBindings' +self_link: '{{name}}' +update_verb: :PATCH +update_mask: true +description: | + Restricts access to Cloud Console and Google Cloud APIs for a set of users using Context-Aware Access. +references: !ruby/object:Api::Resource::ReferenceLinks + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/organizations.gcpUserAccessBindings' +id_format: '{{name}}' +import_format: ['{{name}}'] +autogen_async: true +exclude_tgc: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'access_context_manager_gcp_user_access_binding_basic' + # Has a handwritten test due to AccessPolicy-related tests needing to run synchronously + skip_test: true +======= --- name: 'GcpUserAccessBinding' description: | @@ -49,12 +74,50 @@ custom_code: exclude_tgc: true examples: - name: 'access_context_manager_gcp_user_access_binding_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'gcp_user_access_binding' vars: group_id: 'my-identity-group' access_level_id: 'access_level_id_for_user_access_binding' access_level_name: 'chromeos_no_lock' test_env_vars: +<<<<<<< HEAD + org_id: :ORG_ID + org_domain: :ORG_DOMAIN + cust_id: :CUST_ID +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/set_id_name_with_slashes.go.erb +parameters: + # Parent is a path parameter that _cannot_ be read or sent in the request at all. + # This must be done at the provider level. + - !ruby/object:Api::Type::String + name: organizationId + immutable: true + required: true + url_param_only: true + description: | + Required. ID of the parent organization. +properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + Immutable. Assigned by the server during creation. The last segment has an arbitrary length and has only URI unreserved characters (as defined by RFC 3986 Section 2.3). Should not be specified by the client during creation. Example: "organizations/256/gcpUserAccessBindings/b3-BhcX_Ud5N" + - !ruby/object:Api::Type::String + name: 'groupKey' + required: true + immutable: true + description: | + Required. Immutable. Google Group id whose members are subject to this binding's restrictions. See "id" in the G Suite Directory API's Groups resource. If a group's email address/alias is changed, this resource will continue to point at the changed group. This field does not accept group email addresses or aliases. Example: "01d520gv4vjcrht" + - !ruby/object:Api::Type::Array + name: 'accessLevels' + item_type: Api::Type::String + required: true + min_size: 1 + max_size: 1 + description: | + Required. Access level that a user must have to be granted access. Only one access level is supported, not multiple. This repeated field must have exactly one element. Example: "accessPolicies/9522/accessLevels/device_trusted" +======= org_id: 'ORG_ID' org_domain: 'ORG_DOMAIN' cust_id: 'CUST_ID' @@ -91,3 +154,4 @@ properties: type: String min_size: 1 max_size: 1 +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/accesscontextmanager/IngressPolicy.yaml b/mmv1/products/accesscontextmanager/IngressPolicy.yaml index 63e6e947ec27..4b92d92260f5 100644 --- a/mmv1/products/accesscontextmanager/IngressPolicy.yaml +++ b/mmv1/products/accesscontextmanager/IngressPolicy.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2018 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,50 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'IngressPolicy' +create_url: '{{ingress_policy_name}}' +base_url: '' +self_link: '{{ingress_policy_name}}' +create_verb: :PATCH +delete_verb: :PATCH +immutable: true +update_mask: true +identity: + - resource +nested_query: !ruby/object:Api::Resource::NestedQuery + modify_by_patch: true + is_list_of_ids: true + keys: + - status + - resources +references: !ruby/object:Api::Resource::ReferenceLinks + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#ingresspolicy' +description: | + This resource has been deprecated, please refer to ServicePerimeterIngressPolicy. +autogen_async: true +exclude_tgc: true +# Skipping the sweeper due to the non-standard base_url and because this is fine-grained under ServicePerimeter/IngressPolicy +skip_sweeper: true +id_format: '{{ingress_policy_name}}/{{resource}}' +import_format: ['{{ingress_policy_name}}/{{resource}}'] +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/access_context_manager_service_perimeter_ingress_policy.go.erb +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'ingressPolicyName' + resource: 'ServicePerimeter' + imports: 'name' + description: | + The name of the Service Perimeter to add this resource to. + required: true + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'resource' +======= --- name: 'IngressPolicy' description: | @@ -73,6 +121,7 @@ parameters: properties: - name: 'resource' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A GCP resource that is inside of the service perimeter. required: true diff --git a/mmv1/products/accesscontextmanager/ServicePerimeter.yaml b/mmv1/products/accesscontextmanager/ServicePerimeter.yaml index afcbfcf660df..4460b3c21cf8 100644 --- a/mmv1/products/accesscontextmanager/ServicePerimeter.yaml +++ b/mmv1/products/accesscontextmanager/ServicePerimeter.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2018 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,9 +15,29 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +# This is the singular of `ServicePerimeters`, any changes here should be made to `ServicePerimeters` as well +name: 'ServicePerimeter' +# This is an unusual API, so we need to use a few fields to map the methods +# to the right URL. +# create_url is the Create URL +# base_url is the Get and Delete and Patch URL. It is empty on purpose. +# List won't work yet. It should share a URL with Create. +create_url: '{{parent}}/servicePerimeters' +base_url: '' +self_link: '{{name}}' +update_verb: :PATCH +update_mask: true +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Service Perimeter Quickstart': 'https://cloud.google.com/vpc-service-controls/docs/quickstart' + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters' +======= --- # This is the singular of `ServicePerimeters`, any changes here should be made to `ServicePerimeters` as well name: 'ServicePerimeter' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | ServicePerimeter describes a set of GCP resources which can freely import and export data amongst themselves, but not export outside of the @@ -24,17 +48,33 @@ description: | GCP project can only belong to a single regular Service Perimeter. Service Perimeter Bridges can contain only GCP projects as members, a single GCP project may belong to multiple Service Perimeter Bridges. +<<<<<<< HEAD +docs: !ruby/object:Provider::Terraform::Docs +======= references: guides: 'Service Perimeter Quickstart': 'https://cloud.google.com/vpc-service-controls/docs/quickstart' api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters' docs: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 warning: | If you are using User ADCs (Application Default Credentials) with this resource, you must specify a `billing_project` and set `user_project_override` to true in the provider configuration. Otherwise the ACM API will return a 403 error. Your account must have the `serviceusage.services.use` permission on the `billing_project` you defined. +<<<<<<< HEAD +autogen_async: true +# Skipping the sweeper due to the non-standard base_url +skip_sweeper: true +id_format: '{{name}}' +import_format: ['{{name}}'] +mutex: '{{name}}' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'access_context_manager_service_perimeter_basic' + skip_test: true +======= id_format: '{{name}}' base_url: '' self_link: '{{name}}' @@ -74,10 +114,43 @@ custom_code: exclude_sweeper: true examples: - name: 'access_context_manager_service_perimeter_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'service-perimeter' vars: access_level_name: 'chromeos_no_lock' service_perimeter_name: 'restrict_storage' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'access_context_manager_service_perimeter_secure_data_exchange' + skip_test: true + primary_resource_id: 'secure-data-exchange' + vars: + access_level_name: 'secure_data_exchange' + - !ruby/object:Provider::Terraform::Examples + name: 'access_context_manager_service_perimeter_dry-run' + skip_test: true + primary_resource_id: 'service-perimeter' + vars: + service_perimeter_name: 'restrict_bigquery_dryrun_storage' +custom_code: !ruby/object:Provider::Terraform::CustomCode + encoder: templates/terraform/encoders/access_level_never_send_parent.go.erb + custom_import: templates/terraform/custom_import/set_access_policy_parent_from_self_link.go.erb +parameters: + # Parent is a path parameter that _cannot_ be read or sent in the request at all. + # This must be done at the provider level. + - !ruby/object:Api::Type::String + name: parent + immutable: true + required: true + description: | + The AccessPolicy this ServicePerimeter lives in. + Format: accessPolicies/{policy_id} + ignore_read: true + - !ruby/object:Api::Type::String + name: name + immutable: true + required: true +======= exclude_test: true - name: 'access_context_manager_service_perimeter_secure_data_exchange' primary_resource_id: 'secure-data-exchange' @@ -102,10 +175,36 @@ parameters: ignore_read: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Resource name for the ServicePerimeter. The short_name component must begin with a letter and only include alphanumeric and '_'. Format: accessPolicies/{policy_id}/servicePerimeters/{short_name} +<<<<<<< HEAD +properties: + - !ruby/object:Api::Type::String + name: title + required: true + description: | + Human readable title. Must be unique within the Policy. + - !ruby/object:Api::Type::String + name: 'description' + description: | + Description of the ServicePerimeter and its use. Does not affect + behavior. + - !ruby/object:Api::Type::Time + name: 'createTime' + description: | + Time the AccessPolicy was created in UTC. + output: true + - !ruby/object:Api::Type::Time + name: 'updateTime' + description: | + Time the AccessPolicy was updated in UTC. + output: true + - !ruby/object:Api::Type::Enum + name: 'perimeterType' +======= required: true immutable: true properties: @@ -131,6 +230,7 @@ properties: output: true - name: 'perimeterType' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the type of the Perimeter. There are two types: regular and bridge. Regular Service Perimeter contains resources, access levels, @@ -148,6 +248,16 @@ properties: topologies with many independent perimeters that need to share some data with a common perimeter, but should not be able to share data among themselves. +<<<<<<< HEAD + values: + - :PERIMETER_TYPE_REGULAR + - :PERIMETER_TYPE_BRIDGE + default_value: :PERIMETER_TYPE_REGULAR + custom_flatten: templates/terraform/custom_flatten/default_if_empty.erb + immutable: true + - !ruby/object:Api::Type::NestedObject + name: 'status' +======= immutable: true custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' default_value: "PERIMETER_TYPE_REGULAR" @@ -156,17 +266,33 @@ properties: - 'PERIMETER_TYPE_BRIDGE' - name: 'status' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | ServicePerimeter configuration. Specifies sets of resources, restricted services and access levels that determine perimeter content and boundaries. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'resources' +======= - name: 'resources' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of GCP resources that are inside of the service perimeter. Currently only projects are allowed. Format: projects/{project_number} +<<<<<<< HEAD + at_least_one_of: + - status.0.resources + - status.0.access_levels + - status.0.restricted_services + item_type: Api::Type::String + is_set: true + - !ruby/object:Api::Type::Array + name: 'accessLevels' +======= is_set: true at_least_one_of: - 'status.0.resources' @@ -176,6 +302,7 @@ properties: type: String - name: 'accessLevels' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of AccessLevel resource names that allow resources within the ServicePerimeter to be accessed from the internet. @@ -187,6 +314,16 @@ properties: be empty. Format: accessPolicies/{policy_id}/accessLevels/{access_level_name} +<<<<<<< HEAD + at_least_one_of: + - status.0.resources + - status.0.access_levels + - status.0.restricted_services + item_type: Api::Type::String + is_set: true + - !ruby/object:Api::Type::Array + name: 'restrictedServices' +======= is_set: true at_least_one_of: - 'status.0.resources' @@ -196,12 +333,23 @@ properties: type: String - name: 'restrictedServices' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | GCP services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if `storage.googleapis.com` is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions. +<<<<<<< HEAD + at_least_one_of: + - status.0.resources + - status.0.access_levels + - status.0.restricted_services + item_type: Api::Type::String + is_set: true + - !ruby/object:Api::Type::NestedObject + name: 'vpcAccessibleServices' +======= is_set: true at_least_one_of: - 'status.0.resources' @@ -211,10 +359,27 @@ properties: type: String - name: 'vpcAccessibleServices' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies how APIs are allowed to communicate within the Service Perimeter. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'enableRestriction' + description: | + Whether to restrict API calls within the Service Perimeter to the + list of APIs specified in 'allowedServices'. + - !ruby/object:Api::Type::Array + name: 'allowedServices' + description: | + The list of APIs usable within the Service Perimeter. + Must be empty unless `enableRestriction` is True. + item_type: Api::Type::String + is_set: true + - !ruby/object:Api::Type::Array + name: 'ingressPolicies' +======= - name: 'enableRestriction' type: Boolean description: | @@ -230,26 +395,50 @@ properties: type: String - name: 'ingressPolicies' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | List of `IngressPolicies` to apply to the perimeter. A perimeter may have multiple `IngressPolicies`, each of which is evaluated separately. Access is granted if any `Ingress Policy` grants it. Must be empty for a perimeter bridge. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::NestedObject + name: 'ingressFrom' +======= item_type: type: NestedObject properties: - name: 'ingressFrom' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Defines the conditions on the source of a request causing this `IngressPolicy` to apply. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'identityType' +======= - name: 'identityType' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the type of identities that are allowed access from outside the perimeter. If left unspecified, then members of `identities` field will be allowed access. +<<<<<<< HEAD + values: + - :IDENTITY_TYPE_UNSPECIFIED + - :ANY_IDENTITY + - :ANY_USER_ACCOUNT + - :ANY_SERVICE_ACCOUNT + - !ruby/object:Api::Type::Array + name: 'identities' + item_type: Api::Type::String + is_set: true +======= enum_values: - 'IDENTITY_TYPE_UNSPECIFIED' - 'ANY_IDENTITY' @@ -257,10 +446,21 @@ properties: - 'ANY_SERVICE_ACCOUNT' - name: 'identities' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of identities that are allowed access through this ingress policy. Should be in the format of email address. The email address should represent individual user or service account only. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'sources' + description: | + Sources that this `IngressPolicy` authorizes access from. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'accessLevel' +======= is_set: true item_type: type: String @@ -273,6 +473,7 @@ properties: properties: - name: 'accessLevel' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An `AccessLevel` resource name that allow resources within the `ServicePerimeters` to be accessed from the internet. `AccessLevels` listed @@ -282,8 +483,13 @@ properties: with request origins within the perimeter. Example `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL.` If * is specified, then all IngressSources will be allowed. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'resource' +======= - name: 'resource' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A Google Cloud resource that is allowed to ingress the perimeter. Requests from these resources will be allowed to access perimeter data. @@ -294,14 +500,26 @@ properties: The project may be in any Google Cloud organization, not just the organization that the perimeter is defined in. `*` is not allowed, the case of allowing all Google Cloud resources only is not supported. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'ingressTo' +======= - name: 'ingressTo' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Defines the conditions on the `ApiOperation` and request destination that cause this `IngressPolicy` to apply. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'resources' + item_type: Api::Type::String + is_set: true +======= - name: 'resources' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of resources, currently only projects in the form `projects/`, protected by this `ServicePerimeter` @@ -311,6 +529,17 @@ properties: then this `IngressTo` rule will authorize access to all resources inside the perimeter, provided that the request also matches the `operations` field. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'operations' + description: | + A list of `ApiOperations` the sources specified in corresponding `IngressFrom` + are allowed to perform in this `ServicePerimeter`. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'serviceName' +======= is_set: true item_type: type: String @@ -324,26 +553,48 @@ properties: properties: - name: 'serviceName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the API whose methods or permissions the `IngressPolicy` or `EgressPolicy` want to allow. A single `ApiOperation` with `serviceName` field set to `*` will allow all methods AND permissions for all services. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'methodSelectors' +======= - name: 'methodSelectors' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | API methods or permissions to allow. Method or permission must belong to the service specified by serviceName field. A single `MethodSelector` entry with `*` specified for the method field will allow all methods AND permissions for the service specified in `serviceName`. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'method' +======= item_type: type: NestedObject properties: - name: 'method' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Value for method should be a valid method name for the corresponding serviceName in `ApiOperation`. If `*` used as value for `method`, then ALL methods and permissions are allowed. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'permission' + description: | + Value for permission should be a valid Cloud IAM permission for the + corresponding `serviceName` in `ApiOperation`. + - !ruby/object:Api::Type::Array + name: 'egressPolicies' +======= - name: 'permission' type: String description: | @@ -351,11 +602,23 @@ properties: corresponding `serviceName` in `ApiOperation`. - name: 'egressPolicies' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | List of EgressPolicies to apply to the perimeter. A perimeter may have multiple EgressPolicies, each of which is evaluated separately. Access is granted if any EgressPolicy grants it. Must be empty for a perimeter bridge. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::NestedObject + name: 'egressFrom' + description: | + Defines conditions on the source of a request causing this `EgressPolicy` to apply. + properties: + - !ruby/object:Api::Type::Enum + name: 'identityType' +======= item_type: type: NestedObject properties: @@ -366,10 +629,35 @@ properties: properties: - name: 'identityType' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the type of identities that are allowed access to outside the perimeter. If left unspecified, then members of `identities` field will be allowed access. +<<<<<<< HEAD + values: + - :IDENTITY_TYPE_UNSPECIFIED + - :ANY_IDENTITY + - :ANY_USER_ACCOUNT + - :ANY_SERVICE_ACCOUNT + - !ruby/object:Api::Type::Array + name: 'sources' + description: 'Sources that this EgressPolicy authorizes access from.' + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'accessLevel' + description: 'An AccessLevel resource name that allows resources outside the ServicePerimeter to be accessed from the inside.' + - !ruby/object:Api::Type::Enum + name: 'sourceRestriction' + description: 'Whether to enforce traffic restrictions based on `sources` field. If the `sources` field is non-empty, then this field must be set to `SOURCE_RESTRICTION_ENABLED`.' + values: + - :SOURCE_RESTRICTION_UNSPECIFIED + - :SOURCE_RESTRICTION_ENABLED + - :SOURCE_RESTRICTION_DISABLED + - !ruby/object:Api::Type::Array + name: 'identities' +======= enum_values: - 'IDENTITY_TYPE_UNSPECIFIED' - 'ANY_IDENTITY' @@ -393,36 +681,68 @@ properties: - 'SOURCE_RESTRICTION_DISABLED' - name: 'identities' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of identities that are allowed access through this `EgressPolicy`. Should be in the format of email address. The email address should represent individual user or service account only. is_set: true +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::NestedObject + name: 'egressTo' +======= item_type: type: String - name: 'egressTo' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Defines the conditions on the `ApiOperation` and destination resources that cause this `EgressPolicy` to apply. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'resources' + is_set: true + item_type: Api::Type::String +======= - name: 'resources' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of resources, currently only projects in the form `projects/`, that match this to stanza. A request matches if it contains a resource in this list. If * is specified for resources, then this `EgressTo` rule will authorize access to all resources outside the perimeter. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'externalResources' + is_set: true + item_type: Api::Type::String +======= is_set: true item_type: type: String - name: 'externalResources' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of external resources that are allowed to be accessed. A request matches if it contains an external resource in this list (Example: s3://bucket/path). Currently '*' is not allowed. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'operations' + description: | + A list of `ApiOperations` that this egress rule applies to. A request matches + if it contains an operation/service in this list. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'serviceName' +======= is_set: true item_type: type: String @@ -436,26 +756,48 @@ properties: properties: - name: 'serviceName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the API whose methods or permissions the `IngressPolicy` or `EgressPolicy` want to allow. A single `ApiOperation` with serviceName field set to `*` will allow all methods AND permissions for all services. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'methodSelectors' +======= - name: 'methodSelectors' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | API methods or permissions to allow. Method or permission must belong to the service specified by `serviceName` field. A single MethodSelector entry with `*` specified for the `method` field will allow all methods AND permissions for the service specified in `serviceName`. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'method' +======= item_type: type: NestedObject properties: - name: 'method' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Value for `method` should be a valid method name for the corresponding `serviceName` in `ApiOperation`. If `*` used as value for method, then ALL methods and permissions are allowed. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'permission' + description: | + Value for permission should be a valid Cloud IAM permission for the + corresponding `serviceName` in `ApiOperation`. + - !ruby/object:Api::Type::NestedObject + name: 'spec' +======= - name: 'permission' type: String description: | @@ -463,18 +805,34 @@ properties: corresponding `serviceName` in `ApiOperation`. - name: 'spec' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Proposed (or dry run) ServicePerimeter configuration. This configuration allows to specify and test ServicePerimeter configuration without enforcing actual access restrictions. Only allowed to be set when the `useExplicitDryRunSpec` flag is set. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'resources' +======= - name: 'resources' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of GCP resources that are inside of the service perimeter. Currently only projects are allowed. Format: projects/{project_number} +<<<<<<< HEAD + at_least_one_of: + - spec.0.resources + - spec.0.access_levels + - spec.0.restricted_services + item_type: Api::Type::String + is_set: true + - !ruby/object:Api::Type::Array + name: 'accessLevels' +======= is_set: true at_least_one_of: - 'spec.0.resources' @@ -484,6 +842,7 @@ properties: type: String - name: 'accessLevels' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of AccessLevel resource names that allow resources within the ServicePerimeter to be accessed from the internet. @@ -495,6 +854,16 @@ properties: be empty. Format: accessPolicies/{policy_id}/accessLevels/{access_level_name} +<<<<<<< HEAD + at_least_one_of: + - spec.0.resources + - spec.0.access_levels + - spec.0.restricted_services + item_type: Api::Type::String + is_set: true + - !ruby/object:Api::Type::Array + name: 'restrictedServices' +======= is_set: true at_least_one_of: - 'spec.0.resources' @@ -504,12 +873,23 @@ properties: type: String - name: 'restrictedServices' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | GCP services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if `storage.googleapis.com` is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions. +<<<<<<< HEAD + at_least_one_of: + - spec.0.resources + - spec.0.access_levels + - spec.0.restricted_services + item_type: Api::Type::String + is_set: true + - !ruby/object:Api::Type::NestedObject + name: 'vpcAccessibleServices' +======= is_set: true at_least_one_of: - 'spec.0.resources' @@ -519,10 +899,27 @@ properties: type: String - name: 'vpcAccessibleServices' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies how APIs are allowed to communicate within the Service Perimeter. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'enableRestriction' + description: | + Whether to restrict API calls within the Service Perimeter to the + list of APIs specified in 'allowedServices'. + - !ruby/object:Api::Type::Array + name: 'allowedServices' + description: | + The list of APIs usable within the Service Perimeter. + Must be empty unless `enableRestriction` is True. + item_type: Api::Type::String + is_set: true + - !ruby/object:Api::Type::Array + name: 'ingressPolicies' +======= - name: 'enableRestriction' type: Boolean description: | @@ -538,26 +935,50 @@ properties: type: String - name: 'ingressPolicies' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | List of `IngressPolicies` to apply to the perimeter. A perimeter may have multiple `IngressPolicies`, each of which is evaluated separately. Access is granted if any `Ingress Policy` grants it. Must be empty for a perimeter bridge. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::NestedObject + name: 'ingressFrom' +======= item_type: type: NestedObject properties: - name: 'ingressFrom' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Defines the conditions on the source of a request causing this `IngressPolicy` to apply. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'identityType' +======= - name: 'identityType' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the type of identities that are allowed access from outside the perimeter. If left unspecified, then members of `identities` field will be allowed access. +<<<<<<< HEAD + values: + - :IDENTITY_TYPE_UNSPECIFIED + - :ANY_IDENTITY + - :ANY_USER_ACCOUNT + - :ANY_SERVICE_ACCOUNT + - !ruby/object:Api::Type::Array + name: 'identities' + item_type: Api::Type::String + is_set: true +======= enum_values: - 'IDENTITY_TYPE_UNSPECIFIED' - 'ANY_IDENTITY' @@ -565,10 +986,21 @@ properties: - 'ANY_SERVICE_ACCOUNT' - name: 'identities' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of identities that are allowed access through this ingress policy. Should be in the format of email address. The email address should represent individual user or service account only. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'sources' + description: | + Sources that this `IngressPolicy` authorizes access from. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'accessLevel' +======= is_set: true item_type: type: String @@ -581,6 +1013,7 @@ properties: properties: - name: 'accessLevel' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An `AccessLevel` resource name that allow resources within the `ServicePerimeters` to be accessed from the internet. `AccessLevels` listed @@ -590,8 +1023,13 @@ properties: with request origins within the perimeter. Example `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL.` If * is specified, then all IngressSources will be allowed. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'resource' +======= - name: 'resource' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A Google Cloud resource that is allowed to ingress the perimeter. Requests from these resources will be allowed to access perimeter data. @@ -599,14 +1037,26 @@ properties: The project may be in any Google Cloud organization, not just the organization that the perimeter is defined in. `*` is not allowed, the case of allowing all Google Cloud resources only is not supported. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'ingressTo' +======= - name: 'ingressTo' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Defines the conditions on the `ApiOperation` and request destination that cause this `IngressPolicy` to apply. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'resources' + item_type: Api::Type::String + is_set: true +======= - name: 'resources' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of resources, currently only projects in the form `projects/`, protected by this `ServicePerimeter` @@ -616,6 +1066,17 @@ properties: then this `IngressTo` rule will authorize access to all resources inside the perimeter, provided that the request also matches the `operations` field. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'operations' + description: | + A list of `ApiOperations` the sources specified in corresponding `IngressFrom` + are allowed to perform in this `ServicePerimeter`. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'serviceName' +======= is_set: true item_type: type: String @@ -629,26 +1090,48 @@ properties: properties: - name: 'serviceName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the API whose methods or permissions the `IngressPolicy` or `EgressPolicy` want to allow. A single `ApiOperation` with `serviceName` field set to `*` will allow all methods AND permissions for all services. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'methodSelectors' +======= - name: 'methodSelectors' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | API methods or permissions to allow. Method or permission must belong to the service specified by serviceName field. A single `MethodSelector` entry with `*` specified for the method field will allow all methods AND permissions for the service specified in `serviceName`. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'method' +======= item_type: type: NestedObject properties: - name: 'method' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Value for method should be a valid method name for the corresponding serviceName in `ApiOperation`. If `*` used as value for `method`, then ALL methods and permissions are allowed. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'permission' + description: | + Value for permission should be a valid Cloud IAM permission for the + corresponding `serviceName` in `ApiOperation`. + - !ruby/object:Api::Type::Array + name: 'egressPolicies' +======= - name: 'permission' type: String description: | @@ -656,11 +1139,23 @@ properties: corresponding `serviceName` in `ApiOperation`. - name: 'egressPolicies' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | List of EgressPolicies to apply to the perimeter. A perimeter may have multiple EgressPolicies, each of which is evaluated separately. Access is granted if any EgressPolicy grants it. Must be empty for a perimeter bridge. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::NestedObject + name: 'egressFrom' + description: | + Defines conditions on the source of a request causing this `EgressPolicy` to apply. + properties: + - !ruby/object:Api::Type::Enum + name: 'identityType' +======= item_type: type: NestedObject properties: @@ -671,10 +1166,35 @@ properties: properties: - name: 'identityType' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the type of identities that are allowed access to outside the perimeter. If left unspecified, then members of `identities` field will be allowed access. +<<<<<<< HEAD + values: + - :IDENTITY_TYPE_UNSPECIFIED + - :ANY_IDENTITY + - :ANY_USER_ACCOUNT + - :ANY_SERVICE_ACCOUNT + - !ruby/object:Api::Type::Array + name: 'sources' + description: 'Sources that this EgressPolicy authorizes access from.' + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'accessLevel' + description: 'An AccessLevel resource name that allows resources outside the ServicePerimeter to be accessed from the inside.' + - !ruby/object:Api::Type::Enum + name: 'sourceRestriction' + description: 'Whether to enforce traffic restrictions based on `sources` field. If the `sources` field is non-empty, then this field must be set to `SOURCE_RESTRICTION_ENABLED`.' + values: + - :SOURCE_RESTRICTION_UNSPECIFIED + - :SOURCE_RESTRICTION_ENABLED + - :SOURCE_RESTRICTION_DISABLED + - !ruby/object:Api::Type::Array + name: 'identities' +======= enum_values: - 'IDENTITY_TYPE_UNSPECIFIED' - 'ANY_IDENTITY' @@ -698,36 +1218,69 @@ properties: - 'SOURCE_RESTRICTION_DISABLED' - name: 'identities' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of identities that are allowed access through this `EgressPolicy`. Should be in the format of email address. The email address should represent individual user or service account only. +<<<<<<< HEAD + item_type: Api::Type::String + is_set: true + - !ruby/object:Api::Type::NestedObject + name: 'egressTo' +======= is_set: true item_type: type: String - name: 'egressTo' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Defines the conditions on the `ApiOperation` and destination resources that cause this `EgressPolicy` to apply. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'resources' + item_type: Api::Type::String + is_set: true +======= - name: 'resources' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of resources, currently only projects in the form `projects/`, that match this to stanza. A request matches if it contains a resource in this list. If * is specified for resources, then this `EgressTo` rule will authorize access to all resources outside the perimeter. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'externalResources' + item_type: Api::Type::String + is_set: true +======= is_set: true item_type: type: String - name: 'externalResources' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of external resources that are allowed to be accessed. A request matches if it contains an external resource in this list (Example: s3://bucket/path). Currently '*' is not allowed. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'operations' + description: | + A list of `ApiOperations` that this egress rule applies to. A request matches + if it contains an operation/service in this list. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'serviceName' +======= is_set: true item_type: type: String @@ -741,26 +1294,48 @@ properties: properties: - name: 'serviceName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the API whose methods or permissions the `IngressPolicy` or `EgressPolicy` want to allow. A single `ApiOperation` with serviceName field set to `*` will allow all methods AND permissions for all services. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'methodSelectors' +======= - name: 'methodSelectors' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | API methods or permissions to allow. Method or permission must belong to the service specified by `serviceName` field. A single MethodSelector entry with `*` specified for the `method` field will allow all methods AND permissions for the service specified in `serviceName`. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'method' +======= item_type: type: NestedObject properties: - name: 'method' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Value for `method` should be a valid method name for the corresponding `serviceName` in `ApiOperation`. If `*` used as value for method, then ALL methods and permissions are allowed. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'permission' + description: | + Value for permission should be a valid Cloud IAM permission for the + corresponding `serviceName` in `ApiOperation`. + - !ruby/object:Api::Type::Boolean + name: 'useExplicitDryRunSpec' +======= - name: 'permission' type: String description: | @@ -768,6 +1343,7 @@ properties: corresponding `serviceName` in `ApiOperation`. - name: 'useExplicitDryRunSpec' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Use explicit dry run spec flag. Ordinarily, a dry-run spec implicitly exists for all Service Perimeters, and that spec is identical to the status for those diff --git a/mmv1/products/accesscontextmanager/ServicePerimeterDryRunEgressPolicy.yaml b/mmv1/products/accesscontextmanager/ServicePerimeterDryRunEgressPolicy.yaml index 59eb01ac0cd2..e60410b20a64 100644 --- a/mmv1/products/accesscontextmanager/ServicePerimeterDryRunEgressPolicy.yaml +++ b/mmv1/products/accesscontextmanager/ServicePerimeterDryRunEgressPolicy.yaml @@ -10,9 +10,32 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'ServicePerimeterDryRunEgressPolicy' +create_url: '{{perimeter}}' +base_url: '' +self_link: '{{perimeter}}' +create_verb: :PATCH +delete_verb: :PATCH +update_mask: true +immutable: true +identity: + - egressFrom + - egressTo +nested_query: !ruby/object:Api::Resource::NestedQuery + modify_by_patch: true + is_list_of_ids: false + keys: + - spec + - egressPolicies +references: !ruby/object:Api::Resource::ReferenceLinks + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#egresspolicy' +======= --- name: 'ServicePerimeterDryRunEgressPolicy' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Manage a single EgressPolicy in the spec (dry-run) configuration for a service perimeter. EgressPolicies match requests based on egressFrom and egressTo stanzas. @@ -26,6 +49,42 @@ description: | ~> **Note:** By default, updates to this resource will remove the EgressPolicy from the from the perimeter and add it back in a non-atomic manner. To ensure that the new EgressPolicy is added before the old one is removed, add a `lifecycle` block with `create_before_destroy = true` to this resource. +<<<<<<< HEAD +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'access_context_manager_service_perimeter_dry_run_egress_policy' + skip_test: true +autogen_async: true +exclude_tgc: true +# Skipping the sweeper due to the non-standard base_url and because this is fine-grained under ServicePerimeter +skip_sweeper: true +exclude_import: true +id_format: '{{perimeter}}' +import_format: ['{{perimeter}}'] +mutex: '{{perimeter}}' +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/access_context_manager_service_perimeter_ingress_policy.go.erb + pre_update: templates/terraform/pre_create/access_context_manager_dry_run_resource.go.erb + pre_create: templates/terraform/pre_create/access_context_manager_dry_run_resource.go.erb + pre_delete: templates/terraform/pre_create/access_context_manager_dry_run_resource.go.erb +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'perimeter' + resource: 'ServicePerimeter' + imports: 'name' + description: | + The name of the Service Perimeter to add this resource to. + required: true + url_param_only: true +properties: + - !ruby/object:Api::Type::NestedObject + name: 'egressFrom' + description: | + Defines conditions on the source of a request causing this `EgressPolicy` to apply. + properties: + - !ruby/object:Api::Type::Enum + name: 'identityType' +======= references: guides: api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#egresspolicy' @@ -97,20 +156,49 @@ properties: properties: - name: 'identityType' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the type of identities that are allowed access to outside the perimeter. If left unspecified, then members of `identities` field will be allowed access. +<<<<<<< HEAD + values: + - :ANY_IDENTITY + - :ANY_USER_ACCOUNT + - :ANY_SERVICE_ACCOUNT + - !ruby/object:Api::Type::Array + name: 'identities' +======= enum_values: - 'ANY_IDENTITY' - 'ANY_USER_ACCOUNT' - 'ANY_SERVICE_ACCOUNT' - name: 'identities' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of identities that are allowed access through this `EgressPolicy`. Should be in the format of email address. The email address should represent individual user or service account only. +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'sources' + description: 'Sources that this EgressPolicy authorizes access from.' + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'accessLevel' + description: 'An AccessLevel resource name that allows resources outside the ServicePerimeter to be accessed from the inside.' + - !ruby/object:Api::Type::Enum + name: 'sourceRestriction' + description: 'Whether to enforce traffic restrictions based on `sources` field. If the `sources` field is non-empty, then this field must be set to `SOURCE_RESTRICTION_ENABLED`.' + values: + - :SOURCE_RESTRICTION_ENABLED + - :SOURCE_RESTRICTION_DISABLED + - !ruby/object:Api::Type::NestedObject + name: 'egressTo' +======= item_type: type: String - name: 'sources' @@ -130,26 +218,50 @@ properties: - 'SOURCE_RESTRICTION_DISABLED' - name: 'egressTo' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Defines the conditions on the `ApiOperation` and destination resources that cause this `EgressPolicy` to apply. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'resources' + item_type: Api::Type::String +======= - name: 'resources' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of resources, currently only projects in the form `projects/`, that match this to stanza. A request matches if it contains a resource in this list. If * is specified for resources, then this `EgressTo` rule will authorize access to all resources outside the perimeter. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'externalResources' + item_type: Api::Type::String +======= item_type: type: String - name: 'externalResources' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of external resources that are allowed to be accessed. A request matches if it contains an external resource in this list (Example: s3://bucket/path). Currently '*' is not allowed. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'operations' + description: | + A list of `ApiOperations` that this egress rule applies to. A request matches + if it contains an operation/service in this list. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'serviceName' +======= item_type: type: String - name: 'operations' @@ -162,28 +274,46 @@ properties: properties: - name: 'serviceName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the API whose methods or permissions the `IngressPolicy` or `EgressPolicy` want to allow. A single `ApiOperation` with serviceName field set to `*` will allow all methods AND permissions for all services. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'methodSelectors' +======= - name: 'methodSelectors' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | API methods or permissions to allow. Method or permission must belong to the service specified by `serviceName` field. A single MethodSelector entry with `*` specified for the `method` field will allow all methods AND permissions for the service specified in `serviceName`. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'method' +======= item_type: type: NestedObject properties: - name: 'method' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Value for `method` should be a valid method name for the corresponding `serviceName` in `ApiOperation`. If `*` used as value for method, then ALL methods and permissions are allowed. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'permission' +======= - name: 'permission' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Value for permission should be a valid Cloud IAM permission for the corresponding `serviceName` in `ApiOperation`. diff --git a/mmv1/products/accesscontextmanager/ServicePerimeterDryRunIngressPolicy.yaml b/mmv1/products/accesscontextmanager/ServicePerimeterDryRunIngressPolicy.yaml index fd51dd83af7f..fc70a9b55b44 100644 --- a/mmv1/products/accesscontextmanager/ServicePerimeterDryRunIngressPolicy.yaml +++ b/mmv1/products/accesscontextmanager/ServicePerimeterDryRunIngressPolicy.yaml @@ -10,9 +10,32 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'ServicePerimeterDryRunIngressPolicy' +create_url: '{{perimeter}}' +base_url: '' +self_link: '{{perimeter}}' +create_verb: :PATCH +delete_verb: :PATCH +update_mask: true +immutable: true +identity: + - ingressFrom + - ingressTo +nested_query: !ruby/object:Api::Resource::NestedQuery + modify_by_patch: true + is_list_of_ids: false + keys: + - spec + - ingressPolicies +references: !ruby/object:Api::Resource::ReferenceLinks + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#ingresspolicy' +======= --- name: 'ServicePerimeterDryRunIngressPolicy' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Manage a single IngressPolicy in the spec (dry-run) configuration for a service perimeter. IngressPolicies match requests based on ingressFrom and ingressTo stanzas. For an ingress policy to match, @@ -27,6 +50,37 @@ description: | ~> **Note:** By default, updates to this resource will remove the IngressPolicy from the from the perimeter and add it back in a non-atomic manner. To ensure that the new IngressPolicy is added before the old one is removed, add a `lifecycle` block with `create_before_destroy = true` to this resource. +<<<<<<< HEAD +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'access_context_manager_service_perimeter_dry_run_ingress_policy' + skip_test: true +autogen_async: true +exclude_tgc: true +# Skipping the sweeper due to the non-standard base_url and because this is fine-grained under ServicePerimeter +skip_sweeper: true +exclude_import: true +id_format: '{{perimeter}}' +import_format: ['{{perimeter}}'] +mutex: '{{perimeter}}' +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/access_context_manager_service_perimeter_ingress_policy.go.erb + pre_update: templates/terraform/pre_create/access_context_manager_dry_run_resource.go.erb + pre_create: templates/terraform/pre_create/access_context_manager_dry_run_resource.go.erb + pre_delete: templates/terraform/pre_create/access_context_manager_dry_run_resource.go.erb +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'perimeter' + resource: 'ServicePerimeter' + imports: 'name' + description: | + The name of the Service Perimeter to add this resource to. + required: true + url_param_only: true +properties: + - !ruby/object:Api::Type::NestedObject + name: 'ingressFrom' +======= references: guides: api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#ingresspolicy' @@ -93,26 +147,52 @@ parameters: properties: - name: 'ingressFrom' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Defines the conditions on the source of a request causing this `IngressPolicy` to apply. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'identityType' +======= - name: 'identityType' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the type of identities that are allowed access from outside the perimeter. If left unspecified, then members of `identities` field will be allowed access. +<<<<<<< HEAD + values: + - :ANY_IDENTITY + - :ANY_USER_ACCOUNT + - :ANY_SERVICE_ACCOUNT + - !ruby/object:Api::Type::Array + name: 'identities' + item_type: Api::Type::String +======= enum_values: - 'ANY_IDENTITY' - 'ANY_USER_ACCOUNT' - 'ANY_SERVICE_ACCOUNT' - name: 'identities' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of identities that are allowed access through this ingress policy. Should be in the format of email address. The email address should represent individual user or service account only. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'sources' + description: | + Sources that this `IngressPolicy` authorizes access from. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'accessLevel' +======= item_type: type: String - name: 'sources' @@ -124,6 +204,7 @@ properties: properties: - name: 'accessLevel' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An `AccessLevel` resource name that allow resources within the `ServicePerimeters` to be accessed from the internet. `AccessLevels` listed @@ -133,8 +214,13 @@ properties: with request origins within the perimeter. Example `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL.` If * is specified, then all IngressSources will be allowed. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'resource' +======= - name: 'resource' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A Google Cloud resource that is allowed to ingress the perimeter. Requests from these resources will be allowed to access perimeter data. @@ -142,14 +228,25 @@ properties: The project may be in any Google Cloud organization, not just the organization that the perimeter is defined in. `*` is not allowed, the case of allowing all Google Cloud resources only is not supported. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'ingressTo' +======= - name: 'ingressTo' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Defines the conditions on the `ApiOperation` and request destination that cause this `IngressPolicy` to apply. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'resources' + item_type: Api::Type::String +======= - name: 'resources' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of resources, currently only projects in the form `projects/`, protected by this `ServicePerimeter` @@ -159,6 +256,17 @@ properties: then this `IngressTo` rule will authorize access to all resources inside the perimeter, provided that the request also matches the `operations` field. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'operations' + description: | + A list of `ApiOperations` the sources specified in corresponding `IngressFrom` + are allowed to perform in this `ServicePerimeter`. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'serviceName' +======= item_type: type: String - name: 'operations' @@ -171,28 +279,46 @@ properties: properties: - name: 'serviceName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the API whose methods or permissions the `IngressPolicy` or `EgressPolicy` want to allow. A single `ApiOperation` with `serviceName` field set to `*` will allow all methods AND permissions for all services. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'methodSelectors' +======= - name: 'methodSelectors' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | API methods or permissions to allow. Method or permission must belong to the service specified by serviceName field. A single `MethodSelector` entry with `*` specified for the method field will allow all methods AND permissions for the service specified in `serviceName`. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'method' +======= item_type: type: NestedObject properties: - name: 'method' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Value for method should be a valid method name for the corresponding serviceName in `ApiOperation`. If `*` used as value for `method`, then ALL methods and permissions are allowed. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'permission' +======= - name: 'permission' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Value for permission should be a valid Cloud IAM permission for the corresponding `serviceName` in `ApiOperation`. diff --git a/mmv1/products/accesscontextmanager/ServicePerimeterDryRunResource.yaml b/mmv1/products/accesscontextmanager/ServicePerimeterDryRunResource.yaml index 3672777787a0..01e8feb1641e 100644 --- a/mmv1/products/accesscontextmanager/ServicePerimeterDryRunResource.yaml +++ b/mmv1/products/accesscontextmanager/ServicePerimeterDryRunResource.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2018 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,8 +15,32 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'ServicePerimeterDryRunResource' +create_url: '{{perimeter_name}}' +base_url: '' +self_link: '{{perimeter_name}}' +create_verb: :PATCH +delete_verb: :PATCH +immutable: true +update_mask: true +identity: + - resource +nested_query: !ruby/object:Api::Resource::NestedQuery + modify_by_patch: true + is_list_of_ids: true + keys: + - spec + - resources +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Service Perimeter Quickstart': 'https://cloud.google.com/vpc-service-controls/docs/quickstart' + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters' +======= --- name: 'ServicePerimeterDryRunResource' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Allows configuring a single GCP resource that should be inside of the `spec` block of a dry run service perimeter. This resource is intended to be used in cases where it is not possible to compile a full list @@ -23,17 +51,55 @@ description: | ~> **Note:** If this resource is used alongside a `google_access_context_manager_service_perimeter` resource, the service perimeter resource must have a `lifecycle` block with `ignore_changes = [spec[0].resources]` so they don't fight over which resources should be in the policy. +<<<<<<< HEAD +docs: !ruby/object:Provider::Terraform::Docs +======= references: guides: 'Service Perimeter Quickstart': 'https://cloud.google.com/vpc-service-controls/docs/quickstart' api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters' docs: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 warning: | If you are using User ADCs (Application Default Credentials) with this resource, you must specify a `billing_project` and set `user_project_override` to true in the provider configuration. Otherwise the ACM API will return a 403 error. Your account must have the `serviceusage.services.use` permission on the `billing_project` you defined. +<<<<<<< HEAD +autogen_async: true +exclude_tgc: true +# Skipping the sweeper due to the non-standard base_url and because this is fine-grained under ServicePerimeter +skip_sweeper: true +id_format: '{{perimeter_name}}/{{resource}}' +import_format: ['{{perimeter_name}}/{{resource}}'] +mutex: '{{perimeter_name}}' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'access_context_manager_service_perimeter_dry_run_resource_basic' + skip_test: true + primary_resource_id: 'service-perimeter-dry-run-resource' + vars: + service_perimeter_name: 'restrict_all' +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/access_context_manager_service_perimeter_resource.go.erb + pre_update: templates/terraform/pre_create/access_context_manager_dry_run_resource.go.erb + pre_create: templates/terraform/pre_create/access_context_manager_dry_run_resource.go.erb + pre_delete: templates/terraform/pre_create/access_context_manager_dry_run_resource.go.erb +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'perimeterName' + resource: 'ServicePerimeter' + imports: 'name' + description: | + The name of the Service Perimeter to add this resource to. + required: true + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'resource' +======= id_format: '{{perimeter_name}}/{{resource}}' base_url: '' self_link: '{{perimeter_name}}' @@ -98,6 +164,7 @@ parameters: properties: - name: 'resource' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A GCP resource that is inside of the service perimeter. Currently only projects are allowed. diff --git a/mmv1/products/accesscontextmanager/ServicePerimeterEgressPolicy.yaml b/mmv1/products/accesscontextmanager/ServicePerimeterEgressPolicy.yaml index 7e8dd583e830..db10798b2424 100644 --- a/mmv1/products/accesscontextmanager/ServicePerimeterEgressPolicy.yaml +++ b/mmv1/products/accesscontextmanager/ServicePerimeterEgressPolicy.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2018 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -10,9 +14,32 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'ServicePerimeterEgressPolicy' +create_url: '{{perimeter}}' +base_url: '' +self_link: '{{perimeter}}' +create_verb: :PATCH +delete_verb: :PATCH +update_mask: true +immutable: true +identity: + - egressFrom + - egressTo +nested_query: !ruby/object:Api::Resource::NestedQuery + modify_by_patch: true + is_list_of_ids: false + keys: + - status + - egressPolicies +references: !ruby/object:Api::Resource::ReferenceLinks + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#egresspolicy' +======= --- name: 'ServicePerimeterEgressPolicy' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Manage a single EgressPolicy in the status (enforced) configuration for a service perimeter. EgressPolicies match requests based on egressFrom and egressTo stanzas. @@ -26,6 +53,39 @@ description: | ~> **Note:** By default, updates to this resource will remove the EgressPolicy from the from the perimeter and add it back in a non-atomic manner. To ensure that the new EgressPolicy is added before the old one is removed, add a `lifecycle` block with `create_before_destroy = true` to this resource. +<<<<<<< HEAD +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'access_context_manager_service_perimeter_egress_policy' + skip_test: true +autogen_async: true +exclude_tgc: true +# Skipping the sweeper due to the non-standard base_url and because this is fine-grained under ServicePerimeter +skip_sweeper: true +exclude_import: true +id_format: '{{perimeter}}' +import_format: ['{{perimeter}}'] +mutex: '{{perimeter}}' +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/access_context_manager_service_perimeter_ingress_policy.go.erb +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'perimeter' + resource: 'ServicePerimeter' + imports: 'name' + description: | + The name of the Service Perimeter to add this resource to. + required: true + url_param_only: true +properties: + - !ruby/object:Api::Type::NestedObject + name: 'egressFrom' + description: | + Defines conditions on the source of a request causing this `EgressPolicy` to apply. + properties: + - !ruby/object:Api::Type::Enum + name: 'identityType' +======= references: guides: api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#egresspolicy' @@ -94,20 +154,50 @@ properties: properties: - name: 'identityType' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the type of identities that are allowed access to outside the perimeter. If left unspecified, then members of `identities` field will be allowed access. +<<<<<<< HEAD + values: + - :ANY_IDENTITY + - :ANY_USER_ACCOUNT + - :ANY_SERVICE_ACCOUNT + - !ruby/object:Api::Type::Array + name: 'identities' +======= enum_values: - 'ANY_IDENTITY' - 'ANY_USER_ACCOUNT' - 'ANY_SERVICE_ACCOUNT' - name: 'identities' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of identities that are allowed access through this `EgressPolicy`. Should be in the format of email address. The email address should represent individual user or service account only. +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'sources' + description: 'Sources that this EgressPolicy authorizes access from.' + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'accessLevel' + description: 'An AccessLevel resource name that allows resources outside the ServicePerimeter to be accessed from the inside.' + - !ruby/object:Api::Type::Enum + name: 'sourceRestriction' + description: 'Whether to enforce traffic restrictions based on `sources` field. If the `sources` field is non-empty, then this field must be set to `SOURCE_RESTRICTION_ENABLED`.' + values: + - :SOURCE_RESTRICTION_UNSPECIFIED + - :SOURCE_RESTRICTION_ENABLED + - :SOURCE_RESTRICTION_DISABLED + - !ruby/object:Api::Type::NestedObject + name: 'egressTo' +======= item_type: type: String - name: 'sources' @@ -128,26 +218,50 @@ properties: - 'SOURCE_RESTRICTION_DISABLED' - name: 'egressTo' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Defines the conditions on the `ApiOperation` and destination resources that cause this `EgressPolicy` to apply. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'resources' + item_type: Api::Type::String +======= - name: 'resources' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of resources, currently only projects in the form `projects/`, that match this to stanza. A request matches if it contains a resource in this list. If * is specified for resources, then this `EgressTo` rule will authorize access to all resources outside the perimeter. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'externalResources' + item_type: Api::Type::String +======= item_type: type: String - name: 'externalResources' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of external resources that are allowed to be accessed. A request matches if it contains an external resource in this list (Example: s3://bucket/path). Currently '*' is not allowed. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'operations' + description: | + A list of `ApiOperations` that this egress rule applies to. A request matches + if it contains an operation/service in this list. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'serviceName' +======= item_type: type: String - name: 'operations' @@ -160,28 +274,46 @@ properties: properties: - name: 'serviceName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the API whose methods or permissions the `IngressPolicy` or `EgressPolicy` want to allow. A single `ApiOperation` with serviceName field set to `*` will allow all methods AND permissions for all services. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'methodSelectors' +======= - name: 'methodSelectors' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | API methods or permissions to allow. Method or permission must belong to the service specified by `serviceName` field. A single MethodSelector entry with `*` specified for the `method` field will allow all methods AND permissions for the service specified in `serviceName`. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'method' +======= item_type: type: NestedObject properties: - name: 'method' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Value for `method` should be a valid method name for the corresponding `serviceName` in `ApiOperation`. If `*` used as value for method, then ALL methods and permissions are allowed. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'permission' +======= - name: 'permission' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Value for permission should be a valid Cloud IAM permission for the corresponding `serviceName` in `ApiOperation`. diff --git a/mmv1/products/accesscontextmanager/ServicePerimeterIngressPolicy.yaml b/mmv1/products/accesscontextmanager/ServicePerimeterIngressPolicy.yaml index 24034fc9024f..460f863b1545 100644 --- a/mmv1/products/accesscontextmanager/ServicePerimeterIngressPolicy.yaml +++ b/mmv1/products/accesscontextmanager/ServicePerimeterIngressPolicy.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2018 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -10,9 +14,32 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'ServicePerimeterIngressPolicy' +create_url: '{{perimeter}}' +base_url: '' +self_link: '{{perimeter}}' +create_verb: :PATCH +delete_verb: :PATCH +update_mask: true +immutable: true +identity: + - ingressFrom + - ingressTo +nested_query: !ruby/object:Api::Resource::NestedQuery + modify_by_patch: true + is_list_of_ids: false + keys: + - status + - ingressPolicies +references: !ruby/object:Api::Resource::ReferenceLinks + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#ingresspolicy' +======= --- name: 'ServicePerimeterIngressPolicy' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Manage a single IngressPolicy in the status (enforced) configuration for a service perimeter. IngressPolicies match requests based on ingressFrom and ingressTo stanzas. For an ingress policy to match, @@ -27,6 +54,34 @@ description: | ~> **Note:** By default, updates to this resource will remove the IngressPolicy from the from the perimeter and add it back in a non-atomic manner. To ensure that the new IngressPolicy is added before the old one is removed, add a `lifecycle` block with `create_before_destroy = true` to this resource. +<<<<<<< HEAD +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'access_context_manager_service_perimeter_ingress_policy' + skip_test: true +autogen_async: true +exclude_tgc: true +# Skipping the sweeper due to the non-standard base_url and because this is fine-grained under ServicePerimeter +skip_sweeper: true +exclude_import: true +id_format: '{{perimeter}}' +import_format: ['{{perimeter}}'] +mutex: '{{perimeter}}' +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/access_context_manager_service_perimeter_ingress_policy.go.erb +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'perimeter' + resource: 'ServicePerimeter' + imports: 'name' + description: | + The name of the Service Perimeter to add this resource to. + required: true + url_param_only: true +properties: + - !ruby/object:Api::Type::NestedObject + name: 'ingressFrom' +======= references: guides: api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#ingresspolicy' @@ -90,26 +145,52 @@ parameters: properties: - name: 'ingressFrom' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Defines the conditions on the source of a request causing this `IngressPolicy` to apply. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'identityType' +======= - name: 'identityType' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the type of identities that are allowed access from outside the perimeter. If left unspecified, then members of `identities` field will be allowed access. +<<<<<<< HEAD + values: + - :ANY_IDENTITY + - :ANY_USER_ACCOUNT + - :ANY_SERVICE_ACCOUNT + - !ruby/object:Api::Type::Array + name: 'identities' + item_type: Api::Type::String +======= enum_values: - 'ANY_IDENTITY' - 'ANY_USER_ACCOUNT' - 'ANY_SERVICE_ACCOUNT' - name: 'identities' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of identities that are allowed access through this ingress policy. Should be in the format of email address. The email address should represent individual user or service account only. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'sources' + description: | + Sources that this `IngressPolicy` authorizes access from. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'accessLevel' +======= item_type: type: String - name: 'sources' @@ -121,6 +202,7 @@ properties: properties: - name: 'accessLevel' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An `AccessLevel` resource name that allow resources within the `ServicePerimeters` to be accessed from the internet. `AccessLevels` listed @@ -130,8 +212,13 @@ properties: with request origins within the perimeter. Example `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL.` If * is specified, then all IngressSources will be allowed. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'resource' +======= - name: 'resource' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A Google Cloud resource that is allowed to ingress the perimeter. Requests from these resources will be allowed to access perimeter data. @@ -142,14 +229,25 @@ properties: The project may be in any Google Cloud organization, not just the organization that the perimeter is defined in. `*` is not allowed, the case of allowing all Google Cloud resources only is not supported. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'ingressTo' +======= - name: 'ingressTo' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Defines the conditions on the `ApiOperation` and request destination that cause this `IngressPolicy` to apply. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'resources' + item_type: Api::Type::String +======= - name: 'resources' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of resources, currently only projects in the form `projects/`, protected by this `ServicePerimeter` @@ -159,6 +257,17 @@ properties: then this `IngressTo` rule will authorize access to all resources inside the perimeter, provided that the request also matches the `operations` field. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'operations' + description: | + A list of `ApiOperations` the sources specified in corresponding `IngressFrom` + are allowed to perform in this `ServicePerimeter`. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'serviceName' +======= item_type: type: String - name: 'operations' @@ -171,28 +280,46 @@ properties: properties: - name: 'serviceName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the API whose methods or permissions the `IngressPolicy` or `EgressPolicy` want to allow. A single `ApiOperation` with `serviceName` field set to `*` will allow all methods AND permissions for all services. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'methodSelectors' +======= - name: 'methodSelectors' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | API methods or permissions to allow. Method or permission must belong to the service specified by serviceName field. A single `MethodSelector` entry with `*` specified for the method field will allow all methods AND permissions for the service specified in `serviceName`. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'method' +======= item_type: type: NestedObject properties: - name: 'method' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Value for method should be a valid method name for the corresponding serviceName in `ApiOperation`. If `*` used as value for `method`, then ALL methods and permissions are allowed. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'permission' +======= - name: 'permission' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Value for permission should be a valid Cloud IAM permission for the corresponding `serviceName` in `ApiOperation`. diff --git a/mmv1/products/accesscontextmanager/ServicePerimeterResource.yaml b/mmv1/products/accesscontextmanager/ServicePerimeterResource.yaml index 1716c9cdfa2e..08321d8e2856 100644 --- a/mmv1/products/accesscontextmanager/ServicePerimeterResource.yaml +++ b/mmv1/products/accesscontextmanager/ServicePerimeterResource.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2018 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,8 +15,32 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'ServicePerimeterResource' +create_url: '{{perimeter_name}}' +base_url: '' +self_link: '{{perimeter_name}}' +create_verb: :PATCH +delete_verb: :PATCH +immutable: true +update_mask: true +identity: + - resource +nested_query: !ruby/object:Api::Resource::NestedQuery + modify_by_patch: true + is_list_of_ids: true + keys: + - status + - resources +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Service Perimeter Quickstart': 'https://cloud.google.com/vpc-service-controls/docs/quickstart' + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters' +======= --- name: 'ServicePerimeterResource' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Allows configuring a single GCP resource that should be inside the `status` block of a service perimeter. This resource is intended to be used in cases where it is not possible to compile a full list @@ -23,17 +51,52 @@ description: | ~> **Note:** If this resource is used alongside a `google_access_context_manager_service_perimeter` resource, the service perimeter resource must have a `lifecycle` block with `ignore_changes = [status[0].resources]` so they don't fight over which resources should be in the policy. +<<<<<<< HEAD +docs: !ruby/object:Provider::Terraform::Docs +======= references: guides: 'Service Perimeter Quickstart': 'https://cloud.google.com/vpc-service-controls/docs/quickstart' api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters' docs: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 warning: | If you are using User ADCs (Application Default Credentials) with this resource, you must specify a `billing_project` and set `user_project_override` to true in the provider configuration. Otherwise the ACM API will return a 403 error. Your account must have the `serviceusage.services.use` permission on the `billing_project` you defined. +<<<<<<< HEAD +autogen_async: true +exclude_tgc: true +# Skipping the sweeper due to the non-standard base_url and because this is fine-grained under ServicePerimeter +skip_sweeper: true +id_format: '{{perimeter_name}}/{{resource}}' +import_format: ['{{perimeter_name}}/{{resource}}'] +mutex: '{{perimeter_name}}' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'access_context_manager_service_perimeter_resource_basic' + skip_test: true + primary_resource_id: 'service-perimeter-resource' + vars: + service_perimeter_name: 'restrict_all' +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/access_context_manager_service_perimeter_resource.go.erb +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'perimeterName' + resource: 'ServicePerimeter' + imports: 'name' + description: | + The name of the Service Perimeter to add this resource to. + required: true + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'resource' +======= id_format: '{{perimeter_name}}/{{resource}}' base_url: '' self_link: '{{perimeter_name}}' @@ -95,6 +158,7 @@ parameters: properties: - name: 'resource' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A GCP resource that is inside of the service perimeter. Currently only projects are allowed. diff --git a/mmv1/products/accesscontextmanager/ServicePerimeters.yaml b/mmv1/products/accesscontextmanager/ServicePerimeters.yaml index be783e2cb85e..bd506accfb3e 100644 --- a/mmv1/products/accesscontextmanager/ServicePerimeters.yaml +++ b/mmv1/products/accesscontextmanager/ServicePerimeters.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2018 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,13 +15,37 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource # This is the plural of `ServicePerimeter`, any changes here should be made to `ServicePerimeter` as well +name: 'ServicePerimeters' +base_url: '{{parent}}/servicePerimeters:replaceAll' +update_url: '{{parent}}/servicePerimeters:replaceAll' +self_link: '{{parent}}/servicePerimeters' +update_verb: :POST +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Service Perimeter Quickstart': 'https://cloud.google.com/vpc-service-controls/docs/quickstart' + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters' +======= --- # This is the plural of `ServicePerimeter`, any changes here should be made to `ServicePerimeter` as well name: 'ServicePerimeters' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Replace all existing Service Perimeters in an Access Policy with the Service Perimeters provided. This is done atomically. This is a bulk edit of all Service Perimeters and may override existing Service Perimeters created by `google_access_context_manager_service_perimeter`, thus causing a permadiff if used alongside `google_access_context_manager_service_perimeter` on the same parent. +<<<<<<< HEAD +autogen_async: true +# Skipping the sweeper due to the non-standard base_url +skip_sweeper: true +id_format: '{{parent}}/servicePerimeters' +import_format: ['{{parent}}/servicePerimeters'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'access_context_manager_service_perimeters_basic' + skip_test: true +======= references: guides: 'Service Perimeter Quickstart': 'https://cloud.google.com/vpc-service-controls/docs/quickstart' @@ -55,10 +83,39 @@ custom_code: exclude_sweeper: true examples: - name: 'access_context_manager_service_perimeters_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'service-perimeter' vars: access_level_name: 'chromeos_no_lock' service_perimeter_name: 'restrict_storage' +<<<<<<< HEAD +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/set_access_policy_parent_from_access_policy.go.erb + custom_delete: templates/terraform/custom_delete/replace_all_service_perimeters_empty_list.go.erb +parameters: + # Parent is a path parameter that _cannot_ be read or sent in the request at all. + # This must be done at the provider level. + - !ruby/object:Api::Type::String + name: parent + immutable: true + required: true + description: | + The AccessPolicy this ServicePerimeter lives in. + Format: accessPolicies/{policy_id} + ignore_read: true +properties: + - !ruby/object:Api::Type::Array + name: 'servicePerimeters' + description: | + The desired Service Perimeters that should replace all existing Service Perimeters in the Access Policy. + custom_flatten: 'templates/terraform/custom_flatten/accesscontextmanager_serviceperimeters_custom_flatten.go.erb' + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: name + immutable: true + required: true +======= exclude_test: true parameters: # Parent is a path parameter that _cannot_ be read or sent in the request at all. @@ -82,10 +139,35 @@ properties: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Resource name for the ServicePerimeter. The short_name component must begin with a letter and only include alphanumeric and '_'. Format: accessPolicies/{policy_id}/servicePerimeters/{short_name} +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: title + required: true + description: | + Human readable title. Must be unique within the Policy. + - !ruby/object:Api::Type::String + name: 'description' + description: | + Description of the ServicePerimeter and its use. Does not affect + behavior. + - !ruby/object:Api::Type::Time + name: 'createTime' + description: | + Time the AccessPolicy was created in UTC. + output: true + - !ruby/object:Api::Type::Time + name: 'updateTime' + description: | + Time the AccessPolicy was updated in UTC. + output: true + - !ruby/object:Api::Type::Enum + name: 'perimeterType' +======= required: true immutable: true - name: 'title' @@ -110,6 +192,7 @@ properties: output: true - name: 'perimeterType' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the type of the Perimeter. There are two types: regular and bridge. Regular Service Perimeter contains resources, access levels, @@ -127,6 +210,16 @@ properties: topologies with many independent perimeters that need to share some data with a common perimeter, but should not be able to share data among themselves. +<<<<<<< HEAD + values: + - :PERIMETER_TYPE_REGULAR + - :PERIMETER_TYPE_BRIDGE + default_value: :PERIMETER_TYPE_REGULAR + custom_flatten: templates/terraform/custom_flatten/default_if_empty.erb + immutable: true + - !ruby/object:Api::Type::NestedObject + name: 'status' +======= immutable: true custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' default_value: "PERIMETER_TYPE_REGULAR" @@ -135,28 +228,44 @@ properties: - 'PERIMETER_TYPE_BRIDGE' - name: 'status' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | ServicePerimeter configuration. Specifies sets of resources, restricted services and access levels that determine perimeter content and boundaries. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'resources' +======= - name: 'resources' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of GCP resources that are inside of the service perimeter. Currently only projects are allowed. Format: projects/{project_number} +<<<<<<< HEAD +======= is_set: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # TODO: (mbang) won't work for arrays yet, uncomment here once they are supported. # (github.com/hashicorp/terraform-plugin-sdk/issues/470) # at_least_one_of: # - status.0.resources # - status.0.access_levels # - status.0.restricted_services +<<<<<<< HEAD + item_type: Api::Type::String + is_set: true + - !ruby/object:Api::Type::Array + name: 'accessLevels' +======= item_type: type: String - name: 'accessLevels' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of AccessLevel resource names that allow resources within the ServicePerimeter to be accessed from the internet. @@ -168,6 +277,18 @@ properties: be empty. Format: accessPolicies/{policy_id}/accessLevels/{access_level_name} +<<<<<<< HEAD + # TODO: (mbang) won't work for arrays yet, uncomment here once they are supported. + # (github.com/hashicorp/terraform-plugin-sdk/issues/470) + # at_least_one_of: + # - status.0.resources + # - status.0.access_levels + # - status.0.restricted_services + item_type: Api::Type::String + is_set: true + - !ruby/object:Api::Type::Array + name: 'restrictedServices' +======= is_set: true # TODO: (mbang) won't work for arrays yet, uncomment here once they are supported. # (github.com/hashicorp/terraform-plugin-sdk/issues/470) @@ -179,12 +300,25 @@ properties: type: String - name: 'restrictedServices' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | GCP services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if `storage.googleapis.com` is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions. +<<<<<<< HEAD + # TODO: (mbang) won't work for arrays yet, uncomment here once they are supported. + # (github.com/hashicorp/terraform-plugin-sdk/issues/470) + # at_least_one_of: + # - status.0.resources + # - status.0.access_levels + # - status.0.restricted_services + item_type: Api::Type::String + is_set: true + - !ruby/object:Api::Type::NestedObject + name: 'vpcAccessibleServices' +======= is_set: true # TODO: (mbang) won't work for arrays yet, uncomment here once they are supported. # (github.com/hashicorp/terraform-plugin-sdk/issues/470) @@ -196,10 +330,27 @@ properties: type: String - name: 'vpcAccessibleServices' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies how APIs are allowed to communicate within the Service Perimeter. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'enableRestriction' + description: | + Whether to restrict API calls within the Service Perimeter to the + list of APIs specified in 'allowedServices'. + - !ruby/object:Api::Type::Array + name: 'allowedServices' + description: | + The list of APIs usable within the Service Perimeter. + Must be empty unless `enableRestriction` is True. + item_type: Api::Type::String + is_set: true + - !ruby/object:Api::Type::Array + name: 'ingressPolicies' +======= - name: 'enableRestriction' type: Boolean description: | @@ -215,27 +366,51 @@ properties: type: String - name: 'ingressPolicies' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | List of `IngressPolicies` to apply to the perimeter. A perimeter may have multiple `IngressPolicies`, each of which is evaluated separately. Access is granted if any `Ingress Policy` grants it. Must be empty for a perimeter bridge. is_set: true +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::NestedObject + name: 'ingressFrom' +======= item_type: type: NestedObject properties: - name: 'ingressFrom' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Defines the conditions on the source of a request causing this `IngressPolicy` to apply. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'identityType' +======= - name: 'identityType' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the type of identities that are allowed access from outside the perimeter. If left unspecified, then members of `identities` field will be allowed access. +<<<<<<< HEAD + values: + - :IDENTITY_TYPE_UNSPECIFIED + - :ANY_IDENTITY + - :ANY_USER_ACCOUNT + - :ANY_SERVICE_ACCOUNT + - !ruby/object:Api::Type::Array + name: 'identities' + is_set: true + item_type: Api::Type::String +======= enum_values: - 'IDENTITY_TYPE_UNSPECIFIED' - 'ANY_IDENTITY' @@ -243,10 +418,21 @@ properties: - 'ANY_SERVICE_ACCOUNT' - name: 'identities' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of identities that are allowed access through this ingress policy. Should be in the format of email address. The email address should represent individual user or service account only. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'sources' + description: | + Sources that this `IngressPolicy` authorizes access from. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'accessLevel' +======= is_set: true item_type: type: String @@ -259,6 +445,7 @@ properties: properties: - name: 'accessLevel' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An `AccessLevel` resource name that allow resources within the `ServicePerimeters` to be accessed from the internet. `AccessLevels` listed @@ -268,8 +455,13 @@ properties: with request origins within the perimeter. Example `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL.` If * is specified, then all IngressSources will be allowed. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'resource' +======= - name: 'resource' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A Google Cloud resource that is allowed to ingress the perimeter. Requests from these resources will be allowed to access perimeter data. @@ -277,14 +469,26 @@ properties: The project may be in any Google Cloud organization, not just the organization that the perimeter is defined in. `*` is not allowed, the case of allowing all Google Cloud resources only is not supported. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'ingressTo' +======= - name: 'ingressTo' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Defines the conditions on the `ApiOperation` and request destination that cause this `IngressPolicy` to apply. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'resources' + item_type: Api::Type::String + is_set: true +======= - name: 'resources' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of resources, currently only projects in the form `projects/`, protected by this `ServicePerimeter` @@ -294,6 +498,17 @@ properties: then this `IngressTo` rule will authorize access to all resources inside the perimeter, provided that the request also matches the `operations` field. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'operations' + description: | + A list of `ApiOperations` the sources specified in corresponding `IngressFrom` + are allowed to perform in this `ServicePerimeter`. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'serviceName' +======= is_set: true item_type: type: String @@ -307,26 +522,48 @@ properties: properties: - name: 'serviceName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the API whose methods or permissions the `IngressPolicy` or `EgressPolicy` want to allow. A single `ApiOperation` with `serviceName` field set to `*` will allow all methods AND permissions for all services. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'methodSelectors' +======= - name: 'methodSelectors' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | API methods or permissions to allow. Method or permission must belong to the service specified by serviceName field. A single `MethodSelector` entry with `*` specified for the method field will allow all methods AND permissions for the service specified in `serviceName`. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'method' +======= item_type: type: NestedObject properties: - name: 'method' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Value for method should be a valid method name for the corresponding serviceName in `ApiOperation`. If `*` used as value for `method`, then ALL methods and permissions are allowed. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'permission' + description: | + Value for permission should be a valid Cloud IAM permission for the + corresponding `serviceName` in `ApiOperation`. + - !ruby/object:Api::Type::Array + name: 'egressPolicies' +======= - name: 'permission' type: String description: | @@ -334,11 +571,23 @@ properties: corresponding `serviceName` in `ApiOperation`. - name: 'egressPolicies' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | List of EgressPolicies to apply to the perimeter. A perimeter may have multiple EgressPolicies, each of which is evaluated separately. Access is granted if any EgressPolicy grants it. Must be empty for a perimeter bridge. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::NestedObject + name: 'egressFrom' + description: | + Defines conditions on the source of a request causing this `EgressPolicy` to apply. + properties: + - !ruby/object:Api::Type::Enum + name: 'identityType' +======= item_type: type: NestedObject properties: @@ -349,10 +598,20 @@ properties: properties: - name: 'identityType' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the type of identities that are allowed access to outside the perimeter. If left unspecified, then members of `identities` field will be allowed access. +<<<<<<< HEAD + values: + - :IDENTITY_TYPE_UNSPECIFIED + - :ANY_IDENTITY + - :ANY_USER_ACCOUNT + - :ANY_SERVICE_ACCOUNT + - !ruby/object:Api::Type::Array + name: 'identities' +======= enum_values: - 'IDENTITY_TYPE_UNSPECIFIED' - 'ANY_IDENTITY' @@ -360,11 +619,32 @@ properties: - 'ANY_SERVICE_ACCOUNT' - name: 'identities' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of identities that are allowed access through this `EgressPolicy`. Should be in the format of email address. The email address should represent individual user or service account only. is_set: true +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'sources' + description: 'Sources that this EgressPolicy authorizes access from.' + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'accessLevel' + description: 'An AccessLevel resource name that allows resources outside the ServicePerimeter to be accessed from the inside.' + - !ruby/object:Api::Type::Enum + name: 'sourceRestriction' + description: 'Whether to enforce traffic restrictions based on `sources` field. If the `sources` field is non-empty, then this field must be set to `SOURCE_RESTRICTION_ENABLED`.' + values: + - :SOURCE_RESTRICTION_UNSPECIFIED + - :SOURCE_RESTRICTION_ENABLED + - :SOURCE_RESTRICTION_DISABLED + - !ruby/object:Api::Type::NestedObject + name: 'egressTo' +======= item_type: type: String - name: 'sources' @@ -385,27 +665,53 @@ properties: - 'SOURCE_RESTRICTION_DISABLED' - name: 'egressTo' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Defines the conditions on the `ApiOperation` and destination resources that cause this `EgressPolicy` to apply. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'resources' + item_type: Api::Type::String + is_set: true +======= - name: 'resources' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of resources, currently only projects in the form `projects/`, that match this to stanza. A request matches if it contains a resource in this list. If * is specified for resources, then this `EgressTo` rule will authorize access to all resources outside the perimeter. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'externalResources' + item_type: Api::Type::String + is_set: true +======= is_set: true item_type: type: String - name: 'externalResources' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of external resources that are allowed to be accessed. A request matches if it contains an external resource in this list (Example: s3://bucket/path). Currently '*' is not allowed. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'operations' + description: | + A list of `ApiOperations` that this egress rule applies to. A request matches + if it contains an operation/service in this list. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'serviceName' +======= is_set: true item_type: type: String @@ -419,26 +725,48 @@ properties: properties: - name: 'serviceName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the API whose methods or permissions the `IngressPolicy` or `EgressPolicy` want to allow. A single `ApiOperation` with serviceName field set to `*` will allow all methods AND permissions for all services. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'methodSelectors' +======= - name: 'methodSelectors' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | API methods or permissions to allow. Method or permission must belong to the service specified by `serviceName` field. A single MethodSelector entry with `*` specified for the `method` field will allow all methods AND permissions for the service specified in `serviceName`. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'method' +======= item_type: type: NestedObject properties: - name: 'method' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Value for `method` should be a valid method name for the corresponding `serviceName` in `ApiOperation`. If `*` used as value for method, then ALL methods and permissions are allowed. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'permission' + description: | + Value for permission should be a valid Cloud IAM permission for the + corresponding `serviceName` in `ApiOperation`. + - !ruby/object:Api::Type::NestedObject + name: 'spec' +======= - name: 'permission' type: String description: | @@ -446,14 +774,20 @@ properties: corresponding `serviceName` in `ApiOperation`. - name: 'spec' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Proposed (or dry run) ServicePerimeter configuration. This configuration allows to specify and test ServicePerimeter configuration without enforcing actual access restrictions. Only allowed to be set when the `useExplicitDryRunSpec` flag is set. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'resources' +======= - name: 'resources' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of GCP resources that are inside of the service perimeter. Currently only projects are allowed. @@ -465,10 +799,17 @@ properties: # - spec.0.access_levels # - spec.0.restricted_services is_set: true +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'accessLevels' + is_set: true +======= item_type: type: String - name: 'accessLevels' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of AccessLevel resource names that allow resources within the ServicePerimeter to be accessed from the internet. @@ -480,26 +821,67 @@ properties: be empty. Format: accessPolicies/{policy_id}/accessLevels/{access_level_name} +<<<<<<< HEAD + # TODO: (mbang) won't work for arrays yet, uncomment here once they are supported. + # (github.com/hashicorp/terraform-plugin-sdk/issues/470) + # at_least_one_of: + # - spec.0.resources + # - spec.0.access_levels + # - spec.0.restricted_services + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'restrictedServices' +======= is_set: true item_type: type: String - name: 'restrictedServices' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | GCP services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if `storage.googleapis.com` is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions. +<<<<<<< HEAD + # TODO: (mbang) won't work for arrays yet, uncomment here once they are supported. + # (github.com/hashicorp/terraform-plugin-sdk/issues/470) + # at_least_one_of: + # - spec.0.resources + # - spec.0.access_levels + # - spec.0.restricted_services + item_type: Api::Type::String + is_set: true + - !ruby/object:Api::Type::NestedObject + name: 'vpcAccessibleServices' +======= is_set: true item_type: type: String - name: 'vpcAccessibleServices' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies how APIs are allowed to communicate within the Service Perimeter. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'enableRestriction' + description: | + Whether to restrict API calls within the Service Perimeter to the + list of APIs specified in 'allowedServices'. + - !ruby/object:Api::Type::Array + name: 'allowedServices' + description: | + The list of APIs usable within the Service Perimeter. + Must be empty unless `enableRestriction` is True. + item_type: Api::Type::String + is_set: true + - !ruby/object:Api::Type::Array + name: 'ingressPolicies' +======= - name: 'enableRestriction' type: Boolean description: | @@ -515,26 +897,50 @@ properties: type: String - name: 'ingressPolicies' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | List of `IngressPolicies` to apply to the perimeter. A perimeter may have multiple `IngressPolicies`, each of which is evaluated separately. Access is granted if any `Ingress Policy` grants it. Must be empty for a perimeter bridge. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::NestedObject + name: 'ingressFrom' +======= item_type: type: NestedObject properties: - name: 'ingressFrom' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Defines the conditions on the source of a request causing this `IngressPolicy` to apply. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'identityType' +======= - name: 'identityType' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the type of identities that are allowed access from outside the perimeter. If left unspecified, then members of `identities` field will be allowed access. +<<<<<<< HEAD + values: + - :IDENTITY_TYPE_UNSPECIFIED + - :ANY_IDENTITY + - :ANY_USER_ACCOUNT + - :ANY_SERVICE_ACCOUNT + - !ruby/object:Api::Type::Array + name: 'identities' + is_set: true + item_type: Api::Type::String +======= enum_values: - 'IDENTITY_TYPE_UNSPECIFIED' - 'ANY_IDENTITY' @@ -542,10 +948,21 @@ properties: - 'ANY_SERVICE_ACCOUNT' - name: 'identities' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of identities that are allowed access through this ingress policy. Should be in the format of email address. The email address should represent individual user or service account only. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'sources' + description: | + Sources that this `IngressPolicy` authorizes access from. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'accessLevel' +======= is_set: true item_type: type: String @@ -558,6 +975,7 @@ properties: properties: - name: 'accessLevel' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An `AccessLevel` resource name that allow resources within the `ServicePerimeters` to be accessed from the internet. `AccessLevels` listed @@ -567,8 +985,13 @@ properties: with request origins within the perimeter. Example `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL.` If * is specified, then all IngressSources will be allowed. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'resource' +======= - name: 'resource' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A Google Cloud resource that is allowed to ingress the perimeter. Requests from these resources will be allowed to access perimeter data. @@ -576,14 +999,26 @@ properties: The project may be in any Google Cloud organization, not just the organization that the perimeter is defined in. `*` is not allowed, the case of allowing all Google Cloud resources only is not supported. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'ingressTo' +======= - name: 'ingressTo' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Defines the conditions on the `ApiOperation` and request destination that cause this `IngressPolicy` to apply. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'resources' + item_type: Api::Type::String + is_set: true +======= - name: 'resources' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of resources, currently only projects in the form `projects/`, protected by this `ServicePerimeter` @@ -593,6 +1028,17 @@ properties: then this `IngressTo` rule will authorize access to all resources inside the perimeter, provided that the request also matches the `operations` field. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'operations' + description: | + A list of `ApiOperations` the sources specified in corresponding `IngressFrom` + are allowed to perform in this `ServicePerimeter`. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'serviceName' +======= is_set: true item_type: type: String @@ -606,26 +1052,48 @@ properties: properties: - name: 'serviceName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the API whose methods or permissions the `IngressPolicy` or `EgressPolicy` want to allow. A single `ApiOperation` with `serviceName` field set to `*` will allow all methods AND permissions for all services. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'methodSelectors' +======= - name: 'methodSelectors' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | API methods or permissions to allow. Method or permission must belong to the service specified by serviceName field. A single `MethodSelector` entry with `*` specified for the method field will allow all methods AND permissions for the service specified in `serviceName`. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'method' +======= item_type: type: NestedObject properties: - name: 'method' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Value for method should be a valid method name for the corresponding serviceName in `ApiOperation`. If `*` used as value for `method`, then ALL methods and permissions are allowed. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'permission' + description: | + Value for permission should be a valid Cloud IAM permission for the + corresponding `serviceName` in `ApiOperation`. + - !ruby/object:Api::Type::Array + name: 'egressPolicies' +======= - name: 'permission' type: String description: | @@ -633,11 +1101,23 @@ properties: corresponding `serviceName` in `ApiOperation`. - name: 'egressPolicies' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | List of EgressPolicies to apply to the perimeter. A perimeter may have multiple EgressPolicies, each of which is evaluated separately. Access is granted if any EgressPolicy grants it. Must be empty for a perimeter bridge. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::NestedObject + name: 'egressFrom' + description: | + Defines conditions on the source of a request causing this `EgressPolicy` to apply. + properties: + - !ruby/object:Api::Type::Enum + name: 'identityType' +======= item_type: type: NestedObject properties: @@ -648,10 +1128,20 @@ properties: properties: - name: 'identityType' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the type of identities that are allowed access to outside the perimeter. If left unspecified, then members of `identities` field will be allowed access. +<<<<<<< HEAD + values: + - :IDENTITY_TYPE_UNSPECIFIED + - :ANY_IDENTITY + - :ANY_USER_ACCOUNT + - :ANY_SERVICE_ACCOUNT + - !ruby/object:Api::Type::Array + name: 'identities' +======= enum_values: - 'IDENTITY_TYPE_UNSPECIFIED' - 'ANY_IDENTITY' @@ -659,10 +1149,32 @@ properties: - 'ANY_SERVICE_ACCOUNT' - name: 'identities' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of identities that are allowed access through this `EgressPolicy`. Should be in the format of email address. The email address should represent individual user or service account only. +<<<<<<< HEAD + item_type: Api::Type::String + is_set: true + - !ruby/object:Api::Type::Array + name: 'sources' + description: 'Sources that this EgressPolicy authorizes access from.' + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'accessLevel' + description: 'An AccessLevel resource name that allows resources outside the ServicePerimeter to be accessed from the inside.' + - !ruby/object:Api::Type::Enum + name: 'sourceRestriction' + description: 'Whether to enforce traffic restrictions based on `sources` field. If the `sources` field is non-empty, then this field must be set to `SOURCE_RESTRICTION_ENABLED`.' + values: + - :SOURCE_RESTRICTION_UNSPECIFIED + - :SOURCE_RESTRICTION_ENABLED + - :SOURCE_RESTRICTION_DISABLED + - !ruby/object:Api::Type::NestedObject + name: 'egressTo' +======= is_set: true item_type: type: String @@ -684,27 +1196,53 @@ properties: - 'SOURCE_RESTRICTION_DISABLED' - name: 'egressTo' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Defines the conditions on the `ApiOperation` and destination resources that cause this `EgressPolicy` to apply. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'resources' + item_type: Api::Type::String + is_set: true +======= - name: 'resources' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of resources, currently only projects in the form `projects/`, that match this to stanza. A request matches if it contains a resource in this list. If * is specified for resources, then this `EgressTo` rule will authorize access to all resources outside the perimeter. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'externalResources' + item_type: Api::Type::String + is_set: true +======= is_set: true item_type: type: String - name: 'externalResources' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of external resources that are allowed to be accessed. A request matches if it contains an external resource in this list (Example: s3://bucket/path). Currently '*' is not allowed. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'operations' + description: | + A list of `ApiOperations` that this egress rule applies to. A request matches + if it contains an operation/service in this list. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'serviceName' +======= is_set: true item_type: type: String @@ -718,26 +1256,48 @@ properties: properties: - name: 'serviceName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the API whose methods or permissions the `IngressPolicy` or `EgressPolicy` want to allow. A single `ApiOperation` with serviceName field set to `*` will allow all methods AND permissions for all services. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'methodSelectors' +======= - name: 'methodSelectors' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | API methods or permissions to allow. Method or permission must belong to the service specified by `serviceName` field. A single MethodSelector entry with `*` specified for the `method` field will allow all methods AND permissions for the service specified in `serviceName`. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'method' +======= item_type: type: NestedObject properties: - name: 'method' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Value for `method` should be a valid method name for the corresponding `serviceName` in `ApiOperation`. If `*` used as value for method, then ALL methods and permissions are allowed. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'permission' + description: | + Value for permission should be a valid Cloud IAM permission for the + corresponding `serviceName` in `ApiOperation`. + - !ruby/object:Api::Type::Boolean + name: 'useExplicitDryRunSpec' +======= - name: 'permission' type: String description: | @@ -745,6 +1305,7 @@ properties: corresponding `serviceName` in `ApiOperation`. - name: 'useExplicitDryRunSpec' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Use explicit dry run spec flag. Ordinarily, a dry-run spec implicitly exists for all Service Perimeters, and that spec is identical to the status for those diff --git a/mmv1/products/accesscontextmanager/go_AccessLevel.yaml b/mmv1/products/accesscontextmanager/go_AccessLevel.yaml new file mode 100644 index 000000000000..b659d38cde1c --- /dev/null +++ b/mmv1/products/accesscontextmanager/go_AccessLevel.yaml @@ -0,0 +1,323 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +# This is the singular of `AccessLevels`, any changes here should be made to `AccessLevels` as well +name: 'AccessLevel' +description: | + An AccessLevel is a label that can be applied to requests to GCP services, + along with a list of requirements necessary for the label to be applied. +references: + guides: + 'Access Policy Quickstart': 'https://cloud.google.com/access-context-manager/docs/quickstart' + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.accessLevels' +docs: + warning: | + If you are using User ADCs (Application Default Credentials) with this resource, + you must specify a `billing_project` and set `user_project_override` to true + in the provider configuration. Otherwise the ACM API will return a 403 error. + Your account must have the `serviceusage.services.use` permission on the + `billing_project` you defined. +id_format: '{{name}}' +base_url: '' +self_link: '{{name}}' +# This is an unusual API, so we need to use a few fields to map the methods +# to the right URL. +# create_url is the Create URL +# base_url is the Get and Delete and Patch URL. It is empty on purpose. +# List won't work yet. It should share a URL with Create. +create_url: '{{parent}}/accessLevels' +update_verb: 'PATCH' +update_mask: true +import_format: + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: + encoder: 'templates/terraform/encoders/go/access_level_never_send_parent.go.tmpl' + custom_import: 'templates/terraform/custom_import/go/set_access_policy_parent_from_self_link.go.tmpl' +# Skipping the sweeper due to the non-standard base_url +exclude_sweeper: true +examples: + - name: 'access_context_manager_access_level_basic' + primary_resource_id: 'access-level' + vars: + access_level_name: 'chromeos_no_lock' + exclude_test: true +parameters: + # Parent is a path parameter that _cannot_ be read or sent in the request at all. + # This must be done at the provider level. + - name: 'parent' + type: String + description: | + The AccessPolicy this AccessLevel lives in. + Format: accessPolicies/{policy_id} + required: true + immutable: true + ignore_read: true + - name: 'name' + type: String + description: | + Resource name for the Access Level. The short_name component must begin + with a letter and only include alphanumeric and '_'. + Format: accessPolicies/{policy_id}/accessLevels/{short_name} + required: true + immutable: true +properties: + - name: 'title' + type: String + description: | + Human readable title. Must be unique within the Policy. + required: true + - name: 'description' + type: String + description: | + Description of the AccessLevel and its use. Does not affect behavior. + - name: 'basic' + type: NestedObject + description: | + A set of predefined conditions for the access level and a combining function. + conflicts: + - custom + properties: + - name: 'combiningFunction' + type: Enum + description: | + How the conditions list should be combined to determine if a request + is granted this AccessLevel. If AND is used, each Condition in + conditions must be satisfied for the AccessLevel to be applied. If + OR is used, at least one Condition in conditions must be satisfied + for the AccessLevel to be applied. + custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' + default_value: "AND" + enum_values: + - 'AND' + - 'OR' + # All of the false defaults below here are omitted on purpose. + # Let's keep this as simple as possible, since they will all be set by the API. + - name: 'conditions' + type: Array + description: | + A set of requirements for the AccessLevel to be granted. + required: true + item_type: + type: NestedObject + properties: + - name: 'ipSubnetworks' + type: Array + description: | + A list of CIDR block IP subnetwork specification. May be IPv4 + or IPv6. + Note that for a CIDR IP address block, the specified IP address + portion must be properly truncated (i.e. all the host bits must + be zero) or the input is considered malformed. For example, + "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly, + for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32" + is not. The originating IP of a request must be in one of the + listed subnets in order for this Condition to be true. + If empty, all IP addresses are allowed. + item_type: + type: String + - name: 'requiredAccessLevels' + type: Array + description: | + A list of other access levels defined in the same Policy, + referenced by resource name. Referencing an AccessLevel which + does not exist is an error. All access levels listed must be + granted for the Condition to be true. + Format: accessPolicies/{policy_id}/accessLevels/{short_name} + item_type: + type: String + - name: 'members' + type: Array + description: | + An allowed list of members (users, service accounts). + Using groups is not supported yet. + + The signed-in user originating the request must be a part of one + of the provided members. If not specified, a request may come + from any user (logged in/not logged in, not present in any + groups, etc.). + Formats: `user:{emailid}`, `serviceAccount:{emailid}` + item_type: + type: String + - name: 'negate' + type: Boolean + description: | + Whether to negate the Condition. If true, the Condition becomes + a NAND over its non-empty fields, each field must be false for + the Condition overall to be satisfied. Defaults to false. + - name: 'devicePolicy' + type: NestedObject + description: | + Device specific restrictions, all restrictions must hold for + the Condition to be true. If not specified, all devices are + allowed. + properties: + - name: 'requireScreenLock' + type: Boolean + description: | + Whether or not screenlock is required for the DevicePolicy + to be true. Defaults to false. + api_name: requireScreenlock + - name: 'allowedEncryptionStatuses' + type: Array + description: | + A list of allowed encryptions statuses. + An empty list allows all statuses. + item_type: + type: Enum + description: | + This field only has a name and description because of MM + limitations. It should not appear in downstreams. + enum_values: + - 'ENCRYPTION_UNSPECIFIED' + - 'ENCRYPTION_UNSUPPORTED' + - 'UNENCRYPTED' + - 'ENCRYPTED' + - name: 'allowedDeviceManagementLevels' + type: Array + description: | + A list of allowed device management levels. + An empty list allows all management levels. + item_type: + type: Enum + description: | + This field only has a name and description because of MM + limitations. It should not appear in downstreams. + enum_values: + - 'MANAGEMENT_UNSPECIFIED' + - 'NONE' + - 'BASIC' + - 'COMPLETE' + - name: 'osConstraints' + type: Array + description: | + A list of allowed OS versions. + An empty list allows all types and all versions. + item_type: + type: NestedObject + properties: + - name: 'minimumVersion' + type: String + description: | + The minimum allowed OS version. If not set, any version + of this OS satisfies the constraint. + Format: "major.minor.patch" such as "10.5.301", "9.2.1". + - name: 'requireVerifiedChromeOs' + type: Boolean + description: + If you specify DESKTOP_CHROME_OS for osType, you can + optionally include requireVerifiedChromeOs to require + Chrome Verified Access. + - name: 'osType' + type: Enum + description: | + The operating system type of the device. + required: true + enum_values: + - 'OS_UNSPECIFIED' + - 'DESKTOP_MAC' + - 'DESKTOP_WINDOWS' + - 'DESKTOP_LINUX' + - 'DESKTOP_CHROME_OS' + - 'ANDROID' + - 'IOS' + - name: 'requireAdminApproval' + type: Boolean + description: | + Whether the device needs to be approved by the customer admin. + - name: 'requireCorpOwned' + type: Boolean + description: | + Whether the device needs to be corp owned. + - name: 'regions' + type: Array + description: | + The request must originate from one of the provided + countries/regions. + Format: A valid ISO 3166-1 alpha-2 code. + item_type: + type: String + - name: 'vpcNetworkSources' + type: Array + description: 'The request must originate from one of the provided VPC networks in Google Cloud. Cannot specify this field together with `ip_subnetworks`.' + item_type: + type: NestedObject + properties: + - name: 'vpcSubnetwork' + type: NestedObject + description: 'Sub networks within a VPC network.' + properties: + - name: 'network' + type: String + description: 'Required. Network name to be allowed by this Access Level. Networks of foreign organizations requires `compute.network.get` permission to be granted to caller.' + required: true + - name: 'vpcIpSubnetworks' + type: Array + description: 'CIDR block IP subnetwork specification. Must be IPv4.' + item_type: + type: String + min_size: 1 + - name: 'custom' + type: NestedObject + description: | + Custom access level conditions are set using the Cloud Common Expression Language to represent the necessary conditions for the level to apply to a request. + See CEL spec at: https://github.com/google/cel-spec. + conflicts: + - basic + properties: + - name: 'expr' + type: NestedObject + description: | + Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. + This page details the objects and attributes that are used to the build the CEL expressions for + custom access levels - https://cloud.google.com/access-context-manager/docs/custom-access-level-spec. + required: true + properties: + - name: 'expression' + type: String + description: + Textual representation of an expression in Common Expression + Language syntax. + required: true + - name: 'title' + type: String + description: + Title for the expression, i.e. a short string describing its + purpose. + - name: 'description' + type: String + description: Description of the expression + - name: 'location' + type: String + description: + String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file diff --git a/mmv1/products/accesscontextmanager/go_AccessLevelCondition.yaml b/mmv1/products/accesscontextmanager/go_AccessLevelCondition.yaml new file mode 100644 index 000000000000..2f55b8fb1c6c --- /dev/null +++ b/mmv1/products/accesscontextmanager/go_AccessLevelCondition.yaml @@ -0,0 +1,250 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'AccessLevelCondition' +description: | + Allows configuring a single access level condition to be appended to an access level's conditions. + This resource is intended to be used in cases where it is not possible to compile a full list + of conditions to include in a `google_access_context_manager_access_level` resource, + to enable them to be added separately. + + ~> **Note:** If this resource is used alongside a `google_access_context_manager_access_level` resource, + the access level resource must have a `lifecycle` block with `ignore_changes = [basic[0].conditions]` so + they don't fight over which service accounts should be included. +references: + guides: + 'Access Policy Quickstart': 'https://cloud.google.com/access-context-manager/docs/quickstart' + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.accessLevels' +docs: + warning: | + If you are using User ADCs (Application Default Credentials) with this resource, + you must specify a `billing_project` and set `user_project_override` to true + in the provider configuration. Otherwise the ACM API will return a 403 error. + Your account must have the `serviceusage.services.use` permission on the + `billing_project` you defined. +id_format: '{{access_level}}' +base_url: '' +self_link: '{{access_level}}' +# This is an unusual API, so we need to use a few fields to map the methods +# to the right URL. +# create_url is the Create URL +# base_url is the Get and Delete and Patch URL. It is empty on purpose. +# List won't work yet. It should share a URL with Create. +create_url: '{{access_level}}' +create_verb: 'PATCH' +update_mask: true +delete_verb: 'PATCH' +immutable: true +mutex: '{{access_level}}' +import_format: + - '{{access_level}}' + # no unique way to specify +exclude_import: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + type: 'PollAsync' + check_response_func_existence: 'transport_tpg.PollCheckForExistence' + check_response_func_absence: 'transport_tpg.PollCheckForAbsence' + suppress_error: false + target_occurrences: 1 + actions: ['create'] +identity: + - ipSubnetworks + - requiredAccessLevels + - members + - negate + - devicePolicy + - regions +nested_query: + keys: + - basic + - conditions + is_list_of_ids: false + modify_by_patch: true +custom_code: +exclude_tgc: true +# Skipping the sweeper due to the non-standard base_url and because this is fine-grained under AccessLevel +exclude_sweeper: true +examples: + - name: 'access_context_manager_access_level_condition_basic' + primary_resource_id: 'access-level-condition' + vars: + access_level_name: 'chromeos_no_lock' + account_id: 'my-account-id' + exclude_test: true +parameters: + - name: 'accessLevel' + type: ResourceRef + description: | + The name of the Access Level to add this condition to. + url_param_only: true + required: true + immutable: true + resource: 'AccessLevel' + imports: 'name' +properties: + - name: 'ipSubnetworks' + type: Array + description: | + A list of CIDR block IP subnetwork specification. May be IPv4 + or IPv6. + Note that for a CIDR IP address block, the specified IP address + portion must be properly truncated (i.e. all the host bits must + be zero) or the input is considered malformed. For example, + "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly, + for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32" + is not. The originating IP of a request must be in one of the + listed subnets in order for this Condition to be true. + If empty, all IP addresses are allowed. + item_type: + type: String + - name: 'requiredAccessLevels' + type: Array + description: | + A list of other access levels defined in the same Policy, + referenced by resource name. Referencing an AccessLevel which + does not exist is an error. All access levels listed must be + granted for the Condition to be true. + Format: accessPolicies/{policy_id}/accessLevels/{short_name} + item_type: + type: String + - name: 'members' + type: Array + description: | + An allowed list of members (users, service accounts). + Using groups is not supported yet. + + The signed-in user originating the request must be a part of one + of the provided members. If not specified, a request may come + from any user (logged in/not logged in, not present in any + groups, etc.). + Formats: `user:{emailid}`, `serviceAccount:{emailid}` + item_type: + type: String + - name: 'negate' + type: Boolean + description: | + Whether to negate the Condition. If true, the Condition becomes + a NAND over its non-empty fields, each field must be false for + the Condition overall to be satisfied. Defaults to false. + - name: 'devicePolicy' + type: NestedObject + description: | + Device specific restrictions, all restrictions must hold for + the Condition to be true. If not specified, all devices are + allowed. + properties: + - name: 'requireScreenLock' + type: Boolean + description: | + Whether or not screenlock is required for the DevicePolicy + to be true. Defaults to false. + api_name: requireScreenlock + - name: 'allowedEncryptionStatuses' + type: Array + description: | + A list of allowed encryptions statuses. + An empty list allows all statuses. + item_type: + type: Enum + description: | + This field only has a name and description because of MM + limitations. It should not appear in downstreams. + enum_values: + - 'ENCRYPTION_UNSPECIFIED' + - 'ENCRYPTION_UNSUPPORTED' + - 'UNENCRYPTED' + - 'ENCRYPTED' + - name: 'allowedDeviceManagementLevels' + type: Array + description: | + A list of allowed device management levels. + An empty list allows all management levels. + item_type: + type: Enum + description: | + This field only has a name and description because of MM + limitations. It should not appear in downstreams. + enum_values: + - 'MANAGEMENT_UNSPECIFIED' + - 'NONE' + - 'BASIC' + - 'COMPLETE' + - name: 'osConstraints' + type: Array + description: | + A list of allowed OS versions. + An empty list allows all types and all versions. + item_type: + type: NestedObject + properties: + - name: 'minimumVersion' + type: String + description: | + The minimum allowed OS version. If not set, any version + of this OS satisfies the constraint. + Format: "major.minor.patch" such as "10.5.301", "9.2.1". + - name: 'osType' + type: Enum + description: | + The operating system type of the device. + required: true + enum_values: + - 'OS_UNSPECIFIED' + - 'DESKTOP_MAC' + - 'DESKTOP_WINDOWS' + - 'DESKTOP_LINUX' + - 'DESKTOP_CHROME_OS' + - 'ANDROID' + - 'IOS' + - name: 'requireAdminApproval' + type: Boolean + description: | + Whether the device needs to be approved by the customer admin. + - name: 'requireCorpOwned' + type: Boolean + description: | + Whether the device needs to be corp owned. + - name: 'regions' + type: Array + description: | + The request must originate from one of the provided + countries/regions. + Format: A valid ISO 3166-1 alpha-2 code. + item_type: + type: String + - name: 'vpcNetworkSources' + type: Array + description: 'The request must originate from one of the provided VPC networks in Google Cloud. Cannot specify this field together with `ip_subnetworks`.' + item_type: + type: NestedObject + properties: + - name: 'vpcSubnetwork' + type: NestedObject + description: 'Sub networks within a VPC network.' + properties: + - name: 'network' + type: String + description: 'Required. Network name to be allowed by this Access Level. Networks of foreign organizations requires `compute.network.get` permission to be granted to caller.' + required: true + - name: 'vpcIpSubnetworks' + type: Array + description: 'CIDR block IP subnetwork specification. Must be IPv4.' + item_type: + type: String diff --git a/mmv1/products/accesscontextmanager/go_AccessLevels.yaml b/mmv1/products/accesscontextmanager/go_AccessLevels.yaml new file mode 100644 index 000000000000..57c3340d7697 --- /dev/null +++ b/mmv1/products/accesscontextmanager/go_AccessLevels.yaml @@ -0,0 +1,322 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +# This is the plural of `AccessLevel`, any changes here should be made to `AccessLevel` as well +name: 'AccessLevels' +description: | + Replace all existing Access Levels in an Access Policy with the Access Levels provided. This is done atomically. + This is a bulk edit of all Access Levels and may override existing Access Levels created by `google_access_context_manager_access_level`, + thus causing a permadiff if used alongside `google_access_context_manager_access_level` on the same parent. +references: + guides: + 'Access Policy Quickstart': 'https://cloud.google.com/access-context-manager/docs/quickstart' + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.accessLevels' +docs: + warning: | + This resource is authoritative over the access levels under an access policy. Due to a limitation in Terraform, + it will overwrite all preexisting access levels during a create opration without displaying the old values on + the left side of plan. To prevent this, we recommend importing the resource before applying it if overwriting + preexisting rules, as the plan will correctly display the complete changes to your access policy if the + resource is present in state. +id_format: '{{parent}}/accessLevels' +base_url: '{{parent}}/accessLevels:replaceAll' +self_link: '{{parent}}/accessLevels' +update_url: '{{parent}}/accessLevels:replaceAll' +update_verb: 'POST' +import_format: + - '{{parent}}/accessLevels' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: + custom_delete: 'templates/terraform/custom_delete/go/replace_all_access_levels_empty_list.go.tmpl' + custom_import: 'templates/terraform/custom_import/go/set_access_policy_parent_from_access_policy.go.tmpl' +# Skipping the sweeper due to the non-standard base_url +exclude_sweeper: true +examples: + - name: 'access_context_manager_access_levels_basic' + primary_resource_id: 'access-levels' + vars: + access_level_name1: 'chromeos_no_lock' + access_level_name2: 'mac_no_lock' + exclude_test: true +parameters: + # Parent is a path parameter that _cannot_ be read or sent in the request at all. + # This must be done at the provider level. + - name: 'parent' + type: String + description: | + The AccessPolicy this AccessLevel lives in. + Format: accessPolicies/{policy_id} + url_param_only: true + required: true + immutable: true + ignore_read: true +properties: + - name: 'accessLevels' + type: Array + description: | + The desired Access Levels that should replace all existing Access Levels in the Access Policy. + is_set: true + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + Resource name for the Access Level. The short_name component must begin + with a letter and only include alphanumeric and '_'. + Format: accessPolicies/{policy_id}/accessLevels/{short_name} + required: true + immutable: true + - name: 'title' + type: String + description: | + Human readable title. Must be unique within the Policy. + required: true + - name: 'description' + type: String + description: | + Description of the AccessLevel and its use. Does not affect behavior. + - name: 'basic' + type: NestedObject + description: | + A set of predefined conditions for the access level and a combining function. + # conflicts: + # - custom + properties: + - name: 'combiningFunction' + type: Enum + description: | + How the conditions list should be combined to determine if a request + is granted this AccessLevel. If AND is used, each Condition in + conditions must be satisfied for the AccessLevel to be applied. If + OR is used, at least one Condition in conditions must be satisfied + for the AccessLevel to be applied. + custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' + default_value: "AND" + enum_values: + - 'AND' + - 'OR' + # All of the false defaults below here are omitted on purpose. + # Let's keep this as simple as possible, since they will all be set by the API. + - name: 'conditions' + type: Array + description: | + A set of requirements for the AccessLevel to be granted. + required: true + item_type: + type: NestedObject + properties: + - name: 'ipSubnetworks' + type: Array + description: | + A list of CIDR block IP subnetwork specification. May be IPv4 + or IPv6. + Note that for a CIDR IP address block, the specified IP address + portion must be properly truncated (i.e. all the host bits must + be zero) or the input is considered malformed. For example, + "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly, + for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32" + is not. The originating IP of a request must be in one of the + listed subnets in order for this Condition to be true. + If empty, all IP addresses are allowed. + item_type: + type: String + - name: 'requiredAccessLevels' + type: Array + description: | + A list of other access levels defined in the same Policy, + referenced by resource name. Referencing an AccessLevel which + does not exist is an error. All access levels listed must be + granted for the Condition to be true. + Format: accessPolicies/{policy_id}/accessLevels/{short_name} + item_type: + type: String + - name: 'members' + type: Array + description: | + An allowed list of members (users, service accounts). + Using groups is not supported yet. + + The signed-in user originating the request must be a part of one + of the provided members. If not specified, a request may come + from any user (logged in/not logged in, not present in any + groups, etc.). + Formats: `user:{emailid}`, `serviceAccount:{emailid}` + item_type: + type: String + - name: 'negate' + type: Boolean + description: | + Whether to negate the Condition. If true, the Condition becomes + a NAND over its non-empty fields, each field must be false for + the Condition overall to be satisfied. Defaults to false. + - name: 'devicePolicy' + type: NestedObject + description: | + Device specific restrictions, all restrictions must hold for + the Condition to be true. If not specified, all devices are + allowed. + properties: + - name: 'requireScreenLock' + type: Boolean + description: | + Whether or not screenlock is required for the DevicePolicy + to be true. Defaults to false. + api_name: requireScreenlock + - name: 'allowedEncryptionStatuses' + type: Array + description: | + A list of allowed encryptions statuses. + An empty list allows all statuses. + item_type: + type: Enum + description: | + This field only has a name and description because of MM + limitations. It should not appear in downstreams. + enum_values: + - 'ENCRYPTION_UNSPECIFIED' + - 'ENCRYPTION_UNSUPPORTED' + - 'UNENCRYPTED' + - 'ENCRYPTED' + - name: 'allowedDeviceManagementLevels' + type: Array + description: | + A list of allowed device management levels. + An empty list allows all management levels. + item_type: + type: Enum + description: | + This field only has a name and description because of MM + limitations. It should not appear in downstreams. + enum_values: + - 'MANAGEMENT_UNSPECIFIED' + - 'NONE' + - 'BASIC' + - 'COMPLETE' + - name: 'osConstraints' + type: Array + description: | + A list of allowed OS versions. + An empty list allows all types and all versions. + item_type: + type: NestedObject + properties: + - name: 'minimumVersion' + type: String + description: | + The minimum allowed OS version. If not set, any version + of this OS satisfies the constraint. + Format: "major.minor.patch" such as "10.5.301", "9.2.1". + - name: 'osType' + type: Enum + description: | + The operating system type of the device. + required: true + enum_values: + - 'OS_UNSPECIFIED' + - 'DESKTOP_MAC' + - 'DESKTOP_WINDOWS' + - 'DESKTOP_LINUX' + - 'DESKTOP_CHROME_OS' + - 'ANDROID' + - 'IOS' + - name: 'requireAdminApproval' + type: Boolean + description: | + Whether the device needs to be approved by the customer admin. + - name: 'requireCorpOwned' + type: Boolean + description: | + Whether the device needs to be corp owned. + - name: 'regions' + type: Array + description: | + The request must originate from one of the provided + countries/regions. + Format: A valid ISO 3166-1 alpha-2 code. + item_type: + type: String + - name: 'vpcNetworkSources' + type: Array + description: 'The request must originate from one of the provided VPC networks in Google Cloud. Cannot specify this field together with `ip_subnetworks`.' + item_type: + type: NestedObject + properties: + - name: 'vpcSubnetwork' + type: NestedObject + description: 'Sub networks within a VPC network.' + properties: + - name: 'network' + type: String + description: 'Required. Network name to be allowed by this Access Level. Networks of foreign organizations requires `compute.network.get` permission to be granted to caller.' + required: true + - name: 'vpcIpSubnetworks' + type: Array + description: 'CIDR block IP subnetwork specification. Must be IPv4.' + item_type: + type: String + min_size: 1 + - name: 'custom' + type: NestedObject + description: | + Custom access level conditions are set using the Cloud Common Expression Language to represent the necessary conditions for the level to apply to a request. + See CEL spec at: https://github.com/google/cel-spec. + # conflicts: + # - basic + properties: + - name: 'expr' + type: NestedObject + description: | + Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. + This page details the objects and attributes that are used to the build the CEL expressions for + custom access levels - https://cloud.google.com/access-context-manager/docs/custom-access-level-spec. + required: true + properties: + - name: 'expression' + type: String + description: + Textual representation of an expression in Common Expression + Language syntax. + required: true + - name: 'title' + type: String + description: + Title for the expression, i.e. a short string describing its + purpose. + - name: 'description' + type: String + description: Description of the expression + - name: 'location' + type: String + description: + String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file diff --git a/mmv1/products/accesscontextmanager/go_AccessPolicy.yaml b/mmv1/products/accesscontextmanager/go_AccessPolicy.yaml new file mode 100644 index 000000000000..eea5576d488e --- /dev/null +++ b/mmv1/products/accesscontextmanager/go_AccessPolicy.yaml @@ -0,0 +1,120 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'AccessPolicy' +description: | + AccessPolicy is a container for AccessLevels (which define the necessary + attributes to use GCP services) and ServicePerimeters (which define + regions of services able to freely pass data within a perimeter). An + access policy is globally visible within an organization, and the + restrictions it specifies apply to all projects within an organization. +references: + guides: + 'Access Policy Quickstart': 'https://cloud.google.com/access-context-manager/docs/quickstart' + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies' +docs: + warning: | + If you are using User ADCs (Application Default Credentials) with this resource, + you must specify a `billing_project` and set `user_project_override` to true + in the provider configuration. Otherwise the ACM API will return a 403 error. + Your account must have the `serviceusage.services.use` permission on the + `billing_project` you defined. +id_format: '{{name}}' +base_url: 'accessPolicies' +self_link: 'accessPolicies/{{name}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +iam_policy: + method_name_separator: ':' + fetch_iam_policy_verb: 'POST' + allowed_iam_role: 'roles/accesscontextmanager.policyAdmin' + parent_resource_attribute: 'name' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + import_format: + - 'accessPolicies/{{name}}' + - '{{name}}' +custom_code: + post_create: 'templates/terraform/post_create/go/accesspolicy.tmpl' +# Skipping the sweeper due to the non-standard base_url +exclude_sweeper: true +examples: + - name: 'access_context_manager_access_policy_basic' + primary_resource_id: 'access-policy' + exclude_test: true + - name: 'access_context_manager_access_policy_scoped' + primary_resource_id: 'access-policy' + test_env_vars: + org_id: 'ORG_ID' + project: 'PROJECT_NAME' + exclude_test: true + exclude_import_test: true +parameters: + - name: 'parent' + type: String + description: | + The parent of this AccessPolicy in the Cloud Resource Hierarchy. + Format: 'organizations/{{organization_id}}' + required: true + immutable: true + - name: 'title' + type: String + description: | + Human readable title. Does not affect behavior. + required: true + - name: 'scopes' + type: Array + description: | + Folder or project on which this policy is applicable. + Format: 'folders/{{folder_id}}' or 'projects/{{project_number}}' + item_type: + type: String + max_size: 1 +properties: + - name: 'name' + type: String + description: | + Resource name of the AccessPolicy. Format: '{{policy_id}}' + output: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + - name: 'createTime' + type: Time + description: | + Time the AccessPolicy was created in UTC. + output: true + - name: 'updateTime' + type: Time + description: | + Time the AccessPolicy was updated in UTC. + output: true diff --git a/mmv1/products/accesscontextmanager/go_AuthorizedOrgsDesc.yaml b/mmv1/products/accesscontextmanager/go_AuthorizedOrgsDesc.yaml new file mode 100644 index 000000000000..2f8c75feaab0 --- /dev/null +++ b/mmv1/products/accesscontextmanager/go_AuthorizedOrgsDesc.yaml @@ -0,0 +1,147 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'AuthorizedOrgsDesc' +description: | + An authorized organizations description describes a list of organizations + (1) that have been authorized to use certain asset (for example, device) data + owned by different organizations at the enforcement points, or (2) with certain + asset (for example, device) have been authorized to access the resources in + another organization at the enforcement points. +references: + guides: + 'gcloud docs': 'https://cloud.google.com/beyondcorp-enterprise/docs/cross-org-authorization' + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.authorizedOrgsDescs' +docs: + warning: | + If you are using User ADCs (Application Default Credentials) with this resource, + you must specify a `billing_project` and set `user_project_override` to true + in the provider configuration. Otherwise the ACM API will return a 403 error. + Your account must have the `serviceusage.services.use` permission on the + `billing_project` you defined. +id_format: '{{name}}' +base_url: '' +self_link: '{{name}}' +create_url: '{{parent}}/authorizedOrgsDescs' +update_verb: 'PATCH' +import_format: + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: + encoder: 'templates/terraform/encoders/go/access_level_never_send_parent.go.tmpl' + post_create: 'templates/terraform/post_create/go/sleep_2_min.go.tmpl' + pre_update: 'templates/terraform/update_mask.go.tmpl' + custom_import: 'templates/terraform/custom_import/go/set_access_policy_parent_from_self_link.go.tmpl' +# Skipping the sweeper due to the non-standard base_url +exclude_sweeper: true +examples: + - name: 'access_context_manager_authorized_orgs_desc_basic' + primary_resource_id: 'authorized-orgs-desc' + exclude_test: true +parameters: + - name: 'parent' + type: String + description: | + Required. Resource name for the access policy which owns this `AuthorizedOrgsDesc`. + required: true + immutable: true + ignore_read: true + - name: 'name' + type: String + description: | + Resource name for the `AuthorizedOrgsDesc`. Format: + `accessPolicies/{access_policy}/authorizedOrgsDescs/{authorized_orgs_desc}`. + The `authorized_orgs_desc` component must begin with a letter, followed by + alphanumeric characters or `_`. + After you create an `AuthorizedOrgsDesc`, you cannot change its `name`. + required: true + immutable: true + - name: 'orgs' + type: Array + description: | + The list of organization ids in this AuthorizedOrgsDesc. + Format: `organizations/` + Example: `organizations/123456` + item_type: + type: String + - name: 'assetType' + type: Enum + description: | + The type of entities that need to use the authorization relationship during + evaluation, such as a device. Valid values are "ASSET_TYPE_DEVICE" and + "ASSET_TYPE_CREDENTIAL_STRENGTH". + immutable: true + enum_values: + - 'ASSET_TYPE_DEVICE' + - 'ASSET_TYPE_CREDENTIAL_STRENGTH' + - name: 'authorizationDirection' + type: Enum + description: | + The direction of the authorization relationship between this organization + and the organizations listed in the "orgs" field. The valid values for this + field include the following: + + AUTHORIZATION_DIRECTION_FROM: Allows this organization to evaluate traffic + in the organizations listed in the `orgs` field. + + AUTHORIZATION_DIRECTION_TO: Allows the organizations listed in the `orgs` + field to evaluate the traffic in this organization. + + For the authorization relationship to take effect, all of the organizations + must authorize and specify the appropriate relationship direction. For + example, if organization A authorized organization B and C to evaluate its + traffic, by specifying "AUTHORIZATION_DIRECTION_TO" as the authorization + direction, organizations B and C must specify + "AUTHORIZATION_DIRECTION_FROM" as the authorization direction in their + "AuthorizedOrgsDesc" resource. + immutable: true + enum_values: + - 'AUTHORIZATION_DIRECTION_TO' + - 'AUTHORIZATION_DIRECTION_FROM' + - name: 'authorizationType' + type: Enum + description: | + A granular control type for authorization levels. Valid value is "AUTHORIZATION_TYPE_TRUST". + immutable: true + enum_values: + - 'AUTHORIZATION_TYPE_TRUST' +properties: + - name: 'createTime' + type: Time + description: | + Time the AuthorizedOrgsDesc was created in UTC. + output: true + - name: 'updateTime' + type: Time + description: | + Time the AuthorizedOrgsDesc was updated in UTC. + output: true diff --git a/mmv1/products/accesscontextmanager/go_EgressPolicy.yaml b/mmv1/products/accesscontextmanager/go_EgressPolicy.yaml new file mode 100644 index 000000000000..4894e4367b37 --- /dev/null +++ b/mmv1/products/accesscontextmanager/go_EgressPolicy.yaml @@ -0,0 +1,80 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'EgressPolicy' +description: | + This resource has been deprecated, please refer to ServicePerimeterEgressPolicy. +references: + guides: + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#egresspolicy' +docs: +id_format: '{{egress_policy_name}}/{{resource}}' +base_url: '' +self_link: '{{egress_policy_name}}' +create_url: '{{egress_policy_name}}' +create_verb: 'PATCH' +update_mask: true +delete_verb: 'PATCH' +immutable: true +import_format: + - '{{egress_policy_name}}/{{resource}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +identity: + - resource +nested_query: + keys: + - status + - resources + is_list_of_ids: true + modify_by_patch: true +custom_code: + custom_import: 'templates/terraform/custom_import/go/access_context_manager_service_perimeter_egress_policy.go.tmpl' +exclude_tgc: true +# Skipping the sweeper due to the non-standard base_url and because this is fine-grained under ServicePerimeter/IngressPolicy +exclude_sweeper: true +parameters: + - name: 'egressPolicyName' + type: ResourceRef + description: | + The name of the Service Perimeter to add this resource to. + url_param_only: true + required: true + immutable: true + resource: 'ServicePerimeter' + imports: 'name' +properties: + - name: 'resource' + type: String + description: | + A GCP resource that is inside of the service perimeter. + required: true + immutable: true diff --git a/mmv1/products/accesscontextmanager/go_GcpUserAccessBinding.yaml b/mmv1/products/accesscontextmanager/go_GcpUserAccessBinding.yaml new file mode 100644 index 000000000000..7bf14c1faa7a --- /dev/null +++ b/mmv1/products/accesscontextmanager/go_GcpUserAccessBinding.yaml @@ -0,0 +1,94 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'GcpUserAccessBinding' +description: | + Restricts access to Cloud Console and Google Cloud APIs for a set of users using Context-Aware Access. +references: + guides: + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/organizations.gcpUserAccessBindings' +docs: +id_format: '{{name}}' +base_url: 'organizations/{{organization_id}}/gcpUserAccessBindings' +self_link: '{{name}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: + custom_import: 'templates/terraform/custom_import/go/set_id_name_with_slashes.go.tmpl' +exclude_tgc: true +examples: + - name: 'access_context_manager_gcp_user_access_binding_basic' + primary_resource_id: 'gcp_user_access_binding' + vars: + group_id: 'my-identity-group' + access_level_id: 'access_level_id_for_user_access_binding' + access_level_name: 'chromeos_no_lock' + test_env_vars: + org_id: 'ORG_ID' + org_domain: 'ORG_DOMAIN' + cust_id: 'CUST_ID' + # Has a handwritten test due to AccessPolicy-related tests needing to run synchronously + exclude_test: true +parameters: + # Parent is a path parameter that _cannot_ be read or sent in the request at all. + # This must be done at the provider level. + - name: 'organizationId' + type: String + description: | + Required. ID of the parent organization. + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: | + Immutable. Assigned by the server during creation. The last segment has an arbitrary length and has only URI unreserved characters (as defined by RFC 3986 Section 2.3). Should not be specified by the client during creation. Example: "organizations/256/gcpUserAccessBindings/b3-BhcX_Ud5N" + output: true + - name: 'groupKey' + type: String + description: | + Required. Immutable. Google Group id whose members are subject to this binding's restrictions. See "id" in the G Suite Directory API's Groups resource. If a group's email address/alias is changed, this resource will continue to point at the changed group. This field does not accept group email addresses or aliases. Example: "01d520gv4vjcrht" + required: true + immutable: true + - name: 'accessLevels' + type: Array + description: | + Required. Access level that a user must have to be granted access. Only one access level is supported, not multiple. This repeated field must have exactly one element. Example: "accessPolicies/9522/accessLevels/device_trusted" + required: true + item_type: + type: String + min_size: 1 + max_size: 1 diff --git a/mmv1/products/accesscontextmanager/go_IngressPolicy.yaml b/mmv1/products/accesscontextmanager/go_IngressPolicy.yaml new file mode 100644 index 000000000000..660b3ce850f2 --- /dev/null +++ b/mmv1/products/accesscontextmanager/go_IngressPolicy.yaml @@ -0,0 +1,80 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'IngressPolicy' +description: | + This resource has been deprecated, please refer to ServicePerimeterIngressPolicy. +references: + guides: + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#ingresspolicy' +docs: +id_format: '{{ingress_policy_name}}/{{resource}}' +base_url: '' +self_link: '{{ingress_policy_name}}' +create_url: '{{ingress_policy_name}}' +create_verb: 'PATCH' +update_mask: true +delete_verb: 'PATCH' +immutable: true +import_format: + - '{{ingress_policy_name}}/{{resource}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +identity: + - resource +nested_query: + keys: + - status + - resources + is_list_of_ids: true + modify_by_patch: true +custom_code: + custom_import: 'templates/terraform/custom_import/go/access_context_manager_service_perimeter_ingress_policy.go.tmpl' +exclude_tgc: true +# Skipping the sweeper due to the non-standard base_url and because this is fine-grained under ServicePerimeter/IngressPolicy +exclude_sweeper: true +parameters: + - name: 'ingressPolicyName' + type: ResourceRef + description: | + The name of the Service Perimeter to add this resource to. + url_param_only: true + required: true + immutable: true + resource: 'ServicePerimeter' + imports: 'name' +properties: + - name: 'resource' + type: String + description: | + A GCP resource that is inside of the service perimeter. + required: true + immutable: true diff --git a/mmv1/products/accesscontextmanager/go_ServicePerimeter.yaml b/mmv1/products/accesscontextmanager/go_ServicePerimeter.yaml new file mode 100644 index 000000000000..abc47eb3911a --- /dev/null +++ b/mmv1/products/accesscontextmanager/go_ServicePerimeter.yaml @@ -0,0 +1,781 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +# This is the singular of `ServicePerimeters`, any changes here should be made to `ServicePerimeters` as well +name: 'ServicePerimeter' +description: | + ServicePerimeter describes a set of GCP resources which can freely import + and export data amongst themselves, but not export outside of the + ServicePerimeter. If a request with a source within this ServicePerimeter + has a target outside of the ServicePerimeter, the request will be blocked. + Otherwise the request is allowed. There are two types of Service Perimeter + - Regular and Bridge. Regular Service Perimeters cannot overlap, a single + GCP project can only belong to a single regular Service Perimeter. Service + Perimeter Bridges can contain only GCP projects as members, a single GCP + project may belong to multiple Service Perimeter Bridges. +references: + guides: + 'Service Perimeter Quickstart': 'https://cloud.google.com/vpc-service-controls/docs/quickstart' + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters' +docs: + warning: | + If you are using User ADCs (Application Default Credentials) with this resource, + you must specify a `billing_project` and set `user_project_override` to true + in the provider configuration. Otherwise the ACM API will return a 403 error. + Your account must have the `serviceusage.services.use` permission on the + `billing_project` you defined. +id_format: '{{name}}' +base_url: '' +self_link: '{{name}}' +# This is an unusual API, so we need to use a few fields to map the methods +# to the right URL. +# create_url is the Create URL +# base_url is the Get and Delete and Patch URL. It is empty on purpose. +# List won't work yet. It should share a URL with Create. +create_url: '{{parent}}/servicePerimeters' +update_verb: 'PATCH' +update_mask: true +mutex: '{{name}}' +import_format: + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: + encoder: 'templates/terraform/encoders/go/access_level_never_send_parent.go.tmpl' + custom_import: 'templates/terraform/custom_import/go/set_access_policy_parent_from_self_link.go.tmpl' +# Skipping the sweeper due to the non-standard base_url +exclude_sweeper: true +examples: + - name: 'access_context_manager_service_perimeter_basic' + primary_resource_id: 'service-perimeter' + vars: + access_level_name: 'chromeos_no_lock' + service_perimeter_name: 'restrict_storage' + exclude_test: true + - name: 'access_context_manager_service_perimeter_secure_data_exchange' + primary_resource_id: 'secure-data-exchange' + vars: + access_level_name: 'secure_data_exchange' + exclude_test: true + - name: 'access_context_manager_service_perimeter_dry-run' + primary_resource_id: 'service-perimeter' + vars: + service_perimeter_name: 'restrict_bigquery_dryrun_storage' + exclude_test: true +parameters: + # Parent is a path parameter that _cannot_ be read or sent in the request at all. + # This must be done at the provider level. + - name: 'parent' + type: String + description: | + The AccessPolicy this ServicePerimeter lives in. + Format: accessPolicies/{policy_id} + required: true + immutable: true + ignore_read: true + - name: 'name' + type: String + description: | + Resource name for the ServicePerimeter. The short_name component must + begin with a letter and only include alphanumeric and '_'. + Format: accessPolicies/{policy_id}/servicePerimeters/{short_name} + required: true + immutable: true +properties: + - name: 'title' + type: String + description: | + Human readable title. Must be unique within the Policy. + required: true + - name: 'description' + type: String + description: | + Description of the ServicePerimeter and its use. Does not affect + behavior. + - name: 'createTime' + type: Time + description: | + Time the AccessPolicy was created in UTC. + output: true + - name: 'updateTime' + type: Time + description: | + Time the AccessPolicy was updated in UTC. + output: true + - name: 'perimeterType' + type: Enum + description: | + Specifies the type of the Perimeter. There are two types: regular and + bridge. Regular Service Perimeter contains resources, access levels, + and restricted services. Every resource can be in at most + ONE regular Service Perimeter. + + In addition to being in a regular service perimeter, a resource can also + be in zero or more perimeter bridges. A perimeter bridge only contains + resources. Cross project operations are permitted if all effected + resources share some perimeter (whether bridge or regular). Perimeter + Bridge does not contain access levels or services: those are governed + entirely by the regular perimeter that resource is in. + + Perimeter Bridges are typically useful when building more complex + topologies with many independent perimeters that need to share some data + with a common perimeter, but should not be able to share data among + themselves. + immutable: true + custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' + default_value: "PERIMETER_TYPE_REGULAR" + enum_values: + - 'PERIMETER_TYPE_REGULAR' + - 'PERIMETER_TYPE_BRIDGE' + - name: 'status' + type: NestedObject + description: | + ServicePerimeter configuration. Specifies sets of resources, + restricted services and access levels that determine + perimeter content and boundaries. + properties: + - name: 'resources' + type: Array + description: | + A list of GCP resources that are inside of the service perimeter. + Currently only projects are allowed. + Format: projects/{project_number} + is_set: true + at_least_one_of: + - 'status.0.resources' + - 'status.0.access_levels' + - 'status.0.restricted_services' + item_type: + type: String + - name: 'accessLevels' + type: Array + description: | + A list of AccessLevel resource names that allow resources within + the ServicePerimeter to be accessed from the internet. + AccessLevels listed must be in the same policy as this + ServicePerimeter. Referencing a nonexistent AccessLevel is a + syntax error. If no AccessLevel names are listed, resources within + the perimeter can only be accessed via GCP calls with request + origins within the perimeter. For Service Perimeter Bridge, must + be empty. + + Format: accessPolicies/{policy_id}/accessLevels/{access_level_name} + is_set: true + at_least_one_of: + - 'status.0.resources' + - 'status.0.access_levels' + - 'status.0.restricted_services' + item_type: + type: String + - name: 'restrictedServices' + type: Array + description: | + GCP services that are subject to the Service Perimeter + restrictions. Must contain a list of services. For example, if + `storage.googleapis.com` is specified, access to the storage + buckets inside the perimeter must meet the perimeter's access + restrictions. + is_set: true + at_least_one_of: + - 'status.0.resources' + - 'status.0.access_levels' + - 'status.0.restricted_services' + item_type: + type: String + - name: 'vpcAccessibleServices' + type: NestedObject + description: | + Specifies how APIs are allowed to communicate within the Service + Perimeter. + properties: + - name: 'enableRestriction' + type: Boolean + description: | + Whether to restrict API calls within the Service Perimeter to the + list of APIs specified in 'allowedServices'. + - name: 'allowedServices' + type: Array + description: | + The list of APIs usable within the Service Perimeter. + Must be empty unless `enableRestriction` is True. + is_set: true + item_type: + type: String + - name: 'ingressPolicies' + type: Array + description: | + List of `IngressPolicies` to apply to the perimeter. A perimeter may + have multiple `IngressPolicies`, each of which is evaluated + separately. Access is granted if any `Ingress Policy` grants it. + Must be empty for a perimeter bridge. + item_type: + type: NestedObject + properties: + - name: 'ingressFrom' + type: NestedObject + description: | + Defines the conditions on the source of a request causing this `IngressPolicy` + to apply. + properties: + - name: 'identityType' + type: Enum + description: | + Specifies the type of identities that are allowed access from outside the + perimeter. If left unspecified, then members of `identities` field will be + allowed access. + enum_values: + - 'IDENTITY_TYPE_UNSPECIFIED' + - 'ANY_IDENTITY' + - 'ANY_USER_ACCOUNT' + - 'ANY_SERVICE_ACCOUNT' + - name: 'identities' + type: Array + description: | + A list of identities that are allowed access through this ingress policy. + Should be in the format of email address. The email address should represent + individual user or service account only. + is_set: true + item_type: + type: String + - name: 'sources' + type: Array + description: | + Sources that this `IngressPolicy` authorizes access from. + item_type: + type: NestedObject + properties: + - name: 'accessLevel' + type: String + description: | + An `AccessLevel` resource name that allow resources within the + `ServicePerimeters` to be accessed from the internet. `AccessLevels` listed + must be in the same policy as this `ServicePerimeter`. Referencing a nonexistent + `AccessLevel` will cause an error. If no `AccessLevel` names are listed, + resources within the perimeter can only be accessed via Google Cloud calls + with request origins within the perimeter. + Example `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL.` + If * is specified, then all IngressSources will be allowed. + - name: 'resource' + type: String + description: | + A Google Cloud resource that is allowed to ingress the perimeter. + Requests from these resources will be allowed to access perimeter data. + Currently only projects and VPCs are allowed. + Project format: `projects/{projectNumber}` + VPC network format: + `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}`. + The project may be in any Google Cloud organization, not just the + organization that the perimeter is defined in. `*` is not allowed, the case + of allowing all Google Cloud resources only is not supported. + - name: 'ingressTo' + type: NestedObject + description: | + Defines the conditions on the `ApiOperation` and request destination that cause + this `IngressPolicy` to apply. + properties: + - name: 'resources' + type: Array + description: | + A list of resources, currently only projects in the form + `projects/`, protected by this `ServicePerimeter` + that are allowed to be accessed by sources defined in the + corresponding `IngressFrom`. A request matches if it contains + a resource in this list. If `*` is specified for resources, + then this `IngressTo` rule will authorize access to all + resources inside the perimeter, provided that the request + also matches the `operations` field. + is_set: true + item_type: + type: String + - name: 'operations' + type: Array + description: | + A list of `ApiOperations` the sources specified in corresponding `IngressFrom` + are allowed to perform in this `ServicePerimeter`. + item_type: + type: NestedObject + properties: + - name: 'serviceName' + type: String + description: | + The name of the API whose methods or permissions the `IngressPolicy` or + `EgressPolicy` want to allow. A single `ApiOperation` with `serviceName` + field set to `*` will allow all methods AND permissions for all services. + - name: 'methodSelectors' + type: Array + description: | + API methods or permissions to allow. Method or permission must belong to + the service specified by serviceName field. A single `MethodSelector` entry + with `*` specified for the method field will allow all methods AND + permissions for the service specified in `serviceName`. + item_type: + type: NestedObject + properties: + - name: 'method' + type: String + description: | + Value for method should be a valid method name for the corresponding + serviceName in `ApiOperation`. If `*` used as value for `method`, then + ALL methods and permissions are allowed. + - name: 'permission' + type: String + description: | + Value for permission should be a valid Cloud IAM permission for the + corresponding `serviceName` in `ApiOperation`. + - name: 'egressPolicies' + type: Array + description: | + List of EgressPolicies to apply to the perimeter. A perimeter may + have multiple EgressPolicies, each of which is evaluated separately. + Access is granted if any EgressPolicy grants it. Must be empty for + a perimeter bridge. + item_type: + type: NestedObject + properties: + - name: 'egressFrom' + type: NestedObject + description: | + Defines conditions on the source of a request causing this `EgressPolicy` to apply. + properties: + - name: 'identityType' + type: Enum + description: | + Specifies the type of identities that are allowed access to outside the + perimeter. If left unspecified, then members of `identities` field will + be allowed access. + enum_values: + - 'IDENTITY_TYPE_UNSPECIFIED' + - 'ANY_IDENTITY' + - 'ANY_USER_ACCOUNT' + - 'ANY_SERVICE_ACCOUNT' + - name: 'sources' + type: Array + description: 'Sources that this EgressPolicy authorizes access from.' + item_type: + type: NestedObject + properties: + - name: 'accessLevel' + type: String + description: 'An AccessLevel resource name that allows resources outside the ServicePerimeter to be accessed from the inside.' + - name: 'sourceRestriction' + type: Enum + description: 'Whether to enforce traffic restrictions based on `sources` field. If the `sources` field is non-empty, then this field must be set to `SOURCE_RESTRICTION_ENABLED`.' + enum_values: + - 'SOURCE_RESTRICTION_UNSPECIFIED' + - 'SOURCE_RESTRICTION_ENABLED' + - 'SOURCE_RESTRICTION_DISABLED' + - name: 'identities' + type: Array + description: | + A list of identities that are allowed access through this `EgressPolicy`. + Should be in the format of email address. The email address should + represent individual user or service account only. + is_set: true + item_type: + type: String + - name: 'egressTo' + type: NestedObject + description: | + Defines the conditions on the `ApiOperation` and destination resources that + cause this `EgressPolicy` to apply. + properties: + - name: 'resources' + type: Array + description: | + A list of resources, currently only projects in the form + `projects/`, that match this to stanza. A request matches + if it contains a resource in this list. If * is specified for resources, + then this `EgressTo` rule will authorize access to all resources outside + the perimeter. + is_set: true + item_type: + type: String + - name: 'externalResources' + type: Array + description: | + A list of external resources that are allowed to be accessed. A request + matches if it contains an external resource in this list (Example: + s3://bucket/path). Currently '*' is not allowed. + is_set: true + item_type: + type: String + - name: 'operations' + type: Array + description: | + A list of `ApiOperations` that this egress rule applies to. A request matches + if it contains an operation/service in this list. + item_type: + type: NestedObject + properties: + - name: 'serviceName' + type: String + description: | + The name of the API whose methods or permissions the `IngressPolicy` or + `EgressPolicy` want to allow. A single `ApiOperation` with serviceName + field set to `*` will allow all methods AND permissions for all services. + - name: 'methodSelectors' + type: Array + description: | + API methods or permissions to allow. Method or permission must belong + to the service specified by `serviceName` field. A single MethodSelector + entry with `*` specified for the `method` field will allow all methods + AND permissions for the service specified in `serviceName`. + item_type: + type: NestedObject + properties: + - name: 'method' + type: String + description: | + Value for `method` should be a valid method name for the corresponding + `serviceName` in `ApiOperation`. If `*` used as value for method, + then ALL methods and permissions are allowed. + - name: 'permission' + type: String + description: | + Value for permission should be a valid Cloud IAM permission for the + corresponding `serviceName` in `ApiOperation`. + - name: 'spec' + type: NestedObject + description: | + Proposed (or dry run) ServicePerimeter configuration. + This configuration allows to specify and test ServicePerimeter configuration + without enforcing actual access restrictions. Only allowed to be set when + the `useExplicitDryRunSpec` flag is set. + properties: + - name: 'resources' + type: Array + description: | + A list of GCP resources that are inside of the service perimeter. + Currently only projects are allowed. + Format: projects/{project_number} + is_set: true + at_least_one_of: + - 'spec.0.resources' + - 'spec.0.access_levels' + - 'spec.0.restricted_services' + item_type: + type: String + - name: 'accessLevels' + type: Array + description: | + A list of AccessLevel resource names that allow resources within + the ServicePerimeter to be accessed from the internet. + AccessLevels listed must be in the same policy as this + ServicePerimeter. Referencing a nonexistent AccessLevel is a + syntax error. If no AccessLevel names are listed, resources within + the perimeter can only be accessed via GCP calls with request + origins within the perimeter. For Service Perimeter Bridge, must + be empty. + + Format: accessPolicies/{policy_id}/accessLevels/{access_level_name} + is_set: true + at_least_one_of: + - 'spec.0.resources' + - 'spec.0.access_levels' + - 'spec.0.restricted_services' + item_type: + type: String + - name: 'restrictedServices' + type: Array + description: | + GCP services that are subject to the Service Perimeter + restrictions. Must contain a list of services. For example, if + `storage.googleapis.com` is specified, access to the storage + buckets inside the perimeter must meet the perimeter's access + restrictions. + is_set: true + at_least_one_of: + - 'spec.0.resources' + - 'spec.0.access_levels' + - 'spec.0.restricted_services' + item_type: + type: String + - name: 'vpcAccessibleServices' + type: NestedObject + description: | + Specifies how APIs are allowed to communicate within the Service + Perimeter. + properties: + - name: 'enableRestriction' + type: Boolean + description: | + Whether to restrict API calls within the Service Perimeter to the + list of APIs specified in 'allowedServices'. + - name: 'allowedServices' + type: Array + description: | + The list of APIs usable within the Service Perimeter. + Must be empty unless `enableRestriction` is True. + is_set: true + item_type: + type: String + - name: 'ingressPolicies' + type: Array + description: | + List of `IngressPolicies` to apply to the perimeter. A perimeter may + have multiple `IngressPolicies`, each of which is evaluated + separately. Access is granted if any `Ingress Policy` grants it. + Must be empty for a perimeter bridge. + item_type: + type: NestedObject + properties: + - name: 'ingressFrom' + type: NestedObject + description: | + Defines the conditions on the source of a request causing this `IngressPolicy` + to apply. + properties: + - name: 'identityType' + type: Enum + description: | + Specifies the type of identities that are allowed access from outside the + perimeter. If left unspecified, then members of `identities` field will be + allowed access. + enum_values: + - 'IDENTITY_TYPE_UNSPECIFIED' + - 'ANY_IDENTITY' + - 'ANY_USER_ACCOUNT' + - 'ANY_SERVICE_ACCOUNT' + - name: 'identities' + type: Array + description: | + A list of identities that are allowed access through this ingress policy. + Should be in the format of email address. The email address should represent + individual user or service account only. + is_set: true + item_type: + type: String + - name: 'sources' + type: Array + description: | + Sources that this `IngressPolicy` authorizes access from. + item_type: + type: NestedObject + properties: + - name: 'accessLevel' + type: String + description: | + An `AccessLevel` resource name that allow resources within the + `ServicePerimeters` to be accessed from the internet. `AccessLevels` listed + must be in the same policy as this `ServicePerimeter`. Referencing a nonexistent + `AccessLevel` will cause an error. If no `AccessLevel` names are listed, + resources within the perimeter can only be accessed via Google Cloud calls + with request origins within the perimeter. + Example `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL.` + If * is specified, then all IngressSources will be allowed. + - name: 'resource' + type: String + description: | + A Google Cloud resource that is allowed to ingress the perimeter. + Requests from these resources will be allowed to access perimeter data. + Currently only projects are allowed. Format `projects/{project_number}` + The project may be in any Google Cloud organization, not just the + organization that the perimeter is defined in. `*` is not allowed, the case + of allowing all Google Cloud resources only is not supported. + - name: 'ingressTo' + type: NestedObject + description: | + Defines the conditions on the `ApiOperation` and request destination that cause + this `IngressPolicy` to apply. + properties: + - name: 'resources' + type: Array + description: | + A list of resources, currently only projects in the form + `projects/`, protected by this `ServicePerimeter` + that are allowed to be accessed by sources defined in the + corresponding `IngressFrom`. A request matches if it contains + a resource in this list. If `*` is specified for resources, + then this `IngressTo` rule will authorize access to all + resources inside the perimeter, provided that the request + also matches the `operations` field. + is_set: true + item_type: + type: String + - name: 'operations' + type: Array + description: | + A list of `ApiOperations` the sources specified in corresponding `IngressFrom` + are allowed to perform in this `ServicePerimeter`. + item_type: + type: NestedObject + properties: + - name: 'serviceName' + type: String + description: | + The name of the API whose methods or permissions the `IngressPolicy` or + `EgressPolicy` want to allow. A single `ApiOperation` with `serviceName` + field set to `*` will allow all methods AND permissions for all services. + - name: 'methodSelectors' + type: Array + description: | + API methods or permissions to allow. Method or permission must belong to + the service specified by serviceName field. A single `MethodSelector` entry + with `*` specified for the method field will allow all methods AND + permissions for the service specified in `serviceName`. + item_type: + type: NestedObject + properties: + - name: 'method' + type: String + description: | + Value for method should be a valid method name for the corresponding + serviceName in `ApiOperation`. If `*` used as value for `method`, then + ALL methods and permissions are allowed. + - name: 'permission' + type: String + description: | + Value for permission should be a valid Cloud IAM permission for the + corresponding `serviceName` in `ApiOperation`. + - name: 'egressPolicies' + type: Array + description: | + List of EgressPolicies to apply to the perimeter. A perimeter may + have multiple EgressPolicies, each of which is evaluated separately. + Access is granted if any EgressPolicy grants it. Must be empty for + a perimeter bridge. + item_type: + type: NestedObject + properties: + - name: 'egressFrom' + type: NestedObject + description: | + Defines conditions on the source of a request causing this `EgressPolicy` to apply. + properties: + - name: 'identityType' + type: Enum + description: | + Specifies the type of identities that are allowed access to outside the + perimeter. If left unspecified, then members of `identities` field will + be allowed access. + enum_values: + - 'IDENTITY_TYPE_UNSPECIFIED' + - 'ANY_IDENTITY' + - 'ANY_USER_ACCOUNT' + - 'ANY_SERVICE_ACCOUNT' + - name: 'sources' + type: Array + description: 'Sources that this EgressPolicy authorizes access from.' + item_type: + type: NestedObject + properties: + - name: 'accessLevel' + type: String + description: 'An AccessLevel resource name that allows resources outside the ServicePerimeter to be accessed from the inside.' + - name: 'sourceRestriction' + type: Enum + description: 'Whether to enforce traffic restrictions based on `sources` field. If the `sources` field is non-empty, then this field must be set to `SOURCE_RESTRICTION_ENABLED`.' + enum_values: + - 'SOURCE_RESTRICTION_UNSPECIFIED' + - 'SOURCE_RESTRICTION_ENABLED' + - 'SOURCE_RESTRICTION_DISABLED' + - name: 'identities' + type: Array + description: | + A list of identities that are allowed access through this `EgressPolicy`. + Should be in the format of email address. The email address should + represent individual user or service account only. + is_set: true + item_type: + type: String + - name: 'egressTo' + type: NestedObject + description: | + Defines the conditions on the `ApiOperation` and destination resources that + cause this `EgressPolicy` to apply. + properties: + - name: 'resources' + type: Array + description: | + A list of resources, currently only projects in the form + `projects/`, that match this to stanza. A request matches + if it contains a resource in this list. If * is specified for resources, + then this `EgressTo` rule will authorize access to all resources outside + the perimeter. + is_set: true + item_type: + type: String + - name: 'externalResources' + type: Array + description: | + A list of external resources that are allowed to be accessed. A request + matches if it contains an external resource in this list (Example: + s3://bucket/path). Currently '*' is not allowed. + is_set: true + item_type: + type: String + - name: 'operations' + type: Array + description: | + A list of `ApiOperations` that this egress rule applies to. A request matches + if it contains an operation/service in this list. + item_type: + type: NestedObject + properties: + - name: 'serviceName' + type: String + description: | + The name of the API whose methods or permissions the `IngressPolicy` or + `EgressPolicy` want to allow. A single `ApiOperation` with serviceName + field set to `*` will allow all methods AND permissions for all services. + - name: 'methodSelectors' + type: Array + description: | + API methods or permissions to allow. Method or permission must belong + to the service specified by `serviceName` field. A single MethodSelector + entry with `*` specified for the `method` field will allow all methods + AND permissions for the service specified in `serviceName`. + item_type: + type: NestedObject + properties: + - name: 'method' + type: String + description: | + Value for `method` should be a valid method name for the corresponding + `serviceName` in `ApiOperation`. If `*` used as value for method, + then ALL methods and permissions are allowed. + - name: 'permission' + type: String + description: | + Value for permission should be a valid Cloud IAM permission for the + corresponding `serviceName` in `ApiOperation`. + - name: 'useExplicitDryRunSpec' + type: Boolean + description: | + Use explicit dry run spec flag. Ordinarily, a dry-run spec implicitly exists + for all Service Perimeters, and that spec is identical to the status for those + Service Perimeters. When this flag is set, it inhibits the generation of the + implicit spec, thereby allowing the user to explicitly provide a + configuration ("spec") to use in a dry-run version of the Service Perimeter. + This allows the user to test changes to the enforced config ("status") without + actually enforcing them. This testing is done through analyzing the differences + between currently enforced and suggested restrictions. useExplicitDryRunSpec must + bet set to True if any of the fields in the spec are set to non-default values. diff --git a/mmv1/products/accesscontextmanager/go_ServicePerimeterDryRunEgressPolicy.yaml b/mmv1/products/accesscontextmanager/go_ServicePerimeterDryRunEgressPolicy.yaml new file mode 100644 index 000000000000..1dea303179ef --- /dev/null +++ b/mmv1/products/accesscontextmanager/go_ServicePerimeterDryRunEgressPolicy.yaml @@ -0,0 +1,190 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'ServicePerimeterDryRunEgressPolicy' +description: | + Manage a single EgressPolicy in the spec (dry-run) configuration for a service perimeter. + EgressPolicies match requests based on egressFrom and egressTo stanzas. + For an EgressPolicy to match, both egressFrom and egressTo stanzas must be matched. + If an EgressPolicy matches a request, the request is allowed to span the ServicePerimeter + boundary. For example, an EgressPolicy can be used to allow VMs on networks + within the ServicePerimeter to access a defined set of projects outside the + perimeter in certain contexts (e.g. to read data from a Cloud Storage bucket + or query against a BigQuery dataset). + + ~> **Note:** By default, updates to this resource will remove the EgressPolicy from the + from the perimeter and add it back in a non-atomic manner. To ensure that the new EgressPolicy + is added before the old one is removed, add a `lifecycle` block with `create_before_destroy = true` to this resource. +references: + guides: + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#egresspolicy' +docs: +id_format: '{{perimeter}}' +base_url: '' +self_link: '{{perimeter}}' +create_url: '{{perimeter}}' +create_verb: 'PATCH' +update_mask: true +delete_verb: 'PATCH' +immutable: true +mutex: '{{perimeter}}' +import_format: + - '{{perimeter}}' +exclude_import: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +identity: + - egressFrom + - egressTo +nested_query: + keys: + - spec + - egressPolicies + is_list_of_ids: false + modify_by_patch: true +custom_code: + pre_create: 'templates/terraform/pre_create/go/access_context_manager_dry_run_resource.go.tmpl' + pre_update: 'templates/terraform/pre_create/go/access_context_manager_dry_run_resource.go.tmpl' + pre_delete: 'templates/terraform/pre_create/go/access_context_manager_dry_run_resource.go.tmpl' + custom_import: 'templates/terraform/custom_import/go/access_context_manager_service_perimeter_ingress_policy.go.tmpl' +exclude_tgc: true +# Skipping the sweeper due to the non-standard base_url and because this is fine-grained under ServicePerimeter +exclude_sweeper: true +examples: + - name: 'access_context_manager_service_perimeter_dry_run_egress_policy' + exclude_test: true +parameters: + - name: 'perimeter' + type: ResourceRef + description: | + The name of the Service Perimeter to add this resource to. + url_param_only: true + required: true + resource: 'ServicePerimeter' + imports: 'name' +properties: + - name: 'egressFrom' + type: NestedObject + description: | + Defines conditions on the source of a request causing this `EgressPolicy` to apply. + properties: + - name: 'identityType' + type: Enum + description: | + Specifies the type of identities that are allowed access to outside the + perimeter. If left unspecified, then members of `identities` field will + be allowed access. + enum_values: + - 'ANY_IDENTITY' + - 'ANY_USER_ACCOUNT' + - 'ANY_SERVICE_ACCOUNT' + - name: 'identities' + type: Array + description: | + A list of identities that are allowed access through this `EgressPolicy`. + Should be in the format of email address. The email address should + represent individual user or service account only. + item_type: + type: String + - name: 'sources' + type: Array + description: 'Sources that this EgressPolicy authorizes access from.' + item_type: + type: NestedObject + properties: + - name: 'accessLevel' + type: String + description: 'An AccessLevel resource name that allows resources outside the ServicePerimeter to be accessed from the inside.' + - name: 'sourceRestriction' + type: Enum + description: 'Whether to enforce traffic restrictions based on `sources` field. If the `sources` field is non-empty, then this field must be set to `SOURCE_RESTRICTION_ENABLED`.' + enum_values: + - 'SOURCE_RESTRICTION_ENABLED' + - 'SOURCE_RESTRICTION_DISABLED' + - name: 'egressTo' + type: NestedObject + description: | + Defines the conditions on the `ApiOperation` and destination resources that + cause this `EgressPolicy` to apply. + properties: + - name: 'resources' + type: Array + description: | + A list of resources, currently only projects in the form + `projects/`, that match this to stanza. A request matches + if it contains a resource in this list. If * is specified for resources, + then this `EgressTo` rule will authorize access to all resources outside + the perimeter. + item_type: + type: String + - name: 'externalResources' + type: Array + description: | + A list of external resources that are allowed to be accessed. A request + matches if it contains an external resource in this list (Example: + s3://bucket/path). Currently '*' is not allowed. + item_type: + type: String + - name: 'operations' + type: Array + description: | + A list of `ApiOperations` that this egress rule applies to. A request matches + if it contains an operation/service in this list. + item_type: + type: NestedObject + properties: + - name: 'serviceName' + type: String + description: | + The name of the API whose methods or permissions the `IngressPolicy` or + `EgressPolicy` want to allow. A single `ApiOperation` with serviceName + field set to `*` will allow all methods AND permissions for all services. + - name: 'methodSelectors' + type: Array + description: | + API methods or permissions to allow. Method or permission must belong + to the service specified by `serviceName` field. A single MethodSelector + entry with `*` specified for the `method` field will allow all methods + AND permissions for the service specified in `serviceName`. + item_type: + type: NestedObject + properties: + - name: 'method' + type: String + description: | + Value for `method` should be a valid method name for the corresponding + `serviceName` in `ApiOperation`. If `*` used as value for method, + then ALL methods and permissions are allowed. + - name: 'permission' + type: String + description: | + Value for permission should be a valid Cloud IAM permission for the + corresponding `serviceName` in `ApiOperation`. diff --git a/mmv1/products/accesscontextmanager/go_ServicePerimeterDryRunIngressPolicy.yaml b/mmv1/products/accesscontextmanager/go_ServicePerimeterDryRunIngressPolicy.yaml new file mode 100644 index 000000000000..cf6dd439c94e --- /dev/null +++ b/mmv1/products/accesscontextmanager/go_ServicePerimeterDryRunIngressPolicy.yaml @@ -0,0 +1,199 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'ServicePerimeterDryRunIngressPolicy' +description: | + Manage a single IngressPolicy in the spec (dry-run) configuration for a service perimeter. + IngressPolicies match requests based on ingressFrom and ingressTo stanzas. For an ingress policy to match, + both the ingressFrom and ingressTo stanzas must be matched. If an IngressPolicy matches a request, + the request is allowed through the perimeter boundary from outside the perimeter. + For example, access from the internet can be allowed either based on an AccessLevel or, + for traffic hosted on Google Cloud, the project of the source network. + For access from private networks, using the project of the hosting network is required. + Individual ingress policies can be limited by restricting which services and/ + or actions they match using the ingressTo field. + + ~> **Note:** By default, updates to this resource will remove the IngressPolicy from the + from the perimeter and add it back in a non-atomic manner. To ensure that the new IngressPolicy + is added before the old one is removed, add a `lifecycle` block with `create_before_destroy = true` to this resource. +references: + guides: + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#ingresspolicy' +docs: +id_format: '{{perimeter}}' +base_url: '' +self_link: '{{perimeter}}' +create_url: '{{perimeter}}' +create_verb: 'PATCH' +update_mask: true +delete_verb: 'PATCH' +immutable: true +mutex: '{{perimeter}}' +import_format: + - '{{perimeter}}' +exclude_import: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +identity: + - ingressFrom + - ingressTo +nested_query: + keys: + - spec + - ingressPolicies + is_list_of_ids: false + modify_by_patch: true +custom_code: + pre_create: 'templates/terraform/pre_create/go/access_context_manager_dry_run_resource.go.tmpl' + pre_update: 'templates/terraform/pre_create/go/access_context_manager_dry_run_resource.go.tmpl' + pre_delete: 'templates/terraform/pre_create/go/access_context_manager_dry_run_resource.go.tmpl' + custom_import: 'templates/terraform/custom_import/go/access_context_manager_service_perimeter_ingress_policy.go.tmpl' +exclude_tgc: true +# Skipping the sweeper due to the non-standard base_url and because this is fine-grained under ServicePerimeter +exclude_sweeper: true +examples: + - name: 'access_context_manager_service_perimeter_dry_run_ingress_policy' + exclude_test: true +parameters: + - name: 'perimeter' + type: ResourceRef + description: | + The name of the Service Perimeter to add this resource to. + url_param_only: true + required: true + resource: 'ServicePerimeter' + imports: 'name' +properties: + - name: 'ingressFrom' + type: NestedObject + description: | + Defines the conditions on the source of a request causing this `IngressPolicy` + to apply. + properties: + - name: 'identityType' + type: Enum + description: | + Specifies the type of identities that are allowed access from outside the + perimeter. If left unspecified, then members of `identities` field will be + allowed access. + enum_values: + - 'ANY_IDENTITY' + - 'ANY_USER_ACCOUNT' + - 'ANY_SERVICE_ACCOUNT' + - name: 'identities' + type: Array + description: | + A list of identities that are allowed access through this ingress policy. + Should be in the format of email address. The email address should represent + individual user or service account only. + item_type: + type: String + - name: 'sources' + type: Array + description: | + Sources that this `IngressPolicy` authorizes access from. + item_type: + type: NestedObject + properties: + - name: 'accessLevel' + type: String + description: | + An `AccessLevel` resource name that allow resources within the + `ServicePerimeters` to be accessed from the internet. `AccessLevels` listed + must be in the same policy as this `ServicePerimeter`. Referencing a nonexistent + `AccessLevel` will cause an error. If no `AccessLevel` names are listed, + resources within the perimeter can only be accessed via Google Cloud calls + with request origins within the perimeter. + Example `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL.` + If * is specified, then all IngressSources will be allowed. + - name: 'resource' + type: String + description: | + A Google Cloud resource that is allowed to ingress the perimeter. + Requests from these resources will be allowed to access perimeter data. + Currently only projects are allowed. Format `projects/{project_number}` + The project may be in any Google Cloud organization, not just the + organization that the perimeter is defined in. `*` is not allowed, the case + of allowing all Google Cloud resources only is not supported. + - name: 'ingressTo' + type: NestedObject + description: | + Defines the conditions on the `ApiOperation` and request destination that cause + this `IngressPolicy` to apply. + properties: + - name: 'resources' + type: Array + description: | + A list of resources, currently only projects in the form + `projects/`, protected by this `ServicePerimeter` + that are allowed to be accessed by sources defined in the + corresponding `IngressFrom`. A request matches if it contains + a resource in this list. If `*` is specified for resources, + then this `IngressTo` rule will authorize access to all + resources inside the perimeter, provided that the request + also matches the `operations` field. + item_type: + type: String + - name: 'operations' + type: Array + description: | + A list of `ApiOperations` the sources specified in corresponding `IngressFrom` + are allowed to perform in this `ServicePerimeter`. + item_type: + type: NestedObject + properties: + - name: 'serviceName' + type: String + description: | + The name of the API whose methods or permissions the `IngressPolicy` or + `EgressPolicy` want to allow. A single `ApiOperation` with `serviceName` + field set to `*` will allow all methods AND permissions for all services. + - name: 'methodSelectors' + type: Array + description: | + API methods or permissions to allow. Method or permission must belong to + the service specified by serviceName field. A single `MethodSelector` entry + with `*` specified for the method field will allow all methods AND + permissions for the service specified in `serviceName`. + item_type: + type: NestedObject + properties: + - name: 'method' + type: String + description: | + Value for method should be a valid method name for the corresponding + serviceName in `ApiOperation`. If `*` used as value for `method`, then + ALL methods and permissions are allowed. + - name: 'permission' + type: String + description: | + Value for permission should be a valid Cloud IAM permission for the + corresponding `serviceName` in `ApiOperation`. diff --git a/mmv1/products/accesscontextmanager/go_ServicePerimeterDryRunResource.yaml b/mmv1/products/accesscontextmanager/go_ServicePerimeterDryRunResource.yaml new file mode 100644 index 000000000000..0be705bbae19 --- /dev/null +++ b/mmv1/products/accesscontextmanager/go_ServicePerimeterDryRunResource.yaml @@ -0,0 +1,107 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'ServicePerimeterDryRunResource' +description: | + Allows configuring a single GCP resource that should be inside of the `spec` block of a dry run service perimeter. + This resource is intended to be used in cases where it is not possible to compile a full list + of projects to include in a `google_access_context_manager_service_perimeter` resource, + to enable them to be added separately. + If your perimeter is NOT in dry-run mode use `google_access_context_manager_service_perimeter_resource` instead. + + ~> **Note:** If this resource is used alongside a `google_access_context_manager_service_perimeter` resource, + the service perimeter resource must have a `lifecycle` block with `ignore_changes = [spec[0].resources]` so + they don't fight over which resources should be in the policy. +references: + guides: + 'Service Perimeter Quickstart': 'https://cloud.google.com/vpc-service-controls/docs/quickstart' + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters' +docs: + warning: | + If you are using User ADCs (Application Default Credentials) with this resource, + you must specify a `billing_project` and set `user_project_override` to true + in the provider configuration. Otherwise the ACM API will return a 403 error. + Your account must have the `serviceusage.services.use` permission on the + `billing_project` you defined. +id_format: '{{perimeter_name}}/{{resource}}' +base_url: '' +self_link: '{{perimeter_name}}' +create_url: '{{perimeter_name}}' +create_verb: 'PATCH' +update_mask: true +delete_verb: 'PATCH' +immutable: true +mutex: '{{perimeter_name}}' +import_format: + - '{{perimeter_name}}/{{resource}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +identity: + - resource +nested_query: + keys: + - spec + - resources + is_list_of_ids: true + modify_by_patch: true +custom_code: + pre_create: 'templates/terraform/pre_create/go/access_context_manager_dry_run_resource.go.tmpl' + pre_update: 'templates/terraform/pre_create/go/access_context_manager_dry_run_resource.go.tmpl' + pre_delete: 'templates/terraform/pre_create/go/access_context_manager_dry_run_resource.go.tmpl' + custom_import: 'templates/terraform/custom_import/go/access_context_manager_service_perimeter_resource.go.tmpl' +exclude_tgc: true +# Skipping the sweeper due to the non-standard base_url and because this is fine-grained under ServicePerimeter +exclude_sweeper: true +examples: + - name: 'access_context_manager_service_perimeter_dry_run_resource_basic' + primary_resource_id: 'service-perimeter-dry-run-resource' + vars: + service_perimeter_name: 'restrict_all' + exclude_test: true +parameters: + - name: 'perimeterName' + type: ResourceRef + description: | + The name of the Service Perimeter to add this resource to. + url_param_only: true + required: true + immutable: true + resource: 'ServicePerimeter' + imports: 'name' +properties: + - name: 'resource' + type: String + description: | + A GCP resource that is inside of the service perimeter. + Currently only projects are allowed. + Format: projects/{project_number} + required: true + immutable: true diff --git a/mmv1/products/accesscontextmanager/go_ServicePerimeterEgressPolicy.yaml b/mmv1/products/accesscontextmanager/go_ServicePerimeterEgressPolicy.yaml new file mode 100644 index 000000000000..40283a310426 --- /dev/null +++ b/mmv1/products/accesscontextmanager/go_ServicePerimeterEgressPolicy.yaml @@ -0,0 +1,188 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'ServicePerimeterEgressPolicy' +description: | + Manage a single EgressPolicy in the status (enforced) configuration for a service perimeter. + EgressPolicies match requests based on egressFrom and egressTo stanzas. + For an EgressPolicy to match, both egressFrom and egressTo stanzas must be matched. + If an EgressPolicy matches a request, the request is allowed to span the ServicePerimeter + boundary. For example, an EgressPolicy can be used to allow VMs on networks + within the ServicePerimeter to access a defined set of projects outside the + perimeter in certain contexts (e.g. to read data from a Cloud Storage bucket + or query against a BigQuery dataset). + + ~> **Note:** By default, updates to this resource will remove the EgressPolicy from the + from the perimeter and add it back in a non-atomic manner. To ensure that the new EgressPolicy + is added before the old one is removed, add a `lifecycle` block with `create_before_destroy = true` to this resource. +references: + guides: + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#egresspolicy' +docs: +id_format: '{{perimeter}}' +base_url: '' +self_link: '{{perimeter}}' +create_url: '{{perimeter}}' +create_verb: 'PATCH' +update_mask: true +delete_verb: 'PATCH' +immutable: true +mutex: '{{perimeter}}' +import_format: + - '{{perimeter}}' +exclude_import: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +identity: + - egressFrom + - egressTo +nested_query: + keys: + - status + - egressPolicies + is_list_of_ids: false + modify_by_patch: true +custom_code: + custom_import: 'templates/terraform/custom_import/go/access_context_manager_service_perimeter_ingress_policy.go.tmpl' +exclude_tgc: true +# Skipping the sweeper due to the non-standard base_url and because this is fine-grained under ServicePerimeter +exclude_sweeper: true +examples: + - name: 'access_context_manager_service_perimeter_egress_policy' + exclude_test: true +parameters: + - name: 'perimeter' + type: ResourceRef + description: | + The name of the Service Perimeter to add this resource to. + url_param_only: true + required: true + resource: 'ServicePerimeter' + imports: 'name' +properties: + - name: 'egressFrom' + type: NestedObject + description: | + Defines conditions on the source of a request causing this `EgressPolicy` to apply. + properties: + - name: 'identityType' + type: Enum + description: | + Specifies the type of identities that are allowed access to outside the + perimeter. If left unspecified, then members of `identities` field will + be allowed access. + enum_values: + - 'ANY_IDENTITY' + - 'ANY_USER_ACCOUNT' + - 'ANY_SERVICE_ACCOUNT' + - name: 'identities' + type: Array + description: | + A list of identities that are allowed access through this `EgressPolicy`. + Should be in the format of email address. The email address should + represent individual user or service account only. + item_type: + type: String + - name: 'sources' + type: Array + description: 'Sources that this EgressPolicy authorizes access from.' + item_type: + type: NestedObject + properties: + - name: 'accessLevel' + type: String + description: 'An AccessLevel resource name that allows resources outside the ServicePerimeter to be accessed from the inside.' + - name: 'sourceRestriction' + type: Enum + description: 'Whether to enforce traffic restrictions based on `sources` field. If the `sources` field is non-empty, then this field must be set to `SOURCE_RESTRICTION_ENABLED`.' + enum_values: + - 'SOURCE_RESTRICTION_UNSPECIFIED' + - 'SOURCE_RESTRICTION_ENABLED' + - 'SOURCE_RESTRICTION_DISABLED' + - name: 'egressTo' + type: NestedObject + description: | + Defines the conditions on the `ApiOperation` and destination resources that + cause this `EgressPolicy` to apply. + properties: + - name: 'resources' + type: Array + description: | + A list of resources, currently only projects in the form + `projects/`, that match this to stanza. A request matches + if it contains a resource in this list. If * is specified for resources, + then this `EgressTo` rule will authorize access to all resources outside + the perimeter. + item_type: + type: String + - name: 'externalResources' + type: Array + description: | + A list of external resources that are allowed to be accessed. A request + matches if it contains an external resource in this list (Example: + s3://bucket/path). Currently '*' is not allowed. + item_type: + type: String + - name: 'operations' + type: Array + description: | + A list of `ApiOperations` that this egress rule applies to. A request matches + if it contains an operation/service in this list. + item_type: + type: NestedObject + properties: + - name: 'serviceName' + type: String + description: | + The name of the API whose methods or permissions the `IngressPolicy` or + `EgressPolicy` want to allow. A single `ApiOperation` with serviceName + field set to `*` will allow all methods AND permissions for all services. + - name: 'methodSelectors' + type: Array + description: | + API methods or permissions to allow. Method or permission must belong + to the service specified by `serviceName` field. A single MethodSelector + entry with `*` specified for the `method` field will allow all methods + AND permissions for the service specified in `serviceName`. + item_type: + type: NestedObject + properties: + - name: 'method' + type: String + description: | + Value for `method` should be a valid method name for the corresponding + `serviceName` in `ApiOperation`. If `*` used as value for method, + then ALL methods and permissions are allowed. + - name: 'permission' + type: String + description: | + Value for permission should be a valid Cloud IAM permission for the + corresponding `serviceName` in `ApiOperation`. diff --git a/mmv1/products/accesscontextmanager/go_ServicePerimeterIngressPolicy.yaml b/mmv1/products/accesscontextmanager/go_ServicePerimeterIngressPolicy.yaml new file mode 100644 index 000000000000..7bdfa9623697 --- /dev/null +++ b/mmv1/products/accesscontextmanager/go_ServicePerimeterIngressPolicy.yaml @@ -0,0 +1,199 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'ServicePerimeterIngressPolicy' +description: | + Manage a single IngressPolicy in the status (enforced) configuration for a service perimeter. + IngressPolicies match requests based on ingressFrom and ingressTo stanzas. For an ingress policy to match, + both the ingressFrom and ingressTo stanzas must be matched. If an IngressPolicy matches a request, + the request is allowed through the perimeter boundary from outside the perimeter. + For example, access from the internet can be allowed either based on an AccessLevel or, + for traffic hosted on Google Cloud, the project of the source network. + For access from private networks, using the project of the hosting network is required. + Individual ingress policies can be limited by restricting which services and/ + or actions they match using the ingressTo field. + + ~> **Note:** By default, updates to this resource will remove the IngressPolicy from the + from the perimeter and add it back in a non-atomic manner. To ensure that the new IngressPolicy + is added before the old one is removed, add a `lifecycle` block with `create_before_destroy = true` to this resource. +references: + guides: + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#ingresspolicy' +docs: +id_format: '{{perimeter}}' +base_url: '' +self_link: '{{perimeter}}' +create_url: '{{perimeter}}' +create_verb: 'PATCH' +update_mask: true +delete_verb: 'PATCH' +immutable: true +mutex: '{{perimeter}}' +import_format: + - '{{perimeter}}' +exclude_import: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +identity: + - ingressFrom + - ingressTo +nested_query: + keys: + - status + - ingressPolicies + is_list_of_ids: false + modify_by_patch: true +custom_code: + custom_import: 'templates/terraform/custom_import/go/access_context_manager_service_perimeter_ingress_policy.go.tmpl' +exclude_tgc: true +# Skipping the sweeper due to the non-standard base_url and because this is fine-grained under ServicePerimeter +exclude_sweeper: true +examples: + - name: 'access_context_manager_service_perimeter_ingress_policy' + exclude_test: true +parameters: + - name: 'perimeter' + type: ResourceRef + description: | + The name of the Service Perimeter to add this resource to. + url_param_only: true + required: true + resource: 'ServicePerimeter' + imports: 'name' +properties: + - name: 'ingressFrom' + type: NestedObject + description: | + Defines the conditions on the source of a request causing this `IngressPolicy` + to apply. + properties: + - name: 'identityType' + type: Enum + description: | + Specifies the type of identities that are allowed access from outside the + perimeter. If left unspecified, then members of `identities` field will be + allowed access. + enum_values: + - 'ANY_IDENTITY' + - 'ANY_USER_ACCOUNT' + - 'ANY_SERVICE_ACCOUNT' + - name: 'identities' + type: Array + description: | + A list of identities that are allowed access through this ingress policy. + Should be in the format of email address. The email address should represent + individual user or service account only. + item_type: + type: String + - name: 'sources' + type: Array + description: | + Sources that this `IngressPolicy` authorizes access from. + item_type: + type: NestedObject + properties: + - name: 'accessLevel' + type: String + description: | + An `AccessLevel` resource name that allow resources within the + `ServicePerimeters` to be accessed from the internet. `AccessLevels` listed + must be in the same policy as this `ServicePerimeter`. Referencing a nonexistent + `AccessLevel` will cause an error. If no `AccessLevel` names are listed, + resources within the perimeter can only be accessed via Google Cloud calls + with request origins within the perimeter. + Example `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL.` + If * is specified, then all IngressSources will be allowed. + - name: 'resource' + type: String + description: | + A Google Cloud resource that is allowed to ingress the perimeter. + Requests from these resources will be allowed to access perimeter data. + Currently only projects and VPCs are allowed. + Project format: `projects/{projectNumber}` + VPC network format: + `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}`. + The project may be in any Google Cloud organization, not just the + organization that the perimeter is defined in. `*` is not allowed, the case + of allowing all Google Cloud resources only is not supported. + - name: 'ingressTo' + type: NestedObject + description: | + Defines the conditions on the `ApiOperation` and request destination that cause + this `IngressPolicy` to apply. + properties: + - name: 'resources' + type: Array + description: | + A list of resources, currently only projects in the form + `projects/`, protected by this `ServicePerimeter` + that are allowed to be accessed by sources defined in the + corresponding `IngressFrom`. A request matches if it contains + a resource in this list. If `*` is specified for resources, + then this `IngressTo` rule will authorize access to all + resources inside the perimeter, provided that the request + also matches the `operations` field. + item_type: + type: String + - name: 'operations' + type: Array + description: | + A list of `ApiOperations` the sources specified in corresponding `IngressFrom` + are allowed to perform in this `ServicePerimeter`. + item_type: + type: NestedObject + properties: + - name: 'serviceName' + type: String + description: | + The name of the API whose methods or permissions the `IngressPolicy` or + `EgressPolicy` want to allow. A single `ApiOperation` with `serviceName` + field set to `*` will allow all methods AND permissions for all services. + - name: 'methodSelectors' + type: Array + description: | + API methods or permissions to allow. Method or permission must belong to + the service specified by serviceName field. A single `MethodSelector` entry + with `*` specified for the method field will allow all methods AND + permissions for the service specified in `serviceName`. + item_type: + type: NestedObject + properties: + - name: 'method' + type: String + description: | + Value for method should be a valid method name for the corresponding + serviceName in `ApiOperation`. If `*` used as value for `method`, then + ALL methods and permissions are allowed. + - name: 'permission' + type: String + description: | + Value for permission should be a valid Cloud IAM permission for the + corresponding `serviceName` in `ApiOperation`. diff --git a/mmv1/products/accesscontextmanager/go_ServicePerimeterResource.yaml b/mmv1/products/accesscontextmanager/go_ServicePerimeterResource.yaml new file mode 100644 index 000000000000..e0a8248568eb --- /dev/null +++ b/mmv1/products/accesscontextmanager/go_ServicePerimeterResource.yaml @@ -0,0 +1,104 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'ServicePerimeterResource' +description: | + Allows configuring a single GCP resource that should be inside the `status` block of a service perimeter. + This resource is intended to be used in cases where it is not possible to compile a full list + of projects to include in a `google_access_context_manager_service_perimeter` resource, + to enable them to be added separately. + If your perimeter is in dry-run mode use `google_access_context_manager_service_perimeter_dry_run_resource` instead. + + ~> **Note:** If this resource is used alongside a `google_access_context_manager_service_perimeter` resource, + the service perimeter resource must have a `lifecycle` block with `ignore_changes = [status[0].resources]` so + they don't fight over which resources should be in the policy. +references: + guides: + 'Service Perimeter Quickstart': 'https://cloud.google.com/vpc-service-controls/docs/quickstart' + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters' +docs: + warning: | + If you are using User ADCs (Application Default Credentials) with this resource, + you must specify a `billing_project` and set `user_project_override` to true + in the provider configuration. Otherwise the ACM API will return a 403 error. + Your account must have the `serviceusage.services.use` permission on the + `billing_project` you defined. +id_format: '{{perimeter_name}}/{{resource}}' +base_url: '' +self_link: '{{perimeter_name}}' +create_url: '{{perimeter_name}}' +create_verb: 'PATCH' +update_mask: true +delete_verb: 'PATCH' +immutable: true +mutex: '{{perimeter_name}}' +import_format: + - '{{perimeter_name}}/{{resource}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +identity: + - resource +nested_query: + keys: + - status + - resources + is_list_of_ids: true + modify_by_patch: true +custom_code: + custom_import: 'templates/terraform/custom_import/go/access_context_manager_service_perimeter_resource.go.tmpl' +exclude_tgc: true +# Skipping the sweeper due to the non-standard base_url and because this is fine-grained under ServicePerimeter +exclude_sweeper: true +examples: + - name: 'access_context_manager_service_perimeter_resource_basic' + primary_resource_id: 'service-perimeter-resource' + vars: + service_perimeter_name: 'restrict_all' + exclude_test: true +parameters: + - name: 'perimeterName' + type: ResourceRef + description: | + The name of the Service Perimeter to add this resource to. + url_param_only: true + required: true + immutable: true + resource: 'ServicePerimeter' + imports: 'name' +properties: + - name: 'resource' + type: String + description: | + A GCP resource that is inside of the service perimeter. + Currently only projects are allowed. + Format: projects/{project_number} + required: true + immutable: true diff --git a/mmv1/products/accesscontextmanager/go_ServicePerimeters.yaml b/mmv1/products/accesscontextmanager/go_ServicePerimeters.yaml new file mode 100644 index 000000000000..5e3f3e16994b --- /dev/null +++ b/mmv1/products/accesscontextmanager/go_ServicePerimeters.yaml @@ -0,0 +1,758 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- + # This is the plural of `ServicePerimeter`, any changes here should be made to `ServicePerimeter` as well +name: 'ServicePerimeters' +description: | + Replace all existing Service Perimeters in an Access Policy with the Service Perimeters provided. This is done atomically. + This is a bulk edit of all Service Perimeters and may override existing Service Perimeters created by `google_access_context_manager_service_perimeter`, + thus causing a permadiff if used alongside `google_access_context_manager_service_perimeter` on the same parent. +references: + guides: + 'Service Perimeter Quickstart': 'https://cloud.google.com/vpc-service-controls/docs/quickstart' + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters' +docs: +id_format: '{{parent}}/servicePerimeters' +base_url: '{{parent}}/servicePerimeters:replaceAll' +self_link: '{{parent}}/servicePerimeters' +update_url: '{{parent}}/servicePerimeters:replaceAll' +update_verb: 'POST' +import_format: + - '{{parent}}/servicePerimeters' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: + custom_delete: 'templates/terraform/custom_delete/go/replace_all_service_perimeters_empty_list.go.tmpl' + custom_import: 'templates/terraform/custom_import/go/set_access_policy_parent_from_access_policy.go.tmpl' +# Skipping the sweeper due to the non-standard base_url +exclude_sweeper: true +examples: + - name: 'access_context_manager_service_perimeters_basic' + primary_resource_id: 'service-perimeter' + vars: + access_level_name: 'chromeos_no_lock' + service_perimeter_name: 'restrict_storage' + exclude_test: true +parameters: + # Parent is a path parameter that _cannot_ be read or sent in the request at all. + # This must be done at the provider level. + - name: 'parent' + type: String + description: | + The AccessPolicy this ServicePerimeter lives in. + Format: accessPolicies/{policy_id} + required: true + immutable: true + ignore_read: true +properties: + - name: 'servicePerimeters' + type: Array + description: | + The desired Service Perimeters that should replace all existing Service Perimeters in the Access Policy. + custom_flatten: 'templates/terraform/custom_flatten/go/accesscontextmanager_serviceperimeters_custom_flatten.go.tmpl' + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + Resource name for the ServicePerimeter. The short_name component must + begin with a letter and only include alphanumeric and '_'. + Format: accessPolicies/{policy_id}/servicePerimeters/{short_name} + required: true + immutable: true + - name: 'title' + type: String + description: | + Human readable title. Must be unique within the Policy. + required: true + - name: 'description' + type: String + description: | + Description of the ServicePerimeter and its use. Does not affect + behavior. + - name: 'createTime' + type: Time + description: | + Time the AccessPolicy was created in UTC. + output: true + - name: 'updateTime' + type: Time + description: | + Time the AccessPolicy was updated in UTC. + output: true + - name: 'perimeterType' + type: Enum + description: | + Specifies the type of the Perimeter. There are two types: regular and + bridge. Regular Service Perimeter contains resources, access levels, + and restricted services. Every resource can be in at most + ONE regular Service Perimeter. + + In addition to being in a regular service perimeter, a resource can also + be in zero or more perimeter bridges. A perimeter bridge only contains + resources. Cross project operations are permitted if all effected + resources share some perimeter (whether bridge or regular). Perimeter + Bridge does not contain access levels or services: those are governed + entirely by the regular perimeter that resource is in. + + Perimeter Bridges are typically useful when building more complex + topologies with many independent perimeters that need to share some data + with a common perimeter, but should not be able to share data among + themselves. + immutable: true + custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' + default_value: "PERIMETER_TYPE_REGULAR" + enum_values: + - 'PERIMETER_TYPE_REGULAR' + - 'PERIMETER_TYPE_BRIDGE' + - name: 'status' + type: NestedObject + description: | + ServicePerimeter configuration. Specifies sets of resources, + restricted services and access levels that determine + perimeter content and boundaries. + properties: + - name: 'resources' + type: Array + description: | + A list of GCP resources that are inside of the service perimeter. + Currently only projects are allowed. + Format: projects/{project_number} + is_set: true + # TODO: (mbang) won't work for arrays yet, uncomment here once they are supported. + # (github.com/hashicorp/terraform-plugin-sdk/issues/470) + # at_least_one_of: + # - status.0.resources + # - status.0.access_levels + # - status.0.restricted_services + item_type: + type: String + - name: 'accessLevels' + type: Array + description: | + A list of AccessLevel resource names that allow resources within + the ServicePerimeter to be accessed from the internet. + AccessLevels listed must be in the same policy as this + ServicePerimeter. Referencing a nonexistent AccessLevel is a + syntax error. If no AccessLevel names are listed, resources within + the perimeter can only be accessed via GCP calls with request + origins within the perimeter. For Service Perimeter Bridge, must + be empty. + + Format: accessPolicies/{policy_id}/accessLevels/{access_level_name} + is_set: true + # TODO: (mbang) won't work for arrays yet, uncomment here once they are supported. + # (github.com/hashicorp/terraform-plugin-sdk/issues/470) + # at_least_one_of: + # - spec.0.resources + # - spec.0.access_levels + # - spec.0.restricted_services + item_type: + type: String + - name: 'restrictedServices' + type: Array + description: | + GCP services that are subject to the Service Perimeter + restrictions. Must contain a list of services. For example, if + `storage.googleapis.com` is specified, access to the storage + buckets inside the perimeter must meet the perimeter's access + restrictions. + is_set: true + # TODO: (mbang) won't work for arrays yet, uncomment here once they are supported. + # (github.com/hashicorp/terraform-plugin-sdk/issues/470) + # at_least_one_of: + # - spec.0.resources + # - spec.0.access_levels + # - spec.0.restricted_services + item_type: + type: String + - name: 'vpcAccessibleServices' + type: NestedObject + description: | + Specifies how APIs are allowed to communicate within the Service + Perimeter. + properties: + - name: 'enableRestriction' + type: Boolean + description: | + Whether to restrict API calls within the Service Perimeter to the + list of APIs specified in 'allowedServices'. + - name: 'allowedServices' + type: Array + description: | + The list of APIs usable within the Service Perimeter. + Must be empty unless `enableRestriction` is True. + is_set: true + item_type: + type: String + - name: 'ingressPolicies' + type: Array + description: | + List of `IngressPolicies` to apply to the perimeter. A perimeter may + have multiple `IngressPolicies`, each of which is evaluated + separately. Access is granted if any `Ingress Policy` grants it. + Must be empty for a perimeter bridge. + is_set: true + item_type: + type: NestedObject + properties: + - name: 'ingressFrom' + type: NestedObject + description: | + Defines the conditions on the source of a request causing this `IngressPolicy` + to apply. + properties: + - name: 'identityType' + type: Enum + description: | + Specifies the type of identities that are allowed access from outside the + perimeter. If left unspecified, then members of `identities` field will be + allowed access. + enum_values: + - 'IDENTITY_TYPE_UNSPECIFIED' + - 'ANY_IDENTITY' + - 'ANY_USER_ACCOUNT' + - 'ANY_SERVICE_ACCOUNT' + - name: 'identities' + type: Array + description: | + A list of identities that are allowed access through this ingress policy. + Should be in the format of email address. The email address should represent + individual user or service account only. + is_set: true + item_type: + type: String + - name: 'sources' + type: Array + description: | + Sources that this `IngressPolicy` authorizes access from. + item_type: + type: NestedObject + properties: + - name: 'accessLevel' + type: String + description: | + An `AccessLevel` resource name that allow resources within the + `ServicePerimeters` to be accessed from the internet. `AccessLevels` listed + must be in the same policy as this `ServicePerimeter`. Referencing a nonexistent + `AccessLevel` will cause an error. If no `AccessLevel` names are listed, + resources within the perimeter can only be accessed via Google Cloud calls + with request origins within the perimeter. + Example `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL.` + If * is specified, then all IngressSources will be allowed. + - name: 'resource' + type: String + description: | + A Google Cloud resource that is allowed to ingress the perimeter. + Requests from these resources will be allowed to access perimeter data. + Currently only projects are allowed. Format `projects/{project_number}` + The project may be in any Google Cloud organization, not just the + organization that the perimeter is defined in. `*` is not allowed, the case + of allowing all Google Cloud resources only is not supported. + - name: 'ingressTo' + type: NestedObject + description: | + Defines the conditions on the `ApiOperation` and request destination that cause + this `IngressPolicy` to apply. + properties: + - name: 'resources' + type: Array + description: | + A list of resources, currently only projects in the form + `projects/`, protected by this `ServicePerimeter` + that are allowed to be accessed by sources defined in the + corresponding `IngressFrom`. A request matches if it contains + a resource in this list. If `*` is specified for resources, + then this `IngressTo` rule will authorize access to all + resources inside the perimeter, provided that the request + also matches the `operations` field. + is_set: true + item_type: + type: String + - name: 'operations' + type: Array + description: | + A list of `ApiOperations` the sources specified in corresponding `IngressFrom` + are allowed to perform in this `ServicePerimeter`. + item_type: + type: NestedObject + properties: + - name: 'serviceName' + type: String + description: | + The name of the API whose methods or permissions the `IngressPolicy` or + `EgressPolicy` want to allow. A single `ApiOperation` with `serviceName` + field set to `*` will allow all methods AND permissions for all services. + - name: 'methodSelectors' + type: Array + description: | + API methods or permissions to allow. Method or permission must belong to + the service specified by serviceName field. A single `MethodSelector` entry + with `*` specified for the method field will allow all methods AND + permissions for the service specified in `serviceName`. + item_type: + type: NestedObject + properties: + - name: 'method' + type: String + description: | + Value for method should be a valid method name for the corresponding + serviceName in `ApiOperation`. If `*` used as value for `method`, then + ALL methods and permissions are allowed. + - name: 'permission' + type: String + description: | + Value for permission should be a valid Cloud IAM permission for the + corresponding `serviceName` in `ApiOperation`. + - name: 'egressPolicies' + type: Array + description: | + List of EgressPolicies to apply to the perimeter. A perimeter may + have multiple EgressPolicies, each of which is evaluated separately. + Access is granted if any EgressPolicy grants it. Must be empty for + a perimeter bridge. + item_type: + type: NestedObject + properties: + - name: 'egressFrom' + type: NestedObject + description: | + Defines conditions on the source of a request causing this `EgressPolicy` to apply. + properties: + - name: 'identityType' + type: Enum + description: | + Specifies the type of identities that are allowed access to outside the + perimeter. If left unspecified, then members of `identities` field will + be allowed access. + enum_values: + - 'IDENTITY_TYPE_UNSPECIFIED' + - 'ANY_IDENTITY' + - 'ANY_USER_ACCOUNT' + - 'ANY_SERVICE_ACCOUNT' + - name: 'identities' + type: Array + description: | + A list of identities that are allowed access through this `EgressPolicy`. + Should be in the format of email address. The email address should + represent individual user or service account only. + is_set: true + item_type: + type: String + - name: 'sources' + type: Array + description: 'Sources that this EgressPolicy authorizes access from.' + item_type: + type: NestedObject + properties: + - name: 'accessLevel' + type: String + description: 'An AccessLevel resource name that allows resources outside the ServicePerimeter to be accessed from the inside.' + - name: 'sourceRestriction' + type: Enum + description: 'Whether to enforce traffic restrictions based on `sources` field. If the `sources` field is non-empty, then this field must be set to `SOURCE_RESTRICTION_ENABLED`.' + enum_values: + - 'SOURCE_RESTRICTION_UNSPECIFIED' + - 'SOURCE_RESTRICTION_ENABLED' + - 'SOURCE_RESTRICTION_DISABLED' + - name: 'egressTo' + type: NestedObject + description: | + Defines the conditions on the `ApiOperation` and destination resources that + cause this `EgressPolicy` to apply. + properties: + - name: 'resources' + type: Array + description: | + A list of resources, currently only projects in the form + `projects/`, that match this to stanza. A request matches + if it contains a resource in this list. If * is specified for resources, + then this `EgressTo` rule will authorize access to all resources outside + the perimeter. + is_set: true + item_type: + type: String + - name: 'externalResources' + type: Array + description: | + A list of external resources that are allowed to be accessed. A request + matches if it contains an external resource in this list (Example: + s3://bucket/path). Currently '*' is not allowed. + is_set: true + item_type: + type: String + - name: 'operations' + type: Array + description: | + A list of `ApiOperations` that this egress rule applies to. A request matches + if it contains an operation/service in this list. + item_type: + type: NestedObject + properties: + - name: 'serviceName' + type: String + description: | + The name of the API whose methods or permissions the `IngressPolicy` or + `EgressPolicy` want to allow. A single `ApiOperation` with serviceName + field set to `*` will allow all methods AND permissions for all services. + - name: 'methodSelectors' + type: Array + description: | + API methods or permissions to allow. Method or permission must belong + to the service specified by `serviceName` field. A single MethodSelector + entry with `*` specified for the `method` field will allow all methods + AND permissions for the service specified in `serviceName`. + item_type: + type: NestedObject + properties: + - name: 'method' + type: String + description: | + Value for `method` should be a valid method name for the corresponding + `serviceName` in `ApiOperation`. If `*` used as value for method, + then ALL methods and permissions are allowed. + - name: 'permission' + type: String + description: | + Value for permission should be a valid Cloud IAM permission for the + corresponding `serviceName` in `ApiOperation`. + - name: 'spec' + type: NestedObject + description: | + Proposed (or dry run) ServicePerimeter configuration. + This configuration allows to specify and test ServicePerimeter configuration + without enforcing actual access restrictions. Only allowed to be set when + the `useExplicitDryRunSpec` flag is set. + properties: + - name: 'resources' + type: Array + description: | + A list of GCP resources that are inside of the service perimeter. + Currently only projects are allowed. + Format: projects/{project_number} + # TODO: (mbang) won't work for arrays yet, uncomment here once they are supported. + # (github.com/hashicorp/terraform-plugin-sdk/issues/470) + # at_least_one_of: + # - spec.0.resources + # - spec.0.access_levels + # - spec.0.restricted_services + is_set: true + item_type: + type: String + - name: 'accessLevels' + type: Array + description: | + A list of AccessLevel resource names that allow resources within + the ServicePerimeter to be accessed from the internet. + AccessLevels listed must be in the same policy as this + ServicePerimeter. Referencing a nonexistent AccessLevel is a + syntax error. If no AccessLevel names are listed, resources within + the perimeter can only be accessed via GCP calls with request + origins within the perimeter. For Service Perimeter Bridge, must + be empty. + + Format: accessPolicies/{policy_id}/accessLevels/{access_level_name} + is_set: true + item_type: + type: String + - name: 'restrictedServices' + type: Array + description: | + GCP services that are subject to the Service Perimeter + restrictions. Must contain a list of services. For example, if + `storage.googleapis.com` is specified, access to the storage + buckets inside the perimeter must meet the perimeter's access + restrictions. + is_set: true + item_type: + type: String + - name: 'vpcAccessibleServices' + type: NestedObject + description: | + Specifies how APIs are allowed to communicate within the Service + Perimeter. + properties: + - name: 'enableRestriction' + type: Boolean + description: | + Whether to restrict API calls within the Service Perimeter to the + list of APIs specified in 'allowedServices'. + - name: 'allowedServices' + type: Array + description: | + The list of APIs usable within the Service Perimeter. + Must be empty unless `enableRestriction` is True. + is_set: true + item_type: + type: String + - name: 'ingressPolicies' + type: Array + description: | + List of `IngressPolicies` to apply to the perimeter. A perimeter may + have multiple `IngressPolicies`, each of which is evaluated + separately. Access is granted if any `Ingress Policy` grants it. + Must be empty for a perimeter bridge. + item_type: + type: NestedObject + properties: + - name: 'ingressFrom' + type: NestedObject + description: | + Defines the conditions on the source of a request causing this `IngressPolicy` + to apply. + properties: + - name: 'identityType' + type: Enum + description: | + Specifies the type of identities that are allowed access from outside the + perimeter. If left unspecified, then members of `identities` field will be + allowed access. + enum_values: + - 'IDENTITY_TYPE_UNSPECIFIED' + - 'ANY_IDENTITY' + - 'ANY_USER_ACCOUNT' + - 'ANY_SERVICE_ACCOUNT' + - name: 'identities' + type: Array + description: | + A list of identities that are allowed access through this ingress policy. + Should be in the format of email address. The email address should represent + individual user or service account only. + is_set: true + item_type: + type: String + - name: 'sources' + type: Array + description: | + Sources that this `IngressPolicy` authorizes access from. + item_type: + type: NestedObject + properties: + - name: 'accessLevel' + type: String + description: | + An `AccessLevel` resource name that allow resources within the + `ServicePerimeters` to be accessed from the internet. `AccessLevels` listed + must be in the same policy as this `ServicePerimeter`. Referencing a nonexistent + `AccessLevel` will cause an error. If no `AccessLevel` names are listed, + resources within the perimeter can only be accessed via Google Cloud calls + with request origins within the perimeter. + Example `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL.` + If * is specified, then all IngressSources will be allowed. + - name: 'resource' + type: String + description: | + A Google Cloud resource that is allowed to ingress the perimeter. + Requests from these resources will be allowed to access perimeter data. + Currently only projects are allowed. Format `projects/{project_number}` + The project may be in any Google Cloud organization, not just the + organization that the perimeter is defined in. `*` is not allowed, the case + of allowing all Google Cloud resources only is not supported. + - name: 'ingressTo' + type: NestedObject + description: | + Defines the conditions on the `ApiOperation` and request destination that cause + this `IngressPolicy` to apply. + properties: + - name: 'resources' + type: Array + description: | + A list of resources, currently only projects in the form + `projects/`, protected by this `ServicePerimeter` + that are allowed to be accessed by sources defined in the + corresponding `IngressFrom`. A request matches if it contains + a resource in this list. If `*` is specified for resources, + then this `IngressTo` rule will authorize access to all + resources inside the perimeter, provided that the request + also matches the `operations` field. + is_set: true + item_type: + type: String + - name: 'operations' + type: Array + description: | + A list of `ApiOperations` the sources specified in corresponding `IngressFrom` + are allowed to perform in this `ServicePerimeter`. + item_type: + type: NestedObject + properties: + - name: 'serviceName' + type: String + description: | + The name of the API whose methods or permissions the `IngressPolicy` or + `EgressPolicy` want to allow. A single `ApiOperation` with `serviceName` + field set to `*` will allow all methods AND permissions for all services. + - name: 'methodSelectors' + type: Array + description: | + API methods or permissions to allow. Method or permission must belong to + the service specified by serviceName field. A single `MethodSelector` entry + with `*` specified for the method field will allow all methods AND + permissions for the service specified in `serviceName`. + item_type: + type: NestedObject + properties: + - name: 'method' + type: String + description: | + Value for method should be a valid method name for the corresponding + serviceName in `ApiOperation`. If `*` used as value for `method`, then + ALL methods and permissions are allowed. + - name: 'permission' + type: String + description: | + Value for permission should be a valid Cloud IAM permission for the + corresponding `serviceName` in `ApiOperation`. + - name: 'egressPolicies' + type: Array + description: | + List of EgressPolicies to apply to the perimeter. A perimeter may + have multiple EgressPolicies, each of which is evaluated separately. + Access is granted if any EgressPolicy grants it. Must be empty for + a perimeter bridge. + item_type: + type: NestedObject + properties: + - name: 'egressFrom' + type: NestedObject + description: | + Defines conditions on the source of a request causing this `EgressPolicy` to apply. + properties: + - name: 'identityType' + type: Enum + description: | + Specifies the type of identities that are allowed access to outside the + perimeter. If left unspecified, then members of `identities` field will + be allowed access. + enum_values: + - 'IDENTITY_TYPE_UNSPECIFIED' + - 'ANY_IDENTITY' + - 'ANY_USER_ACCOUNT' + - 'ANY_SERVICE_ACCOUNT' + - name: 'identities' + type: Array + description: | + A list of identities that are allowed access through this `EgressPolicy`. + Should be in the format of email address. The email address should + represent individual user or service account only. + is_set: true + item_type: + type: String + - name: 'sources' + type: Array + description: 'Sources that this EgressPolicy authorizes access from.' + item_type: + type: NestedObject + properties: + - name: 'accessLevel' + type: String + description: 'An AccessLevel resource name that allows resources outside the ServicePerimeter to be accessed from the inside.' + - name: 'sourceRestriction' + type: Enum + description: 'Whether to enforce traffic restrictions based on `sources` field. If the `sources` field is non-empty, then this field must be set to `SOURCE_RESTRICTION_ENABLED`.' + enum_values: + - 'SOURCE_RESTRICTION_UNSPECIFIED' + - 'SOURCE_RESTRICTION_ENABLED' + - 'SOURCE_RESTRICTION_DISABLED' + - name: 'egressTo' + type: NestedObject + description: | + Defines the conditions on the `ApiOperation` and destination resources that + cause this `EgressPolicy` to apply. + properties: + - name: 'resources' + type: Array + description: | + A list of resources, currently only projects in the form + `projects/`, that match this to stanza. A request matches + if it contains a resource in this list. If * is specified for resources, + then this `EgressTo` rule will authorize access to all resources outside + the perimeter. + is_set: true + item_type: + type: String + - name: 'externalResources' + type: Array + description: | + A list of external resources that are allowed to be accessed. A request + matches if it contains an external resource in this list (Example: + s3://bucket/path). Currently '*' is not allowed. + is_set: true + item_type: + type: String + - name: 'operations' + type: Array + description: | + A list of `ApiOperations` that this egress rule applies to. A request matches + if it contains an operation/service in this list. + item_type: + type: NestedObject + properties: + - name: 'serviceName' + type: String + description: | + The name of the API whose methods or permissions the `IngressPolicy` or + `EgressPolicy` want to allow. A single `ApiOperation` with serviceName + field set to `*` will allow all methods AND permissions for all services. + - name: 'methodSelectors' + type: Array + description: | + API methods or permissions to allow. Method or permission must belong + to the service specified by `serviceName` field. A single MethodSelector + entry with `*` specified for the `method` field will allow all methods + AND permissions for the service specified in `serviceName`. + item_type: + type: NestedObject + properties: + - name: 'method' + type: String + description: | + Value for `method` should be a valid method name for the corresponding + `serviceName` in `ApiOperation`. If `*` used as value for method, + then ALL methods and permissions are allowed. + - name: 'permission' + type: String + description: | + Value for permission should be a valid Cloud IAM permission for the + corresponding `serviceName` in `ApiOperation`. + - name: 'useExplicitDryRunSpec' + type: Boolean + description: | + Use explicit dry run spec flag. Ordinarily, a dry-run spec implicitly exists + for all Service Perimeters, and that spec is identical to the status for those + Service Perimeters. When this flag is set, it inhibits the generation of the + implicit spec, thereby allowing the user to explicitly provide a + configuration ("spec") to use in a dry-run version of the Service Perimeter. + This allows the user to test changes to the enforced config ("status") without + actually enforcing them. This testing is done through analyzing the differences + between currently enforced and suggested restrictions. useExplicitDryRunSpec must + bet set to True if any of the fields in the spec are set to non-default values. diff --git a/mmv1/products/accesscontextmanager/go_product.yaml b/mmv1/products/accesscontextmanager/go_product.yaml new file mode 100644 index 000000000000..a6d7fbade4e6 --- /dev/null +++ b/mmv1/products/accesscontextmanager/go_product.yaml @@ -0,0 +1,34 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'AccessContextManager' +display_name: 'Access Context Manager (VPC Service Controls)' +versions: + - name: 'ga' + base_url: 'https://accesscontextmanager.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' +async: + type: "OpAsync" + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' diff --git a/mmv1/products/accesscontextmanager/product.yaml b/mmv1/products/accesscontextmanager/product.yaml index 0bd2aa6284d2..57aff14aa7d3 100644 --- a/mmv1/products/accesscontextmanager/product.yaml +++ b/mmv1/products/accesscontextmanager/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2018 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,32 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: AccessContextManager +display_name: Access Context Manager (VPC Service Controls) +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://accesscontextmanager.googleapis.com/v1/ +scopes: + - https://www.googleapis.com/auth/cloud-platform +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error +======= --- name: 'AccessContextManager' display_name: 'Access Context Manager (VPC Service Controls)' @@ -29,5 +59,6 @@ async: path: 'response' resource_inside_response: true error: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 path: 'error' message: 'message' diff --git a/mmv1/products/activedirectory/Domain.yaml b/mmv1/products/activedirectory/Domain.yaml index 5e38728ca381..5b3f946a3eaa 100644 --- a/mmv1/products/activedirectory/Domain.yaml +++ b/mmv1/products/activedirectory/Domain.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,52 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Domain' +kind: 'activedirectory#domain' +base_url: projects/{{project}}/locations/global/domains +create_url: projects/{{project}}/locations/global/domains?domainName={{domain_name}} +delete_url: projects/{{project}}/locations/global/domains/{{domain_name}} # equivalent to {{name}}, but makes sweepers work +update_verb: :PATCH +update_mask: true +self_link: '{{name}}' +description: Creates a Microsoft AD domain +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Managed Microsoft Active Directory Quickstart': 'https://cloud.google.com/managed-microsoft-ad/docs/quickstarts' + api: 'https://cloud.google.com/managed-microsoft-ad/reference/rest/v1/projects.locations.global.domains' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: + 1000 + # It takes about 35-40 mins to get the resource created + timeouts: !ruby/object:Api::Timeouts + insert_minutes: 60 + update_minutes: 60 + delete_minutes: 60 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +id_format: '{{name}}' +import_format: ['{{name}}'] +autogen_async: true +virtual_fields: + - !ruby/object:Api::Type::Boolean + name: 'deletion_protection' + default_value: true +======= --- name: 'Domain' kind: 'activedirectory#domain' @@ -74,6 +124,7 @@ examples: exclude_test: true virtual_fields: - name: 'deletion_protection' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Whether Terraform will be prevented from destroying the domain. Defaults to true. When a`terraform destroy` or `terraform apply` would delete the domain, @@ -81,6 +132,50 @@ virtual_fields: When the field is set to true or unset in Terraform state, a `terraform apply` or `terraform destroy` that would delete the domain will fail. When the field is set to false, deleting the domain is allowed. +<<<<<<< HEAD +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/self_link_as_name.erb + pre_delete: 'templates/terraform/pre_delete/active_directory_domain.go.erb' +error_abort_predicates: ['transport_tpg.Is429QuotaError'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'active_directory_domain_basic' + primary_resource_id: 'ad-domain' + vars: + name: 'myorg' + # the part of the domain before the first "." must be <15 chars, and + # the random suffix is 10 chars. In order to make sure these get swept, + # 'tfgen' is the only option here. + domain_name: tfgen + # skip the test until Active Directory setup issue got resolved + skip_test: true + ignore_read_extra: + - 'deletion_protection' +parameters: + - !ruby/object:Api::Type::String + name: domainName + required: true + url_param_only: true + immutable: true + description: | + The fully qualified domain name. e.g. mydomain.myorganization.com, with the restrictions + of https://cloud.google.com/managed-microsoft-ad/reference/rest/v1/projects.locations.global.domains. + validation: !ruby/object:Provider::Terraform::Validation + function: 'verify.ValidateADDomainName()' +properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: + 'The unique name of the domain using the format: + `projects/{project}/locations/global/domains/{domainName}`.' + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: 'Resource labels that can contain user-provided metadata' + - !ruby/object:Api::Type::Array + name: 'authorizedNetworks' + item_type: Api::Type::String +======= type: Boolean default_value: true parameters: @@ -106,10 +201,40 @@ properties: description: 'Resource labels that can contain user-provided metadata' - name: 'authorizedNetworks' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The full names of the Google Compute Engine networks the domain instance is connected to. The domain is only available on networks listed in authorizedNetworks. If CIDR subnets overlap between networks, domain creation will fail. is_set: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'reservedIpRange' + required: true + immutable: true + description: | + The CIDR range of internal addresses that are reserved for this domain. Reserved networks must be /24 or larger. + Ranges must be unique and non-overlapping with existing subnets in authorizedNetworks + - !ruby/object:Api::Type::Array + name: 'locations' + required: true + item_type: Api::Type::String + description: | + Locations where domain needs to be provisioned. [regions][compute/docs/regions-zones/] + e.g. us-west1 or us-east4 Service supports up to 4 locations at once. Each location will use a /26 block. + - !ruby/object:Api::Type::String + name: 'admin' + default_value: 'setupadmin' + immutable: true + description: | + The name of delegated administrator account used to perform Active Directory operations. + If not specified, setupadmin will be used. + - !ruby/object:Api::Type::String + name: 'fqdn' + output: true + description: | + The fully-qualified domain name of the exposed domain used by clients to connect to the service. + Similar to what would be chosen for an Active Directory set up on an internal network. +======= item_type: type: String - name: 'reservedIpRange' @@ -140,3 +265,4 @@ properties: The fully-qualified domain name of the exposed domain used by clients to connect to the service. Similar to what would be chosen for an Active Directory set up on an internal network. output: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/activedirectory/DomainTrust.yaml b/mmv1/products/activedirectory/DomainTrust.yaml index 3c61ee6c44c7..4a025ada30e6 100644 --- a/mmv1/products/activedirectory/DomainTrust.yaml +++ b/mmv1/products/activedirectory/DomainTrust.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,123 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'DomainTrust' +kind: 'activedirectory#trust' +base_url: projects/{{project}}/locations/global/domains +create_url: projects/{{project}}/locations/global/domains/{{domain}}:attachTrust +update_verb: :POST +update_url: projects/{{project}}/locations/global/domains/{{domain}}:reconfigureTrust +delete_verb: + :POST + # Resource custom delete function needs to be modified any time when the resource schema is edited +delete_url: projects/{{project}}/locations/global/domains/{{domain}}:detachTrust +self_link: projects/{{project}}/locations/global/domains/{{domain}} +description: Adds a trust between Active Directory domains +identity: + - targetDomainName +nested_query: !ruby/object:Api::Resource::NestedQuery + keys: ['trusts'] +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Active Directory Trust': 'https://cloud.google.com/managed-microsoft-ad/docs/create-one-way-trust' + api: 'https://cloud.google.com/managed-microsoft-ad/reference/rest/v1/projects.locations.global.domains/attachTrust' +id_format: 'projects/{{project}}/locations/global/domains/{{domain}}/{{target_domain_name}}' +import_format: + [ + 'projects/{{project}}/locations/global/domains/{{domain}}/{{target_domain_name}}', + ] +autogen_async: true +custom_code: !ruby/object:Provider::Terraform::CustomCode + update_encoder: + templates/terraform/update_encoder/active_directory_domain_trust.go.erb + # Delete function needs to be modified any time when the resource schema is edited + custom_delete: templates/terraform/custom_delete/active_directory_domain_trust.go.erb + encoder: templates/terraform/encoders/active_directory_domain_trust.go.erb + decoder: templates/terraform/decoders/unwrap_resource.go.erb +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'active_directory_domain_trust_basic' + primary_resource_id: + 'ad-domain-trust' + # Fine-grained resource need different autogenerated tests, as + # we need to check destroy during a test step where the parent resource + # still exists and we need to validate that child resource has been deleted + skip_test: true +parameters: + - !ruby/object:Api::Type::String + name: domain + required: true + url_param_only: true + immutable: true + description: | + The fully qualified domain name. e.g. mydomain.myorganization.com, with the restrictions + of https://cloud.google.com/managed-microsoft-ad/reference/rest/v1/projects.locations.global.domains. +properties: + - !ruby/object:Api::Type::String + name: 'targetDomainName' + required: true + description: + 'The fully qualified target domain name which will be in trust with the + current domain.' + - !ruby/object:Api::Type::Enum + name: 'trustType' + required: true + immutable: true + description: 'The type of trust represented by the trust resource.' + values: + - FOREST + - EXTERNAL + - !ruby/object:Api::Type::Enum + name: 'trustDirection' + required: true + immutable: true + description: + 'The trust direction, which decides if the current domain is trusted, + trusting, or both.' + values: + - INBOUND + - OUTBOUND + - BIDIRECTIONAL + - !ruby/object:Api::Type::Boolean + name: 'selectiveAuthentication' + immutable: true + description: | + Whether the trusted side has forest/domain wide access or selective access to an approved set of resources. + - !ruby/object:Api::Type::Array + name: 'targetDnsIpAddresses' + required: true + item_type: Api::Type::String + description: | + The target DNS server IP addresses which can resolve the remote domain involved in the trust. + is_set: true + - !ruby/object:Api::Type::String + name: 'trustHandshakeSecret' + required: true + immutable: true + description: | + The trust secret used for the handshake with the target domain. This will not be stored. + sensitive: true + ignore_read: true +======= --- name: 'DomainTrust' kind: 'activedirectory#trust' @@ -125,3 +246,4 @@ properties: immutable: true ignore_read: true sensitive: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/activedirectory/Peering.yaml b/mmv1/products/activedirectory/Peering.yaml index 10e7abe51aeb..36553afe64c4 100644 --- a/mmv1/products/activedirectory/Peering.yaml +++ b/mmv1/products/activedirectory/Peering.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,46 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Peering' +kind: 'activedirectory#peering' +base_url: 'projects/{{project}}/locations/global/peerings' +min_version: beta +create_url: projects/{{project}}/locations/global/peerings?peeringId={{peering_id}} +delete_url: projects/{{project}}/locations/global/peerings/{{peering_id}} +update_verb: :PATCH +update_mask: false +self_link: '{{name}}' +description: Creates a Peering for Managed AD instance. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Active Directory Domain Peering': 'https://cloud.google.com/managed-microsoft-ad/docs/domain-peering' + api: 'https://cloud.google.com/managed-microsoft-ad/reference/rest/v1beta1/projects.locations.global.peerings' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +id_format: 'projects/{{project}}/locations/global/domains/{{peering_id}}' +exclude_import: true +autogen_async: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'active_directory_peering_basic' +======= --- name: 'Peering' kind: 'activedirectory#peering' @@ -50,11 +94,59 @@ async: custom_code: examples: - name: 'active_directory_peering_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'ad-domain-peering' vars: domain_name: 'ad.test.hashicorptest.com' project_id: 'my-peered-project' test_env_vars: +<<<<<<< HEAD + org_id: :ORG_ID + billing_account: :BILLING_ACCT + skip_import_test: + true + # skip the test until Active Directory setup issue got resolved + skip_test: true +parameters: + - !ruby/object:Api::Type::String + name: peeringId + required: true + url_param_only: true + immutable: true + description: '' +properties: + - !ruby/object:Api::Type::String + name: name + output: true + description: | + Unique name of the peering in this scope including projects and location using the form: projects/{projectId}/locations/global/peerings/{peeringId}. + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: 'Resource labels that can contain user-provided metadata' + - !ruby/object:Api::Type::String + name: authorizedNetwork + required: true + immutable: true + description: | + The full names of the Google Compute Engine networks to which the instance is connected. Caller needs to make sure that CIDR subnets do not overlap between networks, else peering creation will fail. + - !ruby/object:Api::Type::String + name: domainResource + required: true + immutable: true + description: | + Full domain resource path for the Managed AD Domain involved in peering. The resource path should be in the form projects/{projectId}/locations/global/domains/{domainName} + - !ruby/object:Api::Type::String + name: status + url_param_only: true + description: | + The current state of this Peering. + ignore_read: true + - !ruby/object:Api::Type::String + name: statusMessage + description: | + Additional information about the current status of this peering, if available. + +======= org_id: 'ORG_ID' billing_account: 'BILLING_ACCT' # skip the test until Active Directory setup issue got resolved @@ -106,4 +198,5 @@ properties: Additional information about the current status of this peering, if available. min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 ignore_read: true diff --git a/mmv1/products/activedirectory/go_Domain.yaml b/mmv1/products/activedirectory/go_Domain.yaml new file mode 100644 index 000000000000..c97c51bee848 --- /dev/null +++ b/mmv1/products/activedirectory/go_Domain.yaml @@ -0,0 +1,143 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Domain' +kind: 'activedirectory#domain' +description: Creates a Microsoft AD domain +references: + guides: + 'Managed Microsoft Active Directory Quickstart': 'https://cloud.google.com/managed-microsoft-ad/docs/quickstarts' + api: 'https://cloud.google.com/managed-microsoft-ad/reference/rest/v1/projects.locations.global.domains' +docs: +id_format: '{{name}}' +base_url: 'projects/{{project}}/locations/global/domains' +self_link: '{{name}}' +create_url: 'projects/{{project}}/locations/global/domains?domainName={{domain_name}}' +update_verb: 'PATCH' +update_mask: true + # equivalent to {{name}}, but makes sweepers work +delete_url: 'projects/{{project}}/locations/global/domains/{{domain_name}}' +import_format: + - '{{name}}' +timeouts: + insert_minutes: 60 + update_minutes: 60 + delete_minutes: 60 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + # It takes about 35-40 mins to get the resource created + timeouts: + insert_minutes: 60 + update_minutes: 60 + delete_minutes: 60 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: + pre_delete: 'templates/terraform/pre_delete/go/active_directory_domain.go.tmpl' + custom_import: 'templates/terraform/custom_import/go/self_link_as_name.tmpl' +error_abort_predicates: + + - 'transport_tpg.Is429QuotaError' +examples: + - name: 'active_directory_domain_basic' + primary_resource_id: 'ad-domain' + vars: + name: 'myorg' + # the part of the domain before the first "." must be <15 chars, and + # the random suffix is 10 chars. In order to make sure these get swept, + # 'tfgen' is the only option here. + domain_name: 'tfgen' + ignore_read_extra: + - 'deletion_protection' + # skip the test until Active Directory setup issue got resolved + exclude_test: true +virtual_fields: + - name: 'deletion_protection' + description: | + Whether Terraform will be prevented from destroying the domain. Defaults to true. + When a`terraform destroy` or `terraform apply` would delete the domain, + the command will fail if this field is not set to false in Terraform state. + When the field is set to true or unset in Terraform state, a `terraform apply` + or `terraform destroy` that would delete the domain will fail. + When the field is set to false, deleting the domain is allowed. + type: Boolean + default_value: true +parameters: + - name: 'domainName' + type: String + description: | + The fully qualified domain name. e.g. mydomain.myorganization.com, with the restrictions + of https://cloud.google.com/managed-microsoft-ad/reference/rest/v1/projects.locations.global.domains. + url_param_only: true + required: true + immutable: true + validation: + function: 'verify.ValidateADDomainName()' +properties: + - name: 'name' + type: String + description: + 'The unique name of the domain using the format: + `projects/{project}/locations/global/domains/{domainName}`.' + output: true + - name: 'labels' + type: KeyValueLabels + description: 'Resource labels that can contain user-provided metadata' + - name: 'authorizedNetworks' + type: Array + description: | + The full names of the Google Compute Engine networks the domain instance is connected to. The domain is only available on networks listed in authorizedNetworks. + If CIDR subnets overlap between networks, domain creation will fail. + is_set: true + item_type: + type: String + - name: 'reservedIpRange' + type: String + description: | + The CIDR range of internal addresses that are reserved for this domain. Reserved networks must be /24 or larger. + Ranges must be unique and non-overlapping with existing subnets in authorizedNetworks + required: true + immutable: true + - name: 'locations' + type: Array + description: | + Locations where domain needs to be provisioned. [regions][compute/docs/regions-zones/] + e.g. us-west1 or us-east4 Service supports up to 4 locations at once. Each location will use a /26 block. + required: true + item_type: + type: String + - name: 'admin' + type: String + description: | + The name of delegated administrator account used to perform Active Directory operations. + If not specified, setupadmin will be used. + immutable: true + default_value: "setupadmin" + - name: 'fqdn' + type: String + description: | + The fully-qualified domain name of the exposed domain used by clients to connect to the service. + Similar to what would be chosen for an Active Directory set up on an internal network. + output: true diff --git a/mmv1/products/activedirectory/go_DomainTrust.yaml b/mmv1/products/activedirectory/go_DomainTrust.yaml new file mode 100644 index 000000000000..27a34ef49887 --- /dev/null +++ b/mmv1/products/activedirectory/go_DomainTrust.yaml @@ -0,0 +1,128 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'DomainTrust' +kind: 'activedirectory#trust' +description: Adds a trust between Active Directory domains +references: + guides: + 'Active Directory Trust': 'https://cloud.google.com/managed-microsoft-ad/docs/create-one-way-trust' + api: 'https://cloud.google.com/managed-microsoft-ad/reference/rest/v1/projects.locations.global.domains/attachTrust' +docs: +id_format: 'projects/{{project}}/locations/global/domains/{{domain}}/{{target_domain_name}}' +base_url: 'projects/{{project}}/locations/global/domains' +self_link: 'projects/{{project}}/locations/global/domains/{{domain}}' +create_url: 'projects/{{project}}/locations/global/domains/{{domain}}:attachTrust' +update_url: 'projects/{{project}}/locations/global/domains/{{domain}}:reconfigureTrust' +update_verb: 'POST' + # Resource custom delete function needs to be modified any time when the resource schema is edited +delete_url: 'projects/{{project}}/locations/global/domains/{{domain}}:detachTrust' +delete_verb: 'POST' +import_format: + - 'projects/{{project}}/locations/global/domains/{{domain}}/{{target_domain_name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +identity: + - targetDomainName +nested_query: + keys: + - trusts + is_list_of_ids: false + modify_by_patch: false +custom_code: + encoder: 'templates/terraform/encoders/go/active_directory_domain_trust.go.tmpl' + update_encoder: 'templates/terraform/update_encoder/go/active_directory_domain_trust.go.tmpl' + decoder: 'templates/terraform/decoders/go/unwrap_resource.go.tmpl' + # Delete function needs to be modified any time when the resource schema is edited + custom_delete: 'templates/terraform/custom_delete/go/active_directory_domain_trust.go.tmpl' +examples: + - name: 'active_directory_domain_trust_basic' + primary_resource_id: 'ad-domain-trust' + # Fine-grained resource need different autogenerated tests, as + # we need to check destroy during a test step where the parent resource + # still exists and we need to validate that child resource has been deleted + exclude_test: true +parameters: + - name: 'domain' + type: String + description: | + The fully qualified domain name. e.g. mydomain.myorganization.com, with the restrictions + of https://cloud.google.com/managed-microsoft-ad/reference/rest/v1/projects.locations.global.domains. + url_param_only: true + required: true + immutable: true +properties: + - name: 'targetDomainName' + type: String + description: + 'The fully qualified target domain name which will be in trust with the + current domain.' + required: true + - name: 'trustType' + type: Enum + description: 'The type of trust represented by the trust resource.' + required: true + immutable: true + enum_values: + - 'FOREST' + - 'EXTERNAL' + - name: 'trustDirection' + type: Enum + description: + 'The trust direction, which decides if the current domain is trusted, + trusting, or both.' + required: true + immutable: true + enum_values: + - 'INBOUND' + - 'OUTBOUND' + - 'BIDIRECTIONAL' + - name: 'selectiveAuthentication' + type: Boolean + description: | + Whether the trusted side has forest/domain wide access or selective access to an approved set of resources. + immutable: true + - name: 'targetDnsIpAddresses' + type: Array + description: | + The target DNS server IP addresses which can resolve the remote domain involved in the trust. + is_set: true + required: true + item_type: + type: String + - name: 'trustHandshakeSecret' + type: String + description: | + The trust secret used for the handshake with the target domain. This will not be stored. + required: true + immutable: true + ignore_read: true + sensitive: true diff --git a/mmv1/products/activedirectory/go_Peering.yaml b/mmv1/products/activedirectory/go_Peering.yaml new file mode 100644 index 000000000000..c21f077f780c --- /dev/null +++ b/mmv1/products/activedirectory/go_Peering.yaml @@ -0,0 +1,110 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Peering' +kind: 'activedirectory#peering' +description: Creates a Peering for Managed AD instance. +min_version: 'beta' +references: + guides: + 'Active Directory Domain Peering': 'https://cloud.google.com/managed-microsoft-ad/docs/domain-peering' + api: 'https://cloud.google.com/managed-microsoft-ad/reference/rest/v1beta1/projects.locations.global.peerings' +docs: +id_format: 'projects/{{project}}/locations/global/domains/{{peering_id}}' +base_url: 'projects/{{project}}/locations/global/peerings' +self_link: '{{name}}' +create_url: 'projects/{{project}}/locations/global/peerings?peeringId={{peering_id}}' +update_verb: 'PATCH' +update_mask: false +delete_url: 'projects/{{project}}/locations/global/peerings/{{peering_id}}' +exclude_import: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: +examples: + - name: 'active_directory_peering_basic' + primary_resource_id: 'ad-domain-peering' + vars: + domain_name: 'ad.test.hashicorptest.com' + project_id: 'my-peered-project' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + # skip the test until Active Directory setup issue got resolved + exclude_test: true + exclude_import_test: true +parameters: + - name: 'peeringId' + type: String + description: '' + min_version: 'beta' + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: | + Unique name of the peering in this scope including projects and location using the form: projects/{projectId}/locations/global/peerings/{peeringId}. + min_version: 'beta' + output: true + - name: 'labels' + type: KeyValueLabels + description: 'Resource labels that can contain user-provided metadata' + min_version: 'beta' + - name: 'authorizedNetwork' + type: String + description: | + The full names of the Google Compute Engine networks to which the instance is connected. Caller needs to make sure that CIDR subnets do not overlap between networks, else peering creation will fail. + min_version: 'beta' + required: true + immutable: true + - name: 'domainResource' + type: String + description: | + Full domain resource path for the Managed AD Domain involved in peering. The resource path should be in the form projects/{projectId}/locations/global/domains/{domainName} + min_version: 'beta' + required: true + immutable: true + - name: 'status' + type: String + description: | + The current state of this Peering. + min_version: 'beta' + url_param_only: true + ignore_read: true + - name: 'statusMessage' + type: String + description: | + Additional information about the current status of this peering, if available. + + min_version: 'beta' + ignore_read: true diff --git a/mmv1/products/activedirectory/go_product.yaml b/mmv1/products/activedirectory/go_product.yaml new file mode 100644 index 000000000000..7ed90e7f66b8 --- /dev/null +++ b/mmv1/products/activedirectory/go_product.yaml @@ -0,0 +1,24 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'ActiveDirectory' +display_name: 'Managed Microsoft Active Directory' +versions: + - name: 'ga' + base_url: 'https://managedidentities.googleapis.com/v1/' + - name: 'beta' + base_url: 'https://managedidentities.googleapis.com/v1beta1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/activedirectory/product.yaml b/mmv1/products/activedirectory/product.yaml index c450f900d989..58aeb68345a8 100644 --- a/mmv1/products/activedirectory/product.yaml +++ b/mmv1/products/activedirectory/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2020 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,20 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: ActiveDirectory +display_name: Managed Microsoft Active Directory +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://managedidentities.googleapis.com/v1/ + - !ruby/object:Api::Product::Version + name: beta + base_url: https://managedidentities.googleapis.com/v1beta1/ +scopes: + - https://www.googleapis.com/auth/cloud-platform +======= --- name: 'ActiveDirectory' display_name: 'Managed Microsoft Active Directory' @@ -21,3 +39,4 @@ versions: base_url: 'https://managedidentities.googleapis.com/v1beta1/' scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/alloydb/Backup.yaml b/mmv1/products/alloydb/Backup.yaml index c82ae8008146..e7e0883719aa 100644 --- a/mmv1/products/alloydb/Backup.yaml +++ b/mmv1/products/alloydb/Backup.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,33 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Backup' +self_link: 'projects/{{project}}/locations/{{location}}/backups/{{backup_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/backups' +create_url: 'projects/{{project}}/locations/{{location}}/backups?backupId={{backup_id}}' +update_verb: :PATCH +update_mask: true +description: 'An AlloyDB Backup.' +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'AlloyDB': 'https://cloud.google.com/alloydb/docs/' + api: 'https://cloud.google.com/alloydb/docs/reference/rest/v1/projects.locations.backups/create' +timeouts: !ruby/object:Api::Timeouts + insert_minutes: 10 + update_minutes: 10 + delete_minutes: 10 +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + base_url: '{{op_id}}' +import_format: + ['projects/{{project}}/locations/{{location}}/backups/{{backup_id}}'] +autogen_async: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'alloydb_backup_basic' +======= --- name: 'Backup' description: 'An AlloyDB Backup.' @@ -42,6 +73,7 @@ custom_code: encoder: 'templates/terraform/encoders/alloydb_backup.tmpl' examples: - name: 'alloydb_backup_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: alloydb_backup_id: 'alloydb-backup' @@ -51,8 +83,14 @@ examples: ignore_read_extra: - 'reconciling' - 'update_time' +<<<<<<< HEAD + skip_test: true + - !ruby/object:Provider::Terraform::Examples + name: 'alloydb_backup_basic_test' +======= exclude_test: true - name: 'alloydb_backup_basic_test' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: alloydb_backup_id: 'alloydb-backup' @@ -60,12 +98,22 @@ examples: alloydb_instance_name: 'alloydb-instance' network_name: 'alloydb-network' test_vars_overrides: +<<<<<<< HEAD + network_name: 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' + ignore_read_extra: + - 'reconciling' + - 'update_time' + skip_docs: true + - !ruby/object:Provider::Terraform::Examples + name: 'alloydb_backup_full' +======= 'network_name': 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' ignore_read_extra: - 'reconciling' - 'update_time' exclude_docs: true - name: 'alloydb_backup_full' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: alloydb_backup_id: 'alloydb-backup' @@ -75,8 +123,14 @@ examples: ignore_read_extra: - 'reconciling' - 'update_time' +<<<<<<< HEAD + skip_test: true + - !ruby/object:Provider::Terraform::Examples + name: 'alloydb_backup_full_test' +======= exclude_test: true - name: 'alloydb_backup_full_test' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: alloydb_backup_id: 'alloydb-backup' @@ -84,6 +138,169 @@ examples: alloydb_instance_name: 'alloydb-instance' network_name: 'alloydb-network' test_vars_overrides: +<<<<<<< HEAD + network_name: 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' + ignore_read_extra: + - 'reconciling' + - 'update_time' + # https://github.com/hashicorp/terraform-provider-google/issues/16231 + skip_vcr: true + skip_docs: true +custom_code: !ruby/object:Provider::Terraform::CustomCode + encoder: templates/terraform/encoders/alloydb_backup.erb +parameters: + - !ruby/object:Api::Type::String + name: 'backupId' + required: true + immutable: true + url_param_only: true + description: | + The ID of the alloydb backup. + - !ruby/object:Api::Type::String + name: 'location' + required: true + immutable: true + url_param_only: true + description: | + The location where the alloydb backup should reside. +properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + Output only. The name of the backup resource with the format: * projects/{project}/locations/{region}/backups/{backupId} + - !ruby/object:Api::Type::String + name: 'displayName' + description: | + User-settable and human-readable display name for the Backup. + - !ruby/object:Api::Type::String + name: 'uid' + output: true + description: | + Output only. The system-generated UID of the resource. The UID is assigned when the resource is created, and it is retained until it is deleted. + - !ruby/object:Api::Type::Time + name: 'createTime' + output: true + description: | + Output only. Create time stamp. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. + Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + - !ruby/object:Api::Type::Time + name: 'updateTime' + output: true + description: | + Output only. Update time stamp. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. + Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + - !ruby/object:Api::Type::Time + name: 'deleteTime' + output: true + description: | + Output only. Delete time stamp. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. + Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: | + User-defined labels for the alloydb backup. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. + - !ruby/object:Api::Type::String + name: 'state' + output: true + description: Output only. The current state of the backup. + - !ruby/object:Api::Type::Enum + name: 'type' + default_from_api: true + description: 'The backup type, which suggests the trigger for the backup.' + values: + - :TYPE_UNSPECIFIED + - :ON_DEMAND + - :AUTOMATED + - :CONTINUOUS + - !ruby/object:Api::Type::String + name: 'description' + description: 'User-provided description of the backup.' + - !ruby/object:Api::Type::String + name: 'clusterUid' + output: true + description: 'Output only. The system-generated UID of the cluster which was used to create this resource.' + - !ruby/object:Api::Type::String + name: 'clusterName' + required: true + immutable: true + diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' + description: + 'The full resource name of the backup source cluster (e.g., + projects/{project}/locations/{location}/clusters/{clusterId}).' + - !ruby/object:Api::Type::Boolean + name: 'reconciling' + output: true + description: | + Output only. Reconciling (https://google.aip.dev/128#reconciliation), if true, indicates that the service is actively updating the resource. + This can happen due to user-triggered updates or system actions like failover or maintenance. + - !ruby/object:Api::Type::NestedObject + name: 'encryptionConfig' + description: | + EncryptionConfig describes the encryption config of a cluster or a backup that is encrypted with a CMEK (customer-managed encryption key). + properties: + - !ruby/object:Api::Type::String + name: 'kmsKeyName' + immutable: true + description: | + The fully-qualified resource name of the KMS key. Each Cloud KMS key is regionalized and has the following format: projects/[PROJECT]/locations/[REGION]/keyRings/[RING]/cryptoKeys/[KEY_NAME]. + - !ruby/object:Api::Type::NestedObject + name: 'encryptionInfo' + output: true + description: | + EncryptionInfo describes the encryption information of a cluster or a backup. + properties: + - !ruby/object:Api::Type::Enum + name: 'encryptionType' + output: true + description: 'Output only. Type of encryption.' + values: + - :TYPE_UNSPECIFIED + - :GOOGLE_DEFAULT_ENCRYPTION + - :CUSTOMER_MANAGED_ENCRYPTION + - !ruby/object:Api::Type::Array + name: kmsKeyVersions + item_type: Api::Type::String + output: true + description: | + Output only. Cloud KMS key versions that are being used to protect the database or the backup. + - !ruby/object:Api::Type::String + name: 'etag' + output: true + description: 'For Resource freshness validation (https://google.aip.dev/154)' + - !ruby/object:Api::Type::KeyValueAnnotations + name: 'annotations' + description: | + Annotations to allow client tools to store small amount of arbitrary data. This is distinct from labels. https://google.aip.dev/128 + An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. + - !ruby/object:Api::Type::String + name: 'sizeBytes' + output: true + description: 'Output only. The size of the backup in bytes.' + - !ruby/object:Api::Type::String + name: 'expiryTime' + output: true + description: | + Output only. The time at which after the backup is eligible to be garbage collected. + It is the duration specified by the backup's retention policy, added to the backup's createTime. + - !ruby/object:Api::Type::NestedObject + name: 'expiryQuantity' + output: true + description: | + Output only. The QuantityBasedExpiry of the backup, specified by the backup's retention policy. + Once the expiry quantity is over retention, the backup is eligible to be garbage collected. + properties: + - !ruby/object:Api::Type::Integer + name: 'retentionCount' + output: true + description: | + Output only. The backup's position among its backups with the same source cluster and type, by descending chronological order create time (i.e. newest first). + - !ruby/object:Api::Type::Integer + name: 'totalRetentionCount' + output: true + description: | + Output only. The length of the quantity-based queue, specified by the backup's retention policy. +======= 'network_name': 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' ignore_read_extra: - 'reconciling' @@ -244,3 +461,4 @@ properties: description: | Output only. The length of the quantity-based queue, specified by the backup's retention policy. output: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/alloydb/Cluster.yaml b/mmv1/products/alloydb/Cluster.yaml index ad5967241524..8d5b0d6d38e2 100644 --- a/mmv1/products/alloydb/Cluster.yaml +++ b/mmv1/products/alloydb/Cluster.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,11 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Cluster' +docs: !ruby/object:Provider::Terraform::Docs +======= --- name: 'Cluster' description: 'A managed alloydb cluster.' @@ -19,6 +28,7 @@ references: 'AlloyDB': 'https://cloud.google.com/alloydb/docs/' api: 'https://cloud.google.com/alloydb/docs/reference/rest/v1/projects.locations.clusters/create' docs: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 note: | Users can promote a secondary cluster to a primary cluster with the help of `cluster_type`. To promote, users have to set the `cluster_type` property as `PRIMARY` and remove the `secondary_config` field from cluster configuration. @@ -30,6 +40,61 @@ docs: 1. Refresh the state of the AlloyDB resources by running `terraform apply -refresh-only --auto-approve` . 2. Manually update the terraform configuration file(s) to match the actual state of the resources by modifying the `cluster_type` and `secondary_config` fields. 3. Verify the sync of terraform state by running `terraform plan` and ensure that the infrastructure matches the configuration and no changes are required. +<<<<<<< HEAD +self_link: 'projects/{{project}}/locations/{{location}}/clusters/{{cluster_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/clusters' +create_url: 'projects/{{project}}/locations/{{location}}/clusters?clusterId={{cluster_id}}' +update_verb: :PATCH +update_mask: true +description: 'A managed alloydb cluster.' +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'AlloyDB': 'https://cloud.google.com/alloydb/docs/' + api: 'https://cloud.google.com/alloydb/docs/reference/rest/v1/projects.locations.clusters/create' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + timeouts: !ruby/object:Api::Timeouts + insert_minutes: 30 + update_minutes: 30 + delete_minutes: 30 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +import_format: + [ + 'projects/{{project}}/locations/{{location}}/clusters/{{cluster_id}}', + '{{cluster_id}}', + ] +# Skipping the sweeper because we need to force-delete clusters. +skip_sweeper: true +autogen_async: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'alloydb_cluster_basic' + primary_resource_id: 'default' + vars: + alloydb_cluster_name: 'alloydb-cluster' + - !ruby/object:Provider::Terraform::Examples + name: 'alloydb_cluster_full' + primary_resource_id: 'full' + vars: + alloydb_cluster_name: 'alloydb-cluster-full' + - !ruby/object:Provider::Terraform::Examples + name: 'alloydb_cluster_restore' + primary_resource_id: 'source' + skip_test: true +======= base_url: 'projects/{{project}}/locations/{{location}}/clusters' self_link: 'projects/{{project}}/locations/{{location}}/clusters/{{cluster_id}}' create_url: 'projects/{{project}}/locations/{{location}}/clusters?clusterId={{cluster_id}}' @@ -77,6 +142,7 @@ examples: alloydb_cluster_name: 'alloydb-cluster-full' - name: 'alloydb_cluster_restore' primary_resource_id: 'source' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: alloydb_cluster_name: 'alloydb-source-cluster' alloydb_backup_restored_cluster_name: 'alloydb-backup-restored' @@ -85,19 +151,34 @@ examples: alloydb_instance_name: 'alloydb-instance' network_name: 'alloydb-network' test_vars_overrides: +<<<<<<< HEAD + network_name: 'acctest.BootstrapSharedTestNetwork(t, "alloydb-instance-basic")' + ignore_read_extra: + - 'reconciling' + - 'update_time' + - !ruby/object:Provider::Terraform::Examples + name: 'alloydb_secondary_cluster_basic' +======= 'network_name': 'acctest.BootstrapSharedTestNetwork(t, "alloydb-instance-basic")' ignore_read_extra: - 'reconciling' - 'update_time' exclude_test: true - name: 'alloydb_secondary_cluster_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'secondary' vars: alloydb_primary_cluster_name: 'alloydb-primary-cluster' alloydb_primary_instance_name: 'alloydb-primary-instance' alloydb_secondary_cluster_name: 'alloydb-secondary-cluster' +<<<<<<< HEAD + skip_test: true + - !ruby/object:Provider::Terraform::Examples + name: 'alloydb_secondary_cluster_basic_test' +======= exclude_test: true - name: 'alloydb_secondary_cluster_basic_test' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'secondary' vars: alloydb_primary_cluster_name: 'alloydb-primary-cluster' @@ -105,15 +186,71 @@ examples: alloydb_secondary_cluster_name: 'alloydb-secondary-cluster' network_name: 'alloydb-network' test_vars_overrides: +<<<<<<< HEAD + network_name: 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' + skip_docs: true +custom_code: !ruby/object:Provider::Terraform::CustomCode + pre_create: templates/terraform/pre_create/alloydb_cluster.go.erb + pre_update: templates/terraform/pre_update/alloydb_cluster.go.erb + pre_delete: templates/terraform/pre_delete/alloydb_cluster.go.erb +virtual_fields: + - !ruby/object:Api::Type::String + name: 'deletion_policy' +======= 'network_name': 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' exclude_docs: true virtual_fields: - name: 'deletion_policy' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Policy to determine if the cluster should be deleted forcefully. Deleting a cluster forcefully, deletes the cluster and all its associated instances within the cluster. Deleting a Secondary cluster with a secondary instance REQUIRES setting deletion_policy = "FORCE" otherwise an error is returned. This is needed as there is no support to delete just the secondary instance, and the only way to delete secondary instance is to delete the associated secondary cluster forcefully which also deletes the secondary instance. Possible values: DEFAULT, FORCE +<<<<<<< HEAD + default_value: DEFAULT +parameters: + - !ruby/object:Api::Type::String + name: 'clusterId' + required: true + immutable: true + url_param_only: true + description: | + The ID of the alloydb cluster. + - !ruby/object:Api::Type::String + name: 'location' + required: true + immutable: true + url_param_only: true + description: | + The location where the alloydb cluster should reside. +properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + The name of the cluster resource. + - !ruby/object:Api::Type::String + name: 'uid' + output: true + description: | + The system-generated UID of the resource. + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: 'User-defined labels for the alloydb cluster.' + - !ruby/object:Api::Type::NestedObject + name: 'encryptionConfig' + description: | + EncryptionConfig describes the encryption config of a cluster or a backup that is encrypted with a CMEK (customer-managed encryption key). + properties: + - !ruby/object:Api::Type::String + name: 'kmsKeyName' + description: | + The fully-qualified resource name of the KMS key. Each Cloud KMS key is regionalized and has the following format: projects/[PROJECT]/locations/[REGION]/keyRings/[RING]/cryptoKeys/[KEY_NAME]. + immutable: true + - !ruby/object:Api::Type::NestedObject + name: 'encryptionInfo' +======= type: String default_value: "DEFAULT" parameters: @@ -157,10 +294,29 @@ properties: immutable: true - name: 'encryptionInfo' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | EncryptionInfo describes the encryption information of a cluster or a backup. output: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'encryptionType' + description: 'Output only. Type of encryption.' + values: + - :TYPE_UNSPECIFIED + - :GOOGLE_DEFAULT_ENCRYPTION + - :CUSTOMER_MANAGED_ENCRYPTION + output: true + - !ruby/object:Api::Type::Array + name: kmsKeyVersions + item_type: Api::Type::String + description: | + Output only. Cloud KMS key versions that are being used to protect the database or the backup. + output: true + - !ruby/object:Api::Type::NestedObject + name: 'continuousBackupInfo' +======= - name: 'encryptionType' type: Enum description: 'Output only. Type of encryption.' @@ -178,10 +334,31 @@ properties: type: String - name: 'continuousBackupInfo' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | ContinuousBackupInfo describes the continuous backup properties of a cluster. output: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: enabledTime + description: | + When ContinuousBackup was most recently enabled. Set to null if ContinuousBackup is not enabled. + output: true + - !ruby/object:Api::Type::Array + name: schedule + item_type: Api::Type::String + description: | + Days of the week on which a continuous backup is taken. Output only field. Ignored if passed into the request. + output: true + - !ruby/object:Api::Type::String + name: earliestRestorableTime + description: | + The earliest restorable time that can be restored to. Output only field. + output: true + - !ruby/object:Api::Type::NestedObject + name: 'encryptionInfo' +======= - name: 'enabledTime' type: String description: | @@ -201,10 +378,25 @@ properties: output: true - name: 'encryptionInfo' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Output only. The encryption information for the WALs and backups required for ContinuousBackup. output: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'encryptionType' + description: 'Output only. Type of encryption.' + output: true + - !ruby/object:Api::Type::Array + name: kmsKeyVersions + item_type: Api::Type::String + description: | + Output only. Cloud KMS key versions that are being used to protect the database or the backup. + output: true + - !ruby/object:Api::Type::NestedObject + name: 'networkConfig' +======= - name: 'encryptionType' type: String description: 'Output only. Type of encryption.' @@ -218,10 +410,37 @@ properties: type: String - name: 'networkConfig' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Metadata related to network configuration. default_from_api: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: network + exactly_one_of: + - network_config.0.network + - psc_config.0.psc_enabled + description: | + The resource link for the VPC network in which cluster resources are created and from which they are accessible via Private IP. The network must belong to the same project as the cluster. + It is specified in the form: "projects/{projectNumber}/global/networks/{network_id}". + diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' + - !ruby/object:Api::Type::String + name: allocatedIpRange + description: | + The name of the allocated IP range for the private IP AlloyDB cluster. For example: "google-managed-services-default". + If set, the instance IPs for this cluster will be created in the allocated range. + - !ruby/object:Api::Type::String + name: 'displayName' + description: | + User-settable and human-readable display name for the Cluster. + - !ruby/object:Api::Type::String + name: 'etag' + description: 'For Resource freshness validation (https://google.aip.dev/154)' + - !ruby/object:Api::Type::Boolean + name: 'reconciling' + output: true +======= - name: 'network' type: String description: | @@ -245,10 +464,47 @@ properties: description: 'For Resource freshness validation (https://google.aip.dev/154)' - name: 'reconciling' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Output only. Reconciling (https://google.aip.dev/128#reconciliation). Set to true if the current state of Cluster does not match the user's intended state, and the service is actively updating the resource to reconcile them. This can happen due to user-triggered updates or system actions like failover or maintenance. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'state' + output: true + description: 'Output only. The current serving state of the cluster.' + - !ruby/object:Api::Type::KeyValueAnnotations + name: 'annotations' + description: | + Annotations to allow client tools to store small amount of arbitrary data. This is distinct from labels. https://google.aip.dev/128 + An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. + - !ruby/object:Api::Type::String + name: 'databaseVersion' + default_from_api: true + description: | + The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation. + - !ruby/object:Api::Type::NestedObject + name: 'pscConfig' + description: 'Configuration for Private Service Connect (PSC) for the cluster.' + properties: + - !ruby/object:Api::Type::Boolean + name: 'pscEnabled' + description: 'Create an instance that allows connections from Private Service Connect endpoints to the instance.' + - !ruby/object:Api::Type::NestedObject + name: 'initialUser' + description: | + Initial user to setup during cluster creation. + custom_flatten: 'templates/terraform/custom_flatten/alloydb_cluster_input_user_flatten.go.erb' + ignore_read: true + properties: + - !ruby/object:Api::Type::String + name: 'user' + description: | + The database username. + - !ruby/object:Api::Type::String + name: 'password' +======= output: true - name: 'state' type: String @@ -284,10 +540,52 @@ properties: The database username. - name: 'password' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The initial password for the user. required: true sensitive: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'restoreBackupSource' + ignore_read: true + immutable: true + conflicts: + - restore_continuous_backup_source + description: | + The source when restoring from a backup. Conflicts with 'restore_continuous_backup_source', both can't be set together. + properties: + - !ruby/object:Api::Type::String + name: 'backupName' + required: true + immutable: true + description: | + The name of the backup that this cluster is restored from. + - !ruby/object:Api::Type::NestedObject + name: 'restoreContinuousBackupSource' + ignore_read: true + immutable: true + conflicts: + - restore_backup_source + description: | + The source when restoring via point in time recovery (PITR). Conflicts with 'restore_backup_source', both can't be set together. + properties: + - !ruby/object:Api::Type::String + name: 'cluster' + required: true + immutable: true + description: | + The name of the source cluster that this cluster is restored from. + - !ruby/object:Api::Type::String + name: 'pointInTime' + required: true + immutable: true + description: | + The point in time that this cluster is restored to, in RFC 3339 format. + - !ruby/object:Api::Type::NestedObject + name: 'continuousBackupConfig' + default_from_api: true +======= - name: 'restoreBackupSource' type: NestedObject description: | @@ -326,10 +624,23 @@ properties: immutable: true - name: 'continuousBackupConfig' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The continuous backup config for this cluster. If no policy is provided then the default policy will be used. The default policy takes one backup a day and retains backups for 14 days. +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::Boolean + name: enabled + send_empty_value: true + default_value: true + description: | + Whether continuous backup recovery is enabled. If not set, defaults to true. + - !ruby/object:Api::Type::Integer + name: recoveryWindowDays + default_from_api: true +======= default_from_api: true properties: - name: 'enabled' @@ -340,10 +651,24 @@ properties: default_value: true - name: 'recoveryWindowDays' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The numbers of days that are eligible to restore from using PITR. To support the entire recovery window, backups and logs are retained for one day more than the recovery window. If not set, defaults to 14 days. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'encryptionConfig' + description: | + EncryptionConfig describes the encryption config of a cluster or a backup that is encrypted with a CMEK (customer-managed encryption key). + properties: + - !ruby/object:Api::Type::String + name: 'kmsKeyName' + description: | + The fully-qualified resource name of the KMS key. Each Cloud KMS key is regionalized and has the following format: projects/[PROJECT]/locations/[REGION]/keyRings/[RING]/cryptoKeys/[KEY_NAME]. + - !ruby/object:Api::Type::NestedObject + name: 'automatedBackupPolicy' +======= default_from_api: true - name: 'encryptionConfig' type: NestedObject @@ -356,18 +681,92 @@ properties: The fully-qualified resource name of the KMS key. Each Cloud KMS key is regionalized and has the following format: projects/[PROJECT]/locations/[REGION]/keyRings/[RING]/cryptoKeys/[KEY_NAME]. - name: 'automatedBackupPolicy' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The automated backup policy for this cluster. AutomatedBackupPolicy is disabled by default. default_from_api: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'backupWindow' + default_from_api: true +======= - name: 'backupWindow' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The length of the time window during which a backup can be taken. If a backup does not succeed within this time window, it will be canceled and considered failed. The backup window must be at least 5 minutes long. There is no upper bound on the window. If not set, it will default to 1 hour. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'location' + default_from_api: true + description: | + The location where the backup will be stored. Currently, the only supported option is to store the backup in the same region as the cluster. + - !ruby/object:Api::Type::KeyValuePairs + name: 'labels' + description: + 'Labels to apply to backups created using this configuration.' + - !ruby/object:Api::Type::NestedObject + name: 'encryptionConfig' + description: | + EncryptionConfig describes the encryption config of a cluster or a backup that is encrypted with a CMEK (customer-managed encryption key). + properties: + - !ruby/object:Api::Type::String + name: 'kmsKeyName' + description: | + The fully-qualified resource name of the KMS key. Each Cloud KMS key is regionalized and has the following format: projects/[PROJECT]/locations/[REGION]/keyRings/[RING]/cryptoKeys/[KEY_NAME]. + - !ruby/object:Api::Type::NestedObject + name: 'weeklySchedule' + description: 'Weekly schedule for the Backup.' + default_from_api: true + properties: + - !ruby/object:Api::Type::Array + name: 'daysOfWeek' + min_size: 1 + description: 'The days of the week to perform a backup. At least one day of the week must be provided.' + item_type: !ruby/object:Api::Type::Enum + name: 'daysOfWeek' + required: true + description: 'The days of the week to perform a backup. At least one day of the week must be provided.' + values: + - :MONDAY + - :TUESDAY + - :WEDNESDAY + - :THURSDAY + - :FRIDAY + - :SATURDAY + - :SUNDAY + - !ruby/object:Api::Type::Array + name: 'startTimes' + required: true + custom_flatten: 'templates/terraform/custom_flatten/alloydb_cluster_input_automated_backup_policy_start_times_flatten.go.erb' + description: | + The times during the day to start a backup. At least one start time must be provided. The start times are assumed to be in UTC and to be an exact hour (e.g., 04:00:00). + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Integer + name: hours + description: | + Hours of day in 24 hour format. Should be from 0 to 23. An API may choose to allow the value "24:00:00" for scenarios like business closing time. + - !ruby/object:Api::Type::Integer + name: minutes + description: | + Minutes of hour of day. Currently, only the value 0 is supported. + - !ruby/object:Api::Type::Integer + name: seconds + description: | + Seconds of minutes of the time. Currently, only the value 0 is supported. + - !ruby/object:Api::Type::Integer + name: nanos + description: | + Fractions of seconds in nanoseconds. Currently, only the value 0 is supported. + - !ruby/object:Api::Type::NestedObject + name: 'timeBasedRetention' +======= default_from_api: true - name: 'location' type: String @@ -434,11 +833,139 @@ properties: Fractions of seconds in nanoseconds. Currently, only the value 0 is supported. - name: 'timeBasedRetention' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Time-based Backup retention policy. Conflicts with 'quantity_based_retention', both can't be set together. conflicts: - automated_backup_policy.0.quantity_based_retention properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'retentionPeriod' + description: | + The retention period. + A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". + - !ruby/object:Api::Type::NestedObject + name: 'quantityBasedRetention' + conflicts: + - automated_backup_policy.0.time_based_retention + description: | + Quantity-based Backup retention policy to retain recent backups. Conflicts with 'time_based_retention', both can't be set together. + properties: + - !ruby/object:Api::Type::Integer + name: 'count' + description: | + The number of backups to retain. + - !ruby/object:Api::Type::Boolean + name: 'enabled' + default_from_api: true + description: | + Whether automated backups are enabled. + - !ruby/object:Api::Type::NestedObject + name: 'backupSource' + output: true + description: 'Cluster created from backup.' + properties: + - !ruby/object:Api::Type::String + name: 'backupName' + description: 'The name of the backup resource.' + - !ruby/object:Api::Type::NestedObject + name: 'migrationSource' + output: true + description: 'Cluster created via DMS migration.' + properties: + - !ruby/object:Api::Type::String + name: 'hostPort' + description: + 'The host and port of the on-premises instance in host:port format' + - !ruby/object:Api::Type::String + name: 'referenceId' + description: + 'Place holder for the external source identifier(e.g DMS job name) + that created the cluster.' + - !ruby/object:Api::Type::String + name: 'sourceType' + description: 'Type of migration source.' + - !ruby/object:Api::Type::Enum + name: clusterType + values: + - :PRIMARY + - :SECONDARY + default_value: :PRIMARY + description: | + The type of cluster. If not set, defaults to PRIMARY. + - !ruby/object:Api::Type::NestedObject + name: "secondaryConfig" + description: | + Configuration of the secondary cluster for Cross Region Replication. This should be set if and only if the cluster is of type SECONDARY. + properties: + - !ruby/object:Api::Type::String + name: "primaryClusterName" + required: true + description: | + Name of the primary cluster must be in the format + 'projects/{project}/locations/{location}/clusters/{cluster_id}' + - !ruby/object:Api::Type::NestedObject + name: 'maintenanceUpdatePolicy' + description: | + MaintenanceUpdatePolicy defines the policy for system updates. + properties: + - !ruby/object:Api::Type::Array + name: 'maintenanceWindows' + description: | + Preferred windows to perform maintenance. Currently limited to 1. + item_type: !ruby/object:Api::Type::NestedObject + name: 'maintenanceWindow' + description: | + specifies a preferred day and time for maintenance. + properties: + - !ruby/object:Api::Type::Enum + name: 'day' + required: true + description: | + Preferred day of the week for maintenance, e.g. MONDAY, TUESDAY, etc. + values: + - :MONDAY + - :TUESDAY + - :WEDNESDAY + - :THURSDAY + - :FRIDAY + - :SATURDAY + - :SUNDAY + - !ruby/object:Api::Type::NestedObject + name: 'startTime' + required: true + description: | + Preferred time to start the maintenance operation on the specified day. Maintenance will start within 1 hour of this time. + properties: + - !ruby/object:Api::Type::Integer + name: hours + required: true + description: | + Hours of day in 24 hour format. Should be from 0 to 23. + - !ruby/object:Api::Type::Integer + name: minutes + description: | + Minutes of hour of day. Currently, only the value 0 is supported. + - !ruby/object:Api::Type::Integer + name: seconds + description: | + Seconds of minutes of the time. Currently, only the value 0 is supported. + - !ruby/object:Api::Type::Integer + name: nanos + description: | + Fractions of seconds in nanoseconds. Currently, only the value 0 is supported. + - !ruby/object:Api::Type::Enum + name: 'subscriptionType' + values: + - :TRIAL + - :STANDARD + default_from_api: true + description: | + The subscrition type of cluster. + - !ruby/object:Api::Type::NestedObject + name: 'trialMetadata' +======= - name: 'retentionPeriod' type: String description: | @@ -564,10 +1091,27 @@ properties: - 'STANDARD' - name: 'trialMetadata' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Contains information and all metadata related to TRIAL clusters. output: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: startTime + description: | + Start time of the trial cluster. + - !ruby/object:Api::Type::String + name: endTime + description: | + End time of the trial cluster. + - !ruby/object:Api::Type::String + name: upgradeTime + description: | + Upgrade time of the trial cluster to standard cluster. + - !ruby/object:Api::Type::String + name: graceEndTime +======= - name: 'startTime' type: String description: | @@ -582,5 +1126,6 @@ properties: Upgrade time of the trial cluster to standard cluster. - name: 'graceEndTime' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Grace end time of the trial cluster. diff --git a/mmv1/products/alloydb/Instance.yaml b/mmv1/products/alloydb/Instance.yaml index 3cad8a5b6865..b4ac0c79a251 100644 --- a/mmv1/products/alloydb/Instance.yaml +++ b/mmv1/products/alloydb/Instance.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,11 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Instance' +docs: !ruby/object:Provider::Terraform::Docs +======= --- name: 'Instance' description: 'A managed alloydb cluster instance.' @@ -19,10 +28,54 @@ references: 'AlloyDB': 'https://cloud.google.com/alloydb/docs/' api: 'https://cloud.google.com/alloydb/docs/reference/rest/v1/projects.locations.clusters.instances/create' docs: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 warning: | Deleting an instance with instanceType = SECONDARY does not delete the secondary instance, and abandons it instead. Use deletion_policy = "FORCE" in the associated secondary cluster and delete the cluster forcefully to delete the secondary cluster as well its associated secondary instance. Users can undo the delete secondary instance action by importing the deleted secondary instance by calling terraform import. +<<<<<<< HEAD +self_link: '{{cluster}}/instances/{{instance_id}}' +base_url: '{{cluster}}/instances?instanceId={{instance_id}}' +update_verb: :PATCH +update_mask: true +description: 'A managed alloydb cluster instance.' +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'AlloyDB': 'https://cloud.google.com/alloydb/docs/' + api: 'https://cloud.google.com/alloydb/docs/reference/rest/v1/projects.locations.clusters.instances/create' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + timeouts: !ruby/object:Api::Timeouts + insert_minutes: 120 + update_minutes: 120 + delete_minutes: 120 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' + include_project: true +import_format: ['projects/{{project}}/locations/{{location}}/clusters/{{cluster}}/instances/{{instance_id}}'] +# Skipping the sweeper because instances will be deleted during cluster sweeps +skip_sweeper: true +autogen_async: true +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/alloydb_instance.go.erb + pre_create: templates/terraform/pre_create/alloydb_instance.go.erb + pre_delete: templates/terraform/pre_delete/alloydb_instance.go.erb +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'alloydb_instance_basic' +======= base_url: '{{cluster}}/instances?instanceId={{instance_id}}' self_link: '{{cluster}}/instances/{{instance_id}}' update_verb: 'PATCH' @@ -60,6 +113,7 @@ custom_code: exclude_sweeper: true examples: - name: 'alloydb_instance_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: alloydb_cluster_name: 'alloydb-cluster' @@ -68,8 +122,14 @@ examples: ignore_read_extra: - 'reconciling' - 'update_time' +<<<<<<< HEAD + skip_test: true + - !ruby/object:Provider::Terraform::Examples + name: 'alloydb_secondary_instance_basic' +======= exclude_test: true - name: 'alloydb_secondary_instance_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'secondary' vars: alloydb_primary_cluster_name: 'alloydb-primary-cluster' @@ -80,20 +140,36 @@ examples: ignore_read_extra: - 'reconciling' - 'update_time' +<<<<<<< HEAD + skip_test: true + - !ruby/object:Provider::Terraform::Examples + name: 'alloydb_instance_basic_test' +======= exclude_test: true - name: 'alloydb_instance_basic_test' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: alloydb_cluster_name: 'alloydb-cluster' alloydb_instance_name: 'alloydb-instance' network_name: 'alloydb-network' test_vars_overrides: +<<<<<<< HEAD + network_name: 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' + ignore_read_extra: + - 'reconciling' + - 'update_time' + skip_docs: true + - !ruby/object:Provider::Terraform::Examples + name: 'alloydb_secondary_instance_basic_test' +======= 'network_name': 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' ignore_read_extra: - 'reconciling' - 'update_time' exclude_docs: true - name: 'alloydb_secondary_instance_basic_test' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'secondary' vars: alloydb_primary_cluster_name: 'alloydb-primary-cluster' @@ -102,12 +178,22 @@ examples: alloydb_secondary_instance_name: 'alloydb-secondary-instance' network_name: 'alloydb-secondary-network' test_vars_overrides: +<<<<<<< HEAD + network_name: 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' + ignore_read_extra: + - 'reconciling' + - 'update_time' + skip_docs: true + - !ruby/object:Provider::Terraform::Examples + name: 'alloydb_instance_psc_test' +======= 'network_name': 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' ignore_read_extra: - 'reconciling' - 'update_time' exclude_docs: true - name: 'alloydb_instance_psc_test' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: alloydb_cluster_name: 'alloydb-cluster' @@ -116,6 +202,15 @@ examples: ignore_read_extra: - 'reconciling' - 'update_time' +<<<<<<< HEAD + skip_docs: true +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'cluster' + description: | + Identifies the alloydb cluster. Must be in the format + 'projects/{project}/locations/{location}/clusters/{cluster_id}' +======= exclude_docs: true parameters: - name: 'cluster' @@ -124,10 +219,72 @@ parameters: Identifies the alloydb cluster. Must be in the format 'projects/{project}/locations/{location}/clusters/{cluster_id}' url_param_only: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 required: true immutable: true resource: 'Cluster' imports: 'name' +<<<<<<< HEAD + url_param_only: true + - !ruby/object:Api::Type::String + name: 'instanceId' + required: true + immutable: true + url_param_only: true + description: | + The ID of the alloydb instance. +properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + The name of the instance resource. + - !ruby/object:Api::Type::Time + name: 'createTime' + description: | + Time the Instance was created in UTC. + output: true + - !ruby/object:Api::Type::Time + name: 'updateTime' + description: | + Time the Instance was updated in UTC. + output: true + - !ruby/object:Api::Type::String + name: 'uid' + output: true + description: | + The system-generated UID of the resource. + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: 'User-defined labels for the alloydb instance.' + - !ruby/object:Api::Type::KeyValueAnnotations + name: 'annotations' + description: + 'Annotations to allow client tools to store small amount of arbitrary + data. This is distinct from labels.' + - !ruby/object:Api::Type::String + name: 'state' + output: true + description: | + The current state of the alloydb instance. + - !ruby/object:Api::Type::String + name: 'displayName' + description: | + User-settable and human-readable display name for the Instance. + ignore_read: true + - !ruby/object:Api::Type::String + name: 'gceZone' + description: | + The Compute Engine zone that the instance should serve from, per https://cloud.google.com/compute/docs/regions-zones This can ONLY be specified for ZONAL instances. If present for a REGIONAL instance, an error will be thrown. If this is absent for a ZONAL instance, instance is created in a random zone with available capacity. + - !ruby/object:Api::Type::Boolean + name: 'reconciling' + output: true + description: | + Set to true if the current state of Instance does not match the user's intended state, and the service is actively updating the resource to reconcile them. This can happen due to user-triggered updates or system actions like failover or maintenance. + - !ruby/object:Api::Type::KeyValuePairs + name: 'databaseFlags' + default_from_api: true +======= - name: 'instanceId' type: String description: | @@ -185,15 +342,21 @@ properties: output: true - name: 'databaseFlags' type: KeyValuePairs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: 'Database flags. Set at instance level. * They are copied from primary instance on read instance creation. * Read instances can set new or override existing flags that are relevant for reads, e.g. for enabling columnar cache on a read instance. Flags set on read instance may or may not be present on primary.' +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'availabilityType' +======= default_from_api: true - name: 'availabilityType' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | 'Availability type of an Instance. Defaults to REGIONAL for both primary and read instances. Note that primary and read instances can have different availability types. @@ -201,6 +364,17 @@ properties: Zone is automatically chosen from the list of zones in the region specified. Read pool of size 1 can only have zonal availability. Read pools with node count of 2 or more can have regional availability (nodes are present in 2 or more zones in a region).' +<<<<<<< HEAD + values: + - :AVAILABILITY_TYPE_UNSPECIFIED + - :ZONAL + - :REGIONAL + default_from_api: true + - !ruby/object:Api::Type::Enum + name: 'instanceType' + required: true + immutable: true +======= default_from_api: true enum_values: - 'AVAILABILITY_TYPE_UNSPECIFIED' @@ -208,6 +382,7 @@ properties: - 'REGIONAL' - name: 'instanceType' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The type of the instance. If the instance type is READ_POOL, provide the associated PRIMARY/SECONDARY instance in the `depends_on` meta-data attribute. @@ -216,6 +391,74 @@ properties: If the instance type is SECONDARY, the terraform delete instance operation does not delete the secondary instance but abandons it instead. Use deletion_policy = "FORCE" in the associated secondary cluster and delete the cluster forcefully to delete the secondary cluster as well its associated secondary instance. Users can undo the delete secondary instance action by importing the deleted secondary instance by calling terraform import. +<<<<<<< HEAD + values: + - :PRIMARY + - :READ_POOL + - :SECONDARY + - !ruby/object:Api::Type::String + name: 'ipAddress' + output: true + description: | + The IP address for the Instance. This is the connection endpoint for an end-user application. + - !ruby/object:Api::Type::NestedObject + name: 'queryInsightsConfig' + default_from_api: true + description: 'Configuration for query insights.' + properties: + - !ruby/object:Api::Type::Integer + name: 'queryStringLength' + description: 'Query string length. The default value is 1024. Any integer between 256 and 4500 is considered valid.' + - !ruby/object:Api::Type::Boolean + name: 'recordApplicationTags' + description: 'Record application tags for an instance. This flag is turned "on" by default.' + - !ruby/object:Api::Type::Boolean + name: 'recordClientAddress' + description: 'Record client address for an instance. Client address is PII information. This flag is turned "on" by default.' + - !ruby/object:Api::Type::Integer + name: 'queryPlansPerMinute' + description: 'Number of query execution plans captured by Insights per minute for all queries combined. The default value is 5. Any integer between 0 and 20 is considered valid.' + - !ruby/object:Api::Type::NestedObject + name: 'observabilityConfig' + description: 'Configuration for enhanced query insights.' + default_from_api: true + min_version: beta + properties: + - !ruby/object:Api::Type::Boolean + name: 'enabled' + description: 'Observability feature status for an instance.' + - !ruby/object:Api::Type::Boolean + name: 'preserveComments' + description: 'Preserve comments in the query string.' + - !ruby/object:Api::Type::Boolean + name: 'trackWaitEvents' + description: 'Record wait events during query execution for an instance.' + - !ruby/object:Api::Type::Boolean + name: 'trackWaitEventTypes' + description: 'Record wait event types during query execution for an instance.' + - !ruby/object:Api::Type::Integer + name: 'maxQueryStringLength' + description: 'Query string length. The default value is 10240. Any integer between 1024 and 100000 is considered valid.' + - !ruby/object:Api::Type::Boolean + name: 'recordApplicationTags' + description: 'Record application tags for an instance. This flag is turned "on" by default.' + - !ruby/object:Api::Type::Integer + name: 'queryPlansPerMinute' + description: 'Number of query execution plans captured by Insights per minute for all queries combined. The default value is 5. Any integer between 0 and 200 is considered valid.' + - !ruby/object:Api::Type::Boolean + name: 'trackActiveQueries' + description: 'Track actively running queries. If not set, default value is "off".' + - !ruby/object:Api::Type::NestedObject + name: 'readPoolConfig' + description: 'Read pool specific config. If the instance type is READ_POOL, this configuration must be provided.' + properties: + - !ruby/object:Api::Type::Integer + name: 'nodeCount' + description: + 'Read capacity, i.e. number of nodes in a read pool instance.' + - !ruby/object:Api::Type::NestedObject + name: 'machineConfig' +======= required: true immutable: true enum_values: @@ -284,10 +527,50 @@ properties: 'Read capacity, i.e. number of nodes in a read pool instance.' - name: 'machineConfig' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: 'Configurations for the machines that host the underlying database engine.' default_from_api: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'cpuCount' + description: "The number of CPU's in the VM instance." + + default_from_api: true + - !ruby/object:Api::Type::NestedObject + name: 'clientConnectionConfig' + default_from_api: true + description: | + Client connection specific configurations. + properties: + - !ruby/object:Api::Type::Boolean + name: requireConnectors + description: | + Configuration to enforce connectors only (ex: AuthProxy) connections to the database. + - !ruby/object:Api::Type::NestedObject + name: 'sslConfig' + default_from_api: true + description: | + SSL config option for this instance. + properties: + - !ruby/object:Api::Type::Enum + name: 'sslMode' + default_from_api: true + description: 'SSL mode. Specifies client-server SSL/TLS connection behavior.' + values: + - :ENCRYPTED_ONLY + - :ALLOW_UNENCRYPTED_AND_ENCRYPTED + - !ruby/object:Api::Type::NestedObject + name: 'pscInstanceConfig' + default_from_api: true + description: | + Configuration for Private Service Connect (PSC) for the instance. + properties: + - !ruby/object:Api::Type::String + name: 'serviceAttachmentLink' + output: true +======= - name: 'cpuCount' type: Integer description: "The number of CPU's in the VM instance." @@ -324,10 +607,34 @@ properties: properties: - name: 'serviceAttachmentLink' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The service attachment created when Private Service Connect (PSC) is enabled for the instance. The name of the resource will be in the format of `projects//regions//serviceAttachments/` +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: allowedConsumerProjects + item_type: Api::Type::String + description: | + List of consumer projects that are allowed to create PSC endpoints to service-attachments to this instance. + These should be specified as project numbers only. + item_validation: !ruby/object:Provider::Terraform::Validation + regex: '^\d+$' + - !ruby/object:Api::Type::String + name: 'pscDnsName' + output: true + description: | + The DNS name of the instance for PSC connectivity. + Name convention: ...alloydb-psc.goog + - !ruby/object:Api::Type::NestedObject + name: 'networkConfig' + description: | + Instance level network configuration. + properties: + - !ruby/object:Api::Type::Array + name: 'authorizedExternalNetworks' +======= output: true - name: 'allowedConsumerProjects' type: Array @@ -351,11 +658,22 @@ properties: properties: - name: 'authorizedExternalNetworks' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of external networks authorized to access this instance. This field is only allowed to be set when `enable_public_ip` is set to true. required_with: +<<<<<<< HEAD + - networkConfig.0.enablePublicIp + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'cidrRange' + description: 'CIDR range for one authorized network of the instance.' + - !ruby/object:Api::Type::Boolean + name: enablePublicIp +======= - 'networkConfig.0.enablePublicIp' item_type: type: NestedObject @@ -365,27 +683,48 @@ properties: description: 'CIDR range for one authorized network of the instance.' - name: 'enablePublicIp' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Enabling public ip for the instance. If a user wishes to disable this, please also clear the list of the authorized external networks set on the same instance. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: enableOutboundPublicIp + description: | + Enabling outbound public ip for the instance. + - !ruby/object:Api::Type::String + name: 'publicIpAddress' + output: true +======= - name: 'enableOutboundPublicIp' type: Boolean description: | Enabling outbound public ip for the instance. - name: 'publicIpAddress' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The public IP addresses for the Instance. This is available ONLY when networkConfig.enablePublicIp is set to true. This is the connection endpoint for an end-user application. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'outboundPublicIpAddresses' + output: true +======= output: true - name: 'outboundPublicIpAddresses' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The outbound public IP addresses for the instance. This is available ONLY when networkConfig.enableOutboundPublicIp is set to true. These IP addresses are used for outbound connections. +<<<<<<< HEAD +======= output: true item_type: type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/alloydb/User.yaml b/mmv1/products/alloydb/User.yaml index 2278fc07622f..145f918b9599 100644 --- a/mmv1/products/alloydb/User.yaml +++ b/mmv1/products/alloydb/User.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,29 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'User' +self_link: '{{cluster}}/users/{{user_id}}' +base_url: '{{cluster}}/users' +create_url: '{{cluster}}/users?userId={{user_id}}' +update_url: '{{cluster}}/users?userId={{user_id}}' +update_verb: :POST +description: 'A database user in an AlloyDB cluster.' +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'AlloyDB': 'https://cloud.google.com/alloydb/docs/' + api: 'https://cloud.google.com/alloydb/docs/reference/rest/v1/projects.locations.clusters.users/create' +import_format: ['projects/{{project}}/locations/{{location}}/clusters/{{cluster}}/users/{{user_id}}'] +# Skipping the sweeper because instances will be deleted during cluster sweeps +skip_sweeper: true +autogen_async: true +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/alloydb_user.go.erb +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'alloydb_user_builtin' +======= --- name: 'User' description: 'A database user in an AlloyDB cluster.' @@ -37,6 +64,7 @@ custom_code: exclude_sweeper: true examples: - name: 'alloydb_user_builtin' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'user1' vars: alloydb_cluster_name: 'alloydb-cluster' @@ -47,8 +75,14 @@ examples: network_name: 'alloydb-network' ignore_read_extra: - 'password' +<<<<<<< HEAD + skip_test: true + - !ruby/object:Provider::Terraform::Examples + name: 'alloydb_user_builtin_test' +======= exclude_test: true - name: 'alloydb_user_builtin_test' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'user1' vars: alloydb_cluster_name: 'alloydb-cluster' @@ -58,11 +92,20 @@ examples: alloydb_user_pass: 'user_secret' network_name: 'alloydb-network' test_vars_overrides: +<<<<<<< HEAD + network_name: 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' + ignore_read_extra: + - 'password' + skip_docs: true + - !ruby/object:Provider::Terraform::Examples + name: 'alloydb_user_iam' +======= 'network_name': 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' ignore_read_extra: - 'password' exclude_docs: true - name: 'alloydb_user_iam' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'user2' vars: alloydb_cluster_name: 'alloydb-cluster' @@ -70,8 +113,14 @@ examples: alloydb_cluster_pass: 'cluster_secret' alloydb_user_name: 'user2@foo.com' network_name: 'alloydb-network' +<<<<<<< HEAD + skip_test: true + - !ruby/object:Provider::Terraform::Examples + name: 'alloydb_user_iam_test' +======= exclude_test: true - name: 'alloydb_user_iam_test' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'user2' vars: alloydb_cluster_name: 'alloydb-cluster' @@ -80,6 +129,16 @@ examples: alloydb_user_name: 'user2@foo.com' network_name: 'alloydb-network' test_vars_overrides: +<<<<<<< HEAD + network_name: 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' + skip_docs: true +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'cluster' + description: | + Identifies the alloydb cluster. Must be in the format + 'projects/{project}/locations/{location}/clusters/{cluster_id}' +======= 'network_name': 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' exclude_docs: true parameters: @@ -89,10 +148,46 @@ parameters: Identifies the alloydb cluster. Must be in the format 'projects/{project}/locations/{location}/clusters/{cluster_id}' url_param_only: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 required: true immutable: true resource: 'Cluster' imports: 'name' +<<<<<<< HEAD + url_param_only: true + - !ruby/object:Api::Type::String + name: 'userId' + required: true + immutable: true + url_param_only: true + description: | + The database role name of the user. + - !ruby/object:Api::Type::Enum + name: 'userType' + required: true + immutable: true + description: | + The type of this user. + values: + - :ALLOYDB_BUILT_IN + - :ALLOYDB_IAM_USER +properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + Name of the resource in the form of projects/{project}/locations/{location}/clusters/{cluster}/users/{user}. + - !ruby/object:Api::Type::String + name: 'password' + ignore_read: true + description: | + Password for this database user. + - !ruby/object:Api::Type::Array + name: 'databaseRoles' + item_type: Api::Type::String + description: | + List of database roles this database user has. +======= - name: 'userId' type: String description: | @@ -126,3 +221,4 @@ properties: List of database roles this database user has. item_type: type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/alloydb/go_Backup.yaml b/mmv1/products/alloydb/go_Backup.yaml new file mode 100644 index 000000000000..99f794982de4 --- /dev/null +++ b/mmv1/products/alloydb/go_Backup.yaml @@ -0,0 +1,247 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Backup' +description: 'An AlloyDB Backup.' +references: + guides: + 'AlloyDB': 'https://cloud.google.com/alloydb/docs/' + api: 'https://cloud.google.com/alloydb/docs/reference/rest/v1/projects.locations.backups/create' +docs: +base_url: 'projects/{{project}}/locations/{{location}}/backups' +self_link: 'projects/{{project}}/locations/{{location}}/backups/{{backup_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/backups?backupId={{backup_id}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/backups/{{backup_id}}' +timeouts: + insert_minutes: 10 + update_minutes: 10 + delete_minutes: 10 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + result: + resource_inside_response: false +custom_code: + encoder: 'templates/terraform/encoders/go/alloydb_backup.tmpl' +examples: + - name: 'alloydb_backup_basic' + primary_resource_id: 'default' + vars: + alloydb_backup_id: 'alloydb-backup' + alloydb_cluster_name: 'alloydb-cluster' + alloydb_instance_name: 'alloydb-instance' + network_name: 'alloydb-network' + ignore_read_extra: + - 'reconciling' + - 'update_time' + exclude_test: true + - name: 'alloydb_backup_basic_test' + primary_resource_id: 'default' + vars: + alloydb_backup_id: 'alloydb-backup' + alloydb_cluster_name: 'alloydb-cluster' + alloydb_instance_name: 'alloydb-instance' + network_name: 'alloydb-network' + test_vars_overrides: + 'network_name': 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' + ignore_read_extra: + - 'reconciling' + - 'update_time' + exclude_docs: true + - name: 'alloydb_backup_full' + primary_resource_id: 'default' + vars: + alloydb_backup_id: 'alloydb-backup' + alloydb_cluster_name: 'alloydb-cluster' + alloydb_instance_name: 'alloydb-instance' + network_name: 'alloydb-network' + ignore_read_extra: + - 'reconciling' + - 'update_time' + exclude_test: true + - name: 'alloydb_backup_full_test' + primary_resource_id: 'default' + vars: + alloydb_backup_id: 'alloydb-backup' + alloydb_cluster_name: 'alloydb-cluster' + alloydb_instance_name: 'alloydb-instance' + network_name: 'alloydb-network' + test_vars_overrides: + 'network_name': 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' + ignore_read_extra: + - 'reconciling' + - 'update_time' + exclude_docs: true + # https://github.com/hashicorp/terraform-provider-google/issues/16231 + skip_vcr: true +parameters: + - name: 'backupId' + type: String + description: | + The ID of the alloydb backup. + url_param_only: true + required: true + immutable: true + - name: 'location' + type: String + description: | + The location where the alloydb backup should reside. + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: | + Output only. The name of the backup resource with the format: * projects/{project}/locations/{region}/backups/{backupId} + output: true + - name: 'displayName' + type: String + description: | + User-settable and human-readable display name for the Backup. + - name: 'uid' + type: String + description: | + Output only. The system-generated UID of the resource. The UID is assigned when the resource is created, and it is retained until it is deleted. + output: true + - name: 'createTime' + type: Time + description: | + Output only. Create time stamp. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. + Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + output: true + - name: 'updateTime' + type: Time + description: | + Output only. Update time stamp. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. + Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + output: true + - name: 'deleteTime' + type: Time + description: | + Output only. Delete time stamp. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. + Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + output: true + - name: 'labels' + type: KeyValueLabels + description: | + User-defined labels for the alloydb backup. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. + - name: 'state' + type: String + description: Output only. The current state of the backup. + output: true + - name: 'type' + type: Enum + description: 'The backup type, which suggests the trigger for the backup.' + default_from_api: true + enum_values: + - 'TYPE_UNSPECIFIED' + - 'ON_DEMAND' + - 'AUTOMATED' + - 'CONTINUOUS' + - name: 'description' + type: String + description: 'User-provided description of the backup.' + - name: 'clusterUid' + type: String + description: 'Output only. The system-generated UID of the cluster which was used to create this resource.' + output: true + - name: 'clusterName' + type: String + description: + 'The full resource name of the backup source cluster (e.g., + projects/{project}/locations/{location}/clusters/{clusterId}).' + required: true + immutable: true + diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' + - name: 'reconciling' + type: Boolean + description: | + Output only. Reconciling (https://google.aip.dev/128#reconciliation), if true, indicates that the service is actively updating the resource. + This can happen due to user-triggered updates or system actions like failover or maintenance. + output: true + - name: 'encryptionConfig' + type: NestedObject + description: | + EncryptionConfig describes the encryption config of a cluster or a backup that is encrypted with a CMEK (customer-managed encryption key). + properties: + - name: 'kmsKeyName' + type: String + description: | + The fully-qualified resource name of the KMS key. Each Cloud KMS key is regionalized and has the following format: projects/[PROJECT]/locations/[REGION]/keyRings/[RING]/cryptoKeys/[KEY_NAME]. + immutable: true + - name: 'encryptionInfo' + type: NestedObject + description: | + EncryptionInfo describes the encryption information of a cluster or a backup. + output: true + properties: + - name: 'encryptionType' + type: Enum + description: 'Output only. Type of encryption.' + output: true + enum_values: + - 'TYPE_UNSPECIFIED' + - 'GOOGLE_DEFAULT_ENCRYPTION' + - 'CUSTOMER_MANAGED_ENCRYPTION' + - name: 'kmsKeyVersions' + type: Array + description: | + Output only. Cloud KMS key versions that are being used to protect the database or the backup. + output: true + item_type: + type: String + - name: 'etag' + type: String + description: 'For Resource freshness validation (https://google.aip.dev/154)' + output: true + - name: 'annotations' + type: KeyValueAnnotations + description: | + Annotations to allow client tools to store small amount of arbitrary data. This is distinct from labels. https://google.aip.dev/128 + An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. + - name: 'sizeBytes' + type: String + description: 'Output only. The size of the backup in bytes.' + output: true + - name: 'expiryTime' + type: String + description: | + Output only. The time at which after the backup is eligible to be garbage collected. + It is the duration specified by the backup's retention policy, added to the backup's createTime. + output: true + - name: 'expiryQuantity' + type: NestedObject + description: | + Output only. The QuantityBasedExpiry of the backup, specified by the backup's retention policy. + Once the expiry quantity is over retention, the backup is eligible to be garbage collected. + output: true + properties: + - name: 'retentionCount' + type: Integer + description: | + Output only. The backup's position among its backups with the same source cluster and type, by descending chronological order create time (i.e. newest first). + output: true + - name: 'totalRetentionCount' + type: Integer + description: | + Output only. The length of the quantity-based queue, specified by the backup's retention policy. + output: true diff --git a/mmv1/products/alloydb/go_Cluster.yaml b/mmv1/products/alloydb/go_Cluster.yaml new file mode 100644 index 000000000000..668c7a570a59 --- /dev/null +++ b/mmv1/products/alloydb/go_Cluster.yaml @@ -0,0 +1,587 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Cluster' +description: 'A managed alloydb cluster.' +references: + guides: + 'AlloyDB': 'https://cloud.google.com/alloydb/docs/' + api: 'https://cloud.google.com/alloydb/docs/reference/rest/v1/projects.locations.clusters/create' +docs: + note: | + Users can promote a secondary cluster to a primary cluster with the help of `cluster_type`. + To promote, users have to set the `cluster_type` property as `PRIMARY` and remove the `secondary_config` field from cluster configuration. + [See Example](https://github.com/hashicorp/terraform-provider-google/pull/16413). + + Switchover is supported in terraform by refreshing the state of the terraform configurations. + The switchover operation still needs to be called outside of terraform. + After the switchover operation is completed successfully: + 1. Refresh the state of the AlloyDB resources by running `terraform apply -refresh-only --auto-approve` . + 2. Manually update the terraform configuration file(s) to match the actual state of the resources by modifying the `cluster_type` and `secondary_config` fields. + 3. Verify the sync of terraform state by running `terraform plan` and ensure that the infrastructure matches the configuration and no changes are required. +base_url: 'projects/{{project}}/locations/{{location}}/clusters' +self_link: 'projects/{{project}}/locations/{{location}}/clusters/{{cluster_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/clusters?clusterId={{cluster_id}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/clusters/{{cluster_id}}' + - '{{cluster_id}}' +timeouts: + insert_minutes: 30 + update_minutes: 30 + delete_minutes: 30 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + timeouts: + insert_minutes: 30 + update_minutes: 30 + delete_minutes: 30 + result: + path: 'response' + resource_inside_response: false + error: + path: 'error' + message: 'message' +custom_code: + pre_create: 'templates/terraform/pre_create/go/alloydb_cluster.go.tmpl' + pre_update: 'templates/terraform/pre_update/go/alloydb_cluster.go.tmpl' + pre_delete: 'templates/terraform/pre_delete/go/alloydb_cluster.go.tmpl' +# Skipping the sweeper because we need to force-delete clusters. +exclude_sweeper: true +examples: + - name: 'alloydb_cluster_basic' + primary_resource_id: 'default' + vars: + alloydb_cluster_name: 'alloydb-cluster' + - name: 'alloydb_cluster_full' + primary_resource_id: 'full' + vars: + alloydb_cluster_name: 'alloydb-cluster-full' + - name: 'alloydb_cluster_restore' + primary_resource_id: 'source' + vars: + alloydb_cluster_name: 'alloydb-source-cluster' + alloydb_backup_restored_cluster_name: 'alloydb-backup-restored' + alloydb_pitr_restored_cluster_name: 'alloydb-pitr-restored' + alloydb_backup_id: 'alloydb-backup' + alloydb_instance_name: 'alloydb-instance' + network_name: 'alloydb-network' + test_vars_overrides: + 'network_name': 'acctest.BootstrapSharedTestNetwork(t, "alloydb-instance-basic")' + ignore_read_extra: + - 'reconciling' + - 'update_time' + exclude_test: true + - name: 'alloydb_secondary_cluster_basic' + primary_resource_id: 'secondary' + vars: + alloydb_primary_cluster_name: 'alloydb-primary-cluster' + alloydb_primary_instance_name: 'alloydb-primary-instance' + alloydb_secondary_cluster_name: 'alloydb-secondary-cluster' + exclude_test: true + - name: 'alloydb_secondary_cluster_basic_test' + primary_resource_id: 'secondary' + vars: + alloydb_primary_cluster_name: 'alloydb-primary-cluster' + alloydb_primary_instance_name: 'alloydb-primary-instance' + alloydb_secondary_cluster_name: 'alloydb-secondary-cluster' + network_name: 'alloydb-network' + test_vars_overrides: + 'network_name': 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' + exclude_docs: true +virtual_fields: + - name: 'deletion_policy' + description: | + Policy to determine if the cluster should be deleted forcefully. + Deleting a cluster forcefully, deletes the cluster and all its associated instances within the cluster. + Deleting a Secondary cluster with a secondary instance REQUIRES setting deletion_policy = "FORCE" otherwise an error is returned. This is needed as there is no support to delete just the secondary instance, and the only way to delete secondary instance is to delete the associated secondary cluster forcefully which also deletes the secondary instance. + Possible values: DEFAULT, FORCE + type: String + default_value: "DEFAULT" +parameters: + - name: 'clusterId' + type: String + description: | + The ID of the alloydb cluster. + url_param_only: true + required: true + immutable: true + - name: 'location' + type: String + description: | + The location where the alloydb cluster should reside. + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: | + The name of the cluster resource. + output: true + - name: 'uid' + type: String + description: | + The system-generated UID of the resource. + output: true + - name: 'labels' + type: KeyValueLabels + description: 'User-defined labels for the alloydb cluster.' + - name: 'encryptionConfig' + type: NestedObject + description: | + EncryptionConfig describes the encryption config of a cluster or a backup that is encrypted with a CMEK (customer-managed encryption key). + properties: + - name: 'kmsKeyName' + type: String + description: | + The fully-qualified resource name of the KMS key. Each Cloud KMS key is regionalized and has the following format: projects/[PROJECT]/locations/[REGION]/keyRings/[RING]/cryptoKeys/[KEY_NAME]. + immutable: true + - name: 'encryptionInfo' + type: NestedObject + description: | + EncryptionInfo describes the encryption information of a cluster or a backup. + output: true + properties: + - name: 'encryptionType' + type: Enum + description: 'Output only. Type of encryption.' + output: true + enum_values: + - 'TYPE_UNSPECIFIED' + - 'GOOGLE_DEFAULT_ENCRYPTION' + - 'CUSTOMER_MANAGED_ENCRYPTION' + - name: 'kmsKeyVersions' + type: Array + description: | + Output only. Cloud KMS key versions that are being used to protect the database or the backup. + output: true + item_type: + type: String + - name: 'continuousBackupInfo' + type: NestedObject + description: | + ContinuousBackupInfo describes the continuous backup properties of a cluster. + output: true + properties: + - name: 'enabledTime' + type: String + description: | + When ContinuousBackup was most recently enabled. Set to null if ContinuousBackup is not enabled. + output: true + - name: 'schedule' + type: Array + description: | + Days of the week on which a continuous backup is taken. Output only field. Ignored if passed into the request. + output: true + item_type: + type: String + - name: 'earliestRestorableTime' + type: String + description: | + The earliest restorable time that can be restored to. Output only field. + output: true + - name: 'encryptionInfo' + type: NestedObject + description: | + Output only. The encryption information for the WALs and backups required for ContinuousBackup. + output: true + properties: + - name: 'encryptionType' + type: String + description: 'Output only. Type of encryption.' + output: true + - name: 'kmsKeyVersions' + type: Array + description: | + Output only. Cloud KMS key versions that are being used to protect the database or the backup. + output: true + item_type: + type: String + - name: 'networkConfig' + type: NestedObject + description: | + Metadata related to network configuration. + default_from_api: true + properties: + - name: 'network' + type: String + description: | + The resource link for the VPC network in which cluster resources are created and from which they are accessible via Private IP. The network must belong to the same project as the cluster. + It is specified in the form: "projects/{projectNumber}/global/networks/{network_id}". + exactly_one_of: + - 'network_config.0.network' + - 'psc_config.0.psc_enabled' + diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' + - name: 'allocatedIpRange' + type: String + description: | + The name of the allocated IP range for the private IP AlloyDB cluster. For example: "google-managed-services-default". + If set, the instance IPs for this cluster will be created in the allocated range. + - name: 'displayName' + type: String + description: | + User-settable and human-readable display name for the Cluster. + - name: 'etag' + type: String + description: 'For Resource freshness validation (https://google.aip.dev/154)' + - name: 'reconciling' + type: Boolean + description: | + Output only. Reconciling (https://google.aip.dev/128#reconciliation). + Set to true if the current state of Cluster does not match the user's intended state, and the service is actively updating the resource to reconcile them. + This can happen due to user-triggered updates or system actions like failover or maintenance. + output: true + - name: 'state' + type: String + description: 'Output only. The current serving state of the cluster.' + output: true + - name: 'annotations' + type: KeyValueAnnotations + description: | + Annotations to allow client tools to store small amount of arbitrary data. This is distinct from labels. https://google.aip.dev/128 + An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. + - name: 'databaseVersion' + type: String + description: | + The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation. + default_from_api: true + - name: 'pscConfig' + type: NestedObject + description: 'Configuration for Private Service Connect (PSC) for the cluster.' + properties: + - name: 'pscEnabled' + type: Boolean + description: 'Create an instance that allows connections from Private Service Connect endpoints to the instance.' + - name: 'initialUser' + type: NestedObject + description: | + Initial user to setup during cluster creation. + ignore_read: true + custom_flatten: 'templates/terraform/custom_flatten/go/alloydb_cluster_input_user_flatten.go.tmpl' + properties: + - name: 'user' + type: String + description: | + The database username. + - name: 'password' + type: String + description: | + The initial password for the user. + required: true + sensitive: true + - name: 'restoreBackupSource' + type: NestedObject + description: | + The source when restoring from a backup. Conflicts with 'restore_continuous_backup_source', both can't be set together. + immutable: true + ignore_read: true + conflicts: + - restore_continuous_backup_source + properties: + - name: 'backupName' + type: String + description: | + The name of the backup that this cluster is restored from. + required: true + immutable: true + - name: 'restoreContinuousBackupSource' + type: NestedObject + description: | + The source when restoring via point in time recovery (PITR). Conflicts with 'restore_backup_source', both can't be set together. + immutable: true + ignore_read: true + conflicts: + - restore_backup_source + properties: + - name: 'cluster' + type: String + description: | + The name of the source cluster that this cluster is restored from. + required: true + immutable: true + - name: 'pointInTime' + type: String + description: | + The point in time that this cluster is restored to, in RFC 3339 format. + required: true + immutable: true + - name: 'continuousBackupConfig' + type: NestedObject + description: | + The continuous backup config for this cluster. + + If no policy is provided then the default policy will be used. The default policy takes one backup a day and retains backups for 14 days. + default_from_api: true + properties: + - name: 'enabled' + type: Boolean + description: | + Whether continuous backup recovery is enabled. If not set, defaults to true. + send_empty_value: true + default_value: true + - name: 'recoveryWindowDays' + type: Integer + description: | + The numbers of days that are eligible to restore from using PITR. To support the entire recovery window, backups and logs are retained for one day more than the recovery window. + + If not set, defaults to 14 days. + default_from_api: true + - name: 'encryptionConfig' + type: NestedObject + description: | + EncryptionConfig describes the encryption config of a cluster or a backup that is encrypted with a CMEK (customer-managed encryption key). + properties: + - name: 'kmsKeyName' + type: String + description: | + The fully-qualified resource name of the KMS key. Each Cloud KMS key is regionalized and has the following format: projects/[PROJECT]/locations/[REGION]/keyRings/[RING]/cryptoKeys/[KEY_NAME]. + - name: 'automatedBackupPolicy' + type: NestedObject + description: | + The automated backup policy for this cluster. AutomatedBackupPolicy is disabled by default. + default_from_api: true + properties: + - name: 'backupWindow' + type: String + description: | + The length of the time window during which a backup can be taken. If a backup does not succeed within this time window, it will be canceled and considered failed. + + The backup window must be at least 5 minutes long. There is no upper bound on the window. If not set, it will default to 1 hour. + + A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". + default_from_api: true + - name: 'location' + type: String + description: | + The location where the backup will be stored. Currently, the only supported option is to store the backup in the same region as the cluster. + default_from_api: true + - name: 'labels' + type: KeyValuePairs + description: + 'Labels to apply to backups created using this configuration.' + - name: 'encryptionConfig' + type: NestedObject + description: | + EncryptionConfig describes the encryption config of a cluster or a backup that is encrypted with a CMEK (customer-managed encryption key). + properties: + - name: 'kmsKeyName' + type: String + description: | + The fully-qualified resource name of the KMS key. Each Cloud KMS key is regionalized and has the following format: projects/[PROJECT]/locations/[REGION]/keyRings/[RING]/cryptoKeys/[KEY_NAME]. + - name: 'weeklySchedule' + type: NestedObject + description: 'Weekly schedule for the Backup.' + default_from_api: true + properties: + - name: 'daysOfWeek' + type: Array + description: 'The days of the week to perform a backup. At least one day of the week must be provided.' + item_type: + type: Enum + description: 'The days of the week to perform a backup. At least one day of the week must be provided.' + enum_values: + - 'MONDAY' + - 'TUESDAY' + - 'WEDNESDAY' + - 'THURSDAY' + - 'FRIDAY' + - 'SATURDAY' + - 'SUNDAY' + min_size: 1 + - name: 'startTimes' + type: Array + description: | + The times during the day to start a backup. At least one start time must be provided. The start times are assumed to be in UTC and to be an exact hour (e.g., 04:00:00). + required: true + custom_flatten: 'templates/terraform/custom_flatten/go/alloydb_cluster_input_automated_backup_policy_start_times_flatten.go.tmpl' + item_type: + type: NestedObject + properties: + - name: 'hours' + type: Integer + description: | + Hours of day in 24 hour format. Should be from 0 to 23. An API may choose to allow the value "24:00:00" for scenarios like business closing time. + - name: 'minutes' + type: Integer + description: | + Minutes of hour of day. Currently, only the value 0 is supported. + - name: 'seconds' + type: Integer + description: | + Seconds of minutes of the time. Currently, only the value 0 is supported. + - name: 'nanos' + type: Integer + description: | + Fractions of seconds in nanoseconds. Currently, only the value 0 is supported. + - name: 'timeBasedRetention' + type: NestedObject + description: | + Time-based Backup retention policy. Conflicts with 'quantity_based_retention', both can't be set together. + conflicts: + - automated_backup_policy.0.quantity_based_retention + properties: + - name: 'retentionPeriod' + type: String + description: | + The retention period. + A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". + - name: 'quantityBasedRetention' + type: NestedObject + description: | + Quantity-based Backup retention policy to retain recent backups. Conflicts with 'time_based_retention', both can't be set together. + conflicts: + - automated_backup_policy.0.time_based_retention + properties: + - name: 'count' + type: Integer + description: | + The number of backups to retain. + - name: 'enabled' + type: Boolean + description: | + Whether automated backups are enabled. + default_from_api: true + - name: 'backupSource' + type: NestedObject + description: 'Cluster created from backup.' + output: true + properties: + - name: 'backupName' + type: String + description: 'The name of the backup resource.' + - name: 'migrationSource' + type: NestedObject + description: 'Cluster created via DMS migration.' + output: true + properties: + - name: 'hostPort' + type: String + description: + 'The host and port of the on-premises instance in host:port format' + - name: 'referenceId' + type: String + description: + 'Place holder for the external source identifier(e.g DMS job name) + that created the cluster.' + - name: 'sourceType' + type: String + description: 'Type of migration source.' + - name: 'clusterType' + type: Enum + description: | + The type of cluster. If not set, defaults to PRIMARY. + default_value: "PRIMARY" + enum_values: + - 'PRIMARY' + - 'SECONDARY' + - name: 'secondaryConfig' + type: NestedObject + description: | + Configuration of the secondary cluster for Cross Region Replication. This should be set if and only if the cluster is of type SECONDARY. + properties: + - name: 'primaryClusterName' + type: String + description: | + Name of the primary cluster must be in the format + 'projects/{project}/locations/{location}/clusters/{cluster_id}' + required: true + - name: 'maintenanceUpdatePolicy' + type: NestedObject + description: | + MaintenanceUpdatePolicy defines the policy for system updates. + properties: + - name: 'maintenanceWindows' + type: Array + description: | + Preferred windows to perform maintenance. Currently limited to 1. + item_type: + description: | + specifies a preferred day and time for maintenance. + type: NestedObject + properties: + - name: 'day' + type: Enum + description: | + Preferred day of the week for maintenance, e.g. MONDAY, TUESDAY, etc. + required: true + enum_values: + - 'MONDAY' + - 'TUESDAY' + - 'WEDNESDAY' + - 'THURSDAY' + - 'FRIDAY' + - 'SATURDAY' + - 'SUNDAY' + - name: 'startTime' + type: NestedObject + description: | + Preferred time to start the maintenance operation on the specified day. Maintenance will start within 1 hour of this time. + required: true + properties: + - name: 'hours' + type: Integer + description: | + Hours of day in 24 hour format. Should be from 0 to 23. + required: true + - name: 'minutes' + type: Integer + description: | + Minutes of hour of day. Currently, only the value 0 is supported. + - name: 'seconds' + type: Integer + description: | + Seconds of minutes of the time. Currently, only the value 0 is supported. + - name: 'nanos' + type: Integer + description: | + Fractions of seconds in nanoseconds. Currently, only the value 0 is supported. + - name: 'subscriptionType' + type: Enum + description: | + The subscrition type of cluster. + default_from_api: true + enum_values: + - 'TRIAL' + - 'STANDARD' + - name: 'trialMetadata' + type: NestedObject + description: | + Contains information and all metadata related to TRIAL clusters. + output: true + properties: + - name: 'startTime' + type: String + description: | + Start time of the trial cluster. + - name: 'endTime' + type: String + description: | + End time of the trial cluster. + - name: 'upgradeTime' + type: String + description: | + Upgrade time of the trial cluster to standard cluster. + - name: 'graceEndTime' + type: String + description: | + Grace end time of the trial cluster. diff --git a/mmv1/products/alloydb/go_Instance.yaml b/mmv1/products/alloydb/go_Instance.yaml new file mode 100644 index 000000000000..2b660e0e30be --- /dev/null +++ b/mmv1/products/alloydb/go_Instance.yaml @@ -0,0 +1,392 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Instance' +description: 'A managed alloydb cluster instance.' +references: + guides: + 'AlloyDB': 'https://cloud.google.com/alloydb/docs/' + api: 'https://cloud.google.com/alloydb/docs/reference/rest/v1/projects.locations.clusters.instances/create' +docs: + warning: | + Deleting an instance with instanceType = SECONDARY does not delete the secondary instance, and abandons it instead. + Use deletion_policy = "FORCE" in the associated secondary cluster and delete the cluster forcefully to delete the secondary cluster as well its associated secondary instance. + Users can undo the delete secondary instance action by importing the deleted secondary instance by calling terraform import. +base_url: '{{cluster}}/instances?instanceId={{instance_id}}' +self_link: '{{cluster}}/instances/{{instance_id}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/clusters/{{cluster}}/instances/{{instance_id}}' +timeouts: + insert_minutes: 120 + update_minutes: 120 + delete_minutes: 120 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + timeouts: + insert_minutes: 120 + update_minutes: 120 + delete_minutes: 120 + result: + path: 'response' + resource_inside_response: false + error: + path: 'error' + message: 'message' + include_project: true +custom_code: + pre_create: 'templates/terraform/pre_create/go/alloydb_instance.go.tmpl' + pre_delete: 'templates/terraform/pre_delete/go/alloydb_instance.go.tmpl' + custom_import: 'templates/terraform/custom_import/go/alloydb_instance.go.tmpl' +# Skipping the sweeper because instances will be deleted during cluster sweeps +exclude_sweeper: true +examples: + - name: 'alloydb_instance_basic' + primary_resource_id: 'default' + vars: + alloydb_cluster_name: 'alloydb-cluster' + alloydb_instance_name: 'alloydb-instance' + network_name: 'alloydb-network' + ignore_read_extra: + - 'reconciling' + - 'update_time' + exclude_test: true + - name: 'alloydb_secondary_instance_basic' + primary_resource_id: 'secondary' + vars: + alloydb_primary_cluster_name: 'alloydb-primary-cluster' + alloydb_primary_instance_name: 'alloydb-primary-instance' + alloydb_secondary_cluster_name: 'alloydb-secondary-cluster' + alloydb_secondary_instance_name: 'alloydb-secondary-instance' + network_name: 'alloydb-secondary-network' + ignore_read_extra: + - 'reconciling' + - 'update_time' + exclude_test: true + - name: 'alloydb_instance_basic_test' + primary_resource_id: 'default' + vars: + alloydb_cluster_name: 'alloydb-cluster' + alloydb_instance_name: 'alloydb-instance' + network_name: 'alloydb-network' + test_vars_overrides: + 'network_name': 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' + ignore_read_extra: + - 'reconciling' + - 'update_time' + exclude_docs: true + - name: 'alloydb_secondary_instance_basic_test' + primary_resource_id: 'secondary' + vars: + alloydb_primary_cluster_name: 'alloydb-primary-cluster' + alloydb_primary_instance_name: 'alloydb-primary-instance' + alloydb_secondary_cluster_name: 'alloydb-secondary-cluster' + alloydb_secondary_instance_name: 'alloydb-secondary-instance' + network_name: 'alloydb-secondary-network' + test_vars_overrides: + 'network_name': 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' + ignore_read_extra: + - 'reconciling' + - 'update_time' + exclude_docs: true + - name: 'alloydb_instance_psc_test' + primary_resource_id: 'default' + vars: + alloydb_cluster_name: 'alloydb-cluster' + alloydb_instance_name: 'alloydb-instance' + network_name: 'alloydb-network' + ignore_read_extra: + - 'reconciling' + - 'update_time' + exclude_docs: true +parameters: + - name: 'cluster' + type: ResourceRef + description: | + Identifies the alloydb cluster. Must be in the format + 'projects/{project}/locations/{location}/clusters/{cluster_id}' + url_param_only: true + required: true + immutable: true + resource: 'Cluster' + imports: 'name' + - name: 'instanceId' + type: String + description: | + The ID of the alloydb instance. + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: | + The name of the instance resource. + output: true + - name: 'createTime' + type: Time + description: | + Time the Instance was created in UTC. + output: true + - name: 'updateTime' + type: Time + description: | + Time the Instance was updated in UTC. + output: true + - name: 'uid' + type: String + description: | + The system-generated UID of the resource. + output: true + - name: 'labels' + type: KeyValueLabels + description: 'User-defined labels for the alloydb instance.' + - name: 'annotations' + type: KeyValueAnnotations + description: + 'Annotations to allow client tools to store small amount of arbitrary + data. This is distinct from labels.' + - name: 'state' + type: String + description: | + The current state of the alloydb instance. + output: true + - name: 'displayName' + type: String + description: | + User-settable and human-readable display name for the Instance. + ignore_read: true + - name: 'gceZone' + type: String + description: | + The Compute Engine zone that the instance should serve from, per https://cloud.google.com/compute/docs/regions-zones This can ONLY be specified for ZONAL instances. If present for a REGIONAL instance, an error will be thrown. If this is absent for a ZONAL instance, instance is created in a random zone with available capacity. + - name: 'reconciling' + type: Boolean + description: | + Set to true if the current state of Instance does not match the user's intended state, and the service is actively updating the resource to reconcile them. This can happen due to user-triggered updates or system actions like failover or maintenance. + output: true + - name: 'databaseFlags' + type: KeyValuePairs + description: + 'Database flags. Set at instance level. * They are copied from primary + instance on read instance creation. * Read instances can set new or + override existing flags that are relevant for reads, e.g. for enabling + columnar cache on a read instance. Flags set on read instance may or may + not be present on primary.' + default_from_api: true + - name: 'availabilityType' + type: Enum + description: | + 'Availability type of an Instance. Defaults to REGIONAL for both primary and read instances. + Note that primary and read instances can have different availability types. + Only READ_POOL instance supports ZONAL type. Users can't specify the zone for READ_POOL instance. + Zone is automatically chosen from the list of zones in the region specified. + Read pool of size 1 can only have zonal availability. Read pools with node count of 2 or more + can have regional availability (nodes are present in 2 or more zones in a region).' + default_from_api: true + enum_values: + - 'AVAILABILITY_TYPE_UNSPECIFIED' + - 'ZONAL' + - 'REGIONAL' + - name: 'instanceType' + type: Enum + description: | + The type of the instance. + If the instance type is READ_POOL, provide the associated PRIMARY/SECONDARY instance in the `depends_on` meta-data attribute. + If the instance type is SECONDARY, point to the cluster_type of the associated secondary cluster instead of mentioning SECONDARY. + Example: {instance_type = google_alloydb_cluster..cluster_type} instead of {instance_type = SECONDARY} + If the instance type is SECONDARY, the terraform delete instance operation does not delete the secondary instance but abandons it instead. + Use deletion_policy = "FORCE" in the associated secondary cluster and delete the cluster forcefully to delete the secondary cluster as well its associated secondary instance. + Users can undo the delete secondary instance action by importing the deleted secondary instance by calling terraform import. + required: true + immutable: true + enum_values: + - 'PRIMARY' + - 'READ_POOL' + - 'SECONDARY' + - name: 'ipAddress' + type: String + description: | + The IP address for the Instance. This is the connection endpoint for an end-user application. + output: true + - name: 'queryInsightsConfig' + type: NestedObject + description: 'Configuration for query insights.' + default_from_api: true + properties: + - name: 'queryStringLength' + type: Integer + description: 'Query string length. The default value is 1024. Any integer between 256 and 4500 is considered valid.' + - name: 'recordApplicationTags' + type: Boolean + description: 'Record application tags for an instance. This flag is turned "on" by default.' + - name: 'recordClientAddress' + type: Boolean + description: 'Record client address for an instance. Client address is PII information. This flag is turned "on" by default.' + - name: 'queryPlansPerMinute' + type: Integer + description: 'Number of query execution plans captured by Insights per minute for all queries combined. The default value is 5. Any integer between 0 and 20 is considered valid.' + - name: 'observabilityConfig' + type: NestedObject + description: 'Configuration for enhanced query insights.' + min_version: 'beta' + default_from_api: true + properties: + - name: 'enabled' + type: Boolean + description: 'Observability feature status for an instance.' + - name: 'preserveComments' + type: Boolean + description: 'Preserve comments in the query string.' + - name: 'trackWaitEvents' + type: Boolean + description: 'Record wait events during query execution for an instance.' + - name: 'trackWaitEventTypes' + type: Boolean + description: 'Record wait event types during query execution for an instance.' + - name: 'maxQueryStringLength' + type: Integer + description: 'Query string length. The default value is 10240. Any integer between 1024 and 100000 is considered valid.' + - name: 'recordApplicationTags' + type: Boolean + description: 'Record application tags for an instance. This flag is turned "on" by default.' + - name: 'queryPlansPerMinute' + type: Integer + description: 'Number of query execution plans captured by Insights per minute for all queries combined. The default value is 5. Any integer between 0 and 200 is considered valid.' + - name: 'trackActiveQueries' + type: Boolean + description: 'Track actively running queries. If not set, default value is "off".' + - name: 'readPoolConfig' + type: NestedObject + description: 'Read pool specific config. If the instance type is READ_POOL, this configuration must be provided.' + properties: + - name: 'nodeCount' + type: Integer + description: + 'Read capacity, i.e. number of nodes in a read pool instance.' + - name: 'machineConfig' + type: NestedObject + description: + 'Configurations for the machines that host the underlying database engine.' + default_from_api: true + properties: + - name: 'cpuCount' + type: Integer + description: "The number of CPU's in the VM instance." + + default_from_api: true + - name: 'clientConnectionConfig' + type: NestedObject + description: | + Client connection specific configurations. + default_from_api: true + properties: + - name: 'requireConnectors' + type: Boolean + description: | + Configuration to enforce connectors only (ex: AuthProxy) connections to the database. + - name: 'sslConfig' + type: NestedObject + description: | + SSL config option for this instance. + default_from_api: true + properties: + - name: 'sslMode' + type: Enum + description: 'SSL mode. Specifies client-server SSL/TLS connection behavior.' + default_from_api: true + enum_values: + - 'ENCRYPTED_ONLY' + - 'ALLOW_UNENCRYPTED_AND_ENCRYPTED' + - name: 'pscInstanceConfig' + type: NestedObject + description: | + Configuration for Private Service Connect (PSC) for the instance. + default_from_api: true + properties: + - name: 'serviceAttachmentLink' + type: String + description: | + The service attachment created when Private Service Connect (PSC) is enabled for the instance. + The name of the resource will be in the format of + `projects//regions//serviceAttachments/` + output: true + - name: 'allowedConsumerProjects' + type: Array + description: | + List of consumer projects that are allowed to create PSC endpoints to service-attachments to this instance. + These should be specified as project numbers only. + item_type: + type: String + item_validation: + regex: '^\d+$' + - name: 'pscDnsName' + type: String + description: | + The DNS name of the instance for PSC connectivity. + Name convention: ...alloydb-psc.goog + output: true + - name: 'networkConfig' + type: NestedObject + description: | + Instance level network configuration. + properties: + - name: 'authorizedExternalNetworks' + type: Array + description: | + A list of external networks authorized to access this instance. This + field is only allowed to be set when `enable_public_ip` is set to + true. + required_with: + - 'networkConfig.0.enablePublicIp' + item_type: + type: NestedObject + properties: + - name: 'cidrRange' + type: String + description: 'CIDR range for one authorized network of the instance.' + - name: 'enablePublicIp' + type: Boolean + description: | + Enabling public ip for the instance. If a user wishes to disable this, + please also clear the list of the authorized external networks set on + the same instance. + - name: 'enableOutboundPublicIp' + type: Boolean + description: | + Enabling outbound public ip for the instance. + - name: 'publicIpAddress' + type: String + description: | + The public IP addresses for the Instance. This is available ONLY when + networkConfig.enablePublicIp is set to true. This is the connection + endpoint for an end-user application. + output: true + - name: 'outboundPublicIpAddresses' + type: Array + description: | + The outbound public IP addresses for the instance. This is available ONLY when + networkConfig.enableOutboundPublicIp is set to true. These IP addresses are used + for outbound connections. + output: true + item_type: + type: String diff --git a/mmv1/products/alloydb/go_User.yaml b/mmv1/products/alloydb/go_User.yaml new file mode 100644 index 000000000000..08b25010d222 --- /dev/null +++ b/mmv1/products/alloydb/go_User.yaml @@ -0,0 +1,129 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'User' +description: 'A database user in an AlloyDB cluster.' +references: + guides: + 'AlloyDB': 'https://cloud.google.com/alloydb/docs/' + api: 'https://cloud.google.com/alloydb/docs/reference/rest/v1/projects.locations.clusters.users/create' +docs: +base_url: '{{cluster}}/users' +self_link: '{{cluster}}/users/{{user_id}}' +create_url: '{{cluster}}/users?userId={{user_id}}' +update_url: '{{cluster}}/users?userId={{user_id}}' +update_verb: 'POST' +import_format: + - 'projects/{{project}}/locations/{{location}}/clusters/{{cluster}}/users/{{user_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +custom_code: + custom_import: 'templates/terraform/custom_import/go/alloydb_user.go.tmpl' +# Skipping the sweeper because instances will be deleted during cluster sweeps +exclude_sweeper: true +examples: + - name: 'alloydb_user_builtin' + primary_resource_id: 'user1' + vars: + alloydb_cluster_name: 'alloydb-cluster' + alloydb_cluster_pass: 'cluster_secret' + alloydb_instance_name: 'alloydb-instance' + alloydb_user_name: 'user1' + alloydb_user_pass: 'user_secret' + network_name: 'alloydb-network' + ignore_read_extra: + - 'password' + exclude_test: true + - name: 'alloydb_user_builtin_test' + primary_resource_id: 'user1' + vars: + alloydb_cluster_name: 'alloydb-cluster' + alloydb_cluster_pass: 'cluster_secret' + alloydb_instance_name: 'alloydb-instance' + alloydb_user_name: 'user1' + alloydb_user_pass: 'user_secret' + network_name: 'alloydb-network' + test_vars_overrides: + 'network_name': 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' + ignore_read_extra: + - 'password' + exclude_docs: true + - name: 'alloydb_user_iam' + primary_resource_id: 'user2' + vars: + alloydb_cluster_name: 'alloydb-cluster' + alloydb_instance_name: 'alloydb-instance' + alloydb_cluster_pass: 'cluster_secret' + alloydb_user_name: 'user2@foo.com' + network_name: 'alloydb-network' + exclude_test: true + - name: 'alloydb_user_iam_test' + primary_resource_id: 'user2' + vars: + alloydb_cluster_name: 'alloydb-cluster' + alloydb_instance_name: 'alloydb-instance' + alloydb_cluster_pass: 'cluster_secret' + alloydb_user_name: 'user2@foo.com' + network_name: 'alloydb-network' + test_vars_overrides: + 'network_name': 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' + exclude_docs: true +parameters: + - name: 'cluster' + type: ResourceRef + description: | + Identifies the alloydb cluster. Must be in the format + 'projects/{project}/locations/{location}/clusters/{cluster_id}' + url_param_only: true + required: true + immutable: true + resource: 'Cluster' + imports: 'name' + - name: 'userId' + type: String + description: | + The database role name of the user. + url_param_only: true + required: true + immutable: true + - name: 'userType' + type: Enum + description: | + The type of this user. + required: true + immutable: true + enum_values: + - 'ALLOYDB_BUILT_IN' + - 'ALLOYDB_IAM_USER' +properties: + - name: 'name' + type: String + description: | + Name of the resource in the form of projects/{project}/locations/{location}/clusters/{cluster}/users/{user}. + output: true + - name: 'password' + type: String + description: | + Password for this database user. + ignore_read: true + - name: 'databaseRoles' + type: Array + description: | + List of database roles this database user has. + item_type: + type: String diff --git a/mmv1/products/alloydb/go_product.yaml b/mmv1/products/alloydb/go_product.yaml new file mode 100644 index 000000000000..082d410a4bca --- /dev/null +++ b/mmv1/products/alloydb/go_product.yaml @@ -0,0 +1,24 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Alloydb' +display_name: 'AlloyDB' +versions: + - name: 'beta' + base_url: 'https://alloydb.googleapis.com/v1beta/' + - name: 'ga' + base_url: 'https://alloydb.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-identity' diff --git a/mmv1/products/alloydb/product.yaml b/mmv1/products/alloydb/product.yaml index dce761bcb4e1..7ae67da98bdb 100644 --- a/mmv1/products/alloydb/product.yaml +++ b/mmv1/products/alloydb/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2022 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,20 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: Alloydb +display_name: AlloyDB +versions: + - !ruby/object:Api::Product::Version + name: beta + base_url: https://alloydb.googleapis.com/v1beta/ + - !ruby/object:Api::Product::Version + name: ga + base_url: https://alloydb.googleapis.com/v1/ +scopes: + - https://www.googleapis.com/auth/cloud-identity +======= --- name: 'Alloydb' display_name: 'AlloyDB' @@ -21,3 +39,4 @@ versions: base_url: 'https://alloydb.googleapis.com/v1/' scopes: - 'https://www.googleapis.com/auth/cloud-identity' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/apigateway/Api.yaml b/mmv1/products/apigateway/Api.yaml index 883e796621fb..5804b25493ab 100644 --- a/mmv1/products/apigateway/Api.yaml +++ b/mmv1/products/apigateway/Api.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,88 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Api' +min_version: beta +create_url: projects/{{project}}/locations/global/apis?apiId={{api_id}} +self_link: projects/{{project}}/locations/global/apis/{{api_id}} +base_url: projects/{{project}}/locations/global/apis +update_verb: :PATCH +update_mask: true +identity: + - apiId +description: | + A consumable API that can be used by multiple Gateways. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/api-gateway/docs/quickstart' + api: 'https://cloud.google.com/api-gateway/docs/reference/rest/v1beta/projects.locations.apis' +autogen_async: true +iam_policy: !ruby/object:Api::Resource::IamPolicy + allowed_iam_role: 'roles/apigateway.viewer' + method_name_separator: ':' + parent_resource_attribute: 'api' + base_url: projects/{{project}}/locations/global/apis/{{api}} + import_format: + [ + 'projects/{{project}}/locations/global/apis/{{api}}', + '{{project}}/{{api}}', + '{{api}}', + ] +examples: + - !ruby/object:Provider::Terraform::Examples + min_version: beta + name: 'apigateway_api_basic' + primary_resource_id: 'api' + primary_resource_name: + 'fmt.Sprintf("tf-test-my-api%s", context["random_suffix"])' + vars: + api_id: 'my-api' + - !ruby/object:Provider::Terraform::Examples + skip_docs: true + min_version: beta + name: 'apigateway_api_full' + primary_resource_id: 'api' + primary_resource_name: + 'fmt.Sprintf("tf-test-my-api%s", context["random_suffix"])' + vars: + api_id: 'my-api' +parameters: + - !ruby/object:Api::Type::String + name: apiId + description: | + Identifier to assign to the API. Must be unique within scope of the parent resource(project) + required: true + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'name' + description: | + The resource name of the API. Format `projects/{{project}}/locations/global/apis/{{apiId}}` + output: true + - !ruby/object:Api::Type::String + name: 'displayName' + description: | + A user-visible name for the API. + default_from_api: true + - !ruby/object:Api::Type::String + name: 'managedService' + immutable: true + description: | + Immutable. The name of a Google Managed Service ( https://cloud.google.com/service-infrastructure/docs/glossary#managed). + If not specified, a new Service will automatically be created in the same project as this API. + default_from_api: true + - !ruby/object:Api::Type::Time + name: 'createTime' + description: Creation timestamp in RFC3339 text format. + output: true + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: | + Resource labels to represent user-provided metadata. +======= --- name: 'Api' description: | @@ -111,3 +197,4 @@ properties: description: | Resource labels to represent user-provided metadata. min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/apigateway/ApiConfig.yaml b/mmv1/products/apigateway/ApiConfig.yaml index 5ec9f9dbf972..e110f8be0441 100644 --- a/mmv1/products/apigateway/ApiConfig.yaml +++ b/mmv1/products/apigateway/ApiConfig.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,70 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'ApiConfig' +min_version: beta +create_url: projects/{{project}}/locations/global/apis/{{api}}/configs?apiConfigId={{api_config_id}} +self_link: projects/{{project}}/locations/global/apis/{{api}}/configs/{{api_config_id}} +base_url: projects/{{project}}/locations/global/apis/{{api}}/configs +read_query_params: '?view=FULL' +update_verb: :PATCH +update_mask: true +description: | + An API Configuration is an association of an API Controller Config and a Gateway Config +identity: + - apiConfigId +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/api-gateway/docs/creating-api-config' + api: 'https://cloud.google.com/api-gateway/docs/reference/rest/v1beta/projects.locations.apis.configs' +docs: !ruby/object:Provider::Terraform::Docs + optional_properties: | + * `api_config_id_prefix` - (Optional) Creates a unique name beginning with the + specified prefix. If this and api_config_id are unspecified, a random value is chosen for the name. +autogen_async: true +iam_policy: !ruby/object:Api::Resource::IamPolicy + skip_import_test: true + allowed_iam_role: 'roles/apigateway.viewer' + parent_resource_attribute: api_config + base_url: projects/{{project}}/locations/global/apis/{{api}}/configs/{{api_config}} + example_config_body: 'templates/terraform/iam/example_config_body/api_gateway_api_config.tf.erb' + method_name_separator: ':' + import_format: + [ + 'projects/{{project}}/locations/global/apis/{{api}}/configs/{{api_config}}', + '{{project}}/{{api}}/{{api_config}}', + '{{api}}/{{api_config}}', + '{{api_config}}', + ] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'apigateway_api_config_basic' + min_version: beta + primary_resource_id: 'api_cfg' + # Need to pass 2 ids into a Sprintf - parent resource id also needed to identify primary resource + primary_resource_name: 'fmt.Sprintf("tf-test-my-api%s", context["random_suffix"]), fmt.Sprintf("tf-test-my-config%s", context["random_suffix"])' + vars: + api_id: 'my-api' + config_id: 'my-config' + - !ruby/object:Provider::Terraform::Examples + skip_docs: true + min_version: beta + name: 'apigateway_api_config_full' + primary_resource_id: 'api_cfg' + primary_resource_name: + 'fmt.Sprintf("tf-test-my-api%s", context["random_suffix"])' + vars: + api_id: 'my-api' + config_id: 'my-config' + - !ruby/object:Provider::Terraform::Examples + min_version: beta + name: 'apigateway_api_config_grpc' + primary_resource_id: 'api_cfg' + primary_resource_name: + 'fmt.Sprintf("tf-test-my-api%s", context["random_suffix"])' +======= --- name: 'ApiConfig' description: | @@ -87,11 +155,124 @@ examples: primary_resource_id: 'api_cfg' primary_resource_name: 'fmt.Sprintf("tf-test-my-api%s", context["random_suffix"])' min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: api_id: 'my-api' config_id: 'my-config' ignore_read_extra: - 'grpc_services.0.file_descriptor_set' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + skip_docs: true + min_version: beta + name: 'apigateway_api_config_grpc_full' + primary_resource_id: 'api_cfg' + vars: + api_id: 'my-api' + config_id: 'my-config' +custom_code: !ruby/object:Provider::Terraform::CustomCode + extra_schema_entry: templates/terraform/extra_schema_entry/api_config.erb + encoder: 'templates/terraform/encoders/api_config.go.erb' +parameters: + - !ruby/object:Api::Type::String + name: api + description: | + The API to attach the config to. + required: true + immutable: true + url_param_only: true + - !ruby/object:Api::Type::String + name: apiConfigId + description: | + Identifier to assign to the API Config. Must be unique within scope of the parent resource(api). + immutable: true + url_param_only: true + default_from_api: true +properties: + - !ruby/object:Api::Type::String + name: 'name' + description: The resource name of the API Config. + output: true + - !ruby/object:Api::Type::String + name: 'displayName' + description: | + A user-visible name for the API. + default_from_api: true + - !ruby/object:Api::Type::String + name: 'serviceConfigId' + output: true + description: | + The ID of the associated Service Config (https://cloud.google.com/service-infrastructure/docs/glossary#config). + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: | + Resource labels to represent user-provided metadata. + - !ruby/object:Api::Type::NestedObject + name: 'gatewayConfig' + immutable: true + description: | + Immutable. Gateway specific configuration. + If not specified, backend authentication will be set to use OIDC authentication using the default compute service account + ignore_read: true + properties: + - !ruby/object:Api::Type::NestedObject + name: 'backendConfig' + required: true + description: | + Backend settings that are applied to all backends of the Gateway. + properties: + - !ruby/object:Api::Type::String + name: 'googleServiceAccount' + immutable: true + required: true + description: | + Google Cloud IAM service account used to sign OIDC tokens for backends that have authentication configured + (https://cloud.google.com/service-infrastructure/docs/service-management/reference/rest/v1/services.configs#backend). + - !ruby/object:Api::Type::Array + name: 'openapiDocuments' + description: | + OpenAPI specification documents. If specified, grpcServices and managedServiceConfigs must not be included. + exactly_one_of: + - openapi_documents + - grpc_services + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::NestedObject + name: 'document' + required: true + description: The OpenAPI Specification document file. + properties: + - !ruby/object:Api::Type::String + name: 'path' + required: true + immutable: true + description: | + The file path (full or relative path). This is typically the path of the file when it is uploaded. + - !ruby/object:Api::Type::String + name: 'contents' + required: true + immutable: true + description: | + Base64 encoded content of the file. + validation: !ruby/object:Provider::Terraform::Validation + function: 'verify.ValidateBase64String' + - !ruby/object:Api::Type::Array + name: 'grpcServices' + description: | + gRPC service definition files. If specified, openapiDocuments must not be included. + exactly_one_of: + - openapi_documents + - grpc_services + required_with: + - managed_service_configs + ignore_read: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::NestedObject + name: 'fileDescriptorSet' + required: true + immutable: true +======= - name: 'apigateway_api_config_grpc_full' primary_resource_id: 'api_cfg' min_version: 'beta' @@ -212,11 +393,70 @@ properties: properties: - name: 'fileDescriptorSet' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Input only. File descriptor set, generated by protoc. To generate, use protoc with imports and source info included. For an example test.proto file, the following command would put the value in a new file named out.pb. $ protoc --include_imports --include_source_info test.proto -o out.pb +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::String + name: 'path' + required: true + immutable: true + description: | + The file path (full or relative path). This is typically the path of the file when it is uploaded. + - !ruby/object:Api::Type::String + name: 'contents' + required: true + immutable: true + description: | + Base64 encoded content of the file. + validation: !ruby/object:Provider::Terraform::Validation + function: 'verify.ValidateBase64String' + - !ruby/object:Api::Type::Array + name: 'source' + description: | + Uncompiled proto files associated with the descriptor set, used for display purposes (server-side compilation is not supported). These should match the inputs to 'protoc' command used to generate fileDescriptorSet. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'path' + required: true + immutable: true + description: | + The file path (full or relative path). This is typically the path of the file when it is uploaded. + - !ruby/object:Api::Type::String + name: 'contents' + required: true + immutable: true + description: | + Base64 encoded content of the file. + validation: !ruby/object:Provider::Terraform::Validation + function: 'verify.ValidateBase64String' + - !ruby/object:Api::Type::Array + name: 'managedServiceConfigs' + description: | + Optional. Service Configuration files. At least one must be included when using gRPC service definitions. See https://cloud.google.com/endpoints/docs/grpc/grpc-service-config#service_configuration_overview for the expected file contents. + If multiple files are specified, the files are merged with the following rules: * All singular scalar fields are merged using "last one wins" semantics in the order of the files uploaded. * Repeated fields are concatenated. * Singular embedded messages are merged using these rules for nested fields. + required_with: + - grpc_services + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'path' + required: true + immutable: true + description: | + The file path (full or relative path). This is typically the path of the file when it is uploaded. + - !ruby/object:Api::Type::String + name: 'contents' + required: true + immutable: true + description: | + Base64 encoded content of the file. +======= min_version: 'beta' required: true immutable: true @@ -286,3 +526,4 @@ properties: min_version: 'beta' required: true immutable: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/apigateway/Gateway.yaml b/mmv1/products/apigateway/Gateway.yaml index 29320f100073..1faebc328dd3 100644 --- a/mmv1/products/apigateway/Gateway.yaml +++ b/mmv1/products/apigateway/Gateway.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,45 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Gateway' +min_version: beta +create_url: projects/{{project}}/locations/{{region}}/gateways?gatewayId={{gateway_id}} +self_link: projects/{{project}}/locations/{{region}}/gateways/{{gateway_id}} +base_url: projects/{{project}}/locations/{{region}}/gateways +update_verb: :PATCH +update_mask: true +identity: + - gatewayId +description: | + A consumable API that can be used by multiple Gateways. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/api-gateway/docs/quickstart' + api: 'https://cloud.google.com/api-gateway/docs/reference/rest/v1beta/projects.locations.apis' +autogen_async: true +iam_policy: !ruby/object:Api::Resource::IamPolicy + skip_import_test: true + allowed_iam_role: 'roles/apigateway.viewer' + method_name_separator: ':' + parent_resource_attribute: 'gateway' + base_url: projects/{{project}}/locations/{{region}}/gateways/{{gateway}} + import_format: + [ + 'projects/{{project}}/locations/{{region}}/gateways/{{gateway}}', + '{{project}}/{{region}}/{{gateway}}', + '{{region}}/{{gateway}}', + '{{gateway}}', + ] +examples: + - !ruby/object:Provider::Terraform::Examples + min_version: beta + name: 'apigateway_gateway_basic' + primary_resource_id: 'api_gw' + primary_resource_name: + 'fmt.Sprintf("tf-test-my-gateway%s", context["random_suffix"])' +======= --- name: 'Gateway' description: | @@ -64,18 +107,60 @@ examples: primary_resource_id: 'api_gw' primary_resource_name: 'fmt.Sprintf("tf-test-my-gateway%s", context["random_suffix"])' min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: api_id: 'my-api' config_id: 'my-config' gateway_id: 'my-gateway' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + skip_docs: true + min_version: beta + name: 'apigateway_gateway_full' + primary_resource_id: 'api_gw' + primary_resource_name: + 'fmt.Sprintf("tf-test-my-gateway%s", context["random_suffix"])' +======= - name: 'apigateway_gateway_full' primary_resource_id: 'api_gw' primary_resource_name: 'fmt.Sprintf("tf-test-my-gateway%s", context["random_suffix"])' min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: api_id: 'my-api' config_id: 'my-config' gateway_id: 'my-gateway' +<<<<<<< HEAD +parameters: + - !ruby/object:Api::Type::String + name: 'region' + description: | + The region of the gateway for the API. + immutable: true + url_param_only: true + default_from_api: true + - !ruby/object:Api::Type::String + name: gatewayId + description: | + Identifier to assign to the Gateway. Must be unique within scope of the parent resource(project). + required: true + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'name' + description: | + Resource name of the Gateway. Format: projects/{project}/locations/{region}/gateways/{gateway} + output: true + - !ruby/object:Api::Type::String + name: 'displayName' + description: | + A user-visible name for the API. + default_from_api: true + - !ruby/object:Api::Type::String + name: 'apiConfig' + required: true +======= exclude_docs: true parameters: - name: 'region' @@ -109,10 +194,24 @@ properties: default_from_api: true - name: 'apiConfig' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Resource name of the API Config for this Gateway. Format: projects/{project}/locations/global/apis/{api}/configs/{apiConfig}. When changing api configs please ensure the new config is a new resource and the [lifecycle](https://developer.hashicorp.com/terraform/language/meta-arguments/lifecycle) rule `create_before_destroy` is set. +<<<<<<< HEAD + diff_suppress_func: tpgresource.CompareResourceNames + - !ruby/object:Api::Type::String + name: 'defaultHostname' + output: true + description: + The default API Gateway host name of the form + {gatewayId}-{hash}.{region_code}.gateway.dev. + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: | + Resource labels to represent user-provided metadata. +======= min_version: 'beta' required: true diff_suppress_func: 'tpgresource.CompareResourceNames' @@ -128,3 +227,4 @@ properties: description: | Resource labels to represent user-provided metadata. min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/apigateway/go_Api.yaml b/mmv1/products/apigateway/go_Api.yaml new file mode 100644 index 000000000000..9eb0085cda9f --- /dev/null +++ b/mmv1/products/apigateway/go_Api.yaml @@ -0,0 +1,114 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Api' +description: | + A consumable API that can be used by multiple Gateways. +min_version: 'beta' +references: + guides: + 'Official Documentation': 'https://cloud.google.com/api-gateway/docs/quickstart' + api: 'https://cloud.google.com/api-gateway/docs/reference/rest/v1beta/projects.locations.apis' +docs: +base_url: 'projects/{{project}}/locations/global/apis' +self_link: 'projects/{{project}}/locations/global/apis/{{api_id}}' +create_url: 'projects/{{project}}/locations/global/apis?apiId={{api_id}}' +update_verb: 'PATCH' +update_mask: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +identity: + - apiId +iam_policy: + method_name_separator: ':' + allowed_iam_role: 'roles/apigateway.viewer' + parent_resource_attribute: 'api' + base_url: 'projects/{{project}}/locations/global/apis/{{api}}' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/global/apis/{{api}}' + - '{{project}}/{{api}}' + - '{{api}}' +custom_code: +examples: + - name: 'apigateway_api_basic' + primary_resource_id: 'api' + primary_resource_name: 'fmt.Sprintf("tf-test-my-api%s", context["random_suffix"])' + min_version: 'beta' + vars: + api_id: 'my-api' + - name: 'apigateway_api_full' + primary_resource_id: 'api' + primary_resource_name: 'fmt.Sprintf("tf-test-my-api%s", context["random_suffix"])' + min_version: 'beta' + vars: + api_id: 'my-api' + exclude_docs: true +parameters: + - name: 'apiId' + type: String + description: | + Identifier to assign to the API. Must be unique within scope of the parent resource(project) + min_version: 'beta' + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: | + The resource name of the API. Format `projects/{{project}}/locations/global/apis/{{apiId}}` + min_version: 'beta' + output: true + - name: 'displayName' + type: String + description: | + A user-visible name for the API. + min_version: 'beta' + default_from_api: true + - name: 'managedService' + type: String + description: | + Immutable. The name of a Google Managed Service ( https://cloud.google.com/service-infrastructure/docs/glossary#managed). + If not specified, a new Service will automatically be created in the same project as this API. + min_version: 'beta' + immutable: true + default_from_api: true + - name: 'createTime' + type: Time + description: Creation timestamp in RFC3339 text format. + min_version: 'beta' + output: true + - name: 'labels' + type: KeyValueLabels + description: | + Resource labels to represent user-provided metadata. + min_version: 'beta' diff --git a/mmv1/products/apigateway/go_ApiConfig.yaml b/mmv1/products/apigateway/go_ApiConfig.yaml new file mode 100644 index 000000000000..e5098a29a65d --- /dev/null +++ b/mmv1/products/apigateway/go_ApiConfig.yaml @@ -0,0 +1,289 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'ApiConfig' +description: | + An API Configuration is an association of an API Controller Config and a Gateway Config +min_version: 'beta' +references: + guides: + 'Official Documentation': 'https://cloud.google.com/api-gateway/docs/creating-api-config' + api: 'https://cloud.google.com/api-gateway/docs/reference/rest/v1beta/projects.locations.apis.configs' +docs: + optional_properties: | + * `api_config_id_prefix` - (Optional) Creates a unique name beginning with the + specified prefix. If this and api_config_id are unspecified, a random value is chosen for the name. +base_url: 'projects/{{project}}/locations/global/apis/{{api}}/configs' +self_link: 'projects/{{project}}/locations/global/apis/{{api}}/configs/{{api_config_id}}' +create_url: 'projects/{{project}}/locations/global/apis/{{api}}/configs?apiConfigId={{api_config_id}}' +update_verb: 'PATCH' +update_mask: true + +read_query_params: '?view=FULL' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +identity: + - apiConfigId +iam_policy: + exclude_import_test: true + method_name_separator: ':' + allowed_iam_role: 'roles/apigateway.viewer' + parent_resource_attribute: 'api_config' + base_url: 'projects/{{project}}/locations/global/apis/{{api}}/configs/{{api_config}}' + example_config_body: 'templates/terraform/iam/example_config_body/go/api_gateway_api_config.tf.tmpl' + import_format: + - 'projects/{{project}}/locations/global/apis/{{api}}/configs/{{api_config}}' + - '{{project}}/{{api}}/{{api_config}}' + - '{{api}}/{{api_config}}' + - '{{api_config}}' +custom_code: + extra_schema_entry: 'templates/terraform/extra_schema_entry/go/api_config.tmpl' + encoder: 'templates/terraform/encoders/go/api_config.go.tmpl' +examples: + - name: 'apigateway_api_config_basic' + primary_resource_id: 'api_cfg' + # Need to pass 2 ids into a Sprintf - parent resource id also needed to identify primary resource + primary_resource_name: 'fmt.Sprintf("tf-test-my-api%s", context["random_suffix"]), fmt.Sprintf("tf-test-my-config%s", context["random_suffix"])' + min_version: 'beta' + vars: + api_id: 'my-api' + config_id: 'my-config' + - name: 'apigateway_api_config_full' + primary_resource_id: 'api_cfg' + primary_resource_name: 'fmt.Sprintf("tf-test-my-api%s", context["random_suffix"])' + min_version: 'beta' + vars: + api_id: 'my-api' + config_id: 'my-config' + exclude_docs: true + - name: 'apigateway_api_config_grpc' + primary_resource_id: 'api_cfg' + primary_resource_name: 'fmt.Sprintf("tf-test-my-api%s", context["random_suffix"])' + min_version: 'beta' + vars: + api_id: 'my-api' + config_id: 'my-config' + ignore_read_extra: + - 'grpc_services.0.file_descriptor_set' + - name: 'apigateway_api_config_grpc_full' + primary_resource_id: 'api_cfg' + min_version: 'beta' + vars: + api_id: 'my-api' + config_id: 'my-config' + exclude_docs: true +parameters: + - name: 'api' + type: String + description: | + The API to attach the config to. + min_version: 'beta' + url_param_only: true + required: true + immutable: true + - name: 'apiConfigId' + type: String + description: | + Identifier to assign to the API Config. Must be unique within scope of the parent resource(api). + min_version: 'beta' + url_param_only: true + immutable: true + default_from_api: true +properties: + - name: 'name' + type: String + description: The resource name of the API Config. + min_version: 'beta' + output: true + - name: 'displayName' + type: String + description: | + A user-visible name for the API. + min_version: 'beta' + default_from_api: true + - name: 'serviceConfigId' + type: String + description: | + The ID of the associated Service Config (https://cloud.google.com/service-infrastructure/docs/glossary#config). + min_version: 'beta' + output: true + - name: 'labels' + type: KeyValueLabels + description: | + Resource labels to represent user-provided metadata. + min_version: 'beta' + - name: 'gatewayConfig' + type: NestedObject + description: | + Immutable. Gateway specific configuration. + If not specified, backend authentication will be set to use OIDC authentication using the default compute service account + min_version: 'beta' + immutable: true + ignore_read: true + properties: + - name: 'backendConfig' + type: NestedObject + description: | + Backend settings that are applied to all backends of the Gateway. + min_version: 'beta' + required: true + properties: + - name: 'googleServiceAccount' + type: String + description: | + Google Cloud IAM service account used to sign OIDC tokens for backends that have authentication configured + (https://cloud.google.com/service-infrastructure/docs/service-management/reference/rest/v1/services.configs#backend). + min_version: 'beta' + required: true + immutable: true + - name: 'openapiDocuments' + type: Array + description: | + OpenAPI specification documents. If specified, grpcServices and managedServiceConfigs must not be included. + min_version: 'beta' + exactly_one_of: + - 'openapi_documents' + - 'grpc_services' + item_type: + type: NestedObject + properties: + - name: 'document' + type: NestedObject + description: The OpenAPI Specification document file. + min_version: 'beta' + required: true + properties: + - name: 'path' + type: String + description: | + The file path (full or relative path). This is typically the path of the file when it is uploaded. + min_version: 'beta' + required: true + immutable: true + - name: 'contents' + type: String + description: | + Base64 encoded content of the file. + min_version: 'beta' + required: true + immutable: true + validation: + function: 'verify.ValidateBase64String' + - name: 'grpcServices' + type: Array + description: | + gRPC service definition files. If specified, openapiDocuments must not be included. + min_version: 'beta' + ignore_read: true + exactly_one_of: + - 'openapi_documents' + - 'grpc_services' + required_with: + - 'managed_service_configs' + item_type: + type: NestedObject + properties: + - name: 'fileDescriptorSet' + type: NestedObject + description: | + Input only. File descriptor set, generated by protoc. + To generate, use protoc with imports and source info included. For an example test.proto file, the following command would put the value in a new file named out.pb. + + $ protoc --include_imports --include_source_info test.proto -o out.pb + min_version: 'beta' + required: true + immutable: true + properties: + - name: 'path' + type: String + description: | + The file path (full or relative path). This is typically the path of the file when it is uploaded. + min_version: 'beta' + required: true + immutable: true + - name: 'contents' + type: String + description: | + Base64 encoded content of the file. + min_version: 'beta' + required: true + immutable: true + validation: + function: 'verify.ValidateBase64String' + - name: 'source' + type: Array + description: | + Uncompiled proto files associated with the descriptor set, used for display purposes (server-side compilation is not supported). These should match the inputs to 'protoc' command used to generate fileDescriptorSet. + min_version: 'beta' + item_type: + type: NestedObject + properties: + - name: 'path' + type: String + description: | + The file path (full or relative path). This is typically the path of the file when it is uploaded. + min_version: 'beta' + required: true + immutable: true + - name: 'contents' + type: String + description: | + Base64 encoded content of the file. + min_version: 'beta' + required: true + immutable: true + validation: + function: 'verify.ValidateBase64String' + - name: 'managedServiceConfigs' + type: Array + description: | + Optional. Service Configuration files. At least one must be included when using gRPC service definitions. See https://cloud.google.com/endpoints/docs/grpc/grpc-service-config#service_configuration_overview for the expected file contents. + If multiple files are specified, the files are merged with the following rules: * All singular scalar fields are merged using "last one wins" semantics in the order of the files uploaded. * Repeated fields are concatenated. * Singular embedded messages are merged using these rules for nested fields. + min_version: 'beta' + required_with: + - 'grpc_services' + item_type: + type: NestedObject + properties: + - name: 'path' + type: String + description: | + The file path (full or relative path). This is typically the path of the file when it is uploaded. + min_version: 'beta' + required: true + immutable: true + - name: 'contents' + type: String + description: | + Base64 encoded content of the file. + min_version: 'beta' + required: true + immutable: true diff --git a/mmv1/products/apigateway/go_Gateway.yaml b/mmv1/products/apigateway/go_Gateway.yaml new file mode 100644 index 000000000000..ec550b1bc418 --- /dev/null +++ b/mmv1/products/apigateway/go_Gateway.yaml @@ -0,0 +1,131 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Gateway' +description: | + A consumable API that can be used by multiple Gateways. +min_version: 'beta' +references: + guides: + 'Official Documentation': 'https://cloud.google.com/api-gateway/docs/quickstart' + api: 'https://cloud.google.com/api-gateway/docs/reference/rest/v1beta/projects.locations.apis' +docs: +base_url: 'projects/{{project}}/locations/{{region}}/gateways' +self_link: 'projects/{{project}}/locations/{{region}}/gateways/{{gateway_id}}' +create_url: 'projects/{{project}}/locations/{{region}}/gateways?gatewayId={{gateway_id}}' +update_verb: 'PATCH' +update_mask: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +identity: + - gatewayId +iam_policy: + exclude_import_test: true + method_name_separator: ':' + allowed_iam_role: 'roles/apigateway.viewer' + parent_resource_attribute: 'gateway' + base_url: 'projects/{{project}}/locations/{{region}}/gateways/{{gateway}}' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/{{region}}/gateways/{{gateway}}' + - '{{project}}/{{region}}/{{gateway}}' + - '{{region}}/{{gateway}}' + - '{{gateway}}' +custom_code: +examples: + - name: 'apigateway_gateway_basic' + primary_resource_id: 'api_gw' + primary_resource_name: 'fmt.Sprintf("tf-test-my-gateway%s", context["random_suffix"])' + min_version: 'beta' + vars: + api_id: 'my-api' + config_id: 'my-config' + gateway_id: 'my-gateway' + - name: 'apigateway_gateway_full' + primary_resource_id: 'api_gw' + primary_resource_name: 'fmt.Sprintf("tf-test-my-gateway%s", context["random_suffix"])' + min_version: 'beta' + vars: + api_id: 'my-api' + config_id: 'my-config' + gateway_id: 'my-gateway' + exclude_docs: true +parameters: + - name: 'region' + type: String + description: | + The region of the gateway for the API. + min_version: 'beta' + url_param_only: true + immutable: true + default_from_api: true + - name: 'gatewayId' + type: String + description: | + Identifier to assign to the Gateway. Must be unique within scope of the parent resource(project). + min_version: 'beta' + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: | + Resource name of the Gateway. Format: projects/{project}/locations/{region}/gateways/{gateway} + min_version: 'beta' + output: true + - name: 'displayName' + type: String + description: | + A user-visible name for the API. + min_version: 'beta' + default_from_api: true + - name: 'apiConfig' + type: String + description: | + Resource name of the API Config for this Gateway. Format: projects/{project}/locations/global/apis/{api}/configs/{apiConfig}. + When changing api configs please ensure the new config is a new resource and the + [lifecycle](https://developer.hashicorp.com/terraform/language/meta-arguments/lifecycle) rule `create_before_destroy` is set. + min_version: 'beta' + required: true + diff_suppress_func: 'tpgresource.CompareResourceNames' + - name: 'defaultHostname' + type: String + description: + The default API Gateway host name of the form + {gatewayId}-{hash}.{region_code}.gateway.dev. + min_version: 'beta' + output: true + - name: 'labels' + type: KeyValueLabels + description: | + Resource labels to represent user-provided metadata. + min_version: 'beta' diff --git a/mmv1/products/apigateway/go_product.yaml b/mmv1/products/apigateway/go_product.yaml new file mode 100644 index 000000000000..4e2b99e2e925 --- /dev/null +++ b/mmv1/products/apigateway/go_product.yaml @@ -0,0 +1,34 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'ApiGateway' +display_name: 'API Gateway' +versions: + - name: 'beta' + base_url: 'https://apigateway.googleapis.com/v1beta/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' +async: + type: "OpAsync" + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' diff --git a/mmv1/products/apigateway/product.yaml b/mmv1/products/apigateway/product.yaml index c656d1cad15e..5727b932637c 100644 --- a/mmv1/products/apigateway/product.yaml +++ b/mmv1/products/apigateway/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2020 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,7 +15,49 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: ApiGateway +display_name: API Gateway +versions: + - !ruby/object:Api::Product::Version + name: beta + base_url: https://apigateway.googleapis.com/v1beta/ +scopes: + - https://www.googleapis.com/auth/cloud-platform +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +======= +# Warning: This is a temporary file, and should not be edited directly --- +<<<<<<<< HEAD:mmv1/products/cloudrun/go_product.yaml +name: 'CloudRun' +display_name: 'Cloud Run' +versions: + - name: 'ga' + base_url: 'https://{{location}}-run.googleapis.com/' + cai_base_url: 'https://run.googleapis.com/v1/' + - name: 'beta' + base_url: 'https://{{location}}-run.googleapis.com/' + cai_base_url: 'https://run.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' +======== name: 'ApiGateway' display_name: 'API Gateway' versions: @@ -31,3 +77,5 @@ async: error: path: 'error' message: 'message' +>>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856:mmv1/products/apigateway/product.yaml +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/apigee/AddonsConfig.yaml b/mmv1/products/apigee/AddonsConfig.yaml index 1955f61e4a54..fca613d36a23 100644 --- a/mmv1/products/apigee/AddonsConfig.yaml +++ b/mmv1/products/apigee/AddonsConfig.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,109 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'AddonsConfig' +self_link: 'organizations/{{org}}' +base_url: 'organizations' +create_url: 'organizations/{{org}}:setAddons' +update_url: 'organizations/{{org}}:setAddons' +update_verb: :POST +delete_url: 'organizations/{{org}}:setAddons' +delete_verb: :POST +async: !ruby/object:Api::OpAsync + actions: ['create', 'update', 'delete'] + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + resource_inside_response: false + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +description: | + Configures the add-ons for the Apigee organization. The existing add-on configuration will be fully replaced. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Creating an API organization': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-org' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations#setaddons' +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/apigee_addons.go.erb + test_check_destroy: templates/terraform/custom_check_destroy/apigee_addons_override.go.erb +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_addons_basic' + skip_test: true + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_addons_full' + skip_test: true + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_addons_test' + primary_resource_id: 'apigee_org_addons' + skip_docs: true + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT +parameters: + - !ruby/object:Api::Type::String + name: 'org' + required: true + description: | + Name of the Apigee organization. + url_param_only: true + immutable: true +properties: + - !ruby/object:Api::Type::NestedObject + name: 'addonsConfig' + description: Addon configurations of the Apigee organization. + properties: + - !ruby/object:Api::Type::NestedObject + name: 'advancedApiOpsConfig' + description: Configuration for the Monetization add-on. + properties: + - !ruby/object:Api::Type::Boolean + name: 'enabled' + description: + Flag that specifies whether the Advanced API Ops add-on is + enabled. + - !ruby/object:Api::Type::NestedObject + name: 'integrationConfig' + description: Configuration for the Monetization add-on. + properties: + - !ruby/object:Api::Type::Boolean + name: 'enabled' + description: + Flag that specifies whether the Advanced API Ops add-on is + enabled. + - !ruby/object:Api::Type::NestedObject + name: 'monetizationConfig' + description: Configuration for the Monetization add-on. + properties: + - !ruby/object:Api::Type::Boolean + name: 'enabled' + description: + Flag that specifies whether the Advanced API Ops add-on is + enabled. + - !ruby/object:Api::Type::NestedObject + name: 'apiSecurityConfig' + description: Configuration for the Monetization add-on. + properties: + - !ruby/object:Api::Type::Boolean + name: 'enabled' + description: + Flag that specifies whether the Advanced API Ops add-on is + enabled. + - !ruby/object:Api::Type::String + name: 'expiresAt' +======= --- name: 'AddonsConfig' description: | @@ -109,10 +216,24 @@ properties: enabled. - name: 'expiresAt' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: Flag that specifies whether the Advanced API Ops add-on is enabled. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'connectorsPlatformConfig' + description: Configuration for the Monetization add-on. + properties: + - !ruby/object:Api::Type::Boolean + name: 'enabled' + description: + Flag that specifies whether the Advanced API Ops add-on is + enabled. + - !ruby/object:Api::Type::String + name: 'expiresAt' +======= - name: 'connectorsPlatformConfig' type: NestedObject description: Configuration for the Monetization add-on. @@ -124,6 +245,7 @@ properties: enabled. - name: 'expiresAt' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: Flag that specifies whether the Advanced API Ops add-on is enabled. diff --git a/mmv1/products/apigee/EndpointAttachment.yaml b/mmv1/products/apigee/EndpointAttachment.yaml index 1efb05ec209d..7fcc4736330b 100644 --- a/mmv1/products/apigee/EndpointAttachment.yaml +++ b/mmv1/products/apigee/EndpointAttachment.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,87 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'EndpointAttachment' +base_url: 'endpointAttachments' +create_url: '{{org_id}}/endpointAttachments?endpointAttachmentId={{endpoint_attachment_id}}' +self_link: '{{org_id}}/endpointAttachments/{{endpoint_attachment_id}}' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +immutable: true +description: | + Apigee Endpoint Attachment. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.endpointAttachments/create' + +autogen_async: true +import_format: + [ + '{{org_id}}/endpointAttachments/{{endpoint_attachment_id}}', + '{{org_id}}/{{endpoint_attachment_id}}', + ] +delete_url: '{{org_id}}/endpointAttachments/{{endpoint_attachment_id}}' +skip_sweeper: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_endpoint_attachment_basic' + skip_test: + true + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_endpoint_attachment_basic_test' + primary_resource_id: 'apigee_endpoint_attachment' + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + skip_docs: + true + # Resource creation race + skip_vcr: true +timeouts: !ruby/object:Api::Timeouts + insert_minutes: 30 + delete_minutes: 30 +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/apigee_endpoint_attachment.go.erb +parameters: + - !ruby/object:Api::Type::String + name: 'orgId' + description: | + The Apigee Organization associated with the Apigee instance, + in the format `organizations/{{org_name}}`. + required: true + immutable: true + url_param_only: true + - !ruby/object:Api::Type::String + name: 'endpointAttachmentId' + description: | + ID of the endpoint attachment. + required: true + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'name' +======= --- name: 'EndpointAttachment' description: | @@ -81,10 +166,30 @@ parameters: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the Endpoint Attachment in the following format: organizations/{organization}/endpointAttachments/{endpointAttachment}. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'location' + description: | + Location of the endpoint attachment. + required: true + - !ruby/object:Api::Type::String + name: 'host' + description: | + Host that can be used in either HTTP Target Endpoint directly, or as the host in Target Server. + output: true + - !ruby/object:Api::Type::String + name: 'serviceAttachment' + description: | + Format: projects/*/regions/*/serviceAttachments/* + required: true + - !ruby/object:Api::Type::String + name: 'connectionState' +======= - name: 'location' type: String description: | @@ -102,6 +207,7 @@ properties: required: true - name: 'connectionState' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | State of the endpoint attachment connection to the service attachment. output: true diff --git a/mmv1/products/apigee/EnvKeystore.yaml b/mmv1/products/apigee/EnvKeystore.yaml index 5af92f2ee88a..da59894a71fd 100644 --- a/mmv1/products/apigee/EnvKeystore.yaml +++ b/mmv1/products/apigee/EnvKeystore.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,52 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'EnvKeystore' +base_url: '{{env_id}}/keystores' +create_url: '{{env_id}}/keystores' +delete_url: '{{env_id}}/keystores/{{name}}' +self_link: '{{env_id}}/keystores/{{name}}' +immutable: true +description: | + An `Environment KeyStore` in Apigee. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.environments.keystores/create' +autogen_async: true +import_format: ['{{env_id}}/keystores/{{name}}', '{{env_id}}/{{name}}'] +skip_sweeper: true +examples: + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_environment_keystore_test' + primary_resource_id: 'apigee_environment_keystore' + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + skip_docs: + true + # Resource creation race +timeouts: !ruby/object:Api::Timeouts + insert_minutes: 1 + delete_minutes: 1 +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/apigee_environment_keystore.go.erb +parameters: + - !ruby/object:Api::Type::String + name: 'envId' + description: | + The Apigee environment group associated with the Apigee environment, + in the format `organizations/{{org_name}}/environments/{{env_name}}`. + required: true + immutable: true + url_param_only: true + - !ruby/object:Api::Type::String + name: 'name' +======= --- name: 'EnvKeystore' description: | @@ -57,10 +107,19 @@ parameters: immutable: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the newly created keystore. immutable: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'aliases' + item_type: Api::Type::String + description: | + Aliases in this keystore. + output: true +======= - name: 'aliases' type: Array description: | @@ -68,3 +127,4 @@ properties: output: true item_type: type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/apigee/EnvReferences.yaml b/mmv1/products/apigee/EnvReferences.yaml index 27150d075542..d3ac78e1cdad 100644 --- a/mmv1/products/apigee/EnvReferences.yaml +++ b/mmv1/products/apigee/EnvReferences.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,74 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'EnvReferences' +base_url: '{{env_id}}/references' +create_url: '{{env_id}}/references/' +delete_url: '{{env_id}}/references/{{name}}' +self_link: '{{env_id}}/references/{{name}}' +immutable: true +description: | + An `Environment Reference` in Apigee. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.environments.references/create' +autogen_async: true +import_format: ['{{env_id}}/references/{{name}}', '{{env_id}}/{{name}}'] +skip_sweeper: true +examples: + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_environment_reference_test' + primary_resource_id: 'apigee_environment_reference' + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + skip_docs: + true + # Resource creation race +timeouts: !ruby/object:Api::Timeouts + insert_minutes: 1 + delete_minutes: 1 +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/apigee_environment_reference.go.erb +parameters: + - !ruby/object:Api::Type::String + name: 'envId' + description: | + The Apigee environment group associated with the Apigee environment, + in the format `organizations/{{org_name}}/environments/{{env_name}}`. + required: true + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'name' + description: | + Required. The resource id of this reference. Values must match the regular expression [\w\s-.]+. + immutable: true + required: true + - !ruby/object:Api::Type::String + name: 'description' + description: | + Optional. A human-readable description of this reference. + immutable: true + - !ruby/object:Api::Type::String + name: 'resourceType' + description: | + The type of resource referred to by this reference. Valid values are 'KeyStore' or 'TrustStore'. + immutable: true + required: true + - !ruby/object:Api::Type::String + name: 'refers' + description: | + Required. The id of the resource to which this reference refers. Must be the id of a resource that exists in the parent environment and is of the given resourceType. + immutable: true + required: true +======= --- name: 'EnvReferences' description: | @@ -79,3 +151,4 @@ properties: Required. The id of the resource to which this reference refers. Must be the id of a resource that exists in the parent environment and is of the given resourceType. required: true immutable: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/apigee/Envgroup.yaml b/mmv1/products/apigee/Envgroup.yaml index e10d9362f2ec..82aea16580d4 100644 --- a/mmv1/products/apigee/Envgroup.yaml +++ b/mmv1/products/apigee/Envgroup.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,77 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Envgroup' +base_url: 'envgroups' +create_url: '{{org_id}}/envgroups' +self_link: '{{org_id}}/envgroups/{{name}}' +update_verb: :PATCH +update_mask: true +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +description: | + An `Environment group` in Apigee. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.envgroups/create' + +autogen_async: true +import_format: ['{{org_id}}/envgroups/{{name}}', '{{org_id}}/{{name}}'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_environment_group_basic' + vars: + envgroup_name: 'my-envgroup' + skip_test: + true + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_environment_group_basic_test' + primary_resource_id: 'apigee_environment_group' + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + skip_docs: + true + # Resource creation race + skip_vcr: true +timeouts: !ruby/object:Api::Timeouts + insert_minutes: 30 + delete_minutes: 30 +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/apigee_environment_group.go.erb +parameters: + - !ruby/object:Api::Type::String + name: 'orgId' + description: | + The Apigee Organization associated with the Apigee environment group, + in the format `organizations/{{org_name}}`. + required: true + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'name' +======= --- name: 'Envgroup' description: | @@ -75,10 +150,19 @@ parameters: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The resource ID of the environment group. required: true immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'hostnames' + description: | + Hostnames of the environment group. + required: false + item_type: Api::Type::String +======= - name: 'hostnames' type: Array description: | @@ -86,3 +170,4 @@ properties: required: false item_type: type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/apigee/EnvgroupAttachment.yaml b/mmv1/products/apigee/EnvgroupAttachment.yaml index 1771abe12de2..9f20ba081af1 100644 --- a/mmv1/products/apigee/EnvgroupAttachment.yaml +++ b/mmv1/products/apigee/EnvgroupAttachment.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,48 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'EnvgroupAttachment' +base_url: '{{envgroup_id}}/attachments' +create_url: '{{envgroup_id}}/attachments' +delete_url: '{{envgroup_id}}/attachments/{{name}}' +self_link: '{{envgroup_id}}/attachments/{{name}}' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +immutable: true +description: | + An `Environment Group attachment` in Apigee. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.envgroups.attachments/create' + +autogen_async: true +import_format: + ['{{envgroup_id}}/attachments/{{name}}', '{{envgroup_id}}/{{name}}'] +skip_sweeper: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_environment_group_attachment_basic' + skip_test: + true +======= --- name: 'EnvgroupAttachment' description: | @@ -51,12 +97,46 @@ custom_code: exclude_sweeper: true examples: - name: 'apigee_environment_group_attachment_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # This is a more verbose version of the above that creates all # the resources needed for the acceptance test. vars: project_id: 'my-project' envgroup_name: 'my-envgroup' environment_name: 'my-environment' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_environment_group_attachment_basic_test' + primary_resource_id: 'apigee_environment_group_attachment' + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + skip_docs: + true + # Resource creation race + skip_vcr: true +timeouts: !ruby/object:Api::Timeouts + insert_minutes: 30 + delete_minutes: 30 +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/apigee_environment_group_attachment.go.erb +parameters: + - !ruby/object:Api::Type::String + name: 'envgroupId' + description: | + The Apigee environment group associated with the Apigee environment, + in the format `organizations/{{org_name}}/envgroups/{{envgroup_name}}`. + required: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'environment' + description: | + The resource ID of the environment. + required: true + - !ruby/object:Api::Type::String + name: 'name' +======= exclude_test: true - name: 'apigee_environment_group_attachment_basic_test' primary_resource_id: 'apigee_environment_group_attachment' @@ -82,6 +162,7 @@ properties: required: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the newly created attachment (output parameter). output: true diff --git a/mmv1/products/apigee/Environment.yaml b/mmv1/products/apigee/Environment.yaml index 03433c147ff0..9a9f2ed7a868 100644 --- a/mmv1/products/apigee/Environment.yaml +++ b/mmv1/products/apigee/Environment.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,113 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Environment' +base_url: 'environments' +create_url: '{{org_id}}/environments' +self_link: '{{org_id}}/environments/{{name}}' +update_url: '{{org_id}}/environments/{{name}}' +update_verb: :PATCH +update_mask: true +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +description: | + An `Environment` in Apigee. +iam_policy: !ruby/object:Api::Resource::IamPolicy + method_name_separator: ':' + parent_resource_attribute: 'env_id' + import_format: ['{{%org_id}}/environments/{{name}}', '{{name}}'] + base_url: '{{org_id}}/environments/{{name}}' + self_link: '{{org_id}}/environments/{{name}}' +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.environments/create' + +autogen_async: true +import_format: ['{{org_id}}/environments/{{name}}', '{{org_id}}/{{name}}'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_environment_basic' + vars: + environment_name: 'my-environment' + skip_test: + true + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_environment_basic_test' + primary_resource_id: 'apigee_environment' + primary_resource_name: "fmt.Sprintf(\"organizations/tf-test%s\", + context[\"random_suffix\"\ + ]), fmt.Sprintf(\"tf-test%s\", context[\"random_suffix\"])" + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + skip_docs: + true + # Resource creation race + skip_vcr: true + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_environment_basic_deployment_apiproxy_type_test' + primary_resource_id: 'apigee_environment' + primary_resource_name: "fmt.Sprintf(\"organizations/tf-test%s\", + context[\"random_suffix\"\ + ]), fmt.Sprintf(\"tf-test%s\", context[\"random_suffix\"])" + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + skip_docs: + true + # Resource creation race + skip_vcr: true + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_environment_patch_update_test' + primary_resource_id: 'apigee_environment' + primary_resource_name: "fmt.Sprintf(\"organizations/tf-test%s\", + context[\"random_suffix\"\ + ]), fmt.Sprintf(\"tf-test%s\", context[\"random_suffix\"])" + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + skip_docs: true + min_version: beta + # Resource creation race + skip_vcr: true +timeouts: !ruby/object:Api::Timeouts + insert_minutes: 30 + delete_minutes: 30 +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/apigee_environment.go.erb +parameters: + - !ruby/object:Api::Type::String + name: 'orgId' + description: | + The Apigee Organization associated with the Apigee environment, + in the format `organizations/{{org_name}}`. + required: true + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'name' +======= --- name: 'Environment' description: | @@ -105,24 +216,40 @@ parameters: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The resource ID of the environment. required: true immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'displayName' +======= - name: 'displayName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Display name of the environment. required: false immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'description' +======= - name: 'description' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Description of the environment. required: false immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'deploymentType' +======= - name: 'deploymentType' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Optional. Deployment type supported by the environment. The deployment type can be set when creating the environment and cannot be changed. When you enable archive @@ -131,6 +258,27 @@ properties: Managing the deployment of API proxy or shared flow revisions; Creating, updating, or deleting resource files; Creating, updating, or deleting target servers. +<<<<<<< HEAD + values: + - 'DEPLOYMENT_TYPE_UNSPECIFIED' + - 'PROXY' + - 'ARCHIVE' + immutable: true + default_from_api: true + - !ruby/object:Api::Type::Enum + name: 'apiProxyType' + description: | + Optional. API Proxy type supported by the environment. The type can be set when creating + the Environment and cannot be changed. + values: + - 'API_PROXY_TYPE_UNSPECIFIED' + - 'PROGRAMMABLE' + - 'CONFIGURABLE' + immutable: true + default_from_api: true + - !ruby/object:Api::Type::NestedObject + name: 'nodeConfig' +======= immutable: true default_from_api: true enum_values: @@ -150,43 +298,73 @@ properties: - 'CONFIGURABLE' - name: 'nodeConfig' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | NodeConfig for setting the min/max number of nodes associated with the environment. default_from_api: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'minNodeCount' +======= - name: 'minNodeCount' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The minimum total number of gateway nodes that the is reserved for all instances that has the specified environment. If not specified, the default is determined by the recommended minimum number of nodes for that gateway. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'maxNodeCount' +======= - name: 'maxNodeCount' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The maximum total number of gateway nodes that the is reserved for all instances that has the specified environment. If not specified, the default is determined by the recommended maximum number of nodes for that gateway. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'currentAggregateNodeCount' +======= - name: 'currentAggregateNodeCount' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The current total number of gateway nodes that each environment currently has across all instances. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'type' +======= - name: 'type' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Types that can be selected for an Environment. Each of the types are limited by capability and capacity. Refer to Apigee's public documentation to understand about each of these types in details. An Apigee org can support heterogeneous Environments. default_from_api: true +<<<<<<< HEAD + values: +======= enum_values: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 - 'ENVIRONMENT_TYPE_UNSPECIFIED' - 'BASE' - 'INTERMEDIATE' - 'COMPREHENSIVE' +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'forwardProxyUri' +======= - name: 'forwardProxyUri' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Optional. URI of the forward proxy to be applied to the runtime instances in this environment. Must be in the format of {scheme}://{hostname}:{port}. Note that the scheme must be one of "http" or "https", and the port must be supplied. required: false diff --git a/mmv1/products/apigee/EnvironmentKeyvaluemaps.yaml b/mmv1/products/apigee/EnvironmentKeyvaluemaps.yaml index 6c09624ea467..38c7485a051a 100644 --- a/mmv1/products/apigee/EnvironmentKeyvaluemaps.yaml +++ b/mmv1/products/apigee/EnvironmentKeyvaluemaps.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,67 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'EnvironmentKeyvaluemaps' +description: | + Collection of key/value string pairs. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Using key value maps': 'https://cloud.google.com/apigee/docs/api-platform/cache/key-value-maps' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.environments.keyvaluemaps/create' + +base_url: '{{env_id}}/keyvaluemaps' +create_url: '{{env_id}}/keyvaluemaps' +delete_url: '{{env_id}}/keyvaluemaps/{{name}}' +self_link: '{{env_id}}/keyvaluemaps/{{name}}/entries' +import_format: ['{{env_id}}/keyvaluemaps/{{name}}', '{{env_id}}/{{name}}'] +skip_sweeper: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_environment_keyvaluemaps_basic' + primary_resource_id: 'apigee_environment_keyvaluemaps' + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + skip_test: true + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_environment_keyvaluemaps_test' + primary_resource_id: 'apigee_environment_keyvaluemaps' + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + skip_docs: true + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_environment_keyvaluemaps_beta_test' + primary_resource_id: 'apigee_environment_keyvaluemaps' + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + skip_docs: true + min_version: beta +immutable: true +timeouts: !ruby/object:Api::Timeouts + insert_minutes: 1 + delete_minutes: 1 +autogen_async: true +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/apigee_environment_keyvaluemaps.go.erb + custom_create: 'templates/terraform/custom_create/apigee_environment_keyvaluemaps.go' + decoder: templates/terraform/decoders/apigee_environment_keyvaluemaps.go.erb +parameters: + - !ruby/object:Api::Type::String + name: 'envId' + description: | + The Apigee environment group associated with the Apigee environment, + in the format `organizations/{{org_name}}/environments/{{env_name}}`. + required: true + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'name' +======= --- name: 'EnvironmentKeyvaluemaps' description: | @@ -70,6 +135,7 @@ parameters: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Required. ID of the key value map. required: true diff --git a/mmv1/products/apigee/EnvironmentKeyvaluemapsEntries.yaml b/mmv1/products/apigee/EnvironmentKeyvaluemapsEntries.yaml index 10ebb0d21f46..686a784a9e7a 100644 --- a/mmv1/products/apigee/EnvironmentKeyvaluemapsEntries.yaml +++ b/mmv1/products/apigee/EnvironmentKeyvaluemapsEntries.yaml @@ -1,16 +1,85 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +# Licensed under the Apache License, Version 2.0 (the 'License'); +======= # Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software +<<<<<<< HEAD +# distributed under the License is distributed on an 'AS IS' BASIS, +======= # distributed under the License is distributed on an "AS IS" BASIS, +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'EnvironmentKeyvaluemapsEntries' +description: | + Creates key value entries in a key value map scoped to an environment. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Using key value maps': 'https://cloud.google.com/apigee/docs/api-platform/cache/key-value-maps' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.keyvaluemaps.entries/create' + +base_url: '{{env_keyvaluemap_id}}/entries' +create_url: '{{env_keyvaluemap_id}}/entries' +delete_url: '{{env_keyvaluemap_id}}/entries/{{name}}' +self_link: '{{env_keyvaluemap_id}}/entries/{{name}}' +import_format: + ['{{env_keyvaluemap_id}}/entries/{{name}}', '{{env_keyvaluemap_id}}/{{name}}'] +skip_sweeper: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_environment_keyvaluemaps_entries_basic' + primary_resource_id: 'apigee_environment_keyvaluemaps_entries' + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + skip_test: true + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_environment_keyvaluemaps_entries_test' + primary_resource_id: 'apigee_environment_keyvaluemaps_entries' + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + skip_docs: true + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_environment_keyvaluemaps_entries_beta_test' + primary_resource_id: 'apigee_environment_keyvaluemaps_entries' + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + skip_docs: true + min_version: beta +timeouts: !ruby/object:Api::Timeouts + insert_minutes: 1 + delete_minutes: 1 +immutable: true +autogen_async: true +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/apigee_environment_keyvaluemaps_entries.go.erb +parameters: + - !ruby/object:Api::Type::String + name: 'env_keyvaluemap_id' + description: | + The Apigee environment keyvalumaps Id associated with the Apigee environment, + in the format `organizations/{{org_name}}/environments/{{env_name}}/keyvaluemaps/{{keyvaluemap_name}}`. + required: true + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'name' +======= --- name: 'EnvironmentKeyvaluemapsEntries' description: | @@ -68,12 +137,18 @@ parameters: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Required. Resource URI that can be used to identify the scope of the key value map entries. required: true immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'value' +======= - name: 'value' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Required. Data or payload that is being retrieved and associated with the unique key. required: true diff --git a/mmv1/products/apigee/Instance.yaml b/mmv1/products/apigee/Instance.yaml index 7af8975f474f..3f27b2b3084b 100644 --- a/mmv1/products/apigee/Instance.yaml +++ b/mmv1/products/apigee/Instance.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,148 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Instance' +base_url: 'instances' +create_url: '{{org_id}}/instances' +self_link: '{{org_id}}/instances/{{name}}' +create_verb: :POST +update_verb: :PATCH +update_mask: true +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +immutable: false +description: | + An `Instance` is the runtime dataplane in Apigee. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Creating a runtime instance': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-instance' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances/create' + +autogen_async: true +import_format: ['{{org_id}}/instances/{{name}}', '{{org_id}}/{{name}}'] +mutex: '{{org_id}}/apigeeInstances' +error_retry_predicates: ['transport_tpg.IsApigeeRetryableError'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_instance_basic' + vars: + instance_name: 'my-instance-name' + skip_test: + true + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_instance_basic_test' + primary_resource_id: 'apigee_instance' + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + skip_docs: + true + # Resource creation race + skip_vcr: true + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_instance_cidr_range' + vars: + instance_name: 'my-instance-name' + skip_test: + true + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_instance_cidr_range_test' + primary_resource_id: 'apigee_instance' + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + skip_docs: + true + # Resource creation race + skip_vcr: true + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_instance_ip_range' + vars: + instance_name: 'my-instance-name' + skip_test: + true + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_instance_ip_range_test' + primary_resource_id: 'apigee_instance' + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + skip_docs: + true + # Resource creation race + skip_vcr: true + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_instance_full' + vars: + instance_name: 'my-instance-name' + skip_test: + true + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_instance_full_test' + primary_resource_id: 'apigee_instance' + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + skip_docs: true + min_version: + beta + # Resource creation race + skip_vcr: true + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_instance_service_attachment_basic_test' + primary_resource_id: 'apigee_instance' + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + skip_docs: + true + # Resource creation race + skip_vcr: true +timeouts: !ruby/object:Api::Timeouts + insert_minutes: 60 + update_minutes: 20 + delete_minutes: 60 +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/apigee_instance.go.erb + constants: templates/terraform/constants/apigee_instance.go.erb +parameters: + - !ruby/object:Api::Type::String + name: 'orgId' + description: | + The Apigee Organization associated with the Apigee instance, + in the format `organizations/{{org_name}}`. + required: true + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'name' +======= --- name: 'Instance' description: | @@ -132,16 +278,33 @@ parameters: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Resource ID of the instance. required: true immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'location' +======= - name: 'location' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Required. Compute Engine location where the instance resides. required: true immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'peeringCidrRange' + description: | + The size of the CIDR block range that will be reserved by the instance. For valid values, + see [CidrRange](https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances#CidrRange) on the documentation. + default_from_api: true + immutable: true + - !ruby/object:Api::Type::String + name: 'ipRange' +======= - name: 'peeringCidrRange' type: String description: | @@ -151,6 +314,7 @@ properties: default_from_api: true - name: 'ipRange' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | IP range represents the customer-provided CIDR block of length 22 that will be used for the Apigee instance creation. This optional range, if provided, should be freely @@ -161,6 +325,20 @@ properties: Input format: "a.b.c.d/22" immutable: true ignore_read: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'description' + description: | + Description of the instance. + immutable: true + - !ruby/object:Api::Type::String + name: 'displayName' + description: | + Display name of the instance. + immutable: true + - !ruby/object:Api::Type::String + name: 'diskEncryptionKeyName' +======= - name: 'description' type: String description: | @@ -173,10 +351,25 @@ properties: immutable: true - name: 'diskEncryptionKeyName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Customer Managed Encryption Key (CMEK) used for disk and volume encryption. Required for Apigee paid subscriptions only. Use the following format: `projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)` immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'host' + description: | + Output only. Hostname or IP address of the exposed Apigee endpoint used by clients to connect to the service. + output: true + - !ruby/object:Api::Type::String + name: 'port' + description: | + Output only. Port number of the exposed Apigee endpoint. + output: true + - !ruby/object:Api::Type::Array + name: 'consumerAcceptList' +======= - name: 'host' type: String description: | @@ -189,6 +382,7 @@ properties: output: true - name: 'consumerAcceptList' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Optional. Customer accept list represents the list of projects (id/number) on customer side that can privately connect to the service attachment. It is an optional field @@ -197,10 +391,16 @@ properties: required: false default_from_api: true diff_suppress_func: 'projectListDiffSuppress' +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::String + name: 'serviceAttachment' +======= item_type: type: String - name: 'serviceAttachment' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Output only. Resource name of the service attachment created for the instance in the format: projects/*/regions/*/serviceAttachments/* Apigee customers can privately diff --git a/mmv1/products/apigee/InstanceAttachment.yaml b/mmv1/products/apigee/InstanceAttachment.yaml index b6fde339e98a..fb0289c22fe8 100644 --- a/mmv1/products/apigee/InstanceAttachment.yaml +++ b/mmv1/products/apigee/InstanceAttachment.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,47 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'InstanceAttachment' +base_url: '{{instance_id}}/attachments' +create_url: '{{instance_id}}/attachments' +delete_url: '{{instance_id}}/attachments/{{name}}' +self_link: '{{instance_id}}/attachments/{{name}}' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +immutable: true +description: | + An `Instance attachment` in Apigee. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances.attachments/create' +# Skipping the sweeper due to the non-standard instance_id +skip_sweeper: true +autogen_async: true +import_format: + ['{{instance_id}}/attachments/{{name}}', '{{instance_id}}/{{name}}'] +mutex: 'apigeeInstanceAttachments' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_instance_attachment_basic' +======= --- name: 'InstanceAttachment' description: | @@ -53,10 +98,48 @@ custom_code: exclude_sweeper: true examples: - name: 'apigee_instance_attachment_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: project_id: 'my-project' instance_name: 'my-instance-name' environment_name: 'my-environment-name' +<<<<<<< HEAD + skip_test: + true + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_instance_attachment_basic_test' + primary_resource_id: 'apigee_instance_attachment' + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + skip_docs: + true + # Resource creation race + skip_vcr: true +timeouts: !ruby/object:Api::Timeouts + insert_minutes: 30 + delete_minutes: 30 +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/apigee_instance_attachment.go.erb +parameters: + - !ruby/object:Api::Type::String + name: 'instanceId' + description: | + The Apigee instance associated with the Apigee environment, + in the format `organizations/{{org_name}}/instances/{{instance_name}}`. + required: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'environment' + description: | + The resource ID of the environment. + required: true + - !ruby/object:Api::Type::String + name: 'name' +======= exclude_test: true # This is a more verbose version of the above that creates all # the resources needed for the acceptance test. @@ -84,6 +167,7 @@ properties: required: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the newly created attachment (output parameter). output: true diff --git a/mmv1/products/apigee/KeystoresAliasesSelfSignedCert.yaml b/mmv1/products/apigee/KeystoresAliasesSelfSignedCert.yaml index 5e90f0ff30ea..2a00fd8f84c2 100644 --- a/mmv1/products/apigee/KeystoresAliasesSelfSignedCert.yaml +++ b/mmv1/products/apigee/KeystoresAliasesSelfSignedCert.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,35 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'KeystoresAliasesSelfSignedCert' +base_url: 'organizations/{{org_id}}/environments/{{environment}}/keystores/{{keystore}}/aliases/{{alias}}' +create_url: 'organizations/{{org_id}}/environments/{{environment}}/keystores/{{keystore}}/aliases?alias={{alias}}&format=selfsignedcert' +self_link: 'organizations/{{org_id}}/environments/{{environment}}/keystores/{{keystore}}/aliases/{{alias}}' +delete_url: 'organizations/{{org_id}}/environments/{{environment}}/keystores/{{keystore}}/aliases/{{alias}}' +immutable: true +description: | + An Environment Keystore Alias for Self Signed Certificate Format in Apigee +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.environments.keystores.aliases/create' +autogen_async: true +import_format: + [ + 'organizations/{{org_id}}/environments/{{environment}}/keystores/{{keystore}}/aliases/{{alias}}', + ] +skip_sweeper: true +examples: + - !ruby/object:Provider::Terraform::Examples + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. + name: 'apigee_env_keystore_alias_self_signed_cert' + primary_resource_id: 'apigee_environment_keystore_ss_alias' + # Resource uses multipart boundary which by default is random + skip_vcr: true +======= --- name: 'KeystoresAliasesSelfSignedCert' description: | @@ -41,12 +74,49 @@ examples: # the resources needed for the acceptance test. - name: 'apigee_env_keystore_alias_self_signed_cert' primary_resource_id: 'apigee_environment_keystore_ss_alias' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: project_id: 'my-project' environment_name: 'env-name' keystore_name: 'env-keystore' keystores_alias: 'alias' test_env_vars: +<<<<<<< HEAD + org_id: :ORG_ID + billing_account: :BILLING_ACCT +# Resource creation race +timeouts: !ruby/object:Api::Timeouts + insert_minutes: 30 + delete_minutes: 30 +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/apigee_env_keystore_alias_self_signed_cert.go.erb +parameters: + - !ruby/object:Api::Type::String + name: 'orgId' + description: | + The Apigee Organization name associated with the Apigee environment + required: true + immutable: true + url_param_only: true + - !ruby/object:Api::Type::String + name: 'environment' + description: | + The Apigee environment name + required: true + immutable: true + url_param_only: true + - !ruby/object:Api::Type::String + name: 'keystore' + description: | + The Apigee keystore name associated in an Apigee environment + required: true + immutable: true + url_param_only: true + - !ruby/object:Api::Type::String + name: 'alias' + immutable: true + required: true +======= org_id: 'ORG_ID' billing_account: 'BILLING_ACCT' # Resource uses multipart boundary which by default is random @@ -75,10 +145,43 @@ parameters: immutable: true - name: 'alias' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Alias for the key/certificate pair. Values must match the regular expression [\w\s-.]{1,255}. This must be provided for all formats except selfsignedcert; self-signed certs may specify the alias in either this parameter or the JSON body. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'subjectAlternativeDnsNames' + immutable: true + description: | + List of alternative host names. Maximum length is 255 characters for each value. + properties: + - !ruby/object:Api::Type::String + name: 'subjectAlternativeName' + description: Subject Alternative Name + - !ruby/object:Api::Type::String + name: 'keySize' + description: | + Key size. Default and maximum value is 2048 bits. + ignore_read: true + - !ruby/object:Api::Type::String + name: 'sigAlg' + immutable: true + required: true + ignore_read: true + description: | + Signature algorithm to generate private key. Valid values are SHA512withRSA, SHA384withRSA, and SHA256withRSA + - !ruby/object:Api::Type::NestedObject + name: subject + immutable: true + required: true + description: Subject details. + ignore_read: true + properties: + - !ruby/object:Api::Type::String + name: 'countryCode' +======= required: true immutable: true - name: 'subjectAlternativeDnsNames' @@ -111,10 +214,80 @@ parameters: properties: - name: 'countryCode' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: Two-letter country code. Example, IN for India, US for United States of America. ignore_read: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'state' + description: State or district name. Maximum length is 128 characters. + ignore_read: true + - !ruby/object:Api::Type::String + name: 'locality' + description: City or town name. Maximum length is 128 characters. + ignore_read: true + - !ruby/object:Api::Type::String + name: 'org' + description: Organization name. Maximum length is 64 characters. + ignore_read: true + - !ruby/object:Api::Type::String + name: 'orgUnit' + description: Organization team name. Maximum length is 64 characters. + ignore_read: true + - !ruby/object:Api::Type::String + name: 'commonName' + ignore_read: true + description: | + Common name of the organization. Maximum length is 64 characters. + - !ruby/object:Api::Type::String + name: 'email' + description: Email address. Max 255 characters. + ignore_read: true + - !ruby/object:Api::Type::Integer + name: certValidityInDays + immutable: true + ignore_read: true + description: | + Validity duration of certificate, in days. Accepts positive non-zero value. Defaults to 365. +properties: + - !ruby/object:Api::Type::NestedObject + name: 'certsInfo' + description: Chain of certificates under this alias. + output: true + properties: + - !ruby/object:Api::Type::Array + name: 'certInfo' + description: List of all properties in the object. + output: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Integer + name: 'version' + description: X.509 version. + output: true + - !ruby/object:Api::Type::String + name: 'subject' + description: X.509 subject. + output: true + - !ruby/object:Api::Type::String + name: 'issuer' + description: X.509 issuer. + output: true + - !ruby/object:Api::Type::String + name: 'expiryDate' + description: + X.509 notAfter validity period in milliseconds since epoch. + output: true + - !ruby/object:Api::Type::String + name: 'validFrom' + description: + X.509 notBefore validity period in milliseconds since epoch. + output: true + - !ruby/object:Api::Type::String + name: 'isValid' +======= - name: 'state' type: String description: State or district name. Maximum length is 128 characters. @@ -183,10 +356,41 @@ properties: output: true - name: 'isValid' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Flag that specifies whether the certificate is valid. Flag is set to Yes if the certificate is valid, No if expired, or Not yet if not yet valid. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'subjectAlternativeNames' + description: X.509 subject alternative names (SANs) extension. + output: true + item_type: Api::Type::String + - !ruby/object:Api::Type::String + name: 'sigAlgName' + output: true + description: X.509 signatureAlgorithm. + - !ruby/object:Api::Type::String + name: 'publicKey' + output: true + description: + Public key component of the X.509 subject public key info. + - !ruby/object:Api::Type::String + name: 'basicConstraints' + output: true + description: X.509 basic constraints extension. + - !ruby/object:Api::Type::String + name: 'serialNumber' + output: true + description: X.509 serial number. + - !ruby/object:Api::Type::Enum + name: 'type' + output: true + description: | + Optional.Type of Alias + values: +======= - name: 'subjectAlternativeNames' type: Array description: X.509 subject alternative names (SANs) extension. @@ -216,6 +420,7 @@ properties: Optional.Type of Alias output: true enum_values: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 - 'ALIAS_TYPE_UNSPECIFIED' - 'CERT' - 'KEY_CERT' diff --git a/mmv1/products/apigee/NatAddress.yaml b/mmv1/products/apigee/NatAddress.yaml index 258265fc64d3..a58445748cce 100644 --- a/mmv1/products/apigee/NatAddress.yaml +++ b/mmv1/products/apigee/NatAddress.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,91 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'NatAddress' +base_url: '{{instance_id}}/natAddresses' +create_url: '{{instance_id}}/natAddresses' +delete_url: '{{instance_id}}/natAddresses/{{name}}' +self_link: '{{instance_id}}/natAddresses/{{name}}' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +immutable: false +description: | + Apigee NAT (network address translation) address. A NAT address is a static external IP address used for Internet egress traffic. This is not avaible for Apigee hybrid. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Provisioning NAT IPs': 'https://cloud.google.com/apigee/docs/api-platform/security/nat-provisioning' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances.natAddresses' +autogen_async: true +import_format: + ['{{instance_id}}/natAddresses/{{name}}', '{{instance_id}}/{{name}}'] +skip_sweeper: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_nat_address_basic' + vars: + nat_address_name: 'my-nat-address' + skip_test: + true + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_nat_address_basic_test' + primary_resource_id: 'apigee_nat_address' + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + skip_docs: + true + # Resource creation race + skip_vcr: true + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_nat_address_with_activate' + vars: + nat_address_name: 'my-nat-address' + nat_address_activate: 'true' + skip_test: + true +timeouts: !ruby/object:Api::Timeouts + insert_minutes: 30 + update_minutes: 30 + delete_minutes: 30 +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: templates/terraform/constants/apigee_nat_address.go.erb + encoder: templates/terraform/encoders/apigee_nat_address.go.erb + decoder: templates/terraform/decoders/apigee_nat_address.go.erb + custom_update: templates/terraform/custom_update/apigee_nat_address.go.erb + post_create: templates/terraform/post_create/apigee_nat_address.go.erb + custom_import: templates/terraform/custom_import/apigee_nat_address.go.erb +parameters: + - !ruby/object:Api::Type::String + name: 'instanceId' + description: | + The Apigee instance associated with the Apigee environment, + in the format `organizations/{{org_name}}/instances/{{instance_name}}`. + required: true + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'name' +======= --- name: 'NatAddress' description: | @@ -86,16 +175,31 @@ parameters: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Resource ID of the NAT address. required: true immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'activate' +======= - name: 'activate' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Flag that specifies whether the reserved NAT address should be activate. required: false default_value: false +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'ipAddress' + description: | + The allocated NAT IP address. + output: true + - !ruby/object:Api::Type::String + name: 'state' +======= - name: 'ipAddress' type: String description: | @@ -103,6 +207,7 @@ properties: output: true - name: 'state' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | State of the NAT IP address. output: true diff --git a/mmv1/products/apigee/Organization.yaml b/mmv1/products/apigee/Organization.yaml index 05e38966e049..68d32a5cf325 100644 --- a/mmv1/products/apigee/Organization.yaml +++ b/mmv1/products/apigee/Organization.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,85 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Organization' +base_url: 'organizations' +create_url: 'organizations?parent=projects/{{project_id}}' +delete_url: 'organizations/{{name}}?retention={{retention}}' +self_link: 'organizations/{{name}}' +async: !ruby/object:Api::OpAsync + actions: ['create', 'update'] + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + timeouts: !ruby/object:Api::Timeouts + insert_minutes: 45 + update_minutes: 45 + delete_minutes: 45 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +description: | + An `Organization` is the top-level container in Apigee. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Creating an API organization': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-org' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations' + +autogen_async: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_organization_cloud_basic' + skip_test: + true + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_organization_cloud_basic_test' + primary_resource_id: 'org' + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + ignore_read_extra: + - properties + skip_docs: + true + # Resource creation race + skip_vcr: true + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_organization_cloud_basic_disable_vpc_peering' + skip_test: + true + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_organization_cloud_basic_disable_vpc_peering_test' + primary_resource_id: 'org' + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + ignore_read_extra: + - properties + skip_docs: + true + # Resource creation race + skip_vcr: true + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_organization_cloud_full' + skip_test: + true +======= --- name: 'Organization' description: | @@ -80,10 +163,30 @@ examples: skip_vcr: true - name: 'apigee_organization_cloud_full' exclude_test: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # This is a more verbose version of the above that creates all # the resources needed for the acceptance test. While all Apigee # resources in this test are in the GA API, we depend on a service # identity resource which is only available in the beta provider. +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_organization_cloud_full_test' + primary_resource_id: 'org' + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + ignore_read_extra: + - properties + skip_docs: true + min_version: + beta + # Resource creation race + skip_vcr: true + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_organization_cloud_full_disable_vpc_peering' + skip_test: + true +======= - name: 'apigee_organization_cloud_full_test' primary_resource_id: 'org' min_version: 'beta' @@ -97,10 +200,61 @@ examples: skip_vcr: true - name: 'apigee_organization_cloud_full_disable_vpc_peering' exclude_test: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # This is a more verbose version of the above that creates all # the resources needed for the acceptance test. While all Apigee # resources in this test are in the GA API, we depend on a service # identity resource which is only available in the beta provider. +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_organization_cloud_full_disable_vpc_peering_test' + primary_resource_id: 'org' + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + ignore_read_extra: + - properties + skip_docs: true + min_version: + beta + # Resource creation race + skip_vcr: true + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_organization_retention_test' + primary_resource_id: 'org' + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + skip_docs: true + min_version: + beta + # Resource creation race + skip_vcr: true + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_organization_drz_test' + primary_resource_id: 'org' + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + skip_docs: true + min_version: + beta + # Resource creation race + skip_vcr: true +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/apigee_organization.go.erb + encoder: templates/terraform/encoders/apigee_organization.go.erb +parameters: + - !ruby/object:Api::Type::String + name: 'projectId' + description: | + The project ID associated with the Apigee organization. + required: true + immutable: true + url_param_only: true + - !ruby/object:Api::Type::Enum + name: 'retention' +======= - name: 'apigee_organization_cloud_full_disable_vpc_peering_test' primary_resource_id: 'org' min_version: 'beta' @@ -140,11 +294,41 @@ parameters: immutable: true - name: 'retention' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Optional. This setting is applicable only for organizations that are soft-deleted (i.e., BillingType is not EVALUATION). It controls how long Organization data will be retained after the initial delete operation completes. During this period, the Organization may be restored to its last known state. After this period, the Organization will no longer be able to be restored. +<<<<<<< HEAD + values: + - 'DELETION_RETENTION_UNSPECIFIED' + - 'MINIMUM' + default_value: :DELETION_RETENTION_UNSPECIFIED + required: false + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'name' + description: | + Output only. Name of the Apigee organization. + output: true + - !ruby/object:Api::Type::String + name: 'displayName' + description: | + The display name of the Apigee organization. + - !ruby/object:Api::Type::String + name: 'description' + description: | + Description of the Apigee organization. + - !ruby/object:Api::Type::String + name: 'analyticsRegion' + description: | + Primary GCP region for analytics data storage. For valid values, see [Create an Apigee organization](https://cloud.google.com/apigee/docs/api-platform/get-started/create-org). + immutable: true + - !ruby/object:Api::Type::String + name: 'apiConsumerDataLocation' +======= url_param_only: true required: false default_value: "DELETION_RETENTION_UNSPECIFIED" @@ -172,11 +356,21 @@ properties: immutable: true - name: 'apiConsumerDataLocation' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This field is needed only for customers using non-default data residency regions. Apigee stores some control plane data only in single region. This field determines which single region Apigee should use. immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'apiConsumerDataEncryptionKeyName' + description: | + Cloud KMS key name used for encrypting API consumer data. + immutable: true + - !ruby/object:Api::Type::String + name: 'controlPlaneEncryptionKeyName' +======= - name: 'apiConsumerDataEncryptionKeyName' type: String description: | @@ -184,24 +378,48 @@ properties: immutable: true - name: 'controlPlaneEncryptionKeyName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Cloud KMS key name used for encrypting control plane data that is stored in a multi region. Only used for the data residency region "US" or "EU". immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'authorizedNetwork' +======= - name: 'authorizedNetwork' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Compute Engine network used for Service Networking to be peered with Apigee runtime instances. See [Getting started with the Service Networking API](https://cloud.google.com/service-infrastructure/docs/service-networking/getting-started). Valid only when `RuntimeType` is set to CLOUD. The value can be updated only when there are no runtime instances. For example: "default". +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'disableVpcPeering' +======= - name: 'disableVpcPeering' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Flag that specifies whether the VPC Peering through Private Google Access should be disabled between the consumer network and Apigee. Required if an `authorizedNetwork` on the consumer project is not provided, in which case the flag should be set to `true`. Valid only when `RuntimeType` is set to CLOUD. The value must be set before the creation of any Apigee runtime instance and can be updated only when there are no runtime instances. +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'runtimeType' + description: | + Runtime type of the Apigee organization based on the Apigee subscription purchased. + values: + - 'CLOUD' + - 'HYBRID' + default_value: :CLOUD + immutable: true + - !ruby/object:Api::Type::String + name: 'subscriptionType' +======= - name: 'runtimeType' type: Enum description: | @@ -213,30 +431,67 @@ properties: - 'HYBRID' - name: 'subscriptionType' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Output only. Subscription type of the Apigee organization. Valid values include trial (free, limited, and for evaluation purposes only) or paid (full subscription has been purchased). output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'billingType' +======= - name: 'billingType' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Billing type of the Apigee organization. See [Apigee pricing](https://cloud.google.com/apigee/pricing). immutable: true default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'caCertificate' +======= - name: 'caCertificate' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Output only. Base64-encoded public certificate for the root CA of the Apigee organization. Valid only when `RuntimeType` is CLOUD. A base64-encoded string. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'runtimeDatabaseEncryptionKeyName' +======= - name: 'runtimeDatabaseEncryptionKeyName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Cloud KMS key name used for encrypting the data that is stored and replicated across runtime instances. Update is not allowed after the organization is created. If not specified, a Google-Managed encryption key will be used. Valid only when `RuntimeType` is CLOUD. For example: `projects/foo/locations/us/keyRings/bar/cryptoKeys/baz`. immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'properties' + description: Properties defined in the Apigee organization profile. + default_from_api: true + properties: + - !ruby/object:Api::Type::Array + name: 'property' + description: List of all properties in the object. + custom_flatten: 'templates/terraform/custom_flatten/apigee_organization_property.go.erb' + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + description: Name of the property. + - !ruby/object:Api::Type::String + name: 'value' + description: Value of the property. + - !ruby/object:Api::Type::String + name: 'apigeeProjectId' +======= - name: 'properties' type: NestedObject description: Properties defined in the Apigee organization profile. @@ -257,6 +512,7 @@ properties: description: Value of the property. - name: 'apigeeProjectId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Output only. Project ID of the Apigee Tenant Project. output: true diff --git a/mmv1/products/apigee/SyncAuthorization.yaml b/mmv1/products/apigee/SyncAuthorization.yaml index 2d0d86f1597b..cfa66740b3de 100644 --- a/mmv1/products/apigee/SyncAuthorization.yaml +++ b/mmv1/products/apigee/SyncAuthorization.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,29 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'SyncAuthorization' +self_link: 'organizations/{{name}}:getSyncAuthorization' +base_url: '' +create_url: 'organizations/{{name}}:setSyncAuthorization' +update_url: 'organizations/{{name}}:setSyncAuthorization' +read_verb: :POST +update_verb: :POST +description: | + Authorize the Synchronizer to download environment data from the control plane. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Enable Synchronizer access': 'https://cloud.google.com/apigee/docs/hybrid/v1.8/synchronizer-access#enable-synchronizer-access' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations#getsyncauthorization' + +id_format: 'organizations/{{name}}/syncAuthorization' +import_format: ['organizations/{{name}}/syncAuthorization'] +skip_delete: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_sync_authorization_basic_test' +======= --- name: 'SyncAuthorization' description: | @@ -37,11 +64,29 @@ timeouts: custom_code: examples: - name: 'apigee_sync_authorization_basic_test' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'apigee_sync_authorization' vars: account_id: 'my-account' project_id: 'my-project' test_env_vars: +<<<<<<< HEAD + org_id: :ORG_ID + billing_account: :BILLING_ACCT +parameters: + - !ruby/object:Api::Type::String + name: 'name' + required: true + description: | + Name of the Apigee organization. + url_param_only: true + immutable: true +properties: + - !ruby/object:Api::Type::Array + name: 'identities' + required: true + send_empty_value: true +======= org_id: 'ORG_ID' billing_account: 'BILLING_ACCT' parameters: @@ -55,6 +100,7 @@ parameters: properties: - name: 'identities' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Array of service accounts to grant access to control plane resources, each specified using the following format: `serviceAccount:service-account-name`. @@ -63,6 +109,14 @@ properties: You might specify multiple service accounts, for example, if you have multiple environments and wish to assign a unique service account to each one. The service accounts must have **Apigee Synchronizer Manager** role. See also [Create service accounts](https://cloud.google.com/apigee/docs/hybrid/v1.8/sa-about#create-the-service-accounts). +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Fingerprint + name: 'etag' + description: | + Entity tag (ETag) used for optimistic concurrency control as a way to help prevent simultaneous updates from overwriting each other. + Used internally during updates. +======= required: true send_empty_value: true item_type: @@ -73,3 +127,4 @@ properties: Entity tag (ETag) used for optimistic concurrency control as a way to help prevent simultaneous updates from overwriting each other. Used internally during updates. output: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/apigee/TargetServer.yaml b/mmv1/products/apigee/TargetServer.yaml index acd3a29927a6..0262736aeb0a 100644 --- a/mmv1/products/apigee/TargetServer.yaml +++ b/mmv1/products/apigee/TargetServer.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,26 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'TargetServer' +base_url: '{{env_id}}/targetservers' +create_url: '{{env_id}}/targetservers' +delete_url: '{{env_id}}/targetservers/{{name}}' +self_link: '{{env_id}}/targetservers/{{name}}' +update_url: '{{env_id}}/targetservers/{{name}}' +description: | + TargetServer configuration. TargetServers are used to decouple a proxy TargetEndpoint HTTPTargetConnections from concrete URLs for backend services. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Load balancing across backend servers': 'https://cloud.google.com/apigee/docs/api-platform/deploy/load-balancing-across-backend-servers' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.environments.targetservers/create' +import_format: ['{{env_id}}/targetservers/{{name}}', '{{env_id}}/{{name}}'] +skip_sweeper: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_target_server_test_basic' +======= --- name: 'TargetServer' description: | @@ -38,12 +62,132 @@ custom_code: exclude_sweeper: true examples: - name: 'apigee_target_server_test_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'apigee_target_server' vars: project_id: 'my-project' environment_name: 'my-environment-name' target_server: 'my-target-server' test_env_vars: +<<<<<<< HEAD + org_id: :ORG_ID + billing_account: :BILLING_ACCT + skip_test: true + - !ruby/object:Provider::Terraform::Examples + name: 'apigee_target_server_test' + primary_resource_id: 'apigee_target_server' + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + skip_docs: true +timeouts: !ruby/object:Api::Timeouts + insert_minutes: 1 + update_minutes: 1 + delete_minutes: 1 + +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/apigee_target_server.go.erb +autogen_async: true +parameters: + - !ruby/object:Api::Type::String + name: 'envId' + description: | + The Apigee environment group associated with the Apigee environment, + in the format `organizations/{{org_name}}/environments/{{env_name}}`. + required: true + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'name' + description: | + The resource id of this reference. Values must match the regular expression [\w\s-.]+. + immutable: true + required: true + - !ruby/object:Api::Type::String + name: 'description' + description: | + A human-readable description of this TargetServer. + - !ruby/object:Api::Type::String + name: 'host' + description: | + The host name this target connects to. Value must be a valid hostname as described by RFC-1123. + required: true + - !ruby/object:Api::Type::Integer + name: 'port' + description: | + The port number this target connects to on the given host. Value must be between 1 and 65535, inclusive. + required: true + - !ruby/object:Api::Type::Boolean + name: 'isEnabled' + description: | + Enabling/disabling a TargetServer is useful when TargetServers are used in load balancing configurations, and one or more TargetServers need to taken out of rotation periodically. Defaults to true. + default_value: true + - !ruby/object:Api::Type::NestedObject + name: 'sSLInfo' + description: Specifies TLS configuration info for this TargetServer. The JSON name is sSLInfo for legacy/backwards compatibility reasons -- Edge originally supported SSL, and the name is still used for TLS configuration. + properties: + - !ruby/object:Api::Type::Boolean + name: 'enabled' + description: | + Enables TLS. If false, neither one-way nor two-way TLS will be enabled. + required: true + - !ruby/object:Api::Type::Boolean + name: 'clientAuthEnabled' + description: | + Enables two-way TLS. + - !ruby/object:Api::Type::String + name: 'keyStore' + description: | + Required if clientAuthEnabled is true. The resource ID of the keystore. + - !ruby/object:Api::Type::String + name: 'keyAlias' + description: | + Required if clientAuthEnabled is true. The resource ID for the alias containing the private key and cert. + - !ruby/object:Api::Type::String + name: 'trustStore' + description: | + The resource ID of the truststore. + - !ruby/object:Api::Type::Boolean + name: 'ignoreValidationErrors' + description: | + If true, Edge ignores TLS certificate errors. Valid when configuring TLS for target servers and target endpoints, and when configuring virtual hosts that use 2-way TLS. When used with a target endpoint/target server, if the backend system uses SNI and returns a cert with a subject Distinguished Name (DN) that does not match the hostname, there is no way to ignore the error and the connection fails. + - !ruby/object:Api::Type::Array + name: 'protocols' + item_type: Api::Type::String + description: | + The TLS versioins to be used. + - !ruby/object:Api::Type::Array + name: 'ciphers' + item_type: Api::Type::String + description: | + The SSL/TLS cipher suites to be used. For programmable proxies, it must be one of the cipher suite names listed in: http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#ciphersuites. For configurable proxies, it must follow the configuration specified in: https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration. This setting has no effect for configurable proxies when negotiating TLS 1.3. + - !ruby/object:Api::Type::NestedObject + name: 'commonName' + description: The TLS Common Name of the certificate. + properties: + - !ruby/object:Api::Type::String + name: 'value' + description: | + The TLS Common Name string of the certificate. + - !ruby/object:Api::Type::Boolean + name: 'wildcardMatch' + description: | + Indicates whether the cert should be matched against as a wildcard cert. + + - !ruby/object:Api::Type::Enum + name: 'protocol' + immutable: true + default_from_api: true + description: | + Immutable. The protocol used by this TargetServer. + values: + - :HTTP + - :HTTP2 + - :GRPC_TARGET + - :GRPC + - :EXTERNAL_CALLOUT +======= org_id: 'ORG_ID' billing_account: 'BILLING_ACCT' exclude_test: true @@ -154,3 +298,4 @@ properties: - 'GRPC_TARGET' - 'GRPC' - 'EXTERNAL_CALLOUT' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/apigee/go_AddonsConfig.yaml b/mmv1/products/apigee/go_AddonsConfig.yaml new file mode 100644 index 000000000000..16918d8fb718 --- /dev/null +++ b/mmv1/products/apigee/go_AddonsConfig.yaml @@ -0,0 +1,131 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'AddonsConfig' +description: | + Configures the add-ons for the Apigee organization. The existing add-on configuration will be fully replaced. +references: + guides: + 'Creating an API organization': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-org' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations#setaddons' +docs: +base_url: 'organizations' +self_link: 'organizations/{{org}}' +create_url: 'organizations/{{org}}:setAddons' +update_url: 'organizations/{{org}}:setAddons' +update_verb: 'POST' +delete_url: 'organizations/{{org}}:setAddons' +delete_verb: 'POST' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'update', 'delete'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: false + error: + path: 'error' + message: 'message' +custom_code: + custom_import: 'templates/terraform/custom_import/go/apigee_addons.go.tmpl' + test_check_destroy: 'templates/terraform/custom_check_destroy/go/apigee_addons_override.go.tmpl' +examples: + - name: 'apigee_addons_basic' + exclude_test: true + - name: 'apigee_addons_full' + exclude_test: true + - name: 'apigee_addons_test' + primary_resource_id: 'apigee_org_addons' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true +parameters: + - name: 'org' + type: String + description: | + Name of the Apigee organization. + url_param_only: true + required: true + immutable: true +properties: + - name: 'addonsConfig' + type: NestedObject + description: Addon configurations of the Apigee organization. + properties: + - name: 'advancedApiOpsConfig' + type: NestedObject + description: Configuration for the Monetization add-on. + properties: + - name: 'enabled' + type: Boolean + description: + Flag that specifies whether the Advanced API Ops add-on is + enabled. + - name: 'integrationConfig' + type: NestedObject + description: Configuration for the Monetization add-on. + properties: + - name: 'enabled' + type: Boolean + description: + Flag that specifies whether the Advanced API Ops add-on is + enabled. + - name: 'monetizationConfig' + type: NestedObject + description: Configuration for the Monetization add-on. + properties: + - name: 'enabled' + type: Boolean + description: + Flag that specifies whether the Advanced API Ops add-on is + enabled. + - name: 'apiSecurityConfig' + type: NestedObject + description: Configuration for the Monetization add-on. + properties: + - name: 'enabled' + type: Boolean + description: + Flag that specifies whether the Advanced API Ops add-on is + enabled. + - name: 'expiresAt' + type: String + description: + Flag that specifies whether the Advanced API Ops add-on is + enabled. + output: true + - name: 'connectorsPlatformConfig' + type: NestedObject + description: Configuration for the Monetization add-on. + properties: + - name: 'enabled' + type: Boolean + description: + Flag that specifies whether the Advanced API Ops add-on is + enabled. + - name: 'expiresAt' + type: String + description: + Flag that specifies whether the Advanced API Ops add-on is + enabled. + output: true diff --git a/mmv1/products/apigee/go_EndpointAttachment.yaml b/mmv1/products/apigee/go_EndpointAttachment.yaml new file mode 100644 index 000000000000..63c0ef97d604 --- /dev/null +++ b/mmv1/products/apigee/go_EndpointAttachment.yaml @@ -0,0 +1,108 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'EndpointAttachment' +description: | + Apigee Endpoint Attachment. +references: + guides: + 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.endpointAttachments/create' +docs: +base_url: 'endpointAttachments' +self_link: '{{org_id}}/endpointAttachments/{{endpoint_attachment_id}}' +create_url: '{{org_id}}/endpointAttachments?endpointAttachmentId={{endpoint_attachment_id}}' +delete_url: '{{org_id}}/endpointAttachments/{{endpoint_attachment_id}}' +immutable: true +import_format: + - '{{org_id}}/endpointAttachments/{{endpoint_attachment_id}}' + - '{{org_id}}/{{endpoint_attachment_id}}' +timeouts: + insert_minutes: 30 + update_minutes: 20 + delete_minutes: 30 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: + custom_import: 'templates/terraform/custom_import/go/apigee_endpoint_attachment.go.tmpl' +exclude_sweeper: true +examples: + - name: 'apigee_endpoint_attachment_basic' + exclude_test: true + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. + - name: 'apigee_endpoint_attachment_basic_test' + primary_resource_id: 'apigee_endpoint_attachment' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true + # Resource creation race + skip_vcr: true +parameters: + - name: 'orgId' + type: String + description: | + The Apigee Organization associated with the Apigee instance, + in the format `organizations/{{org_name}}`. + url_param_only: true + required: true + immutable: true + - name: 'endpointAttachmentId' + type: String + description: | + ID of the endpoint attachment. + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: | + Name of the Endpoint Attachment in the following format: + organizations/{organization}/endpointAttachments/{endpointAttachment}. + output: true + - name: 'location' + type: String + description: | + Location of the endpoint attachment. + required: true + - name: 'host' + type: String + description: | + Host that can be used in either HTTP Target Endpoint directly, or as the host in Target Server. + output: true + - name: 'serviceAttachment' + type: String + description: | + Format: projects/*/regions/*/serviceAttachments/* + required: true + - name: 'connectionState' + type: String + description: | + State of the endpoint attachment connection to the service attachment. + output: true diff --git a/mmv1/products/apigee/go_EnvKeystore.yaml b/mmv1/products/apigee/go_EnvKeystore.yaml new file mode 100644 index 000000000000..c62c5abe99e2 --- /dev/null +++ b/mmv1/products/apigee/go_EnvKeystore.yaml @@ -0,0 +1,71 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'EnvKeystore' +description: | + An `Environment KeyStore` in Apigee. +references: + guides: + 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.environments.keystores/create' +docs: +base_url: '{{env_id}}/keystores' +self_link: '{{env_id}}/keystores/{{name}}' +create_url: '{{env_id}}/keystores' +delete_url: '{{env_id}}/keystores/{{name}}' +immutable: true +import_format: + - '{{env_id}}/keystores/{{name}}' + - '{{env_id}}/{{name}}' + # Resource creation race +timeouts: + insert_minutes: 1 + update_minutes: 20 + delete_minutes: 1 +autogen_async: true +custom_code: + custom_import: 'templates/terraform/custom_import/go/apigee_environment_keystore.go.tmpl' +exclude_sweeper: true +examples: + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. + - name: 'apigee_environment_keystore_test' + primary_resource_id: 'apigee_environment_keystore' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true +parameters: + - name: 'envId' + type: String + description: | + The Apigee environment group associated with the Apigee environment, + in the format `organizations/{{org_name}}/environments/{{env_name}}`. + url_param_only: true + required: true + immutable: true + - name: 'name' + type: String + description: | + The name of the newly created keystore. + immutable: true +properties: + - name: 'aliases' + type: Array + description: | + Aliases in this keystore. + output: true + item_type: + type: String diff --git a/mmv1/products/apigee/go_EnvReferences.yaml b/mmv1/products/apigee/go_EnvReferences.yaml new file mode 100644 index 000000000000..1c02ceff31a1 --- /dev/null +++ b/mmv1/products/apigee/go_EnvReferences.yaml @@ -0,0 +1,82 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'EnvReferences' +description: | + An `Environment Reference` in Apigee. +references: + guides: + 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.environments.references/create' +docs: +base_url: '{{env_id}}/references' +self_link: '{{env_id}}/references/{{name}}' +create_url: '{{env_id}}/references/' +delete_url: '{{env_id}}/references/{{name}}' +immutable: true +import_format: + - '{{env_id}}/references/{{name}}' + - '{{env_id}}/{{name}}' + # Resource creation race +timeouts: + insert_minutes: 1 + update_minutes: 20 + delete_minutes: 1 +autogen_async: true +custom_code: + custom_import: 'templates/terraform/custom_import/go/apigee_environment_reference.go.tmpl' +exclude_sweeper: true +examples: + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. + - name: 'apigee_environment_reference_test' + primary_resource_id: 'apigee_environment_reference' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true +parameters: + - name: 'envId' + type: String + description: | + The Apigee environment group associated with the Apigee environment, + in the format `organizations/{{org_name}}/environments/{{env_name}}`. + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: | + Required. The resource id of this reference. Values must match the regular expression [\w\s-.]+. + required: true + immutable: true + - name: 'description' + type: String + description: | + Optional. A human-readable description of this reference. + immutable: true + - name: 'resourceType' + type: String + description: | + The type of resource referred to by this reference. Valid values are 'KeyStore' or 'TrustStore'. + required: true + immutable: true + - name: 'refers' + type: String + description: | + Required. The id of the resource to which this reference refers. Must be the id of a resource that exists in the parent environment and is of the given resourceType. + required: true + immutable: true diff --git a/mmv1/products/apigee/go_Envgroup.yaml b/mmv1/products/apigee/go_Envgroup.yaml new file mode 100644 index 000000000000..0c5fdee4bf10 --- /dev/null +++ b/mmv1/products/apigee/go_Envgroup.yaml @@ -0,0 +1,89 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Envgroup' +description: | + An `Environment group` in Apigee. +references: + guides: + 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.envgroups/create' +docs: +base_url: 'envgroups' +self_link: '{{org_id}}/envgroups/{{name}}' +create_url: '{{org_id}}/envgroups' +update_verb: 'PATCH' +update_mask: true +import_format: + - '{{org_id}}/envgroups/{{name}}' + - '{{org_id}}/{{name}}' +timeouts: + insert_minutes: 30 + update_minutes: 20 + delete_minutes: 30 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: + custom_import: 'templates/terraform/custom_import/go/apigee_environment_group.go.tmpl' +examples: + - name: 'apigee_environment_group_basic' + vars: + envgroup_name: 'my-envgroup' + exclude_test: true + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. + - name: 'apigee_environment_group_basic_test' + primary_resource_id: 'apigee_environment_group' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true + # Resource creation race + skip_vcr: true +parameters: + - name: 'orgId' + type: String + description: | + The Apigee Organization associated with the Apigee environment group, + in the format `organizations/{{org_name}}`. + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: | + The resource ID of the environment group. + required: true + immutable: true + - name: 'hostnames' + type: Array + description: | + Hostnames of the environment group. + required: false + item_type: + type: String diff --git a/mmv1/products/apigee/go_EnvgroupAttachment.yaml b/mmv1/products/apigee/go_EnvgroupAttachment.yaml new file mode 100644 index 000000000000..30aef3a00b65 --- /dev/null +++ b/mmv1/products/apigee/go_EnvgroupAttachment.yaml @@ -0,0 +1,88 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'EnvgroupAttachment' +description: | + An `Environment Group attachment` in Apigee. +references: + guides: + 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.envgroups.attachments/create' +docs: +base_url: '{{envgroup_id}}/attachments' +self_link: '{{envgroup_id}}/attachments/{{name}}' +create_url: '{{envgroup_id}}/attachments' +delete_url: '{{envgroup_id}}/attachments/{{name}}' +immutable: true +import_format: + - '{{envgroup_id}}/attachments/{{name}}' + - '{{envgroup_id}}/{{name}}' +timeouts: + insert_minutes: 30 + update_minutes: 20 + delete_minutes: 30 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: + custom_import: 'templates/terraform/custom_import/go/apigee_environment_group_attachment.go.tmpl' +exclude_sweeper: true +examples: + - name: 'apigee_environment_group_attachment_basic' + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. + vars: + project_id: 'my-project' + envgroup_name: 'my-envgroup' + environment_name: 'my-environment' + exclude_test: true + - name: 'apigee_environment_group_attachment_basic_test' + primary_resource_id: 'apigee_environment_group_attachment' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true + # Resource creation race + skip_vcr: true +parameters: + - name: 'envgroupId' + type: String + description: | + The Apigee environment group associated with the Apigee environment, + in the format `organizations/{{org_name}}/envgroups/{{envgroup_name}}`. + url_param_only: true + required: true +properties: + - name: 'environment' + type: String + description: | + The resource ID of the environment. + required: true + - name: 'name' + type: String + description: | + The name of the newly created attachment (output parameter). + output: true diff --git a/mmv1/products/apigee/go_Environment.yaml b/mmv1/products/apigee/go_Environment.yaml new file mode 100644 index 000000000000..3b56c304e878 --- /dev/null +++ b/mmv1/products/apigee/go_Environment.yaml @@ -0,0 +1,193 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Environment' +description: | + An `Environment` in Apigee. +references: + guides: + 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.environments/create' +docs: +base_url: 'environments' +self_link: '{{org_id}}/environments/{{name}}' +create_url: '{{org_id}}/environments' +update_url: '{{org_id}}/environments/{{name}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - '{{org_id}}/environments/{{name}}' + - '{{org_id}}/{{name}}' +timeouts: + insert_minutes: 30 + update_minutes: 20 + delete_minutes: 30 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +iam_policy: + method_name_separator: ':' + parent_resource_attribute: 'env_id' + base_url: '{{org_id}}/environments/{{name}}' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + self_link: '{{org_id}}/environments/{{name}}' + import_format: + - '{{%org_id}}/environments/{{name}}' + - '{{name}}' +custom_code: + custom_import: 'templates/terraform/custom_import/go/apigee_environment.go.tmpl' +examples: + - name: 'apigee_environment_basic' + vars: + environment_name: 'my-environment' + exclude_test: true + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. + - name: 'apigee_environment_basic_test' + primary_resource_id: 'apigee_environment' + primary_resource_name: 'fmt.Sprintf("organizations/tf-test%s", context["random_suffix"]), fmt.Sprintf("tf-test%s", context["random_suffix"])' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true + # Resource creation race + skip_vcr: true + - name: 'apigee_environment_basic_deployment_apiproxy_type_test' + primary_resource_id: 'apigee_environment' + primary_resource_name: 'fmt.Sprintf("organizations/tf-test%s", context["random_suffix"]), fmt.Sprintf("tf-test%s", context["random_suffix"])' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true + # Resource creation race + skip_vcr: true + - name: 'apigee_environment_patch_update_test' + primary_resource_id: 'apigee_environment' + primary_resource_name: 'fmt.Sprintf("organizations/tf-test%s", context["random_suffix"]), fmt.Sprintf("tf-test%s", context["random_suffix"])' + min_version: 'beta' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true + # Resource creation race + skip_vcr: true +parameters: + - name: 'orgId' + type: String + description: | + The Apigee Organization associated with the Apigee environment, + in the format `organizations/{{org_name}}`. + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: | + The resource ID of the environment. + required: true + immutable: true + - name: 'displayName' + type: String + description: | + Display name of the environment. + required: false + immutable: true + - name: 'description' + type: String + description: | + Description of the environment. + required: false + immutable: true + - name: 'deploymentType' + type: Enum + description: | + Optional. Deployment type supported by the environment. The deployment type can be + set when creating the environment and cannot be changed. When you enable archive + deployment, you will be prevented from performing a subset of actions within the + environment, including: + Managing the deployment of API proxy or shared flow revisions; + Creating, updating, or deleting resource files; + Creating, updating, or deleting target servers. + immutable: true + default_from_api: true + enum_values: + - 'DEPLOYMENT_TYPE_UNSPECIFIED' + - 'PROXY' + - 'ARCHIVE' + - name: 'apiProxyType' + type: Enum + description: | + Optional. API Proxy type supported by the environment. The type can be set when creating + the Environment and cannot be changed. + immutable: true + default_from_api: true + enum_values: + - 'API_PROXY_TYPE_UNSPECIFIED' + - 'PROGRAMMABLE' + - 'CONFIGURABLE' + - name: 'nodeConfig' + type: NestedObject + description: | + NodeConfig for setting the min/max number of nodes associated with the environment. + default_from_api: true + properties: + - name: 'minNodeCount' + type: String + description: | + The minimum total number of gateway nodes that the is reserved for all instances that + has the specified environment. If not specified, the default is determined by the + recommended minimum number of nodes for that gateway. + - name: 'maxNodeCount' + type: String + description: | + The maximum total number of gateway nodes that the is reserved for all instances that + has the specified environment. If not specified, the default is determined by the + recommended maximum number of nodes for that gateway. + - name: 'currentAggregateNodeCount' + type: String + description: | + The current total number of gateway nodes that each environment currently has across + all instances. + output: true + - name: 'type' + type: Enum + description: | + Types that can be selected for an Environment. Each of the types are + limited by capability and capacity. Refer to Apigee's public documentation + to understand about each of these types in details. + An Apigee org can support heterogeneous Environments. + default_from_api: true + enum_values: + - 'ENVIRONMENT_TYPE_UNSPECIFIED' + - 'BASE' + - 'INTERMEDIATE' + - 'COMPREHENSIVE' + - name: 'forwardProxyUri' + type: String + description: | + Optional. URI of the forward proxy to be applied to the runtime instances in this environment. Must be in the format of {scheme}://{hostname}:{port}. Note that the scheme must be one of "http" or "https", and the port must be supplied. + required: false diff --git a/mmv1/products/apigee/go_EnvironmentKeyvaluemaps.yaml b/mmv1/products/apigee/go_EnvironmentKeyvaluemaps.yaml new file mode 100644 index 000000000000..905feeb1a7e0 --- /dev/null +++ b/mmv1/products/apigee/go_EnvironmentKeyvaluemaps.yaml @@ -0,0 +1,77 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'EnvironmentKeyvaluemaps' +description: | + Collection of key/value string pairs. +references: + guides: + 'Using key value maps': 'https://cloud.google.com/apigee/docs/api-platform/cache/key-value-maps' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.environments.keyvaluemaps/create' +docs: +base_url: '{{env_id}}/keyvaluemaps' +self_link: '{{env_id}}/keyvaluemaps/{{name}}/entries' +create_url: '{{env_id}}/keyvaluemaps' +delete_url: '{{env_id}}/keyvaluemaps/{{name}}' +immutable: true +import_format: + - '{{env_id}}/keyvaluemaps/{{name}}' + - '{{env_id}}/{{name}}' +timeouts: + insert_minutes: 1 + update_minutes: 20 + delete_minutes: 1 +autogen_async: true +custom_code: + decoder: 'templates/terraform/decoders/go/apigee_environment_keyvaluemaps.go.tmpl' + custom_create: 'templates/terraform/custom_create/go/apigee_environment_keyvaluemaps.go.tmpl' + custom_import: 'templates/terraform/custom_import/go/apigee_environment_keyvaluemaps.go.tmpl' +exclude_sweeper: true +examples: + - name: 'apigee_environment_keyvaluemaps_basic' + primary_resource_id: 'apigee_environment_keyvaluemaps' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_test: true + - name: 'apigee_environment_keyvaluemaps_test' + primary_resource_id: 'apigee_environment_keyvaluemaps' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true + - name: 'apigee_environment_keyvaluemaps_beta_test' + primary_resource_id: 'apigee_environment_keyvaluemaps' + min_version: 'beta' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true +parameters: + - name: 'envId' + type: String + description: | + The Apigee environment group associated with the Apigee environment, + in the format `organizations/{{org_name}}/environments/{{env_name}}`. + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: | + Required. ID of the key value map. + required: true + immutable: true diff --git a/mmv1/products/apigee/go_EnvironmentKeyvaluemapsEntries.yaml b/mmv1/products/apigee/go_EnvironmentKeyvaluemapsEntries.yaml new file mode 100644 index 000000000000..ee7cc19eeb48 --- /dev/null +++ b/mmv1/products/apigee/go_EnvironmentKeyvaluemapsEntries.yaml @@ -0,0 +1,81 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'EnvironmentKeyvaluemapsEntries' +description: | + Creates key value entries in a key value map scoped to an environment. +references: + guides: + 'Using key value maps': 'https://cloud.google.com/apigee/docs/api-platform/cache/key-value-maps' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.keyvaluemaps.entries/create' +docs: +base_url: '{{env_keyvaluemap_id}}/entries' +self_link: '{{env_keyvaluemap_id}}/entries/{{name}}' +create_url: '{{env_keyvaluemap_id}}/entries' +delete_url: '{{env_keyvaluemap_id}}/entries/{{name}}' +immutable: true +import_format: + - '{{env_keyvaluemap_id}}/entries/{{name}}' + - '{{env_keyvaluemap_id}}/{{name}}' +timeouts: + insert_minutes: 1 + update_minutes: 20 + delete_minutes: 1 +autogen_async: true +custom_code: + custom_import: 'templates/terraform/custom_import/go/apigee_environment_keyvaluemaps_entries.go.tmpl' +exclude_sweeper: true +examples: + - name: 'apigee_environment_keyvaluemaps_entries_basic' + primary_resource_id: 'apigee_environment_keyvaluemaps_entries' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_test: true + - name: 'apigee_environment_keyvaluemaps_entries_test' + primary_resource_id: 'apigee_environment_keyvaluemaps_entries' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true + - name: 'apigee_environment_keyvaluemaps_entries_beta_test' + primary_resource_id: 'apigee_environment_keyvaluemaps_entries' + min_version: 'beta' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true +parameters: + - name: 'env_keyvaluemap_id' + type: String + description: | + The Apigee environment keyvalumaps Id associated with the Apigee environment, + in the format `organizations/{{org_name}}/environments/{{env_name}}/keyvaluemaps/{{keyvaluemap_name}}`. + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: | + Required. Resource URI that can be used to identify the scope of the key value map entries. + required: true + immutable: true + - name: 'value' + type: String + description: | + Required. Data or payload that is being retrieved and associated with the unique key. + required: true + immutable: true diff --git a/mmv1/products/apigee/go_Instance.yaml b/mmv1/products/apigee/go_Instance.yaml new file mode 100644 index 000000000000..77b1d9639f37 --- /dev/null +++ b/mmv1/products/apigee/go_Instance.yaml @@ -0,0 +1,209 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Instance' +description: | + An `Instance` is the runtime dataplane in Apigee. +references: + guides: + 'Creating a runtime instance': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-instance' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances/create' +docs: +base_url: 'instances' +self_link: '{{org_id}}/instances/{{name}}' +create_url: '{{org_id}}/instances' +update_verb: 'PATCH' +update_mask: true +immutable: false +mutex: '{{org_id}}/apigeeInstances' +import_format: + - '{{org_id}}/instances/{{name}}' + - '{{org_id}}/{{name}}' +timeouts: + insert_minutes: 60 + update_minutes: 20 + delete_minutes: 60 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: + constants: 'templates/terraform/constants/go/apigee_instance.go.tmpl' + custom_import: 'templates/terraform/custom_import/go/apigee_instance.go.tmpl' +error_retry_predicates: + + - 'transport_tpg.IsApigeeRetryableError' +examples: + - name: 'apigee_instance_basic' + vars: + instance_name: 'my-instance-name' + exclude_test: true + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. + - name: 'apigee_instance_basic_test' + primary_resource_id: 'apigee_instance' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true + # Resource creation race + skip_vcr: true + - name: 'apigee_instance_cidr_range' + vars: + instance_name: 'my-instance-name' + exclude_test: true + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. + - name: 'apigee_instance_cidr_range_test' + primary_resource_id: 'apigee_instance' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true + # Resource creation race + skip_vcr: true + - name: 'apigee_instance_ip_range' + vars: + instance_name: 'my-instance-name' + exclude_test: true + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. + - name: 'apigee_instance_ip_range_test' + primary_resource_id: 'apigee_instance' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true + # Resource creation race + skip_vcr: true + - name: 'apigee_instance_full' + vars: + instance_name: 'my-instance-name' + exclude_test: true + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. + - name: 'apigee_instance_full_test' + primary_resource_id: 'apigee_instance' + min_version: 'beta' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true + # Resource creation race + skip_vcr: true + - name: 'apigee_instance_service_attachment_basic_test' + primary_resource_id: 'apigee_instance' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true + # Resource creation race + skip_vcr: true +parameters: + - name: 'orgId' + type: String + description: | + The Apigee Organization associated with the Apigee instance, + in the format `organizations/{{org_name}}`. + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: | + Resource ID of the instance. + required: true + immutable: true + - name: 'location' + type: String + description: | + Required. Compute Engine location where the instance resides. + required: true + immutable: true + - name: 'peeringCidrRange' + type: String + description: | + The size of the CIDR block range that will be reserved by the instance. For valid values, + see [CidrRange](https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances#CidrRange) on the documentation. + immutable: true + default_from_api: true + - name: 'ipRange' + type: String + description: | + IP range represents the customer-provided CIDR block of length 22 that will be used for + the Apigee instance creation. This optional range, if provided, should be freely + available as part of larger named range the customer has allocated to the Service + Networking peering. If this is not provided, Apigee will automatically request for any + available /22 CIDR block from Service Networking. The customer should use this CIDR block + for configuring their firewall needs to allow traffic from Apigee. + Input format: "a.b.c.d/22" + immutable: true + ignore_read: true + - name: 'description' + type: String + description: | + Description of the instance. + immutable: true + - name: 'displayName' + type: String + description: | + Display name of the instance. + immutable: true + - name: 'diskEncryptionKeyName' + type: String + description: | + Customer Managed Encryption Key (CMEK) used for disk and volume encryption. Required for Apigee paid subscriptions only. + Use the following format: `projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)` + immutable: true + - name: 'host' + type: String + description: | + Output only. Hostname or IP address of the exposed Apigee endpoint used by clients to connect to the service. + output: true + - name: 'port' + type: String + description: | + Output only. Port number of the exposed Apigee endpoint. + output: true + - name: 'consumerAcceptList' + type: Array + description: | + Optional. Customer accept list represents the list of projects (id/number) on customer + side that can privately connect to the service attachment. It is an optional field + which the customers can provide during the instance creation. By default, the customer + project associated with the Apigee organization will be included to the list. + required: false + default_from_api: true + diff_suppress_func: 'projectListDiffSuppress' + item_type: + type: String + - name: 'serviceAttachment' + type: String + description: | + Output only. Resource name of the service attachment created for the instance in + the format: projects/*/regions/*/serviceAttachments/* Apigee customers can privately + forward traffic to this service attachment using the PSC endpoints. + output: true diff --git a/mmv1/products/apigee/go_InstanceAttachment.yaml b/mmv1/products/apigee/go_InstanceAttachment.yaml new file mode 100644 index 000000000000..ab24ecf367e9 --- /dev/null +++ b/mmv1/products/apigee/go_InstanceAttachment.yaml @@ -0,0 +1,90 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'InstanceAttachment' +description: | + An `Instance attachment` in Apigee. +references: + guides: + 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances.attachments/create' +docs: +base_url: '{{instance_id}}/attachments' +self_link: '{{instance_id}}/attachments/{{name}}' +create_url: '{{instance_id}}/attachments' +delete_url: '{{instance_id}}/attachments/{{name}}' +immutable: true +mutex: 'apigeeInstanceAttachments' +import_format: + - '{{instance_id}}/attachments/{{name}}' + - '{{instance_id}}/{{name}}' +timeouts: + insert_minutes: 30 + update_minutes: 20 + delete_minutes: 30 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: + custom_import: 'templates/terraform/custom_import/go/apigee_instance_attachment.go.tmpl' +# Skipping the sweeper due to the non-standard instance_id +exclude_sweeper: true +examples: + - name: 'apigee_instance_attachment_basic' + vars: + project_id: 'my-project' + instance_name: 'my-instance-name' + environment_name: 'my-environment-name' + exclude_test: true + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. + - name: 'apigee_instance_attachment_basic_test' + primary_resource_id: 'apigee_instance_attachment' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true + # Resource creation race + skip_vcr: true +parameters: + - name: 'instanceId' + type: String + description: | + The Apigee instance associated with the Apigee environment, + in the format `organizations/{{org_name}}/instances/{{instance_name}}`. + url_param_only: true + required: true +properties: + - name: 'environment' + type: String + description: | + The resource ID of the environment. + required: true + - name: 'name' + type: String + description: | + The name of the newly created attachment (output parameter). + output: true diff --git a/mmv1/products/apigee/go_KeystoresAliasesSelfSignedCert.yaml b/mmv1/products/apigee/go_KeystoresAliasesSelfSignedCert.yaml new file mode 100644 index 000000000000..b14209330fa9 --- /dev/null +++ b/mmv1/products/apigee/go_KeystoresAliasesSelfSignedCert.yaml @@ -0,0 +1,222 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'KeystoresAliasesSelfSignedCert' +description: | + An Environment Keystore Alias for Self Signed Certificate Format in Apigee +references: + guides: + 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.environments.keystores.aliases/create' +docs: +base_url: 'organizations/{{org_id}}/environments/{{environment}}/keystores/{{keystore}}/aliases/{{alias}}' +self_link: 'organizations/{{org_id}}/environments/{{environment}}/keystores/{{keystore}}/aliases/{{alias}}' +create_url: 'organizations/{{org_id}}/environments/{{environment}}/keystores/{{keystore}}/aliases?alias={{alias}}&format=selfsignedcert' +delete_url: 'organizations/{{org_id}}/environments/{{environment}}/keystores/{{keystore}}/aliases/{{alias}}' +immutable: true +import_format: + - 'organizations/{{org_id}}/environments/{{environment}}/keystores/{{keystore}}/aliases/{{alias}}' +# Resource creation race +timeouts: + insert_minutes: 30 + update_minutes: 20 + delete_minutes: 30 +autogen_async: true +custom_code: + custom_import: 'templates/terraform/custom_import/go/apigee_env_keystore_alias_self_signed_cert.go.tmpl' +exclude_sweeper: true +examples: + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. + - name: 'apigee_env_keystore_alias_self_signed_cert' + primary_resource_id: 'apigee_environment_keystore_ss_alias' + vars: + project_id: 'my-project' + environment_name: 'env-name' + keystore_name: 'env-keystore' + keystores_alias: 'alias' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + # Resource uses multipart boundary which by default is random + skip_vcr: true +parameters: + - name: 'orgId' + type: String + description: | + The Apigee Organization name associated with the Apigee environment + url_param_only: true + required: true + immutable: true + - name: 'environment' + type: String + description: | + The Apigee environment name + url_param_only: true + required: true + immutable: true + - name: 'keystore' + type: String + description: | + The Apigee keystore name associated in an Apigee environment + url_param_only: true + required: true + immutable: true + - name: 'alias' + type: String + description: | + Alias for the key/certificate pair. Values must match the regular expression [\w\s-.]{1,255}. + This must be provided for all formats except selfsignedcert; self-signed certs may specify the alias in either + this parameter or the JSON body. + required: true + immutable: true + - name: 'subjectAlternativeDnsNames' + type: NestedObject + description: | + List of alternative host names. Maximum length is 255 characters for each value. + immutable: true + properties: + - name: 'subjectAlternativeName' + type: String + description: Subject Alternative Name + - name: 'keySize' + type: String + description: | + Key size. Default and maximum value is 2048 bits. + ignore_read: true + - name: 'sigAlg' + type: String + description: | + Signature algorithm to generate private key. Valid values are SHA512withRSA, SHA384withRSA, and SHA256withRSA + required: true + immutable: true + ignore_read: true + - name: 'subject' + type: NestedObject + description: Subject details. + required: true + immutable: true + ignore_read: true + properties: + - name: 'countryCode' + type: String + description: + Two-letter country code. Example, IN for India, US for United States + of America. + ignore_read: true + - name: 'state' + type: String + description: State or district name. Maximum length is 128 characters. + ignore_read: true + - name: 'locality' + type: String + description: City or town name. Maximum length is 128 characters. + ignore_read: true + - name: 'org' + type: String + description: Organization name. Maximum length is 64 characters. + ignore_read: true + - name: 'orgUnit' + type: String + description: Organization team name. Maximum length is 64 characters. + ignore_read: true + - name: 'commonName' + type: String + description: | + Common name of the organization. Maximum length is 64 characters. + ignore_read: true + - name: 'email' + type: String + description: Email address. Max 255 characters. + ignore_read: true + - name: 'certValidityInDays' + type: Integer + description: | + Validity duration of certificate, in days. Accepts positive non-zero value. Defaults to 365. + immutable: true + ignore_read: true +properties: + - name: 'certsInfo' + type: NestedObject + description: Chain of certificates under this alias. + output: true + properties: + - name: 'certInfo' + type: Array + description: List of all properties in the object. + output: true + item_type: + type: NestedObject + properties: + - name: 'version' + type: Integer + description: X.509 version. + output: true + - name: 'subject' + type: String + description: X.509 subject. + output: true + - name: 'issuer' + type: String + description: X.509 issuer. + output: true + - name: 'expiryDate' + type: String + description: + X.509 notAfter validity period in milliseconds since epoch. + output: true + - name: 'validFrom' + type: String + description: + X.509 notBefore validity period in milliseconds since epoch. + output: true + - name: 'isValid' + type: String + description: | + Flag that specifies whether the certificate is valid. + Flag is set to Yes if the certificate is valid, No if expired, or Not yet if not yet valid. + output: true + - name: 'subjectAlternativeNames' + type: Array + description: X.509 subject alternative names (SANs) extension. + output: true + item_type: + type: String + - name: 'sigAlgName' + type: String + description: X.509 signatureAlgorithm. + output: true + - name: 'publicKey' + type: String + description: + Public key component of the X.509 subject public key info. + output: true + - name: 'basicConstraints' + type: String + description: X.509 basic constraints extension. + output: true + - name: 'serialNumber' + type: String + description: X.509 serial number. + output: true + - name: 'type' + type: Enum + description: | + Optional.Type of Alias + output: true + enum_values: + - 'ALIAS_TYPE_UNSPECIFIED' + - 'CERT' + - 'KEY_CERT' diff --git a/mmv1/products/apigee/go_NatAddress.yaml b/mmv1/products/apigee/go_NatAddress.yaml new file mode 100644 index 000000000000..50b44b441935 --- /dev/null +++ b/mmv1/products/apigee/go_NatAddress.yaml @@ -0,0 +1,109 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'NatAddress' +description: | + Apigee NAT (network address translation) address. A NAT address is a static external IP address used for Internet egress traffic. This is not avaible for Apigee hybrid. +references: + guides: + 'Provisioning NAT IPs': 'https://cloud.google.com/apigee/docs/api-platform/security/nat-provisioning' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances.natAddresses' +docs: +base_url: '{{instance_id}}/natAddresses' +self_link: '{{instance_id}}/natAddresses/{{name}}' +create_url: '{{instance_id}}/natAddresses' +delete_url: '{{instance_id}}/natAddresses/{{name}}' +immutable: false +import_format: + - '{{instance_id}}/natAddresses/{{name}}' + - '{{instance_id}}/{{name}}' +timeouts: + insert_minutes: 30 + update_minutes: 30 + delete_minutes: 30 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: + constants: 'templates/terraform/constants/go/apigee_nat_address.go.tmpl' + encoder: 'templates/terraform/encoders/go/apigee_nat_address.go.tmpl' + decoder: 'templates/terraform/decoders/go/apigee_nat_address.go.tmpl' + post_create: 'templates/terraform/post_create/go/apigee_nat_address.go.tmpl' + custom_update: 'templates/terraform/custom_update/go/apigee_nat_address.go.tmpl' + custom_import: 'templates/terraform/custom_import/go/apigee_nat_address.go.tmpl' +exclude_sweeper: true +examples: + - name: 'apigee_nat_address_basic' + vars: + nat_address_name: 'my-nat-address' + exclude_test: true + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. + - name: 'apigee_nat_address_basic_test' + primary_resource_id: 'apigee_nat_address' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true + # Resource creation race + skip_vcr: true + - name: 'apigee_nat_address_with_activate' + vars: + nat_address_name: 'my-nat-address' + nat_address_activate: 'true' + exclude_test: true +parameters: + - name: 'instanceId' + type: String + description: | + The Apigee instance associated with the Apigee environment, + in the format `organizations/{{org_name}}/instances/{{instance_name}}`. + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: | + Resource ID of the NAT address. + required: true + immutable: true + - name: 'activate' + type: Boolean + description: | + Flag that specifies whether the reserved NAT address should be activate. + required: false + default_value: false + - name: 'ipAddress' + type: String + description: | + The allocated NAT IP address. + output: true + - name: 'state' + type: String + description: | + State of the NAT IP address. + output: true diff --git a/mmv1/products/apigee/go_Organization.yaml b/mmv1/products/apigee/go_Organization.yaml new file mode 100644 index 000000000000..2a4f8324aa12 --- /dev/null +++ b/mmv1/products/apigee/go_Organization.yaml @@ -0,0 +1,263 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Organization' +description: | + An `Organization` is the top-level container in Apigee. +references: + guides: + 'Creating an API organization': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-org' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations' +docs: +base_url: 'organizations' +self_link: 'organizations/{{name}}' +create_url: 'organizations?parent=projects/{{project_id}}' +delete_url: 'organizations/{{name}}?retention={{retention}}' +timeouts: + insert_minutes: 45 + update_minutes: 45 + delete_minutes: 45 +autogen_async: true +async: + actions: ['create', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + timeouts: + insert_minutes: 45 + update_minutes: 45 + delete_minutes: 45 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: + encoder: 'templates/terraform/encoders/go/apigee_organization.go.tmpl' + custom_import: 'templates/terraform/custom_import/go/apigee_organization.go.tmpl' +examples: + - name: 'apigee_organization_cloud_basic' + exclude_test: true + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. + - name: 'apigee_organization_cloud_basic_test' + primary_resource_id: 'org' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + ignore_read_extra: + - 'properties' + exclude_docs: true + # Resource creation race + skip_vcr: true + - name: 'apigee_organization_cloud_basic_disable_vpc_peering' + exclude_test: true + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. + - name: 'apigee_organization_cloud_basic_disable_vpc_peering_test' + primary_resource_id: 'org' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + ignore_read_extra: + - 'properties' + exclude_docs: true + # Resource creation race + skip_vcr: true + - name: 'apigee_organization_cloud_full' + exclude_test: true + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. While all Apigee + # resources in this test are in the GA API, we depend on a service + # identity resource which is only available in the beta provider. + - name: 'apigee_organization_cloud_full_test' + primary_resource_id: 'org' + min_version: 'beta' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + ignore_read_extra: + - 'properties' + exclude_docs: true + # Resource creation race + skip_vcr: true + - name: 'apigee_organization_cloud_full_disable_vpc_peering' + exclude_test: true + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. While all Apigee + # resources in this test are in the GA API, we depend on a service + # identity resource which is only available in the beta provider. + - name: 'apigee_organization_cloud_full_disable_vpc_peering_test' + primary_resource_id: 'org' + min_version: 'beta' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + ignore_read_extra: + - 'properties' + exclude_docs: true + # Resource creation race + skip_vcr: true + - name: 'apigee_organization_retention_test' + primary_resource_id: 'org' + min_version: 'beta' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true + # Resource creation race + skip_vcr: true + - name: 'apigee_organization_drz_test' + primary_resource_id: 'org' + min_version: 'beta' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true + # Resource creation race + skip_vcr: true +parameters: + - name: 'projectId' + type: String + description: | + The project ID associated with the Apigee organization. + url_param_only: true + required: true + immutable: true + - name: 'retention' + type: Enum + description: | + Optional. This setting is applicable only for organizations that are soft-deleted (i.e., BillingType + is not EVALUATION). It controls how long Organization data will be retained after the initial delete + operation completes. During this period, the Organization may be restored to its last known state. + After this period, the Organization will no longer be able to be restored. + url_param_only: true + required: false + default_value: "DELETION_RETENTION_UNSPECIFIED" + enum_values: + - 'DELETION_RETENTION_UNSPECIFIED' + - 'MINIMUM' +properties: + - name: 'name' + type: String + description: | + Output only. Name of the Apigee organization. + output: true + - name: 'displayName' + type: String + description: | + The display name of the Apigee organization. + - name: 'description' + type: String + description: | + Description of the Apigee organization. + - name: 'analyticsRegion' + type: String + description: | + Primary GCP region for analytics data storage. For valid values, see [Create an Apigee organization](https://cloud.google.com/apigee/docs/api-platform/get-started/create-org). + immutable: true + - name: 'apiConsumerDataLocation' + type: String + description: | + This field is needed only for customers using non-default data residency regions. + Apigee stores some control plane data only in single region. + This field determines which single region Apigee should use. + immutable: true + - name: 'apiConsumerDataEncryptionKeyName' + type: String + description: | + Cloud KMS key name used for encrypting API consumer data. + immutable: true + - name: 'controlPlaneEncryptionKeyName' + type: String + description: | + Cloud KMS key name used for encrypting control plane data that is stored in a multi region. + Only used for the data residency region "US" or "EU". + immutable: true + - name: 'authorizedNetwork' + type: String + description: | + Compute Engine network used for Service Networking to be peered with Apigee runtime instances. + See [Getting started with the Service Networking API](https://cloud.google.com/service-infrastructure/docs/service-networking/getting-started). + Valid only when `RuntimeType` is set to CLOUD. The value can be updated only when there are no runtime instances. For example: "default". + - name: 'disableVpcPeering' + type: Boolean + description: | + Flag that specifies whether the VPC Peering through Private Google Access should be + disabled between the consumer network and Apigee. Required if an `authorizedNetwork` + on the consumer project is not provided, in which case the flag should be set to `true`. + Valid only when `RuntimeType` is set to CLOUD. The value must be set before the creation + of any Apigee runtime instance and can be updated only when there are no runtime instances. + - name: 'runtimeType' + type: Enum + description: | + Runtime type of the Apigee organization based on the Apigee subscription purchased. + immutable: true + default_value: "CLOUD" + enum_values: + - 'CLOUD' + - 'HYBRID' + - name: 'subscriptionType' + type: String + description: | + Output only. Subscription type of the Apigee organization. + Valid values include trial (free, limited, and for evaluation purposes only) or paid (full subscription has been purchased). + output: true + - name: 'billingType' + type: String + description: | + Billing type of the Apigee organization. See [Apigee pricing](https://cloud.google.com/apigee/pricing). + immutable: true + default_from_api: true + - name: 'caCertificate' + type: String + description: | + Output only. Base64-encoded public certificate for the root CA of the Apigee organization. + Valid only when `RuntimeType` is CLOUD. A base64-encoded string. + output: true + - name: 'runtimeDatabaseEncryptionKeyName' + type: String + description: | + Cloud KMS key name used for encrypting the data that is stored and replicated across runtime instances. + Update is not allowed after the organization is created. + If not specified, a Google-Managed encryption key will be used. + Valid only when `RuntimeType` is CLOUD. For example: `projects/foo/locations/us/keyRings/bar/cryptoKeys/baz`. + immutable: true + - name: 'properties' + type: NestedObject + description: Properties defined in the Apigee organization profile. + default_from_api: true + properties: + - name: 'property' + type: Array + description: List of all properties in the object. + custom_flatten: 'templates/terraform/custom_flatten/go/apigee_organization_property.go.tmpl' + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: Name of the property. + - name: 'value' + type: String + description: Value of the property. + - name: 'apigeeProjectId' + type: String + description: | + Output only. Project ID of the Apigee Tenant Project. + output: true diff --git a/mmv1/products/apigee/go_SyncAuthorization.yaml b/mmv1/products/apigee/go_SyncAuthorization.yaml new file mode 100644 index 000000000000..8a834d743928 --- /dev/null +++ b/mmv1/products/apigee/go_SyncAuthorization.yaml @@ -0,0 +1,76 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'SyncAuthorization' +description: | + Authorize the Synchronizer to download environment data from the control plane. +references: + guides: + 'Enable Synchronizer access': 'https://cloud.google.com/apigee/docs/hybrid/v1.8/synchronizer-access#enable-synchronizer-access' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations#getsyncauthorization' +docs: +id_format: 'organizations/{{name}}/syncAuthorization' +base_url: '' +self_link: 'organizations/{{name}}:getSyncAuthorization' +create_url: 'organizations/{{name}}:setSyncAuthorization' +update_url: 'organizations/{{name}}:setSyncAuthorization' +update_verb: 'POST' +read_verb: 'POST' +exclude_delete: true +import_format: + - 'organizations/{{name}}/syncAuthorization' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: +examples: + - name: 'apigee_sync_authorization_basic_test' + primary_resource_id: 'apigee_sync_authorization' + vars: + account_id: 'my-account' + project_id: 'my-project' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' +parameters: + - name: 'name' + type: String + description: | + Name of the Apigee organization. + url_param_only: true + required: true + immutable: true +properties: + - name: 'identities' + type: Array + description: | + Array of service accounts to grant access to control plane resources, each specified using the following format: `serviceAccount:service-account-name`. + + The `service-account-name` is formatted like an email address. For example: my-synchronizer-manager-serviceAccount@my_project_id.iam.gserviceaccount.com + + You might specify multiple service accounts, for example, if you have multiple environments and wish to assign a unique service account to each one. + + The service accounts must have **Apigee Synchronizer Manager** role. See also [Create service accounts](https://cloud.google.com/apigee/docs/hybrid/v1.8/sa-about#create-the-service-accounts). + required: true + send_empty_value: true + item_type: + type: String + - name: 'etag' + type: Fingerprint + description: | + Entity tag (ETag) used for optimistic concurrency control as a way to help prevent simultaneous updates from overwriting each other. + Used internally during updates. + output: true diff --git a/mmv1/products/apigee/go_TargetServer.yaml b/mmv1/products/apigee/go_TargetServer.yaml new file mode 100644 index 000000000000..9e59569e0149 --- /dev/null +++ b/mmv1/products/apigee/go_TargetServer.yaml @@ -0,0 +1,157 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'TargetServer' +description: | + TargetServer configuration. TargetServers are used to decouple a proxy TargetEndpoint HTTPTargetConnections from concrete URLs for backend services. +references: + guides: + 'Load balancing across backend servers': 'https://cloud.google.com/apigee/docs/api-platform/deploy/load-balancing-across-backend-servers' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.environments.targetservers/create' +docs: +base_url: '{{env_id}}/targetservers' +self_link: '{{env_id}}/targetservers/{{name}}' +create_url: '{{env_id}}/targetservers' +update_url: '{{env_id}}/targetservers/{{name}}' +delete_url: '{{env_id}}/targetservers/{{name}}' +import_format: + - '{{env_id}}/targetservers/{{name}}' + - '{{env_id}}/{{name}}' +timeouts: + insert_minutes: 1 + update_minutes: 1 + delete_minutes: 1 +autogen_async: true +custom_code: + custom_import: 'templates/terraform/custom_import/go/apigee_target_server.go.tmpl' +exclude_sweeper: true +examples: + - name: 'apigee_target_server_test_basic' + primary_resource_id: 'apigee_target_server' + vars: + project_id: 'my-project' + environment_name: 'my-environment-name' + target_server: 'my-target-server' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_test: true + - name: 'apigee_target_server_test' + primary_resource_id: 'apigee_target_server' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true +parameters: + - name: 'envId' + type: String + description: | + The Apigee environment group associated with the Apigee environment, + in the format `organizations/{{org_name}}/environments/{{env_name}}`. + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: | + The resource id of this reference. Values must match the regular expression [\w\s-.]+. + required: true + immutable: true + - name: 'description' + type: String + description: | + A human-readable description of this TargetServer. + - name: 'host' + type: String + description: | + The host name this target connects to. Value must be a valid hostname as described by RFC-1123. + required: true + - name: 'port' + type: Integer + description: | + The port number this target connects to on the given host. Value must be between 1 and 65535, inclusive. + required: true + - name: 'isEnabled' + type: Boolean + description: | + Enabling/disabling a TargetServer is useful when TargetServers are used in load balancing configurations, and one or more TargetServers need to taken out of rotation periodically. Defaults to true. + default_value: true + - name: 'sSLInfo' + type: NestedObject + description: Specifies TLS configuration info for this TargetServer. The JSON name is sSLInfo for legacy/backwards compatibility reasons -- Edge originally supported SSL, and the name is still used for TLS configuration. + properties: + - name: 'enabled' + type: Boolean + description: | + Enables TLS. If false, neither one-way nor two-way TLS will be enabled. + required: true + - name: 'clientAuthEnabled' + type: Boolean + description: | + Enables two-way TLS. + - name: 'keyStore' + type: String + description: | + Required if clientAuthEnabled is true. The resource ID of the keystore. + - name: 'keyAlias' + type: String + description: | + Required if clientAuthEnabled is true. The resource ID for the alias containing the private key and cert. + - name: 'trustStore' + type: String + description: | + The resource ID of the truststore. + - name: 'ignoreValidationErrors' + type: Boolean + description: | + If true, Edge ignores TLS certificate errors. Valid when configuring TLS for target servers and target endpoints, and when configuring virtual hosts that use 2-way TLS. When used with a target endpoint/target server, if the backend system uses SNI and returns a cert with a subject Distinguished Name (DN) that does not match the hostname, there is no way to ignore the error and the connection fails. + - name: 'protocols' + type: Array + description: | + The TLS versioins to be used. + item_type: + type: String + - name: 'ciphers' + type: Array + description: | + The SSL/TLS cipher suites to be used. For programmable proxies, it must be one of the cipher suite names listed in: http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#ciphersuites. For configurable proxies, it must follow the configuration specified in: https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration. This setting has no effect for configurable proxies when negotiating TLS 1.3. + item_type: + type: String + - name: 'commonName' + type: NestedObject + description: The TLS Common Name of the certificate. + properties: + - name: 'value' + type: String + description: | + The TLS Common Name string of the certificate. + - name: 'wildcardMatch' + type: Boolean + description: | + Indicates whether the cert should be matched against as a wildcard cert. + + - name: 'protocol' + type: Enum + description: | + Immutable. The protocol used by this TargetServer. + immutable: true + default_from_api: true + enum_values: + - 'HTTP' + - 'HTTP2' + - 'GRPC_TARGET' + - 'GRPC' + - 'EXTERNAL_CALLOUT' diff --git a/mmv1/products/apigee/go_product.yaml b/mmv1/products/apigee/go_product.yaml new file mode 100644 index 000000000000..944e02301a90 --- /dev/null +++ b/mmv1/products/apigee/go_product.yaml @@ -0,0 +1,22 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Apigee' +display_name: 'Apigee' +versions: + - name: 'ga' + base_url: 'https://apigee.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/apigee/product.yaml b/mmv1/products/apigee/product.yaml index 41fc8a73ddb1..706d72ff953a 100644 --- a/mmv1/products/apigee/product.yaml +++ b/mmv1/products/apigee/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2020 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,27 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: Apigee +display_name: Apigee +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://apigee.googleapis.com/v1/ +scopes: + - https://www.googleapis.com/auth/cloud-platform +======= +<<<<<<<< HEAD:mmv1/spec/data/good-resource.yaml +!ruby/object:Api::Resource +name: 'MyResource' +kind: 'myproduct#myresource' +description: 'foo' +properties: + - !ruby/object:Api::Type::String + name: 'name' + description: 'an explanation whats this about' +======== --- name: 'Apigee' display_name: 'Apigee' @@ -19,3 +44,5 @@ versions: base_url: 'https://apigee.googleapis.com/v1/' scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856:mmv1/products/apigee/product.yaml +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/appengine/ApplicationUrlDispatchRules.yaml b/mmv1/products/appengine/ApplicationUrlDispatchRules.yaml index 3659a5d231a9..153a38b7481f 100644 --- a/mmv1/products/appengine/ApplicationUrlDispatchRules.yaml +++ b/mmv1/products/appengine/ApplicationUrlDispatchRules.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,67 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'ApplicationUrlDispatchRules' +description: | + Rules to match an HTTP request and dispatch that request to a service. +base_url: 'apps/{{project}}' +create_url: 'apps/{{project}}?updateMask=dispatch_rules' +create_verb: :PATCH +delete_url: 'apps/{{project}}?updateMask=dispatch_rules' +delete_verb: :PATCH +update_url: 'apps/{{project}}?updateMask=dispatch_rules' +update_verb: :PATCH +references: !ruby/object:Api::Resource::ReferenceLinks + api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps#UrlDispatchRule' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +id_format: '{{project}}' +import_format: ['{{project}}'] +mutex: 'apps/{{project}}' +error_retry_predicates: ['transport_tpg.IsAppEngineRetryableError'] +skip_sweeper: true +custom_code: !ruby/object:Provider::Terraform::CustomCode + test_check_destroy: templates/terraform/custom_check_destroy/appengine.go.erb +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'app_engine_application_url_dispatch_rules_basic' + primary_resource_id: 'web_service' + vars: + bucket_name: 'appengine-test-bucket' +properties: + - !ruby/object:Api::Type::Array + name: 'dispatchRules' + required: true + description: | + Rules to match an HTTP request and dispatch that request to a service. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'domain' + default_value: '*' + description: | + Domain name to match against. The wildcard "*" is supported if specified before a period: "*.". + Defaults to matching all domains: "*". + - !ruby/object:Api::Type::String + name: 'path' +======= --- name: 'ApplicationUrlDispatchRules' description: | @@ -76,12 +141,18 @@ properties: default_value: "*" - name: 'path' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Pathname within the host. Must start with a "/". A single "*" can be included at the end of the path. The sum of the lengths of the domain and path may not exceed 100 characters. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'service' +======= - name: 'service' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Pathname within the host. Must start with a "/". A single "*" can be included at the end of the path. The sum of the lengths of the domain and path may not exceed 100 characters. diff --git a/mmv1/products/appengine/DomainMapping.yaml b/mmv1/products/appengine/DomainMapping.yaml index 4a097876a831..4d6690e9518e 100644 --- a/mmv1/products/appengine/DomainMapping.yaml +++ b/mmv1/products/appengine/DomainMapping.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,51 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'DomainMapping' +description: | + A domain serving an App Engine application. +base_url: 'apps/{{project}}/domainMappings' +self_link: 'apps/{{project}}/domainMappings/{{domain_name}}' +update_verb: :PATCH +update_mask: true +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/appengine/docs/standard/python/mapping-custom-domains' + api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.domainMappings' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +id_format: 'apps/{{project}}/domainMappings/{{domain_name}}' +import_format: ['apps/{{project}}/domainMappings/{{domain_name}}'] +mutex: 'apps/{{project}}' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'app_engine_domain_mapping_basic' + primary_resource_id: 'domain_mapping' + ignore_read_extra: + - 'ssl_settings.0.ssl_management_type' +custom_code: !ruby/object:Provider::Terraform::CustomCode + decoder: templates/terraform/decoders/app_engine_domain_mapping.go.erb +parameters: + - !ruby/object:Api::Type::Enum + name: 'overrideStrategy' +======= --- name: 'DomainMapping' description: | @@ -55,10 +104,33 @@ examples: parameters: - name: 'overrideStrategy' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Whether the domain creation should override any existing mappings for this domain. By default, overrides are rejected. url_param_only: true +<<<<<<< HEAD + values: + - :STRICT + - :OVERRIDE + default_value: :STRICT + ignore_read: true + - !ruby/object:Api::Type::String + name: 'domainName' + api_name: 'id' + description: | + Relative name of the domain serving the application. Example: example.com. + immutable: true + required: true +properties: + - !ruby/object:Api::Type::String + name: 'name' + description: | + Full path to the DomainMapping resource in the API. Example: apps/myapp/domainMapping/example.com. + output: true + - !ruby/object:Api::Type::NestedObject + name: 'sslSettings' +======= ignore_read: true default_value: "STRICT" enum_values: @@ -79,6 +151,7 @@ properties: output: true - name: 'sslSettings' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | SSL configuration for this domain. If unconfigured, this domain will not serve with SSL. default_from_api: true @@ -86,8 +159,13 @@ properties: - 'ssl_settings.certificate_id' - 'ssl_settings.ssl_management_type' properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'certificateId' +======= - name: 'certificateId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | ID of the AuthorizedCertificate resource configuring SSL for the application. Clearing this field will remove SSL support. @@ -96,6 +174,20 @@ properties: authorized to administer the `AuthorizedCertificate` resource to manually map it to a DomainMapping resource. Example: 12345. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'sslManagementType' + required: true + description: | + SSL management type for this domain. If `AUTOMATIC`, a managed certificate is automatically provisioned. + If `MANUAL`, `certificateId` must be manually specified in order to configure SSL for this domain. + values: + - :AUTOMATIC + - :MANUAL + - !ruby/object:Api::Type::Enum + name: 'pendingManagedCertificateId' + output: true +======= - name: 'sslManagementType' type: Enum description: | @@ -107,22 +199,51 @@ properties: - 'MANUAL' - name: 'pendingManagedCertificateId' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | ID of the managed `AuthorizedCertificate` resource currently being provisioned, if applicable. Until the new managed certificate has been successfully provisioned, the previous SSL state will be preserved. Once the provisioning process completes, the `certificateId` field will reflect the new managed certificate and this field will be left empty. To remove SSL support while there is still a pending managed certificate, clear the `certificateId` field with an update request. +<<<<<<< HEAD + values: + - :AUTOMATIC + - :MANUAL + - !ruby/object:Api::Type::Array + name: 'resourceRecords' +======= output: true enum_values: - 'AUTOMATIC' - 'MANUAL' - name: 'resourceRecords' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The resource records required to configure this domain mapping. These records must be added to the domain's DNS configuration in order to serve the application via this domain mapping. output: true +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + description: | + Relative name of the object affected by this record. Only applicable for CNAME records. Example: 'www'. + - !ruby/object:Api::Type::String + name: 'rrdata' + description: | + Data for this record. Values vary by record type, as defined in RFC 1035 (section 5) and RFC 1034 (section 3.6.1). + - !ruby/object:Api::Type::Enum + name: 'type' + description: | + Resource record type. Example: `AAAA`. + values: + - :A + - :AAAA + - :CNAME +======= item_type: type: NestedObject properties: @@ -142,3 +263,4 @@ properties: - 'A' - 'AAAA' - 'CNAME' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/appengine/FirewallRule.yaml b/mmv1/products/appengine/FirewallRule.yaml index dae0616b3127..c7ba6f296793 100644 --- a/mmv1/products/appengine/FirewallRule.yaml +++ b/mmv1/products/appengine/FirewallRule.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,11 +15,35 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +======= --- +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 name: 'FirewallRule' description: | A single firewall rule that is evaluated against incoming traffic and provides an action to take on matched requests. +<<<<<<< HEAD +base_url: 'apps/{{project}}/firewall/ingressRules' +self_link: 'apps/{{project}}/firewall/ingressRules/{{priority}}' +update_verb: :PATCH +update_mask: true +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/appengine/docs/standard/python/creating-firewalls#creating_firewall_rules' + api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.firewall.ingressRules' +collection_url_key: 'ingressRules' +import_format: ['apps/{{project}}/firewall/ingressRules/{{priority}}'] +mutex: 'apps/{{project}}' +async: !ruby/object:Provider::Terraform::PollAsync + check_response_func_existence: transport_tpg.PollCheckForExistence + actions: ['create'] +skip_sweeper: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'app_engine_firewall_rule_basic' +======= references: guides: 'Official Documentation': 'https://cloud.google.com/appengine/docs/standard/python/creating-firewalls#creating_firewall_rules' @@ -44,15 +72,24 @@ custom_code: exclude_sweeper: true examples: - name: 'app_engine_firewall_rule_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'rule' vars: project_id: 'ae-project' test_env_vars: +<<<<<<< HEAD + org_id: :ORG_ID + billing_account: :BILLING_ACCT +parameters: + - !ruby/object:Api::Type::Integer + name: 'priority' +======= org_id: 'ORG_ID' billing_account: 'BILLING_ACCT' parameters: - name: 'priority' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A positive integer that defines the order of rule evaluation. Rules with the lowest priority are evaluated first. @@ -61,6 +98,27 @@ parameters: IPv6 traffic when no previous rule matches. Only the action of this rule can be modified by the user. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'description' + description: | + An optional string description of this rule. + required: false + - !ruby/object:Api::Type::String + name: 'sourceRange' + description: | + IP address or range, defined using CIDR notation, of requests that this rule applies to. + required: true + - !ruby/object:Api::Type::Enum + name: 'action' + description: | + The action to take if this rule matches. + required: true + values: + - UNSPECIFIED_ACTION + - ALLOW + - DENY +======= - name: 'description' type: String description: | @@ -80,3 +138,4 @@ properties: - 'UNSPECIFIED_ACTION' - 'ALLOW' - 'DENY' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/appengine/FlexibleAppVersion.yaml b/mmv1/products/appengine/FlexibleAppVersion.yaml index 610cdd074733..77c738a25926 100644 --- a/mmv1/products/appengine/FlexibleAppVersion.yaml +++ b/mmv1/products/appengine/FlexibleAppVersion.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,7 +15,11 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +======= --- +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 name: 'FlexibleAppVersion' description: | Flexible App Version resource to create a new version of flexible GAE Application. Based on Google Compute Engine, @@ -21,6 +29,65 @@ description: | ~> **Note:** The App Engine flexible environment service account uses the member ID `service-[YOUR_PROJECT_NUMBER]@gae-api-prod.google.com.iam.gserviceaccount.com` It should have the App Engine Flexible Environment Service Agent role, which will be applied when the `appengineflex.googleapis.com` service is enabled. +<<<<<<< HEAD +collection_url_key: 'versions' +base_url: 'apps/{{project}}/services/{{service}}/versions' +delete_url: 'apps/{{project}}/services/{{service}}/versions/{{version_id}}' +update_url: 'apps/{{project}}/services/{{service}}/versions' +update_verb: :POST +update_mask: false +self_link: 'apps/{{project}}/services/{{service}}/versions/{{version_id}}?view=FULL' +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/appengine/docs/flexible' + api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services.versions' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'appengine#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +import_format: ['apps/{{project}}/services/{{service}}/versions/{{version_id}}'] +id_format: 'apps/{{project}}/services/{{service}}/versions/{{version_id}}' +mutex: 'apps/{{project}}' +error_retry_predicates: ['transport_tpg.IsAppEngineRetryableError'] +virtual_fields: + - !ruby/object:Api::Type::Boolean + name: 'noop_on_destroy' + default_value: false + description: | + If set to `true`, the application version will not be deleted. + - !ruby/object:Api::Type::Boolean + name: 'delete_service_on_destroy' + default_value: false + description: | + If set to `true`, the service will be deleted if it is the last version. +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_delete: templates/terraform/custom_delete/appversion_delete.go.erb + test_check_destroy: templates/terraform/custom_check_destroy/skip_delete_during_test.go.erb + encoder: templates/terraform/encoders/flex_app_version.go.erb +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'app_engine_flexible_app_version' + primary_resource_id: 'myapp_v1' + # https://github.com/hashicorp/terraform-provider-google/issues/19040 + skip_test: true + ignore_read_extra: + - 'noop_on_destroy' + - 'deployment.0.zip' +======= references: guides: 'Official Documentation': 'https://cloud.google.com/appengine/docs/flexible' @@ -65,11 +132,58 @@ error_retry_predicates: examples: - name: 'app_engine_flexible_app_version' primary_resource_id: 'myapp_v1' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: bucket_name: 'appengine-static-content' project: 'appeng-flex' account_id: 'my-account' test_env_vars: +<<<<<<< HEAD + org_id: :ORG_ID + billing_account: :BILLING_ACCT +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'service' + required: true + url_param_only: true + resource: 'Service' + imports: 'name' + description: | + AppEngine service resource. Can contain numbers, letters, and hyphens. +properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + Full path to the Version resource in the API. Example, "v1". + - !ruby/object:Api::Type::String + name: 'version_id' + immutable: true + api_name: 'id' + description: | + Relative name of the version within the service. For example, `v1`. Version names can contain only lowercase letters, numbers, or hyphens. + Reserved names,"default", "latest", and any name with the prefix "ah-". + - !ruby/object:Api::Type::Array + name: 'inboundServices' + description: | + A list of the types of messages that this application is able to receive. + is_set: true + item_type: !ruby/object:Api::Type::Enum + name: 'inboundService' + description: | + One type of message that this application is able to receive. + values: + - :INBOUND_SERVICE_MAIL + - :INBOUND_SERVICE_MAIL_BOUNCE + - :INBOUND_SERVICE_XMPP_ERROR + - :INBOUND_SERVICE_XMPP_MESSAGE + - :INBOUND_SERVICE_XMPP_SUBSCRIBE + - :INBOUND_SERVICE_XMPP_PRESENCE + - :INBOUND_SERVICE_CHANNEL_PRESENCE + - :INBOUND_SERVICE_WARMUP + - !ruby/object:Api::Type::String + name: 'instanceClass' +======= org_id: 'ORG_ID' billing_account: 'BILLING_ACCT' ignore_read_extra: @@ -130,11 +244,43 @@ properties: - 'INBOUND_SERVICE_WARMUP' - name: 'instanceClass' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Instance class that is used to run this version. Valid values are AutomaticScaling: F1, F2, F4, F4_1G ManualScaling: B1, B2, B4, B8, B4_1G Defaults to F1 for AutomaticScaling and B1 for ManualScaling. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'network' + description: Extra network settings + properties: + - !ruby/object:Api::Type::Array + name: 'forwardedPorts' + description: | + List of ports, or port pairs, to forward from the virtual machine to the application container. + item_type: Api::Type::String + - !ruby/object:Api::Type::Enum + name: 'instanceIpMode' + description: | + Prevent instances from receiving an ephemeral external IP address. + min_version: beta + values: + - :EXTERNAL + - :INTERNAL + - !ruby/object:Api::Type::String + name: 'instanceTag' + description: | + Tag to apply to the instance during creation. + - !ruby/object:Api::Type::String + name: 'name' + description: | + Google Compute Engine network where the virtual machines are created. Specify the short name, not the resource path. + required: true + - !ruby/object:Api::Type::String + name: 'subnetwork' + api_name: 'subnetworkName' +======= - name: 'network' type: NestedObject description: Extra network settings @@ -164,6 +310,7 @@ properties: required: true - name: 'subnetwork' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Google Cloud Platform sub-network where the virtual machines are created. Specify the short name, not the resource path. @@ -171,6 +318,105 @@ properties: If the network that the instance is being created in is an auto Subnet Mode Network, then only network name should be specified (not the subnetworkName) and the IP address is created from the IPCidrRange of the subnetwork that exists in that zone for that network. If the network that the instance is being created in is a custom Subnet Mode Network, then the subnetworkName must be specified and the IP address is created from the IPCidrRange of the subnetwork. If specified, the subnetwork must exist in the same region as the App Engine flexible environment application. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'sessionAffinity' + description: | + Enable session affinity. + - !ruby/object:Api::Type::NestedObject + name: 'resources' + description: Machine resources for a version. + properties: + - !ruby/object:Api::Type::Integer + name: 'cpu' + description: | + Number of CPU cores needed. + at_least_one_of: + - resources.0.cpu + - resources.0.disk_gb + - resources.0.memory_gb + - resources.0.volumes + - !ruby/object:Api::Type::Integer + name: 'diskGb' + description: | + Disk size (GB) needed. + at_least_one_of: + - resources.0.cpu + - resources.0.disk_gb + - resources.0.memory_gb + - resources.0.volumes + - !ruby/object:Api::Type::Double + name: 'memoryGb' + description: | + Memory (GB) needed. + at_least_one_of: + - resources.0.cpu + - resources.0.disk_gb + - resources.0.memory_gb + - resources.0.volumes + - !ruby/object:Api::Type::Array + name: 'volumes' + description: | + List of ports, or port pairs, to forward from the virtual machine to the application container. + at_least_one_of: + - resources.0.cpu + - resources.0.disk_gb + - resources.0.memory_gb + - resources.0.volumes + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + description: | + Unique name for the volume. + required: true + - !ruby/object:Api::Type::String + name: 'volumeType' + description: | + Underlying volume type, e.g. 'tmpfs'. + required: true + - !ruby/object:Api::Type::Integer + name: 'sizeGb' + description: | + Volume size in gigabytes. + required: true + - !ruby/object:Api::Type::String + name: 'runtime' + description: | + Desired runtime. Example python27. + required: true + - !ruby/object:Api::Type::String + name: 'runtimeChannel' + description: | + The channel of the runtime to use. Only available for some runtimes. + - !ruby/object:Api::Type::NestedObject + name: 'flexibleRuntimeSettings' + description: Runtime settings for App Engine flexible environment. + properties: + - !ruby/object:Api::Type::String + name: 'operatingSystem' + description: | + Operating System of the application runtime. + - !ruby/object:Api::Type::String + name: 'runtimeVersion' + description: | + The runtime version of an App Engine flexible application. + - !ruby/object:Api::Type::KeyValuePairs + name: 'betaSettings' + description: | + Metadata settings that are supplied to this version to enable beta runtime features. + ignore_read: true + - !ruby/object:Api::Type::Enum + name: 'servingStatus' + description: | + Current serving status of this version. Only the versions with a SERVING status create instances and can be billed. + default_value: :SERVING + values: + - :SERVING + - :STOPPED + - !ruby/object:Api::Type::String + name: 'runtimeApiVersion' +======= api_name: subnetworkName - name: 'sessionAffinity' type: Boolean @@ -270,17 +516,71 @@ properties: - 'STOPPED' - name: 'runtimeApiVersion' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The version of the API in the given runtime environment. Please see the app.yaml reference for valid values at `https://cloud.google.com/appengine/docs/standard//config/appref`\ Substitute `` with `python`, `java`, `php`, `ruby`, `go` or `nodejs`. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'handlers' +======= - name: 'handlers' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An ordered list of URL-matching patterns that should be applied to incoming requests. The first matching URL handles the request and other request handlers are not attempted. default_from_api: true +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'urlRegex' + description: | + URL prefix. Uses regular expression syntax, which means regexp special characters must be escaped, but should not contain groupings. + All URLs that begin with this prefix are handled by this handler, using the portion of the URL after the prefix as part of the file path. + - !ruby/object:Api::Type::Enum + name: 'securityLevel' + required: false + description: | + Security (HTTPS) enforcement for this URL. + values: + - :SECURE_DEFAULT + - :SECURE_NEVER + - :SECURE_OPTIONAL + - :SECURE_ALWAYS + - !ruby/object:Api::Type::Enum + name: 'login' + description: | + Methods to restrict access to a URL based on login status. + required: false + values: + - :LOGIN_OPTIONAL + - :LOGIN_ADMIN + - :LOGIN_REQUIRED + - !ruby/object:Api::Type::Enum + name: 'authFailAction' + description: | + Actions to take when the user is not logged in. + required: false + values: + - :AUTH_FAIL_ACTION_REDIRECT + - :AUTH_FAIL_ACTION_UNAUTHORIZED + - !ruby/object:Api::Type::Enum + name: 'redirectHttpResponseCode' + description: | + 30x code to use when performing redirects for the secure field. + required: false + values: + - :REDIRECT_HTTP_RESPONSE_CODE_301 + - :REDIRECT_HTTP_RESPONSE_CODE_302 + - :REDIRECT_HTTP_RESPONSE_CODE_303 + - :REDIRECT_HTTP_RESPONSE_CODE_307 + - !ruby/object:Api::Type::NestedObject + name: 'script' +======= item_type: type: NestedObject properties: @@ -328,11 +628,21 @@ properties: - 'REDIRECT_HTTP_RESPONSE_CODE_307' - name: 'script' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # TODO (mbang): Exactly one of script, staticFiles, or apiEndpoint must be set description: | Executes a script to handle the requests that match this URL pattern. Only the auto value is supported for Node.js in the App Engine standard environment, for example "script:" "auto". properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'scriptPath' + required: true + description: | + Path to the script from the application root directory. + - !ruby/object:Api::Type::NestedObject + name: 'staticFiles' +======= - name: 'scriptPath' type: String description: | @@ -340,11 +650,35 @@ properties: required: true - name: 'staticFiles' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # TODO (mbang): Exactly one of script, staticFiles, or apiEndpoint must be set description: | Files served directly to the user for a given URL, such as images, CSS stylesheets, or JavaScript source files. Static file handlers describe which files in the application directory are static files, and which URLs serve them. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'path' + description: | + Path to the static files matched by the URL pattern, from the application root directory. + The path can refer to text matched in groupings in the URL pattern. + - !ruby/object:Api::Type::String + name: 'uploadPathRegex' + description: | + Regular expression that matches the file paths for all files that should be referenced by this handler. + - !ruby/object:Api::Type::KeyValuePairs + name: 'httpHeaders' + description: | + HTTP headers to use for all responses from these URLs. + An object containing a list of "key:value" value pairs.". + - !ruby/object:Api::Type::String + name: 'mimeType' + description: | + MIME type used to serve all files served by this handler. + Defaults to file-specific MIME types, which are derived from each file's filename extension. + - !ruby/object:Api::Type::String + name: 'expiration' +======= - name: 'path' type: String description: | @@ -366,10 +700,20 @@ properties: Defaults to file-specific MIME types, which are derived from each file's filename extension. - name: 'expiration' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Time a static file served by this handler should be cached by web proxies and browsers. A duration in seconds with up to nine fractional digits, terminated by 's'. Example "3.5s". Default is '0s' +<<<<<<< HEAD + default_value: '0s' + - !ruby/object:Api::Type::Boolean + name: 'requireMatchingFile' + description: | + Whether this handler should match the request if the file referenced by the handler does not exist. + - !ruby/object:Api::Type::Boolean + name: 'applicationReadable' +======= default_value: "0s" - name: 'requireMatchingFile' type: Boolean @@ -377,20 +721,84 @@ properties: Whether this handler should match the request if the file referenced by the handler does not exist. - name: 'applicationReadable' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Whether files should also be uploaded as code data. By default, files declared in static file handlers are uploaded as static data and are only served to end users; they cannot be read by the application. If enabled, uploads are charged against both your code and static data storage resource quotas. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'runtimeMainExecutablePath' + description: | + The path or name of the app's main executable. + - !ruby/object:Api::Type::String + name: 'serviceAccount' +======= - name: 'runtimeMainExecutablePath' type: String description: | The path or name of the app's main executable. - name: 'serviceAccount' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The identity that the deployed version will run as. Admin API will use the App Engine Appspot service account as default if this field is neither provided in app.yaml file nor through CLI flag. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'apiConfig' + description: | + Serving configuration for Google Cloud Endpoints. + properties: + - !ruby/object:Api::Type::Enum + name: 'authFailAction' + description: | + Action to take when users access resources that require authentication. + default_value: :AUTH_FAIL_ACTION_REDIRECT + values: + - :AUTH_FAIL_ACTION_REDIRECT + - :AUTH_FAIL_ACTION_UNAUTHORIZED + - !ruby/object:Api::Type::Enum + name: 'login' + description: | + Level of login required to access this resource. + default_value: :LOGIN_OPTIONAL + values: + - :LOGIN_OPTIONAL + - :LOGIN_ADMIN + - :LOGIN_REQUIRED + - !ruby/object:Api::Type::String + name: 'script' + required: true + description: | + Path to the script from the application root directory. + - !ruby/object:Api::Type::Enum + name: 'securityLevel' + description: | + Security (HTTPS) enforcement for this URL. + values: + - :SECURE_DEFAULT + - :SECURE_NEVER + - :SECURE_OPTIONAL + - :SECURE_ALWAYS + - !ruby/object:Api::Type::String + name: 'url' + description: | + URL to serve the endpoint at. + - !ruby/object:Api::Type::KeyValuePairs + name: 'envVariables' + description: |- + Environment variables available to the application. As these are not returned in the API request, Terraform will not detect any changes made outside of the Terraform config. + ignore_read: true + - !ruby/object:Api::Type::String + name: 'defaultExpiration' + description: | + Duration that static files should be cached by web proxies and browsers. + Only applicable if the corresponding StaticFilesHandler does not specify its own expiration time. + - !ruby/object:Api::Type::NestedObject + name: 'readinessCheck' +======= - name: 'apiConfig' type: NestedObject description: | @@ -443,10 +851,50 @@ properties: Only applicable if the corresponding StaticFilesHandler does not specify its own expiration time. - name: 'readinessCheck' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Configures readiness health checking for instances. Unhealthy instances are not put into the backend traffic rotation. required: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'path' + description: | + The request path. + required: true + - !ruby/object:Api::Type::String + name: 'host' + description: | + Host header to send when performing a HTTP Readiness check. Example: "myapp.appspot.com" + - !ruby/object:Api::Type::Double + name: 'failureThreshold' + description: | + Number of consecutive failed checks required before removing traffic. Default: 2. + default_value: 2.0 + - !ruby/object:Api::Type::Double + name: 'successThreshold' + description: | + Number of consecutive successful checks required before receiving traffic. Default: 2. + default_value: 2.0 + - !ruby/object:Api::Type::String + name: 'checkInterval' + description: | + Interval between health checks. Default: "5s". + default_value: '5s' + - !ruby/object:Api::Type::String + name: 'timeout' + description: | + Time before the check is considered failed. Default: "4s" + default_value: '4s' + - !ruby/object:Api::Type::String + name: 'appStartTimeout' + description: | + A maximum time limit on application initialization, measured from moment the application successfully + replies to a healthcheck until it is ready to serve traffic. Default: "300s" + default_value: '300s' + - !ruby/object:Api::Type::NestedObject + name: 'livenessCheck' +======= - name: 'path' type: String description: | @@ -484,10 +932,53 @@ properties: default_value: "300s" - name: 'livenessCheck' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Health checking configuration for VM instances. Unhealthy instances are killed and replaced with new instances. required: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'path' + required: true + description: | + The request path. + - !ruby/object:Api::Type::String + name: 'host' + description: | + Host header to send when performing a HTTP Readiness check. Example: "myapp.appspot.com" + - !ruby/object:Api::Type::Double + name: 'failureThreshold' + description: | + Number of consecutive failed checks required before considering the VM unhealthy. Default: 4. + default_value: 4.0 + - !ruby/object:Api::Type::Double + name: 'successThreshold' + description: | + Number of consecutive successful checks required before considering the VM healthy. Default: 2. + default_value: 2.0 + - !ruby/object:Api::Type::String + name: 'checkInterval' + description: | + Interval between health checks. + default_value: '30s' + - !ruby/object:Api::Type::String + name: 'timeout' + description: | + Time before the check is considered failed. Default: "4s" + default_value: '4s' + - !ruby/object:Api::Type::String + name: 'initialDelay' + description: | + The initial delay before starting to execute the checks. Default: "300s" + default_value: '300s' + - !ruby/object:Api::Type::String + name: 'nobuildFilesRegex' + description: | + Files that match this pattern will not be built into this version. Only applicable for Go runtimes. + - !ruby/object:Api::Type::NestedObject + name: 'deployment' +======= - name: 'path' type: String description: | @@ -528,10 +1019,30 @@ properties: Files that match this pattern will not be built into this version. Only applicable for Go runtimes. - name: 'deployment' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Code and application artifacts that make up this version. ignore_read: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'zip' + description: 'Zip File' + at_least_one_of: + - deployment.0.zip + - deployment.0.files + - deployment.0.container + properties: + - !ruby/object:Api::Type::String + name: 'sourceUrl' + description: 'Source URL' + required: true + - !ruby/object:Api::Type::Integer + name: 'filesCount' + description: 'files count' + - !ruby/object:Api::Type::Map + name: 'files' +======= - name: 'zip' type: NestedObject description: 'Zip File' @@ -549,10 +1060,41 @@ properties: description: 'files count' - name: 'files' type: Map +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Manifest of the files stored in Google Cloud Storage that are included as part of this version. All files must be readable using the credentials supplied with this call. at_least_one_of: +<<<<<<< HEAD + - deployment.0.zip + - deployment.0.files + - deployment.0.container + key_name: 'name' + key_description: | + name of file + value_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'sha1Sum' + description: | + SHA1 checksum of the file + - !ruby/object:Api::Type::String + name: 'sourceUrl' + required: true + description: | + Source URL + - !ruby/object:Api::Type::NestedObject + name: 'container' + description: 'The Docker image for the container that runs the version.' + at_least_one_of: + - deployment.0.zip + - deployment.0.files + - deployment.0.container + default_from_api: true + properties: + - !ruby/object:Api::Type::String + name: 'image' +======= - 'deployment.0.zip' - 'deployment.0.files' - 'deployment.0.container' @@ -583,17 +1125,36 @@ properties: properties: - name: 'image' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | URI to the hosted container image in Google Container Registry. The URI must be fully qualified and include a tag or digest. Examples: "gcr.io/my-project/image:tag" or "gcr.io/my-project/image@digest" required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'cloudBuildOptions' +======= - name: 'cloudBuildOptions' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: Options for the build operations performed as a part of the version deployment. Only applicable when creating a version using source code directly. at_least_one_of: +<<<<<<< HEAD + - deployment.0.zip + - deployment.0.files + - deployment.0.container + properties: + - !ruby/object:Api::Type::String + name: 'appYamlPath' + description: | + Path to the yaml file used in deployment, used to determine runtime configuration details. + required: true + - !ruby/object:Api::Type::String + name: 'cloudBuildTimeout' +======= - 'deployment.0.zip' - 'deployment.0.files' - 'deployment.0.container' @@ -605,10 +1166,26 @@ properties: required: true - name: 'cloudBuildTimeout' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The Cloud Build timeout used as part of any dependent builds performed by version creation. Defaults to 10 minutes. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'endpointsApiService' + description: | + Code and application artifacts that make up this version. + properties: + - !ruby/object:Api::Type::String + name: 'name' + required: true + description: | + Endpoints service name which is the name of the "service" resource in the Service Management API. + For example "myapi.endpoints.myproject.cloud.goog" + - !ruby/object:Api::Type::String + name: 'configId' +======= - name: 'endpointsApiService' type: NestedObject description: | @@ -622,6 +1199,7 @@ properties: required: true - name: 'configId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Endpoints service configuration ID as specified by the Service Management API. For example "2016-09-19r1". @@ -631,6 +1209,18 @@ properties: Endpoints also has a rollout strategy called "MANAGED". When using this, Endpoints fetches the latest configuration and does not need the configuration ID. In this case, configId must be omitted. +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'rolloutStrategy' + description: | + Endpoints rollout strategy. If FIXED, configId must be specified. If MANAGED, configId must be omitted. + default_value: :FIXED + values: + - :FIXED + - :MANAGED + - !ruby/object:Api::Type::Boolean + name: 'disableTraceSampling' +======= - name: 'rolloutStrategy' type: Enum description: | @@ -641,16 +1231,49 @@ properties: - 'MANAGED' - name: 'disableTraceSampling' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: Enable or disable trace sampling. By default, this is set to false for enabled. default_value: false +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'entrypoint' +======= - name: 'entrypoint' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The entrypoint for the application. ignore_read: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'shell' + required: true + description: | + The format should be a shell command that can be fed to bash -c. + - !ruby/object:Api::Type::NestedObject + name: 'vpcAccessConnector' + description: | + Enables VPC connectivity for standard apps. + properties: + - !ruby/object:Api::Type::String + name: 'name' + required: true + description: | + Full Serverless VPC Access Connector name e.g. /projects/my-project/locations/us-central1/connectors/c1. + - !ruby/object:Api::Type::NestedObject + name: 'automaticScaling' + description: | + Automatic scaling is based on request rate, response latencies, and other application metrics. + exactly_one_of: + - automatic_scaling + - manual_scaling + properties: + - !ruby/object:Api::Type::String + name: 'coolDownPeriod' +======= - name: 'shell' type: String description: | @@ -676,10 +1299,31 @@ properties: properties: - name: 'coolDownPeriod' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The time period that the Autoscaler should wait before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. Default: 120s +<<<<<<< HEAD + default_value: '120s' + - !ruby/object:Api::Type::NestedObject + name: 'cpuUtilization' + required: true + description: | + Target scaling by CPU usage. + properties: + - !ruby/object:Api::Type::String + name: 'aggregationWindowLength' + description: | + Period of time over which CPU utilization is calculated. + - !ruby/object:Api::Type::Double + name: 'targetUtilization' + required: true + description: | + Target CPU utilization ratio to maintain when scaling. Must be between 0 and 1. + - !ruby/object:Api::Type::Integer + name: 'maxConcurrentRequests' +======= default_value: "120s" - name: 'cpuUtilization' type: NestedObject @@ -698,11 +1342,152 @@ properties: required: true - name: 'maxConcurrentRequests' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Number of concurrent requests an automatic scaling instance can accept before the scheduler spawns a new instance. Defaults to a runtime-specific value. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'maxIdleInstances' + description: | + Maximum number of idle instances that should be maintained for this version. + - !ruby/object:Api::Type::Integer + name: 'maxTotalInstances' + description: | + Maximum number of instances that should be started to handle requests for this version. Default: 20 + default_value: 20 + - !ruby/object:Api::Type::String + name: 'maxPendingLatency' + description: | + Maximum amount of time that a request should wait in the pending queue before starting a new instance to handle it. + - !ruby/object:Api::Type::Integer + name: 'minIdleInstances' + description: | + Minimum number of idle instances that should be maintained for this version. Only applicable for the default version of a service. + - !ruby/object:Api::Type::Integer + name: 'minTotalInstances' + description: | + Minimum number of running instances that should be maintained for this version. Default: 2 + default_value: 2 + - !ruby/object:Api::Type::String + name: 'minPendingLatency' + description: | + Minimum amount of time a request should wait in the pending queue before starting a new instance to handle it. + - !ruby/object:Api::Type::NestedObject + name: 'requestUtilization' + description: | + Target scaling by request utilization. + properties: + - !ruby/object:Api::Type::String + name: 'targetRequestCountPerSecond' + description: | + Target requests per second. + at_least_one_of: + - automatic_scaling.0.request_utilization.0.target_request_count_per_second + - automatic_scaling.0.request_utilization.0.target_concurrent_requests + - !ruby/object:Api::Type::Double + name: 'targetConcurrentRequests' + description: | + Target number of concurrent requests. + at_least_one_of: + - automatic_scaling.0.request_utilization.0.target_request_count_per_second + - automatic_scaling.0.request_utilization.0.target_concurrent_requests + - !ruby/object:Api::Type::NestedObject + name: 'diskUtilization' + description: | + Target scaling by disk usage. + properties: + - !ruby/object:Api::Type::Integer + name: 'targetWriteBytesPerSecond' + description: | + Target bytes written per second. + at_least_one_of: + - automatic_scaling.0.disk_utilization.0.target_write_bytes_per_second + - automatic_scaling.0.disk_utilization.0.target_write_ops_per_second + - automatic_scaling.0.disk_utilization.0.target_read_bytes_per_second + - automatic_scaling.0.disk_utilization.0.target_read_ops_per_second + - !ruby/object:Api::Type::Integer + name: 'targetWriteOpsPerSecond' + description: | + Target ops written per second. + at_least_one_of: + - automatic_scaling.0.disk_utilization.0.target_write_bytes_per_second + - automatic_scaling.0.disk_utilization.0.target_write_ops_per_second + - automatic_scaling.0.disk_utilization.0.target_read_bytes_per_second + - automatic_scaling.0.disk_utilization.0.target_read_ops_per_second + - !ruby/object:Api::Type::Integer + name: 'targetReadBytesPerSecond' + description: | + Target bytes read per second. + at_least_one_of: + - automatic_scaling.0.disk_utilization.0.target_write_bytes_per_second + - automatic_scaling.0.disk_utilization.0.target_write_ops_per_second + - automatic_scaling.0.disk_utilization.0.target_read_bytes_per_second + - automatic_scaling.0.disk_utilization.0.target_read_ops_per_second + - !ruby/object:Api::Type::Integer + name: 'targetReadOpsPerSecond' + description: | + Target ops read per seconds. + at_least_one_of: + - automatic_scaling.0.disk_utilization.0.target_write_bytes_per_second + - automatic_scaling.0.disk_utilization.0.target_write_ops_per_second + - automatic_scaling.0.disk_utilization.0.target_read_bytes_per_second + - automatic_scaling.0.disk_utilization.0.target_read_ops_per_second + - !ruby/object:Api::Type::NestedObject + name: 'networkUtilization' + description: | + Target scaling by network usage. + properties: + - !ruby/object:Api::Type::Integer + name: 'targetSentBytesPerSecond' + description: | + Target bytes sent per second. + at_least_one_of: + - automatic_scaling.0.network_utilization.0.target_sent_bytes_per_second + - automatic_scaling.0.network_utilization.0.target_sent_packets_per_second + - automatic_scaling.0.network_utilization.0.target_received_bytes_per_second + - automatic_scaling.0.network_utilization.0.target_received_packets_per_second + - !ruby/object:Api::Type::Integer + name: 'targetSentPacketsPerSecond' + description: | + Target packets sent per second. + at_least_one_of: + - automatic_scaling.0.network_utilization.0.target_sent_bytes_per_second + - automatic_scaling.0.network_utilization.0.target_sent_packets_per_second + - automatic_scaling.0.network_utilization.0.target_received_bytes_per_second + - automatic_scaling.0.network_utilization.0.target_received_packets_per_second + - !ruby/object:Api::Type::Integer + name: 'targetReceivedBytesPerSecond' + description: | + Target bytes received per second. + at_least_one_of: + - automatic_scaling.0.network_utilization.0.target_sent_bytes_per_second + - automatic_scaling.0.network_utilization.0.target_sent_packets_per_second + - automatic_scaling.0.network_utilization.0.target_received_bytes_per_second + - automatic_scaling.0.network_utilization.0.target_received_packets_per_second + - !ruby/object:Api::Type::Integer + name: 'targetReceivedPacketsPerSecond' + description: | + Target packets received per second. + at_least_one_of: + - automatic_scaling.0.network_utilization.0.target_sent_bytes_per_second + - automatic_scaling.0.network_utilization.0.target_sent_packets_per_second + - automatic_scaling.0.network_utilization.0.target_received_bytes_per_second + - automatic_scaling.0.network_utilization.0.target_received_packets_per_second + - !ruby/object:Api::Type::NestedObject + name: 'manualScaling' + description: | + A service with manual scaling runs continuously, allowing you to perform complex initialization and rely on the state of its memory over time. + exactly_one_of: + - automatic_scaling + - manual_scaling + properties: + - !ruby/object:Api::Type::Integer + name: 'instances' + required: true +======= - name: 'maxIdleInstances' type: Integer description: | @@ -840,9 +1625,13 @@ properties: properties: - name: 'instances' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Number of instances to assign to the service at the start. **Note:** When managing the number of instances at runtime through the App Engine Admin API or the (now deprecated) Python 2 Modules API set_num_instances() you must use `lifecycle.ignore_changes = ["manual_scaling"[0].instances]` to prevent drift detection. +<<<<<<< HEAD +======= required: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/appengine/Service.yaml b/mmv1/products/appengine/Service.yaml index b3c5ea0dc9f3..27c4f0a001bc 100644 --- a/mmv1/products/appengine/Service.yaml +++ b/mmv1/products/appengine/Service.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,12 +15,38 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +======= --- +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 name: 'Service' description: | A Service resource is a logical component of an application that can share state and communicate in a secure fashion with other services. For example, an application that handles customer requests might include separate services to handle tasks such as backend data analysis or API requests from mobile devices. Each service has a collection of versions that define a specific set of code used to implement the functionality of that service. +<<<<<<< HEAD +base_url: 'apps/{{project}}/services' +self_link: 'apps/{{project}}/services/{{id}}' +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/appengine/docs/admin-api/deploying-overview' + api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services' +# Used as a resource reference +exclude: true +properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + Full path to the Service resource in the API. Example apps/myapp/services/default. + This field is used in responses only. Any value specified here in a request is ignored. + - !ruby/object:Api::Type::String + name: 'id' + output: true + description: | + Relative name of the service within the application. Example default. +======= # Used as a resource reference exclude: true references: @@ -44,3 +74,4 @@ properties: description: | Relative name of the service within the application. Example default. output: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/appengine/ServiceNetworkSettings.yaml b/mmv1/products/appengine/ServiceNetworkSettings.yaml index 47ae15061a52..7ac3072236c5 100644 --- a/mmv1/products/appengine/ServiceNetworkSettings.yaml +++ b/mmv1/products/appengine/ServiceNetworkSettings.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,60 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'ServiceNetworkSettings' +description: | + A NetworkSettings resource is a container for ingress settings for a version or service. +base_url: 'apps/{{project}}/services' +self_link: 'apps/{{project}}/services/{{service}}' +create_url: 'apps/{{project}}/services/{{service}}?updateMask=networkSettings' +create_verb: :PATCH +update_url: 'apps/{{project}}/services/{{service}}' +update_verb: :PATCH +update_mask: true +references: !ruby/object:Api::Resource::ReferenceLinks + api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'appengine#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +id_format: 'apps/{{project}}/services/{{service}}' +import_format: ['apps/{{project}}/services/{{service}}'] +mutex: 'apps/{{project}}' +skip_delete: true +custom_code: !ruby/object:Provider::Terraform::CustomCode + test_check_destroy: templates/terraform/custom_check_destroy/skip_delete_during_test.go.erb +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'app_engine_service_network_settings' + primary_resource_id: 'internalapp' + vars: + bucket_name: 'appengine-static-content' +properties: + - !ruby/object:Api::Type::String + name: 'service' + api_name: 'id' + required: true + description: | + The name of the service these settings apply to. + - !ruby/object:Api::Type::NestedObject + name: 'networkSettings' +======= --- name: 'ServiceNetworkSettings' description: | @@ -66,10 +124,23 @@ properties: required: true - name: 'networkSettings' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Ingress settings for this service. Will apply to all versions. required: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'ingressTrafficAllowed' + description: | + The ingress settings for version or service. + default_value: :INGRESS_TRAFFIC_ALLOWED_UNSPECIFIED + values: + - :INGRESS_TRAFFIC_ALLOWED_UNSPECIFIED + - :INGRESS_TRAFFIC_ALLOWED_ALL + - :INGRESS_TRAFFIC_ALLOWED_INTERNAL_ONLY + - :INGRESS_TRAFFIC_ALLOWED_INTERNAL_AND_LB +======= - name: 'ingressTrafficAllowed' type: Enum description: | @@ -80,3 +151,4 @@ properties: - 'INGRESS_TRAFFIC_ALLOWED_ALL' - 'INGRESS_TRAFFIC_ALLOWED_INTERNAL_ONLY' - 'INGRESS_TRAFFIC_ALLOWED_INTERNAL_AND_LB' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/appengine/ServiceSplitTraffic.yaml b/mmv1/products/appengine/ServiceSplitTraffic.yaml index acf21cd99ef1..9d9f4b3ab36d 100644 --- a/mmv1/products/appengine/ServiceSplitTraffic.yaml +++ b/mmv1/products/appengine/ServiceSplitTraffic.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,48 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'ServiceSplitTraffic' +description: | + Traffic routing configuration for versions within a single service. Traffic splits define how traffic directed to the service is assigned to versions. +base_url: 'apps/{{project}}/services' +self_link: 'apps/{{project}}/services/{{service}}' +create_url: 'apps/{{project}}/services/{{service}}?migrateTraffic={{migrate_traffic}}&updateMask=split' +create_verb: :PATCH +update_url: 'apps/{{project}}/services/{{service}}?migrateTraffic={{migrate_traffic}}' +update_verb: :PATCH +update_mask: true +references: !ruby/object:Api::Resource::ReferenceLinks + api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'appengine#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +id_format: 'apps/{{project}}/services/{{service}}' +import_format: ['apps/{{project}}/services/{{service}}'] +mutex: 'apps/{{project}}' +skip_delete: true +custom_code: !ruby/object:Provider::Terraform::CustomCode + test_check_destroy: templates/terraform/custom_check_destroy/skip_delete_during_test.go.erb +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'app_engine_service_split_traffic' +======= --- name: 'ServiceSplitTraffic' description: | @@ -53,12 +99,31 @@ custom_code: test_check_destroy: 'templates/terraform/custom_check_destroy/skip_delete_during_test.go.tmpl' examples: - name: 'app_engine_service_split_traffic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'liveapp' vars: service_id: 'default' split.allocations.v1: '1' bucket_name: 'appengine-static-content' test_env_vars: +<<<<<<< HEAD + org_id: :ORG_ID +parameters: + - !ruby/object:Api::Type::Boolean + name: 'migrate_traffic' + url_param_only: true + description: | + If set to true traffic will be migrated to this version. +properties: + - !ruby/object:Api::Type::String + name: 'service' + api_name: 'id' + required: true + description: | + The name of the service these settings apply to. + - !ruby/object:Api::Type::NestedObject + name: 'split' +======= org_id: 'ORG_ID' parameters: - name: 'migrate_traffic' @@ -75,11 +140,30 @@ properties: required: true - name: 'split' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Mapping that defines fractional HTTP traffic diversion to different versions within the service. required: true ignore_read: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'shardBy' + description: | + Mechanism used to determine which version a request is sent to. The traffic selection algorithm will be stable for either type until allocations are changed. + values: + - :UNSPECIFIED + - :COOKIE + - :IP + - :RANDOM + - !ruby/object:Api::Type::KeyValuePairs + name: 'allocations' + required: true + description: | + Mapping from version IDs within the service to fractional (0.000, 1] allocations of traffic for that version. Each version can be specified only once, but some versions in the service may not have any traffic allocation. Services that have traffic allocated cannot be deleted until either the service is deleted or their traffic allocation is removed. Allocations must sum to 1. Up to two decimal place precision is supported for IP-based splits and up to three decimal places is supported for cookie-based splits. + + custom_flatten: templates/terraform/custom_flatten/float64_to_string.go.erb +======= - name: 'shardBy' type: Enum description: | @@ -96,3 +180,4 @@ properties: required: true custom_flatten: 'templates/terraform/custom_flatten/float64_to_string.go.tmpl' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/appengine/StandardAppVersion.yaml b/mmv1/products/appengine/StandardAppVersion.yaml index 9c2e02fb945c..d55efca657ed 100644 --- a/mmv1/products/appengine/StandardAppVersion.yaml +++ b/mmv1/products/appengine/StandardAppVersion.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,7 +15,11 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +======= --- +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # StandardAppVersion and FlexibleAppVersion use the same API endpoint (apps.services.versions) # They are split apart as some of the fields will are necessary for one and not the other, and # other fields may have different defaults. However, some fields are the same. If fixing a bug @@ -22,6 +30,67 @@ description: | Learn about the differences between the standard environment and the flexible environment at https://cloud.google.com/appengine/docs/the-appengine-environments. Currently supporting Zip and File Containers. +<<<<<<< HEAD +collection_url_key: 'versions' +base_url: 'apps/{{project}}/services/{{service}}/versions' +delete_url: 'apps/{{project}}/services/{{service}}/versions/{{version_id}}' +delete_verb: :DELETE +update_url: 'apps/{{project}}/services/{{service}}/versions' +update_verb: :POST +update_mask: false +create_url: 'apps/{{project}}/services/{{service}}/versions' +self_link: 'apps/{{project}}/services/{{service}}/versions/{{version_id}}?view=FULL' +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/appengine/docs/standard' + api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services.versions' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'appengine#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + timeouts: !ruby/object:Api::Timeouts + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +import_format: ['apps/{{project}}/services/{{service}}/versions/{{version_id}}'] +id_format: 'apps/{{project}}/services/{{service}}/versions/{{version_id}}' +mutex: 'apps/{{project}}' +error_retry_predicates: ['transport_tpg.IsAppEngineRetryableError'] +virtual_fields: + - !ruby/object:Api::Type::Boolean + name: 'noop_on_destroy' + default_value: false + description: | + If set to `true`, the application version will not be deleted. + - !ruby/object:Api::Type::Boolean + name: 'delete_service_on_destroy' + default_value: false + description: | + If set to `true`, the service will be deleted if it is the last version. +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_delete: templates/terraform/custom_delete/appversion_delete.go.erb + test_check_destroy: templates/terraform/custom_check_destroy/appengine.go.erb +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'app_engine_standard_app_version' + primary_resource_id: 'myapp_v1' + ignore_read_extra: + - 'delete_service_on_destroy' +======= references: guides: 'Official Documentation': 'https://cloud.google.com/appengine/docs/standard' @@ -70,12 +139,58 @@ error_retry_predicates: examples: - name: 'app_engine_standard_app_version' primary_resource_id: 'myapp_v1' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: project_id: 'ae-project' bucket_name: 'appengine-static-content' service_name: 'ae-service' account_id: 'my-account' test_env_vars: +<<<<<<< HEAD + org_id: :ORG_ID +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'service' + url_param_only: true + resource: 'Service' + imports: 'name' + required: true + description: | + AppEngine service resource +properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + Full path to the Version resource in the API. Example, "v1". + - !ruby/object:Api::Type::String + name: 'version_id' + api_name: 'id' + immutable: true + description: | + Relative name of the version within the service. For example, `v1`. Version names can contain only lowercase letters, numbers, or hyphens. Reserved names,"default", "latest", and any name with the prefix "ah-". + - !ruby/object:Api::Type::String + name: 'runtime' + description: | + Desired runtime. Example python27. + required: true + - !ruby/object:Api::Type::String + name: 'serviceAccount' + description: | + The identity that the deployed version will run as. Admin API will use the App Engine Appspot service account as default if this field is neither provided in app.yaml file nor through CLI flag. + default_from_api: true + - !ruby/object:Api::Type::Boolean + name: 'threadsafe' + description: | + Whether multiple requests can be dispatched to this version at once. + ignore_read: true + - !ruby/object:Api::Type::Boolean + name: 'appEngineApis' + description: | + Allows App Engine second generation runtimes to access the legacy bundled services. + - !ruby/object:Api::Type::String + name: 'runtimeApiVersion' +======= org_id: 'ORG_ID' ignore_read_extra: - 'delete_service_on_destroy' @@ -132,16 +247,70 @@ properties: Allows App Engine second generation runtimes to access the legacy bundled services. - name: 'runtimeApiVersion' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The version of the API in the given runtime environment. Please see the app.yaml reference for valid values at `https://cloud.google.com/appengine/docs/standard//config/appref`\ Substitute `` with `python`, `java`, `php`, `ruby`, `go` or `nodejs`. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'handlers' +======= - name: 'handlers' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An ordered list of URL-matching patterns that should be applied to incoming requests. The first matching URL handles the request and other request handlers are not attempted. default_from_api: true +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'urlRegex' + description: | + URL prefix. Uses regular expression syntax, which means regexp special characters must be escaped, but should not contain groupings. + All URLs that begin with this prefix are handled by this handler, using the portion of the URL after the prefix as part of the file path. + - !ruby/object:Api::Type::Enum + name: 'securityLevel' + required: false + description: | + Security (HTTPS) enforcement for this URL. + values: + - :SECURE_DEFAULT + - :SECURE_NEVER + - :SECURE_OPTIONAL + - :SECURE_ALWAYS + - !ruby/object:Api::Type::Enum + name: 'login' + description: | + Methods to restrict access to a URL based on login status. + required: false + values: + - :LOGIN_OPTIONAL + - :LOGIN_ADMIN + - :LOGIN_REQUIRED + - !ruby/object:Api::Type::Enum + name: 'authFailAction' + description: | + Actions to take when the user is not logged in. + required: false + values: + - :AUTH_FAIL_ACTION_REDIRECT + - :AUTH_FAIL_ACTION_UNAUTHORIZED + - !ruby/object:Api::Type::Enum + name: 'redirectHttpResponseCode' + description: | + 30x code to use when performing redirects for the secure field. + required: false + values: + - :REDIRECT_HTTP_RESPONSE_CODE_301 + - :REDIRECT_HTTP_RESPONSE_CODE_302 + - :REDIRECT_HTTP_RESPONSE_CODE_303 + - :REDIRECT_HTTP_RESPONSE_CODE_307 + - !ruby/object:Api::Type::NestedObject + name: 'script' +======= item_type: type: NestedObject properties: @@ -189,11 +358,21 @@ properties: - 'REDIRECT_HTTP_RESPONSE_CODE_307' - name: 'script' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # TODO (mbang): Exactly one of script, staticFiles, or apiEndpoint must be set description: | Executes a script to handle the requests that match this URL pattern. Only the auto value is supported for Node.js in the App Engine standard environment, for example "script:" "auto". properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'scriptPath' + required: true + description: | + Path to the script from the application root directory. + - !ruby/object:Api::Type::NestedObject + name: 'staticFiles' +======= - name: 'scriptPath' type: String description: | @@ -201,10 +380,42 @@ properties: required: true - name: 'staticFiles' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # TODO (mbang): Exactly one of script, staticFiles, or apiEndpoint must be set description: | Files served directly to the user for a given URL, such as images, CSS stylesheets, or JavaScript source files. Static file handlers describe which files in the application directory are static files, and which URLs serve them. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'path' + description: | + Path to the static files matched by the URL pattern, from the application root directory. The path can refer to text matched in groupings in the URL pattern. + - !ruby/object:Api::Type::String + name: 'uploadPathRegex' + description: | + Regular expression that matches the file paths for all files that should be referenced by this handler. + - !ruby/object:Api::Type::KeyValuePairs + name: 'httpHeaders' + description: | + HTTP headers to use for all responses from these URLs. + An object containing a list of "key:value" value pairs.". + - !ruby/object:Api::Type::String + name: 'mimeType' + description: | + MIME type used to serve all files served by this handler. + Defaults to file-specific MIME types, which are derived from each file's filename extension. + - !ruby/object:Api::Type::String + name: 'expiration' + description: | + Time a static file served by this handler should be cached by web proxies and browsers. + A duration in seconds with up to nine fractional digits, terminated by 's'. Example "3.5s". + - !ruby/object:Api::Type::Boolean + name: 'requireMatchingFile' + description: | + Whether this handler should match the request if the file referenced by the handler does not exist. + - !ruby/object:Api::Type::Boolean + name: 'applicationReadable' +======= - name: 'path' type: String description: | @@ -234,10 +445,34 @@ properties: Whether this handler should match the request if the file referenced by the handler does not exist. - name: 'applicationReadable' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Whether files should also be uploaded as code data. By default, files declared in static file handlers are uploaded as static data and are only served to end users; they cannot be read by the application. If enabled, uploads are charged against both your code and static data storage resource quotas. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'libraries' + description: | + Configuration for third-party Python runtime libraries that are required by the application. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + description: | + Name of the library. Example "django". + - !ruby/object:Api::Type::String + name: 'version' + description: | + Version of the library to select, or "latest". + - !ruby/object:Api::Type::KeyValuePairs + name: 'envVariables' + description: | + Environment variables available to the application. + ignore_read: true + - !ruby/object:Api::Type::NestedObject + name: 'deployment' +======= - name: 'libraries' type: Array description: | @@ -260,11 +495,32 @@ properties: ignore_read: true - name: 'deployment' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Code and application artifacts that make up this version. required: true ignore_read: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'zip' + description: 'Zip File' + required: false + at_least_one_of: + - deployment.0.zip + - deployment.0.files + properties: + - !ruby/object:Api::Type::String + name: 'sourceUrl' + description: 'Source URL' + required: true + - !ruby/object:Api::Type::Integer + name: 'filesCount' + description: 'files count' + required: false + - !ruby/object:Api::Type::Map + name: 'files' +======= - name: 'zip' type: NestedObject description: 'Zip File' @@ -283,11 +539,32 @@ properties: required: false - name: 'files' type: Map +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Manifest of the files stored in Google Cloud Storage that are included as part of this version. All files must be readable using the credentials supplied with this call. required: false at_least_one_of: +<<<<<<< HEAD + - deployment.0.zip + - deployment.0.files + key_name: 'name' + key_description: | + name of file + value_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'sha1Sum' + description: | + SHA1 checksum of the file + - !ruby/object:Api::Type::String + name: 'sourceUrl' + required: true + description: | + Source URL + - !ruby/object:Api::Type::NestedObject + name: 'entrypoint' +======= - 'deployment.0.zip' - 'deployment.0.files' key_name: 'name' @@ -308,11 +585,53 @@ properties: required: true - name: 'entrypoint' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The entrypoint for the application. required: true ignore_read: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'shell' + required: true + description: | + The format should be a shell command that can be fed to bash -c. + - !ruby/object:Api::Type::NestedObject + name: 'vpcAccessConnector' + description: | + Enables VPC connectivity for standard apps. + properties: + - !ruby/object:Api::Type::String + name: 'name' + required: true + description: | + Full Serverless VPC Access Connector name e.g. /projects/my-project/locations/us-central1/connectors/c1. + - !ruby/object:Api::Type::String + name: 'egressSetting' + description: | + The egress setting for the connector, controlling what traffic is diverted through it. + - !ruby/object:Api::Type::Array + name: 'inboundServices' + description: | + A list of the types of messages that this application is able to receive. + is_set: true + item_type: !ruby/object:Api::Type::Enum + name: 'inboundService' + description: | + One type of message that this application is able to receive. + values: + - :INBOUND_SERVICE_MAIL + - :INBOUND_SERVICE_MAIL_BOUNCE + - :INBOUND_SERVICE_XMPP_ERROR + - :INBOUND_SERVICE_XMPP_MESSAGE + - :INBOUND_SERVICE_XMPP_SUBSCRIBE + - :INBOUND_SERVICE_XMPP_PRESENCE + - :INBOUND_SERVICE_CHANNEL_PRESENCE + - :INBOUND_SERVICE_WARMUP + - !ruby/object:Api::Type::String + name: 'instanceClass' +======= - name: 'shell' type: String description: | @@ -352,28 +671,85 @@ properties: - 'INBOUND_SERVICE_WARMUP' - name: 'instanceClass' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Instance class that is used to run this version. Valid values are AutomaticScaling: F1, F2, F4, F4_1G BasicScaling or ManualScaling: B1, B2, B4, B4_1G, B8 Defaults to F1 for AutomaticScaling and B2 for ManualScaling and BasicScaling. If no scaling is specified, AutomaticScaling is chosen. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'automaticScaling' + # This flattener is entirely handwritten and must be updated with **any** new field or subfield + custom_flatten: 'templates/terraform/custom_flatten/appengine_standardappversion_automatic_scaling_handlenil.go.erb' +======= - name: 'automaticScaling' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Automatic scaling is based on request rate, response latencies, and other application metrics. conflicts: - basic_scaling - manual_scaling +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::Integer + name: 'maxConcurrentRequests' +======= # This flattener is entirely handwritten and must be updated with **any** new field or subfield custom_flatten: 'templates/terraform/custom_flatten/appengine_standardappversion_automatic_scaling_handlenil.go.tmpl' properties: - name: 'maxConcurrentRequests' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Number of concurrent requests an automatic scaling instance can accept before the scheduler spawns a new instance. Defaults to a runtime-specific value. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'maxIdleInstances' + description: | + Maximum number of idle instances that should be maintained for this version. + - !ruby/object:Api::Type::String + name: 'maxPendingLatency' + description: | + Maximum amount of time that a request should wait in the pending queue before starting a new instance to handle it. + A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". + - !ruby/object:Api::Type::Integer + name: 'minIdleInstances' + description: | + Minimum number of idle instances that should be maintained for this version. Only applicable for the default version of a service. + - !ruby/object:Api::Type::String + name: 'minPendingLatency' + description: | + Minimum amount of time a request should wait in the pending queue before starting a new instance to handle it. + A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". + - !ruby/object:Api::Type::NestedObject + name: 'standardSchedulerSettings' + description: | + Scheduler settings for standard environment. + properties: + - !ruby/object:Api::Type::Double + name: 'targetCpuUtilization' + description: | + Target CPU utilization ratio to maintain when scaling. Should be a value in the range [0.50, 0.95], zero, or a negative value. + - !ruby/object:Api::Type::Double + name: 'targetThroughputUtilization' + description: | + Target throughput utilization ratio to maintain when scaling. Should be a value in the range [0.50, 0.95], zero, or a negative value. + - !ruby/object:Api::Type::Integer + name: 'minInstances' + description: | + Minimum number of instances to run for this version. Set to zero to disable minInstances configuration. + - !ruby/object:Api::Type::Integer + name: 'maxInstances' + description: | + Maximum number of instances to run for this version. Set to zero to disable maxInstances configuration. + - !ruby/object:Api::Type::NestedObject + name: 'basicScaling' +======= - name: 'maxIdleInstances' type: Integer description: | @@ -415,12 +791,28 @@ properties: Maximum number of instances to run for this version. Set to zero to disable maxInstances configuration. - name: 'basicScaling' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Basic scaling creates instances when your application receives requests. Each instance will be shut down when the application becomes idle. Basic scaling is ideal for work that is intermittent or driven by user activity. conflicts: - automatic_scaling - manual_scaling properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'idleTimeout' + default_value: 900s + description: | + Duration of time after the last request that an instance must wait before the instance is shut down. + A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". Defaults to 900s. + - !ruby/object:Api::Type::Integer + name: 'maxInstances' + required: true + description: | + Maximum number of instances to create for this version. Must be in the range [1.0, 200.0]. + - !ruby/object:Api::Type::NestedObject + name: 'manualScaling' +======= - name: 'idleTimeout' type: String description: | @@ -434,17 +826,27 @@ properties: required: true - name: 'manualScaling' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A service with manual scaling runs continuously, allowing you to perform complex initialization and rely on the state of its memory over time. conflicts: - automatic_scaling - basic_scaling properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'instances' + required: true +======= - name: 'instances' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Number of instances to assign to the service at the start. **Note:** When managing the number of instances at runtime through the App Engine Admin API or the (now deprecated) Python 2 Modules API set_num_instances() you must use `lifecycle.ignore_changes = ["manual_scaling"[0].instances]` to prevent drift detection. +<<<<<<< HEAD +======= required: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/appengine/go_ApplicationUrlDispatchRules.yaml b/mmv1/products/appengine/go_ApplicationUrlDispatchRules.yaml new file mode 100644 index 000000000000..3753b8d480e6 --- /dev/null +++ b/mmv1/products/appengine/go_ApplicationUrlDispatchRules.yaml @@ -0,0 +1,89 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'ApplicationUrlDispatchRules' +description: | + Rules to match an HTTP request and dispatch that request to a service. +references: + guides: + api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps#UrlDispatchRule' +docs: +id_format: '{{project}}' +base_url: 'apps/{{project}}' +create_url: 'apps/{{project}}?updateMask=dispatch_rules' +create_verb: 'PATCH' +update_url: 'apps/{{project}}?updateMask=dispatch_rules' +update_verb: 'PATCH' +delete_url: 'apps/{{project}}?updateMask=dispatch_rules' +delete_verb: 'PATCH' +mutex: 'apps/{{project}}' +import_format: + - '{{project}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +custom_code: + test_check_destroy: 'templates/terraform/custom_check_destroy/go/appengine.go.tmpl' +exclude_sweeper: true +error_retry_predicates: + + - 'transport_tpg.IsAppEngineRetryableError' +examples: + - name: 'app_engine_application_url_dispatch_rules_basic' + primary_resource_id: 'web_service' + vars: + bucket_name: 'appengine-test-bucket' +parameters: +properties: + - name: 'dispatchRules' + type: Array + description: | + Rules to match an HTTP request and dispatch that request to a service. + required: true + item_type: + type: NestedObject + properties: + - name: 'domain' + type: String + description: | + Domain name to match against. The wildcard "*" is supported if specified before a period: "*.". + Defaults to matching all domains: "*". + default_value: "*" + - name: 'path' + type: String + description: | + Pathname within the host. Must start with a "/". A single "*" can be included at the end of the path. + The sum of the lengths of the domain and path may not exceed 100 characters. + required: true + - name: 'service' + type: String + description: | + Pathname within the host. Must start with a "/". A single "*" can be included at the end of the path. + The sum of the lengths of the domain and path may not exceed 100 characters. + required: true diff --git a/mmv1/products/appengine/go_DomainMapping.yaml b/mmv1/products/appengine/go_DomainMapping.yaml new file mode 100644 index 000000000000..a1ea9451554d --- /dev/null +++ b/mmv1/products/appengine/go_DomainMapping.yaml @@ -0,0 +1,145 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'DomainMapping' +description: | + A domain serving an App Engine application. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/appengine/docs/standard/python/mapping-custom-domains' + api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.domainMappings' +docs: +id_format: 'apps/{{project}}/domainMappings/{{domain_name}}' +base_url: 'apps/{{project}}/domainMappings' +self_link: 'apps/{{project}}/domainMappings/{{domain_name}}' +update_verb: 'PATCH' +update_mask: true +mutex: 'apps/{{project}}' +import_format: + - 'apps/{{project}}/domainMappings/{{domain_name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: + decoder: 'templates/terraform/decoders/go/app_engine_domain_mapping.go.tmpl' +examples: + - name: 'app_engine_domain_mapping_basic' + primary_resource_id: 'domain_mapping' + ignore_read_extra: + - 'ssl_settings.0.ssl_management_type' +parameters: + - name: 'overrideStrategy' + type: Enum + description: | + Whether the domain creation should override any existing mappings for this domain. + By default, overrides are rejected. + url_param_only: true + ignore_read: true + default_value: "STRICT" + enum_values: + - 'STRICT' + - 'OVERRIDE' + - name: 'domainName' + type: String + description: | + Relative name of the domain serving the application. Example: example.com. + api_name: id + required: true + immutable: true +properties: + - name: 'name' + type: String + description: | + Full path to the DomainMapping resource in the API. Example: apps/myapp/domainMapping/example.com. + output: true + - name: 'sslSettings' + type: NestedObject + description: | + SSL configuration for this domain. If unconfigured, this domain will not serve with SSL. + default_from_api: true + update_mask_fields: + - 'ssl_settings.certificate_id' + - 'ssl_settings.ssl_management_type' + properties: + - name: 'certificateId' + type: String + description: | + ID of the AuthorizedCertificate resource configuring SSL for the application. Clearing this field will + remove SSL support. + By default, a managed certificate is automatically created for every domain mapping. To omit SSL support + or to configure SSL manually, specify `SslManagementType.MANUAL` on a `CREATE` or `UPDATE` request. You must be + authorized to administer the `AuthorizedCertificate` resource to manually map it to a DomainMapping resource. + Example: 12345. + default_from_api: true + - name: 'sslManagementType' + type: Enum + description: | + SSL management type for this domain. If `AUTOMATIC`, a managed certificate is automatically provisioned. + If `MANUAL`, `certificateId` must be manually specified in order to configure SSL for this domain. + required: true + enum_values: + - 'AUTOMATIC' + - 'MANUAL' + - name: 'pendingManagedCertificateId' + type: Enum + description: | + ID of the managed `AuthorizedCertificate` resource currently being provisioned, if applicable. Until the new + managed certificate has been successfully provisioned, the previous SSL state will be preserved. Once the + provisioning process completes, the `certificateId` field will reflect the new managed certificate and this + field will be left empty. To remove SSL support while there is still a pending managed certificate, clear the + `certificateId` field with an update request. + output: true + enum_values: + - 'AUTOMATIC' + - 'MANUAL' + - name: 'resourceRecords' + type: Array + description: | + The resource records required to configure this domain mapping. These records must be added to the domain's DNS + configuration in order to serve the application via this domain mapping. + output: true + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + Relative name of the object affected by this record. Only applicable for CNAME records. Example: 'www'. + - name: 'rrdata' + type: String + description: | + Data for this record. Values vary by record type, as defined in RFC 1035 (section 5) and RFC 1034 (section 3.6.1). + - name: 'type' + type: Enum + description: | + Resource record type. Example: `AAAA`. + enum_values: + - 'A' + - 'AAAA' + - 'CNAME' diff --git a/mmv1/products/appengine/go_FirewallRule.yaml b/mmv1/products/appengine/go_FirewallRule.yaml new file mode 100644 index 000000000000..2d5734c7bde5 --- /dev/null +++ b/mmv1/products/appengine/go_FirewallRule.yaml @@ -0,0 +1,83 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'FirewallRule' +description: | + A single firewall rule that is evaluated against incoming traffic + and provides an action to take on matched requests. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/appengine/docs/standard/python/creating-firewalls#creating_firewall_rules' + api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.firewall.ingressRules' +docs: +base_url: 'apps/{{project}}/firewall/ingressRules' +self_link: 'apps/{{project}}/firewall/ingressRules/{{priority}}' +update_verb: 'PATCH' +update_mask: true +mutex: 'apps/{{project}}' +import_format: + - 'apps/{{project}}/firewall/ingressRules/{{priority}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + type: 'PollAsync' + check_response_func_existence: 'transport_tpg.PollCheckForExistence' + check_response_func_absence: 'transport_tpg.PollCheckForAbsence' + suppress_error: false + target_occurrences: 1 + actions: ['create'] +collection_url_key: 'ingressRules' +custom_code: +exclude_sweeper: true +examples: + - name: 'app_engine_firewall_rule_basic' + primary_resource_id: 'rule' + vars: + project_id: 'ae-project' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' +parameters: + - name: 'priority' + type: Integer + description: | + A positive integer that defines the order of rule evaluation. + Rules with the lowest priority are evaluated first. + + A default rule at priority Int32.MaxValue matches all IPv4 and + IPv6 traffic when no previous rule matches. Only the action of + this rule can be modified by the user. +properties: + - name: 'description' + type: String + description: | + An optional string description of this rule. + required: false + - name: 'sourceRange' + type: String + description: | + IP address or range, defined using CIDR notation, of requests that this rule applies to. + required: true + - name: 'action' + type: Enum + description: | + The action to take if this rule matches. + required: true + enum_values: + - 'UNSPECIFIED_ACTION' + - 'ALLOW' + - 'DENY' diff --git a/mmv1/products/appengine/go_FlexibleAppVersion.yaml b/mmv1/products/appengine/go_FlexibleAppVersion.yaml new file mode 100644 index 000000000000..257f9a0c29da --- /dev/null +++ b/mmv1/products/appengine/go_FlexibleAppVersion.yaml @@ -0,0 +1,849 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'FlexibleAppVersion' +description: | + Flexible App Version resource to create a new version of flexible GAE Application. Based on Google Compute Engine, + the App Engine flexible environment automatically scales your app up and down while also balancing the load. + Learn about the differences between the standard environment and the flexible environment + at https://cloud.google.com/appengine/docs/the-appengine-environments. + + ~> **Note:** The App Engine flexible environment service account uses the member ID `service-[YOUR_PROJECT_NUMBER]@gae-api-prod.google.com.iam.gserviceaccount.com` + It should have the App Engine Flexible Environment Service Agent role, which will be applied when the `appengineflex.googleapis.com` service is enabled. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/appengine/docs/flexible' + api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services.versions' +docs: +id_format: 'apps/{{project}}/services/{{service}}/versions/{{version_id}}' +base_url: 'apps/{{project}}/services/{{service}}/versions' +self_link: 'apps/{{project}}/services/{{service}}/versions/{{version_id}}?view=FULL' +update_url: 'apps/{{project}}/services/{{service}}/versions' +update_verb: 'POST' +update_mask: false +delete_url: 'apps/{{project}}/services/{{service}}/versions/{{version_id}}' +mutex: 'apps/{{project}}' +import_format: + - 'apps/{{project}}/services/{{service}}/versions/{{version_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'appengine#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'versions' +custom_code: + encoder: 'templates/terraform/encoders/go/flex_app_version.go.tmpl' + custom_delete: 'templates/terraform/custom_delete/go/appversion_delete.go.tmpl' + test_check_destroy: 'templates/terraform/custom_check_destroy/go/skip_delete_during_test.go.tmpl' +error_retry_predicates: + + - 'transport_tpg.IsAppEngineRetryableError' +examples: + - name: 'app_engine_flexible_app_version' + primary_resource_id: 'myapp_v1' + vars: + bucket_name: 'appengine-static-content' + project: 'appeng-flex' + account_id: 'my-account' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + ignore_read_extra: + - 'noop_on_destroy' + - 'deployment.0.zip' + # https://github.com/hashicorp/terraform-provider-google/issues/19040 + exclude_test: true +virtual_fields: + - name: 'noop_on_destroy' + description: | + If set to `true`, the application version will not be deleted. + type: Boolean + default_value: false + - name: 'delete_service_on_destroy' + description: | + If set to `true`, the service will be deleted if it is the last version. + type: Boolean + default_value: false +parameters: + - name: 'service' + type: ResourceRef + description: | + AppEngine service resource. Can contain numbers, letters, and hyphens. + url_param_only: true + required: true + resource: 'Service' + imports: 'name' +properties: + - name: 'name' + type: String + description: | + Full path to the Version resource in the API. Example, "v1". + output: true + - name: 'version_id' + type: String + description: | + Relative name of the version within the service. For example, `v1`. Version names can contain only lowercase letters, numbers, or hyphens. + Reserved names,"default", "latest", and any name with the prefix "ah-". + api_name: id + immutable: true + - name: 'inboundServices' + type: Array + description: | + A list of the types of messages that this application is able to receive. + is_set: true + item_type: + type: Enum + description: | + One type of message that this application is able to receive. + enum_values: + - 'INBOUND_SERVICE_MAIL' + - 'INBOUND_SERVICE_MAIL_BOUNCE' + - 'INBOUND_SERVICE_XMPP_ERROR' + - 'INBOUND_SERVICE_XMPP_MESSAGE' + - 'INBOUND_SERVICE_XMPP_SUBSCRIBE' + - 'INBOUND_SERVICE_XMPP_PRESENCE' + - 'INBOUND_SERVICE_CHANNEL_PRESENCE' + - 'INBOUND_SERVICE_WARMUP' + - name: 'instanceClass' + type: String + description: | + Instance class that is used to run this version. Valid values are + AutomaticScaling: F1, F2, F4, F4_1G + ManualScaling: B1, B2, B4, B8, B4_1G + Defaults to F1 for AutomaticScaling and B1 for ManualScaling. + - name: 'network' + type: NestedObject + description: Extra network settings + properties: + - name: 'forwardedPorts' + type: Array + description: | + List of ports, or port pairs, to forward from the virtual machine to the application container. + item_type: + type: String + - name: 'instanceIpMode' + type: Enum + description: | + Prevent instances from receiving an ephemeral external IP address. + min_version: 'beta' + enum_values: + - 'EXTERNAL' + - 'INTERNAL' + - name: 'instanceTag' + type: String + description: | + Tag to apply to the instance during creation. + - name: 'name' + type: String + description: | + Google Compute Engine network where the virtual machines are created. Specify the short name, not the resource path. + required: true + - name: 'subnetwork' + type: String + description: | + Google Cloud Platform sub-network where the virtual machines are created. Specify the short name, not the resource path. + + If the network that the instance is being created in is a Legacy network, then the IP address is allocated from the IPv4Range. + If the network that the instance is being created in is an auto Subnet Mode Network, then only network name should be specified (not the subnetworkName) and the IP address is created from the IPCidrRange of the subnetwork that exists in that zone for that network. + If the network that the instance is being created in is a custom Subnet Mode Network, then the subnetworkName must be specified and the IP address is created from the IPCidrRange of the subnetwork. + If specified, the subnetwork must exist in the same region as the App Engine flexible environment application. + api_name: subnetworkName + - name: 'sessionAffinity' + type: Boolean + description: | + Enable session affinity. + - name: 'resources' + type: NestedObject + description: Machine resources for a version. + properties: + - name: 'cpu' + type: Integer + description: | + Number of CPU cores needed. + at_least_one_of: + - 'resources.0.cpu' + - 'resources.0.disk_gb' + - 'resources.0.memory_gb' + - 'resources.0.volumes' + - name: 'diskGb' + type: Integer + description: | + Disk size (GB) needed. + at_least_one_of: + - 'resources.0.cpu' + - 'resources.0.disk_gb' + - 'resources.0.memory_gb' + - 'resources.0.volumes' + - name: 'memoryGb' + type: Double + description: | + Memory (GB) needed. + at_least_one_of: + - 'resources.0.cpu' + - 'resources.0.disk_gb' + - 'resources.0.memory_gb' + - 'resources.0.volumes' + - name: 'volumes' + type: Array + description: | + List of ports, or port pairs, to forward from the virtual machine to the application container. + at_least_one_of: + - 'resources.0.cpu' + - 'resources.0.disk_gb' + - 'resources.0.memory_gb' + - 'resources.0.volumes' + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + Unique name for the volume. + required: true + - name: 'volumeType' + type: String + description: | + Underlying volume type, e.g. 'tmpfs'. + required: true + - name: 'sizeGb' + type: Integer + description: | + Volume size in gigabytes. + required: true + - name: 'runtime' + type: String + description: | + Desired runtime. Example python27. + required: true + - name: 'runtimeChannel' + type: String + description: | + The channel of the runtime to use. Only available for some runtimes. + - name: 'flexibleRuntimeSettings' + type: NestedObject + description: Runtime settings for App Engine flexible environment. + properties: + - name: 'operatingSystem' + type: String + description: | + Operating System of the application runtime. + - name: 'runtimeVersion' + type: String + description: | + The runtime version of an App Engine flexible application. + - name: 'betaSettings' + type: KeyValuePairs + description: | + Metadata settings that are supplied to this version to enable beta runtime features. + ignore_read: true + - name: 'servingStatus' + type: Enum + description: | + Current serving status of this version. Only the versions with a SERVING status create instances and can be billed. + default_value: "SERVING" + enum_values: + - 'SERVING' + - 'STOPPED' + - name: 'runtimeApiVersion' + type: String + description: | + The version of the API in the given runtime environment. + Please see the app.yaml reference for valid values at `https://cloud.google.com/appengine/docs/standard//config/appref`\ + Substitute `` with `python`, `java`, `php`, `ruby`, `go` or `nodejs`. + default_from_api: true + - name: 'handlers' + type: Array + description: | + An ordered list of URL-matching patterns that should be applied to incoming requests. + The first matching URL handles the request and other request handlers are not attempted. + default_from_api: true + item_type: + type: NestedObject + properties: + - name: 'urlRegex' + type: String + description: | + URL prefix. Uses regular expression syntax, which means regexp special characters must be escaped, but should not contain groupings. + All URLs that begin with this prefix are handled by this handler, using the portion of the URL after the prefix as part of the file path. + - name: 'securityLevel' + type: Enum + description: | + Security (HTTPS) enforcement for this URL. + required: false + enum_values: + - 'SECURE_DEFAULT' + - 'SECURE_NEVER' + - 'SECURE_OPTIONAL' + - 'SECURE_ALWAYS' + - name: 'login' + type: Enum + description: | + Methods to restrict access to a URL based on login status. + required: false + enum_values: + - 'LOGIN_OPTIONAL' + - 'LOGIN_ADMIN' + - 'LOGIN_REQUIRED' + - name: 'authFailAction' + type: Enum + description: | + Actions to take when the user is not logged in. + required: false + enum_values: + - 'AUTH_FAIL_ACTION_REDIRECT' + - 'AUTH_FAIL_ACTION_UNAUTHORIZED' + - name: 'redirectHttpResponseCode' + type: Enum + description: | + 30x code to use when performing redirects for the secure field. + required: false + enum_values: + - 'REDIRECT_HTTP_RESPONSE_CODE_301' + - 'REDIRECT_HTTP_RESPONSE_CODE_302' + - 'REDIRECT_HTTP_RESPONSE_CODE_303' + - 'REDIRECT_HTTP_RESPONSE_CODE_307' + - name: 'script' + type: NestedObject + # TODO (mbang): Exactly one of script, staticFiles, or apiEndpoint must be set + description: | + Executes a script to handle the requests that match this URL pattern. + Only the auto value is supported for Node.js in the App Engine standard environment, for example "script:" "auto". + properties: + - name: 'scriptPath' + type: String + description: | + Path to the script from the application root directory. + required: true + - name: 'staticFiles' + type: NestedObject + # TODO (mbang): Exactly one of script, staticFiles, or apiEndpoint must be set + description: | + Files served directly to the user for a given URL, such as images, CSS stylesheets, or JavaScript source files. + Static file handlers describe which files in the application directory are static files, and which URLs serve them. + properties: + - name: 'path' + type: String + description: | + Path to the static files matched by the URL pattern, from the application root directory. + The path can refer to text matched in groupings in the URL pattern. + - name: 'uploadPathRegex' + type: String + description: | + Regular expression that matches the file paths for all files that should be referenced by this handler. + - name: 'httpHeaders' + type: KeyValuePairs + description: | + HTTP headers to use for all responses from these URLs. + An object containing a list of "key:value" value pairs.". + - name: 'mimeType' + type: String + description: | + MIME type used to serve all files served by this handler. + Defaults to file-specific MIME types, which are derived from each file's filename extension. + - name: 'expiration' + type: String + description: | + Time a static file served by this handler should be cached by web proxies and browsers. + A duration in seconds with up to nine fractional digits, terminated by 's'. Example "3.5s". + Default is '0s' + default_value: "0s" + - name: 'requireMatchingFile' + type: Boolean + description: | + Whether this handler should match the request if the file referenced by the handler does not exist. + - name: 'applicationReadable' + type: Boolean + description: | + Whether files should also be uploaded as code data. By default, files declared in static file handlers are + uploaded as static data and are only served to end users; they cannot be read by the application. If enabled, + uploads are charged against both your code and static data storage resource quotas. + - name: 'runtimeMainExecutablePath' + type: String + description: | + The path or name of the app's main executable. + - name: 'serviceAccount' + type: String + description: | + The identity that the deployed version will run as. Admin API will use the App Engine Appspot service account as + default if this field is neither provided in app.yaml file nor through CLI flag. + default_from_api: true + - name: 'apiConfig' + type: NestedObject + description: | + Serving configuration for Google Cloud Endpoints. + properties: + - name: 'authFailAction' + type: Enum + description: | + Action to take when users access resources that require authentication. + default_value: "AUTH_FAIL_ACTION_REDIRECT" + enum_values: + - 'AUTH_FAIL_ACTION_REDIRECT' + - 'AUTH_FAIL_ACTION_UNAUTHORIZED' + - name: 'login' + type: Enum + description: | + Level of login required to access this resource. + default_value: "LOGIN_OPTIONAL" + enum_values: + - 'LOGIN_OPTIONAL' + - 'LOGIN_ADMIN' + - 'LOGIN_REQUIRED' + - name: 'script' + type: String + description: | + Path to the script from the application root directory. + required: true + - name: 'securityLevel' + type: Enum + description: | + Security (HTTPS) enforcement for this URL. + enum_values: + - 'SECURE_DEFAULT' + - 'SECURE_NEVER' + - 'SECURE_OPTIONAL' + - 'SECURE_ALWAYS' + - name: 'url' + type: String + description: | + URL to serve the endpoint at. + - name: 'envVariables' + type: KeyValuePairs + description: |- + Environment variables available to the application. As these are not returned in the API request, Terraform will not detect any changes made outside of the Terraform config. + ignore_read: true + - name: 'defaultExpiration' + type: String + description: | + Duration that static files should be cached by web proxies and browsers. + Only applicable if the corresponding StaticFilesHandler does not specify its own expiration time. + - name: 'readinessCheck' + type: NestedObject + description: | + Configures readiness health checking for instances. Unhealthy instances are not put into the backend traffic rotation. + required: true + properties: + - name: 'path' + type: String + description: | + The request path. + required: true + - name: 'host' + type: String + description: | + Host header to send when performing a HTTP Readiness check. Example: "myapp.appspot.com" + - name: 'failureThreshold' + type: Double + description: | + Number of consecutive failed checks required before removing traffic. Default: 2. + default_value: 2.0 + - name: 'successThreshold' + type: Double + description: | + Number of consecutive successful checks required before receiving traffic. Default: 2. + default_value: 2.0 + - name: 'checkInterval' + type: String + description: | + Interval between health checks. Default: "5s". + default_value: "5s" + - name: 'timeout' + type: String + description: | + Time before the check is considered failed. Default: "4s" + default_value: "4s" + - name: 'appStartTimeout' + type: String + description: | + A maximum time limit on application initialization, measured from moment the application successfully + replies to a healthcheck until it is ready to serve traffic. Default: "300s" + default_value: "300s" + - name: 'livenessCheck' + type: NestedObject + description: | + Health checking configuration for VM instances. Unhealthy instances are killed and replaced with new instances. + required: true + properties: + - name: 'path' + type: String + description: | + The request path. + required: true + - name: 'host' + type: String + description: | + Host header to send when performing a HTTP Readiness check. Example: "myapp.appspot.com" + - name: 'failureThreshold' + type: Double + description: | + Number of consecutive failed checks required before considering the VM unhealthy. Default: 4. + default_value: 4.0 + - name: 'successThreshold' + type: Double + description: | + Number of consecutive successful checks required before considering the VM healthy. Default: 2. + default_value: 2.0 + - name: 'checkInterval' + type: String + description: | + Interval between health checks. + default_value: "30s" + - name: 'timeout' + type: String + description: | + Time before the check is considered failed. Default: "4s" + default_value: "4s" + - name: 'initialDelay' + type: String + description: | + The initial delay before starting to execute the checks. Default: "300s" + default_value: "300s" + - name: 'nobuildFilesRegex' + type: String + description: | + Files that match this pattern will not be built into this version. Only applicable for Go runtimes. + - name: 'deployment' + type: NestedObject + description: | + Code and application artifacts that make up this version. + ignore_read: true + properties: + - name: 'zip' + type: NestedObject + description: 'Zip File' + at_least_one_of: + - 'deployment.0.zip' + - 'deployment.0.files' + - 'deployment.0.container' + properties: + - name: 'sourceUrl' + type: String + description: 'Source URL' + required: true + - name: 'filesCount' + type: Integer + description: 'files count' + - name: 'files' + type: Map + description: | + Manifest of the files stored in Google Cloud Storage that are included as part of this version. + All files must be readable using the credentials supplied with this call. + at_least_one_of: + - 'deployment.0.zip' + - 'deployment.0.files' + - 'deployment.0.container' + key_name: 'name' + key_description: | + name of file + value_type: + name: files + type: NestedObject + properties: + - name: 'sha1Sum' + type: String + description: | + SHA1 checksum of the file + - name: 'sourceUrl' + type: String + description: | + Source URL + required: true + - name: 'container' + type: NestedObject + description: 'The Docker image for the container that runs the version.' + default_from_api: true + at_least_one_of: + - 'deployment.0.zip' + - 'deployment.0.files' + - 'deployment.0.container' + properties: + - name: 'image' + type: String + description: | + URI to the hosted container image in Google Container Registry. The URI must be fully qualified and include a tag or digest. + Examples: "gcr.io/my-project/image:tag" or "gcr.io/my-project/image@digest" + required: true + - name: 'cloudBuildOptions' + type: NestedObject + description: + Options for the build operations performed as a part of the version + deployment. Only applicable when creating a version using source code + directly. + at_least_one_of: + - 'deployment.0.zip' + - 'deployment.0.files' + - 'deployment.0.container' + properties: + - name: 'appYamlPath' + type: String + description: | + Path to the yaml file used in deployment, used to determine runtime configuration details. + required: true + - name: 'cloudBuildTimeout' + type: String + description: | + The Cloud Build timeout used as part of any dependent builds performed by version creation. Defaults to 10 minutes. + + A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". + - name: 'endpointsApiService' + type: NestedObject + description: | + Code and application artifacts that make up this version. + properties: + - name: 'name' + type: String + description: | + Endpoints service name which is the name of the "service" resource in the Service Management API. + For example "myapi.endpoints.myproject.cloud.goog" + required: true + - name: 'configId' + type: String + description: | + Endpoints service configuration ID as specified by the Service Management API. For example "2016-09-19r1". + + By default, the rollout strategy for Endpoints is "FIXED". This means that Endpoints starts up with a particular configuration ID. + When a new configuration is rolled out, Endpoints must be given the new configuration ID. The configId field is used to give the configuration ID + and is required in this case. + + Endpoints also has a rollout strategy called "MANAGED". When using this, Endpoints fetches the latest configuration and does not need + the configuration ID. In this case, configId must be omitted. + - name: 'rolloutStrategy' + type: Enum + description: | + Endpoints rollout strategy. If FIXED, configId must be specified. If MANAGED, configId must be omitted. + default_value: "FIXED" + enum_values: + - 'FIXED' + - 'MANAGED' + - name: 'disableTraceSampling' + type: Boolean + description: + Enable or disable trace sampling. By default, this is set to false for + enabled. + default_value: false + - name: 'entrypoint' + type: NestedObject + description: | + The entrypoint for the application. + ignore_read: true + properties: + - name: 'shell' + type: String + description: | + The format should be a shell command that can be fed to bash -c. + required: true + - name: 'vpcAccessConnector' + type: NestedObject + description: | + Enables VPC connectivity for standard apps. + properties: + - name: 'name' + type: String + description: | + Full Serverless VPC Access Connector name e.g. /projects/my-project/locations/us-central1/connectors/c1. + required: true + - name: 'automaticScaling' + type: NestedObject + description: | + Automatic scaling is based on request rate, response latencies, and other application metrics. + exactly_one_of: + - 'automatic_scaling' + - 'manual_scaling' + properties: + - name: 'coolDownPeriod' + type: String + description: | + The time period that the Autoscaler should wait before it starts collecting information from a new instance. + This prevents the autoscaler from collecting information when the instance is initializing, + during which the collected usage would not be reliable. Default: 120s + default_value: "120s" + - name: 'cpuUtilization' + type: NestedObject + description: | + Target scaling by CPU usage. + required: true + properties: + - name: 'aggregationWindowLength' + type: String + description: | + Period of time over which CPU utilization is calculated. + - name: 'targetUtilization' + type: Double + description: | + Target CPU utilization ratio to maintain when scaling. Must be between 0 and 1. + required: true + - name: 'maxConcurrentRequests' + type: Integer + description: | + Number of concurrent requests an automatic scaling instance can accept before the scheduler spawns a new instance. + + Defaults to a runtime-specific value. + default_from_api: true + - name: 'maxIdleInstances' + type: Integer + description: | + Maximum number of idle instances that should be maintained for this version. + - name: 'maxTotalInstances' + type: Integer + description: | + Maximum number of instances that should be started to handle requests for this version. Default: 20 + default_value: 20 + - name: 'maxPendingLatency' + type: String + description: | + Maximum amount of time that a request should wait in the pending queue before starting a new instance to handle it. + - name: 'minIdleInstances' + type: Integer + description: | + Minimum number of idle instances that should be maintained for this version. Only applicable for the default version of a service. + - name: 'minTotalInstances' + type: Integer + description: | + Minimum number of running instances that should be maintained for this version. Default: 2 + default_value: 2 + - name: 'minPendingLatency' + type: String + description: | + Minimum amount of time a request should wait in the pending queue before starting a new instance to handle it. + - name: 'requestUtilization' + type: NestedObject + description: | + Target scaling by request utilization. + properties: + - name: 'targetRequestCountPerSecond' + type: String + description: | + Target requests per second. + at_least_one_of: + - 'automatic_scaling.0.request_utilization.0.target_request_count_per_second' + - 'automatic_scaling.0.request_utilization.0.target_concurrent_requests' + - name: 'targetConcurrentRequests' + type: Double + description: | + Target number of concurrent requests. + at_least_one_of: + - 'automatic_scaling.0.request_utilization.0.target_request_count_per_second' + - 'automatic_scaling.0.request_utilization.0.target_concurrent_requests' + - name: 'diskUtilization' + type: NestedObject + description: | + Target scaling by disk usage. + properties: + - name: 'targetWriteBytesPerSecond' + type: Integer + description: | + Target bytes written per second. + at_least_one_of: + - 'automatic_scaling.0.disk_utilization.0.target_write_bytes_per_second' + - 'automatic_scaling.0.disk_utilization.0.target_write_ops_per_second' + - 'automatic_scaling.0.disk_utilization.0.target_read_bytes_per_second' + - 'automatic_scaling.0.disk_utilization.0.target_read_ops_per_second' + - name: 'targetWriteOpsPerSecond' + type: Integer + description: | + Target ops written per second. + at_least_one_of: + - 'automatic_scaling.0.disk_utilization.0.target_write_bytes_per_second' + - 'automatic_scaling.0.disk_utilization.0.target_write_ops_per_second' + - 'automatic_scaling.0.disk_utilization.0.target_read_bytes_per_second' + - 'automatic_scaling.0.disk_utilization.0.target_read_ops_per_second' + - name: 'targetReadBytesPerSecond' + type: Integer + description: | + Target bytes read per second. + at_least_one_of: + - 'automatic_scaling.0.disk_utilization.0.target_write_bytes_per_second' + - 'automatic_scaling.0.disk_utilization.0.target_write_ops_per_second' + - 'automatic_scaling.0.disk_utilization.0.target_read_bytes_per_second' + - 'automatic_scaling.0.disk_utilization.0.target_read_ops_per_second' + - name: 'targetReadOpsPerSecond' + type: Integer + description: | + Target ops read per seconds. + at_least_one_of: + - 'automatic_scaling.0.disk_utilization.0.target_write_bytes_per_second' + - 'automatic_scaling.0.disk_utilization.0.target_write_ops_per_second' + - 'automatic_scaling.0.disk_utilization.0.target_read_bytes_per_second' + - 'automatic_scaling.0.disk_utilization.0.target_read_ops_per_second' + - name: 'networkUtilization' + type: NestedObject + description: | + Target scaling by network usage. + properties: + - name: 'targetSentBytesPerSecond' + type: Integer + description: | + Target bytes sent per second. + at_least_one_of: + - 'automatic_scaling.0.network_utilization.0.target_sent_bytes_per_second' + - 'automatic_scaling.0.network_utilization.0.target_sent_packets_per_second' + - 'automatic_scaling.0.network_utilization.0.target_received_bytes_per_second' + - 'automatic_scaling.0.network_utilization.0.target_received_packets_per_second' + - name: 'targetSentPacketsPerSecond' + type: Integer + description: | + Target packets sent per second. + at_least_one_of: + - 'automatic_scaling.0.network_utilization.0.target_sent_bytes_per_second' + - 'automatic_scaling.0.network_utilization.0.target_sent_packets_per_second' + - 'automatic_scaling.0.network_utilization.0.target_received_bytes_per_second' + - 'automatic_scaling.0.network_utilization.0.target_received_packets_per_second' + - name: 'targetReceivedBytesPerSecond' + type: Integer + description: | + Target bytes received per second. + at_least_one_of: + - 'automatic_scaling.0.network_utilization.0.target_sent_bytes_per_second' + - 'automatic_scaling.0.network_utilization.0.target_sent_packets_per_second' + - 'automatic_scaling.0.network_utilization.0.target_received_bytes_per_second' + - 'automatic_scaling.0.network_utilization.0.target_received_packets_per_second' + - name: 'targetReceivedPacketsPerSecond' + type: Integer + description: | + Target packets received per second. + at_least_one_of: + - 'automatic_scaling.0.network_utilization.0.target_sent_bytes_per_second' + - 'automatic_scaling.0.network_utilization.0.target_sent_packets_per_second' + - 'automatic_scaling.0.network_utilization.0.target_received_bytes_per_second' + - 'automatic_scaling.0.network_utilization.0.target_received_packets_per_second' + - name: 'manualScaling' + type: NestedObject + description: | + A service with manual scaling runs continuously, allowing you to perform complex initialization and rely on the state of its memory over time. + exactly_one_of: + - 'automatic_scaling' + - 'manual_scaling' + properties: + - name: 'instances' + type: Integer + description: | + Number of instances to assign to the service at the start. + + **Note:** When managing the number of instances at runtime through the App Engine Admin API or the (now deprecated) Python 2 + Modules API set_num_instances() you must use `lifecycle.ignore_changes = ["manual_scaling"[0].instances]` to prevent drift detection. + required: true diff --git a/mmv1/products/appengine/go_Service.yaml b/mmv1/products/appengine/go_Service.yaml new file mode 100644 index 000000000000..a120675a3d96 --- /dev/null +++ b/mmv1/products/appengine/go_Service.yaml @@ -0,0 +1,47 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Service' +description: | + A Service resource is a logical component of an application that can share state and communicate in a secure fashion with other services. + For example, an application that handles customer requests might include separate services to handle tasks such as backend data analysis or API requests from mobile devices. + Each service has a collection of versions that define a specific set of code used to implement the functionality of that service. +# Used as a resource reference +exclude: true +references: + guides: + 'Official Documentation': 'https://cloud.google.com/appengine/docs/admin-api/deploying-overview' + api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services' +docs: +base_url: 'apps/{{project}}/services' +self_link: 'apps/{{project}}/services/{{id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: +parameters: +properties: + - name: 'name' + type: String + description: | + Full path to the Service resource in the API. Example apps/myapp/services/default. + This field is used in responses only. Any value specified here in a request is ignored. + output: true + - name: 'id' + type: String + description: | + Relative name of the service within the application. Example default. + output: true diff --git a/mmv1/products/appengine/go_ServiceNetworkSettings.yaml b/mmv1/products/appengine/go_ServiceNetworkSettings.yaml new file mode 100644 index 000000000000..8f88f1a6a318 --- /dev/null +++ b/mmv1/products/appengine/go_ServiceNetworkSettings.yaml @@ -0,0 +1,83 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'ServiceNetworkSettings' +description: | + A NetworkSettings resource is a container for ingress settings for a version or service. +references: + guides: + api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services' +docs: +id_format: 'apps/{{project}}/services/{{service}}' +base_url: 'apps/{{project}}/services' +self_link: 'apps/{{project}}/services/{{service}}' +create_url: 'apps/{{project}}/services/{{service}}?updateMask=networkSettings' +create_verb: 'PATCH' +update_url: 'apps/{{project}}/services/{{service}}' +update_verb: 'PATCH' +update_mask: true +exclude_delete: true +mutex: 'apps/{{project}}' +import_format: + - 'apps/{{project}}/services/{{service}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'appengine#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +custom_code: + test_check_destroy: 'templates/terraform/custom_check_destroy/go/skip_delete_during_test.go.tmpl' +examples: + - name: 'app_engine_service_network_settings' + primary_resource_id: 'internalapp' + vars: + bucket_name: 'appengine-static-content' +parameters: +properties: + - name: 'service' + type: String + description: | + The name of the service these settings apply to. + api_name: id + required: true + - name: 'networkSettings' + type: NestedObject + description: | + Ingress settings for this service. Will apply to all versions. + required: true + properties: + - name: 'ingressTrafficAllowed' + type: Enum + description: | + The ingress settings for version or service. + default_value: "INGRESS_TRAFFIC_ALLOWED_UNSPECIFIED" + enum_values: + - 'INGRESS_TRAFFIC_ALLOWED_UNSPECIFIED' + - 'INGRESS_TRAFFIC_ALLOWED_ALL' + - 'INGRESS_TRAFFIC_ALLOWED_INTERNAL_ONLY' + - 'INGRESS_TRAFFIC_ALLOWED_INTERNAL_AND_LB' diff --git a/mmv1/products/appengine/go_ServiceSplitTraffic.yaml b/mmv1/products/appengine/go_ServiceSplitTraffic.yaml new file mode 100644 index 000000000000..18518fdce859 --- /dev/null +++ b/mmv1/products/appengine/go_ServiceSplitTraffic.yaml @@ -0,0 +1,99 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'ServiceSplitTraffic' +description: | + Traffic routing configuration for versions within a single service. Traffic splits define how traffic directed to the service is assigned to versions. +references: + guides: + api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services' +docs: +id_format: 'apps/{{project}}/services/{{service}}' +base_url: 'apps/{{project}}/services' +self_link: 'apps/{{project}}/services/{{service}}' +create_url: 'apps/{{project}}/services/{{service}}?migrateTraffic={{migrate_traffic}}&updateMask=split' +create_verb: 'PATCH' +update_url: 'apps/{{project}}/services/{{service}}?migrateTraffic={{migrate_traffic}}' +update_verb: 'PATCH' +update_mask: true +exclude_delete: true +mutex: 'apps/{{project}}' +import_format: + - 'apps/{{project}}/services/{{service}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'appengine#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +custom_code: + test_check_destroy: 'templates/terraform/custom_check_destroy/go/skip_delete_during_test.go.tmpl' +examples: + - name: 'app_engine_service_split_traffic' + primary_resource_id: 'liveapp' + vars: + service_id: 'default' + split.allocations.v1: '1' + bucket_name: 'appengine-static-content' + test_env_vars: + org_id: 'ORG_ID' +parameters: + - name: 'migrate_traffic' + type: Boolean + description: | + If set to true traffic will be migrated to this version. + url_param_only: true +properties: + - name: 'service' + type: String + description: | + The name of the service these settings apply to. + api_name: id + required: true + - name: 'split' + type: NestedObject + description: | + Mapping that defines fractional HTTP traffic diversion to different versions within the service. + required: true + ignore_read: true + properties: + - name: 'shardBy' + type: Enum + description: | + Mechanism used to determine which version a request is sent to. The traffic selection algorithm will be stable for either type until allocations are changed. + enum_values: + - 'UNSPECIFIED' + - 'COOKIE' + - 'IP' + - 'RANDOM' + - name: 'allocations' + type: KeyValuePairs + description: | + Mapping from version IDs within the service to fractional (0.000, 1] allocations of traffic for that version. Each version can be specified only once, but some versions in the service may not have any traffic allocation. Services that have traffic allocated cannot be deleted until either the service is deleted or their traffic allocation is removed. Allocations must sum to 1. Up to two decimal place precision is supported for IP-based splits and up to three decimal places is supported for cookie-based splits. + + required: true + custom_flatten: 'templates/terraform/custom_flatten/go/float64_to_string.go.tmpl' diff --git a/mmv1/products/appengine/go_StandardAppVersion.yaml b/mmv1/products/appengine/go_StandardAppVersion.yaml new file mode 100644 index 000000000000..bfc1111ab787 --- /dev/null +++ b/mmv1/products/appengine/go_StandardAppVersion.yaml @@ -0,0 +1,451 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +# StandardAppVersion and FlexibleAppVersion use the same API endpoint (apps.services.versions) +# They are split apart as some of the fields will are necessary for one and not the other, and +# other fields may have different defaults. However, some fields are the same. If fixing a bug +# in one, please check the other for the same fix. +name: 'StandardAppVersion' +description: | + Standard App Version resource to create a new version of standard GAE Application. + Learn about the differences between the standard environment and the flexible environment + at https://cloud.google.com/appengine/docs/the-appengine-environments. + Currently supporting Zip and File Containers. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/appengine/docs/standard' + api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services.versions' +docs: +id_format: 'apps/{{project}}/services/{{service}}/versions/{{version_id}}' +base_url: 'apps/{{project}}/services/{{service}}/versions' +self_link: 'apps/{{project}}/services/{{service}}/versions/{{version_id}}?view=FULL' +create_url: 'apps/{{project}}/services/{{service}}/versions' +update_url: 'apps/{{project}}/services/{{service}}/versions' +update_verb: 'POST' +update_mask: false +delete_url: 'apps/{{project}}/services/{{service}}/versions/{{version_id}}' +mutex: 'apps/{{project}}' +import_format: + - 'apps/{{project}}/services/{{service}}/versions/{{version_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'appengine#operation' + path: 'name' + wait_ms: 1000 + timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'versions' +custom_code: + custom_delete: 'templates/terraform/custom_delete/go/appversion_delete.go.tmpl' + test_check_destroy: 'templates/terraform/custom_check_destroy/go/appengine.go.tmpl' +error_retry_predicates: + + - 'transport_tpg.IsAppEngineRetryableError' +examples: + - name: 'app_engine_standard_app_version' + primary_resource_id: 'myapp_v1' + vars: + project_id: 'ae-project' + bucket_name: 'appengine-static-content' + service_name: 'ae-service' + account_id: 'my-account' + test_env_vars: + org_id: 'ORG_ID' + ignore_read_extra: + - 'delete_service_on_destroy' +virtual_fields: + - name: 'noop_on_destroy' + description: | + If set to `true`, the application version will not be deleted. + type: Boolean + default_value: false + - name: 'delete_service_on_destroy' + description: | + If set to `true`, the service will be deleted if it is the last version. + type: Boolean + default_value: false +parameters: + - name: 'service' + type: ResourceRef + description: | + AppEngine service resource + url_param_only: true + required: true + resource: 'Service' + imports: 'name' +properties: + - name: 'name' + type: String + description: | + Full path to the Version resource in the API. Example, "v1". + output: true + - name: 'version_id' + type: String + description: | + Relative name of the version within the service. For example, `v1`. Version names can contain only lowercase letters, numbers, or hyphens. Reserved names,"default", "latest", and any name with the prefix "ah-". + api_name: id + immutable: true + - name: 'runtime' + type: String + description: | + Desired runtime. Example python27. + required: true + - name: 'serviceAccount' + type: String + description: | + The identity that the deployed version will run as. Admin API will use the App Engine Appspot service account as default if this field is neither provided in app.yaml file nor through CLI flag. + default_from_api: true + - name: 'threadsafe' + type: Boolean + description: | + Whether multiple requests can be dispatched to this version at once. + ignore_read: true + - name: 'appEngineApis' + type: Boolean + description: | + Allows App Engine second generation runtimes to access the legacy bundled services. + - name: 'runtimeApiVersion' + type: String + description: | + The version of the API in the given runtime environment. + Please see the app.yaml reference for valid values at `https://cloud.google.com/appengine/docs/standard//config/appref`\ + Substitute `` with `python`, `java`, `php`, `ruby`, `go` or `nodejs`. + - name: 'handlers' + type: Array + description: | + An ordered list of URL-matching patterns that should be applied to incoming requests. + The first matching URL handles the request and other request handlers are not attempted. + default_from_api: true + item_type: + type: NestedObject + properties: + - name: 'urlRegex' + type: String + description: | + URL prefix. Uses regular expression syntax, which means regexp special characters must be escaped, but should not contain groupings. + All URLs that begin with this prefix are handled by this handler, using the portion of the URL after the prefix as part of the file path. + - name: 'securityLevel' + type: Enum + description: | + Security (HTTPS) enforcement for this URL. + required: false + enum_values: + - 'SECURE_DEFAULT' + - 'SECURE_NEVER' + - 'SECURE_OPTIONAL' + - 'SECURE_ALWAYS' + - name: 'login' + type: Enum + description: | + Methods to restrict access to a URL based on login status. + required: false + enum_values: + - 'LOGIN_OPTIONAL' + - 'LOGIN_ADMIN' + - 'LOGIN_REQUIRED' + - name: 'authFailAction' + type: Enum + description: | + Actions to take when the user is not logged in. + required: false + enum_values: + - 'AUTH_FAIL_ACTION_REDIRECT' + - 'AUTH_FAIL_ACTION_UNAUTHORIZED' + - name: 'redirectHttpResponseCode' + type: Enum + description: | + 30x code to use when performing redirects for the secure field. + required: false + enum_values: + - 'REDIRECT_HTTP_RESPONSE_CODE_301' + - 'REDIRECT_HTTP_RESPONSE_CODE_302' + - 'REDIRECT_HTTP_RESPONSE_CODE_303' + - 'REDIRECT_HTTP_RESPONSE_CODE_307' + - name: 'script' + type: NestedObject + # TODO (mbang): Exactly one of script, staticFiles, or apiEndpoint must be set + description: | + Executes a script to handle the requests that match this URL pattern. + Only the auto value is supported for Node.js in the App Engine standard environment, for example "script:" "auto". + properties: + - name: 'scriptPath' + type: String + description: | + Path to the script from the application root directory. + required: true + - name: 'staticFiles' + type: NestedObject + # TODO (mbang): Exactly one of script, staticFiles, or apiEndpoint must be set + description: | + Files served directly to the user for a given URL, such as images, CSS stylesheets, or JavaScript source files. Static file handlers describe which files in the application directory are static files, and which URLs serve them. + properties: + - name: 'path' + type: String + description: | + Path to the static files matched by the URL pattern, from the application root directory. The path can refer to text matched in groupings in the URL pattern. + - name: 'uploadPathRegex' + type: String + description: | + Regular expression that matches the file paths for all files that should be referenced by this handler. + - name: 'httpHeaders' + type: KeyValuePairs + description: | + HTTP headers to use for all responses from these URLs. + An object containing a list of "key:value" value pairs.". + - name: 'mimeType' + type: String + description: | + MIME type used to serve all files served by this handler. + Defaults to file-specific MIME types, which are derived from each file's filename extension. + - name: 'expiration' + type: String + description: | + Time a static file served by this handler should be cached by web proxies and browsers. + A duration in seconds with up to nine fractional digits, terminated by 's'. Example "3.5s". + - name: 'requireMatchingFile' + type: Boolean + description: | + Whether this handler should match the request if the file referenced by the handler does not exist. + - name: 'applicationReadable' + type: Boolean + description: | + Whether files should also be uploaded as code data. By default, files declared in static file handlers are uploaded as + static data and are only served to end users; they cannot be read by the application. If enabled, uploads are charged + against both your code and static data storage resource quotas. + - name: 'libraries' + type: Array + description: | + Configuration for third-party Python runtime libraries that are required by the application. + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + Name of the library. Example "django". + - name: 'version' + type: String + description: | + Version of the library to select, or "latest". + - name: 'envVariables' + type: KeyValuePairs + description: | + Environment variables available to the application. + ignore_read: true + - name: 'deployment' + type: NestedObject + description: | + Code and application artifacts that make up this version. + required: true + ignore_read: true + properties: + - name: 'zip' + type: NestedObject + description: 'Zip File' + required: false + at_least_one_of: + - 'deployment.0.zip' + - 'deployment.0.files' + properties: + - name: 'sourceUrl' + type: String + description: 'Source URL' + required: true + - name: 'filesCount' + type: Integer + description: 'files count' + required: false + - name: 'files' + type: Map + description: | + Manifest of the files stored in Google Cloud Storage that are included as part of this version. + All files must be readable using the credentials supplied with this call. + required: false + at_least_one_of: + - 'deployment.0.zip' + - 'deployment.0.files' + key_name: 'name' + key_description: | + name of file + value_type: + name: files + type: NestedObject + properties: + - name: 'sha1Sum' + type: String + description: | + SHA1 checksum of the file + - name: 'sourceUrl' + type: String + description: | + Source URL + required: true + - name: 'entrypoint' + type: NestedObject + description: | + The entrypoint for the application. + required: true + ignore_read: true + properties: + - name: 'shell' + type: String + description: | + The format should be a shell command that can be fed to bash -c. + required: true + - name: 'vpcAccessConnector' + type: NestedObject + description: | + Enables VPC connectivity for standard apps. + properties: + - name: 'name' + type: String + description: | + Full Serverless VPC Access Connector name e.g. /projects/my-project/locations/us-central1/connectors/c1. + required: true + - name: 'egressSetting' + type: String + description: | + The egress setting for the connector, controlling what traffic is diverted through it. + - name: 'inboundServices' + type: Array + description: | + A list of the types of messages that this application is able to receive. + is_set: true + item_type: + type: Enum + description: | + One type of message that this application is able to receive. + enum_values: + - 'INBOUND_SERVICE_MAIL' + - 'INBOUND_SERVICE_MAIL_BOUNCE' + - 'INBOUND_SERVICE_XMPP_ERROR' + - 'INBOUND_SERVICE_XMPP_MESSAGE' + - 'INBOUND_SERVICE_XMPP_SUBSCRIBE' + - 'INBOUND_SERVICE_XMPP_PRESENCE' + - 'INBOUND_SERVICE_CHANNEL_PRESENCE' + - 'INBOUND_SERVICE_WARMUP' + - name: 'instanceClass' + type: String + description: | + Instance class that is used to run this version. Valid values are + AutomaticScaling: F1, F2, F4, F4_1G + BasicScaling or ManualScaling: B1, B2, B4, B4_1G, B8 + Defaults to F1 for AutomaticScaling and B2 for ManualScaling and BasicScaling. If no scaling is specified, AutomaticScaling is chosen. + default_from_api: true + - name: 'automaticScaling' + type: NestedObject + description: | + Automatic scaling is based on request rate, response latencies, and other application metrics. + conflicts: + - basic_scaling + - manual_scaling + # This flattener is entirely handwritten and must be updated with **any** new field or subfield + custom_flatten: 'templates/terraform/custom_flatten/go/appengine_standardappversion_automatic_scaling_handlenil.go.tmpl' + properties: + - name: 'maxConcurrentRequests' + type: Integer + description: | + Number of concurrent requests an automatic scaling instance can accept before the scheduler spawns a new instance. + + Defaults to a runtime-specific value. + - name: 'maxIdleInstances' + type: Integer + description: | + Maximum number of idle instances that should be maintained for this version. + - name: 'maxPendingLatency' + type: String + description: | + Maximum amount of time that a request should wait in the pending queue before starting a new instance to handle it. + A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". + - name: 'minIdleInstances' + type: Integer + description: | + Minimum number of idle instances that should be maintained for this version. Only applicable for the default version of a service. + - name: 'minPendingLatency' + type: String + description: | + Minimum amount of time a request should wait in the pending queue before starting a new instance to handle it. + A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". + - name: 'standardSchedulerSettings' + type: NestedObject + description: | + Scheduler settings for standard environment. + properties: + - name: 'targetCpuUtilization' + type: Double + description: | + Target CPU utilization ratio to maintain when scaling. Should be a value in the range [0.50, 0.95], zero, or a negative value. + - name: 'targetThroughputUtilization' + type: Double + description: | + Target throughput utilization ratio to maintain when scaling. Should be a value in the range [0.50, 0.95], zero, or a negative value. + - name: 'minInstances' + type: Integer + description: | + Minimum number of instances to run for this version. Set to zero to disable minInstances configuration. + - name: 'maxInstances' + type: Integer + description: | + Maximum number of instances to run for this version. Set to zero to disable maxInstances configuration. + - name: 'basicScaling' + type: NestedObject + description: | + Basic scaling creates instances when your application receives requests. Each instance will be shut down when the application becomes idle. Basic scaling is ideal for work that is intermittent or driven by user activity. + conflicts: + - automatic_scaling + - manual_scaling + properties: + - name: 'idleTimeout' + type: String + description: | + Duration of time after the last request that an instance must wait before the instance is shut down. + A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". Defaults to 900s. + default_value: "900s" + - name: 'maxInstances' + type: Integer + description: | + Maximum number of instances to create for this version. Must be in the range [1.0, 200.0]. + required: true + - name: 'manualScaling' + type: NestedObject + description: | + A service with manual scaling runs continuously, allowing you to perform complex initialization and rely on the state of its memory over time. + conflicts: + - automatic_scaling + - basic_scaling + properties: + - name: 'instances' + type: Integer + description: | + Number of instances to assign to the service at the start. + + **Note:** When managing the number of instances at runtime through the App Engine Admin API or the (now deprecated) Python 2 + Modules API set_num_instances() you must use `lifecycle.ignore_changes = ["manual_scaling"[0].instances]` to prevent drift detection. + required: true diff --git a/mmv1/products/appengine/go_product.yaml b/mmv1/products/appengine/go_product.yaml new file mode 100644 index 000000000000..c8c6d3e2b51d --- /dev/null +++ b/mmv1/products/appengine/go_product.yaml @@ -0,0 +1,24 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'AppEngine' +display_name: 'App Engine' +versions: + - name: 'ga' + base_url: 'https://appengine.googleapis.com/v1/' + - name: 'beta' + base_url: 'https://appengine.googleapis.com/v1beta/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/appengine/product.yaml b/mmv1/products/appengine/product.yaml index 0b6d91d805de..55f08ea439ee 100644 --- a/mmv1/products/appengine/product.yaml +++ b/mmv1/products/appengine/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2018 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,20 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: AppEngine +display_name: App Engine +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://appengine.googleapis.com/v1/ + - !ruby/object:Api::Product::Version + name: beta + base_url: https://appengine.googleapis.com/v1beta/ +scopes: + - https://www.googleapis.com/auth/cloud-platform +======= --- name: 'AppEngine' display_name: 'App Engine' @@ -21,3 +39,4 @@ versions: base_url: 'https://appengine.googleapis.com/v1beta/' scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/apphub/Application.yaml b/mmv1/products/apphub/Application.yaml index 1abcc520e527..0a1a4e51d410 100644 --- a/mmv1/products/apphub/Application.yaml +++ b/mmv1/products/apphub/Application.yaml @@ -11,6 +11,63 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +base_url: projects/{{project}}/locations/{{location}}/applications +create_url: projects/{{project}}/locations/{{location}}/applications?applicationId={{application_id}} +self_link: projects/{{project}}/locations/{{location}}/applications/{{application_id}} +id_format: projects/{{project}}/locations/{{location}}/applications/{{application_id}} +import_format: + - projects/{{project}}/locations/{{location}}/applications/{{application_id}} +name: Application +description: 'Application is a functional grouping of Services and Workloads that helps achieve a desired end-to-end business functionality. + Services and Workloads are owned by the Application.' +update_verb: :PATCH +update_mask: true +autogen_async: true +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: name + base_url: "{{op_id}}" + wait_ms: 1000 + timeouts: + result: !ruby/object:Api::OpAsync::Result + path: response + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: done + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: error + message: message +examples: + - !ruby/object:Provider::Terraform::Examples + name: "application_basic" + primary_resource_id: "example" + config_path: "templates/terraform/examples/apphub_application_basic.tf.erb" + vars: + application_id: "example-application" + - !ruby/object:Provider::Terraform::Examples + name: "application_full" + primary_resource_id: "example2" + config_path: "templates/terraform/examples/apphub_application_full.tf.erb" + vars: + application_id: "example-application" + display_name: "Application Full" + desc: 'Application for testing' + business_name: "Alice" + business_email: "alice@google.com" + developer_name: "Bob" + developer_email: "bob@google.com" + operator_name: "Charlie" + operator_email: "charlie@google.com" +parameters: + - !ruby/object:Api::Type::String + name: location +======= --- name: 'Application' description: 'Application is a functional grouping of Services and Workloads that helps achieve a desired end-to-end business functionality. @@ -65,17 +122,135 @@ examples: parameters: - name: 'location' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: 'Part of `parent`. See documentation of `projectsId`.' url_param_only: true required: true immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: applicationId +======= - name: 'applicationId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: 'Required. The Application identifier.' url_param_only: true required: true immutable: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: name + output: true + description: "Identifier. The resource name of an Application. Format:\n\"projects/{host-project-id}/locations/{location}/applications/{application-id}\"" + - !ruby/object:Api::Type::String + name: displayName + description: 'Optional. User-defined name for the Application.' + - !ruby/object:Api::Type::String + name: description + description: 'Optional. User-defined description of an Application.' + - !ruby/object:Api::Type::NestedObject + name: attributes + description: 'Consumer provided attributes.' + properties: + - !ruby/object:Api::Type::NestedObject + name: criticality + description: 'Criticality of the Application, Service, or Workload' + properties: + - !ruby/object:Api::Type::Enum + name: type + description: 'Criticality type.' + required: true + values: + - :MISSION_CRITICAL + - :HIGH + - :MEDIUM + - :LOW + - !ruby/object:Api::Type::NestedObject + name: environment + description: 'Environment of the Application, Service, or Workload' + properties: + - !ruby/object:Api::Type::Enum + name: type + description: 'Environment type.' + required: true + values: + - :PRODUCTION + - :STAGING + - :TEST + - :DEVELOPMENT + - !ruby/object:Api::Type::Array + name: developerOwners + description: 'Optional. Developer team that owns development and coding.' + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: displayName + description: 'Optional. Contact''s name.' + - !ruby/object:Api::Type::String + name: email + required: true + description: 'Required. Email address of the contacts.' + - !ruby/object:Api::Type::Array + name: operatorOwners + description: 'Optional. Operator team that ensures runtime and operations.' + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: displayName + description: 'Optional. Contact''s name.' + - !ruby/object:Api::Type::String + name: email + required: true + description: 'Required. Email address of the contacts.' + - !ruby/object:Api::Type::Array + name: businessOwners + description: 'Optional. Business team that ensures user needs are met and value + is delivered' + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: displayName + description: 'Optional. Contact''s name.' + - !ruby/object:Api::Type::String + name: email + required: true + description: 'Required. Email address of the contacts.' + - !ruby/object:Api::Type::String + name: createTime + description: 'Output only. Create time.' + output: true + - !ruby/object:Api::Type::String + name: updateTime + description: 'Output only. Update time.' + output: true + - !ruby/object:Api::Type::NestedObject + name: scope + description: 'Scope of an application.' + required: true + properties: + - !ruby/object:Api::Type::Enum + name: type + description: "Required. Scope Type. \n Possible values:\nREGIONAL" + required: true + values: + - :REGIONAL + - !ruby/object:Api::Type::String + name: uid + description: 'Output only. A universally unique identifier (in UUID4 format) for + the `Application`.' + output: true + - !ruby/object:Api::Type::Enum + name: state + description: "Output only. Application state. \n Possible values:\n STATE_UNSPECIFIED\nCREATING\nACTIVE\nDELETING" + output: true + values: + - :STATE_UNSPECIFIED + - :CREATING + - :ACTIVE + - :DELETING +======= - name: 'name' type: String description: "Identifier. The resource name of an Application. Format:\n\"projects/{host-project-id}/locations/{location}/applications/{application-id}\"" @@ -189,3 +364,4 @@ properties: - 'CREATING' - 'ACTIVE' - 'DELETING' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/apphub/Service.yaml b/mmv1/products/apphub/Service.yaml index 5b6a5084cc51..497ff11b877f 100644 --- a/mmv1/products/apphub/Service.yaml +++ b/mmv1/products/apphub/Service.yaml @@ -11,6 +11,81 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +base_url: projects/{{project}}/locations/{{location}}/applications/{{application_id}}/services +create_url: projects/{{project}}/locations/{{location}}/applications/{{application_id}}/services?serviceId={{service_id}} +self_link: projects/{{project}}/locations/{{location}}/applications/{{application_id}}/services/{{service_id}} +id_format: projects/{{project}}/locations/{{location}}/applications/{{application_id}}/services/{{service_id}} +import_format: + - projects/{{project}}/locations/{{location}}/applications/{{application_id}}/services/{{service_id}} +name: Service +description: 'Service is a network/api interface that exposes some functionality to clients for consumption over the network. + Service typically has one or more Workloads behind it. It registers identified service to the Application.' +update_verb: :PATCH +update_mask: true +autogen_async: true +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: name + base_url: "{{op_id}}" + wait_ms: 1000 + timeouts: + result: !ruby/object:Api::OpAsync::Result + path: response + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: done + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: error + message: message +examples: + - !ruby/object:Provider::Terraform::Examples + name: "apphub_service_basic" + external_providers: ["random", "time"] + primary_resource_id: "example" + vars: + application_id: "example-application-1" + service_project_attachment_id: "project-1" + ilb_network: "l7-ilb-network" + ilb_subnet: "l7-ilb-subnet" + forwarding_rule: "l7-ilb-forwarding-rule" + backend_service: "l7-ilb-backend-subnet" + health_check: "l7-ilb-hc" + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + - !ruby/object:Provider::Terraform::Examples + name: "apphub_service_full" + external_providers: ["random", "time"] + primary_resource_id: "example" + vars: + application_id: "example-application-1" + service_project_attachment_id: "project-1" + display_name: "Example Service Full" + desc: 'Register service for testing' + business_name: "Alice" + business_email: "alice@google.com" + developer_name: "Bob" + developer_email: "bob@google.com" + operator_name: "Charlie" + operator_email: "charlie@google.com" + ilb_network: "l7-ilb-network" + ilb_subnet: "l7-ilb-subnet" + forwarding_rule: "l7-ilb-forwarding-rule" + backend_service: "l7-ilb-backend-subnet" + health_check: "l7-ilb-hc" + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT +parameters: + - !ruby/object:Api::Type::String + name: location +======= --- name: 'Service' description: 'Service is a network/api interface that exposes some functionality to clients for consumption over the network. @@ -83,23 +158,147 @@ examples: parameters: - name: 'location' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: 'Part of `parent`. Full resource name of a parent Application. Example: projects/{HOST_PROJECT_ID}/locations/{LOCATION}/applications/{APPLICATION_ID}' url_param_only: true required: true immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: applicationId +======= - name: 'applicationId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: 'Part of `parent`. Full resource name of a parent Application. Example: projects/{HOST_PROJECT_ID}/locations/{LOCATION}/applications/{APPLICATION_ID}' url_param_only: true required: true immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: serviceId +======= - name: 'serviceId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: 'The Service identifier.' url_param_only: true required: true immutable: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: name + output: true + description: "Identifier. The resource name of a Service. Format:\n\"projects/{host-project-id}/locations/{location}/applications/{application-id}/services/{service-id}\"" + - !ruby/object:Api::Type::String + name: displayName + description: 'User-defined name for the Service.' + - !ruby/object:Api::Type::String + name: description + description: 'User-defined description of a Service.' + - !ruby/object:Api::Type::NestedObject + output: true + name: serviceReference + description: 'Reference to an underlying networking resource that can comprise a + Service.' + properties: + - !ruby/object:Api::Type::String + name: uri + description: "Output only. The underlying resource URI (For example, URI of Forwarding + Rule, URL Map,\nand Backend Service)." + output: true + - !ruby/object:Api::Type::NestedObject + output: true + name: serviceProperties + description: 'Properties of an underlying cloud resource that can comprise a Service.' + properties: + - !ruby/object:Api::Type::String + name: gcpProject + description: "Output only. The service project identifier that the underlying + cloud resource resides in." + output: true + - !ruby/object:Api::Type::String + name: location + description: "Output only. The location that the underlying resource resides in, + for example, us-west1." + output: true + - !ruby/object:Api::Type::String + name: zone + description: "Output only. The location that the underlying resource resides in + if it is zonal, for example, us-west1-a)." + output: true + - !ruby/object:Api::Type::NestedObject + name: attributes + description: 'Consumer provided attributes.' + properties: + - !ruby/object:Api::Type::NestedObject + name: criticality + description: 'Criticality of the Application, Service, or Workload' + properties: + - !ruby/object:Api::Type::Enum + name: type + description: 'Criticality type.' + required: true + values: + - :MISSION_CRITICAL + - :HIGH + - :MEDIUM + - :LOW + - !ruby/object:Api::Type::NestedObject + name: environment + description: 'Environment of the Application, Service, or Workload' + properties: + - !ruby/object:Api::Type::Enum + name: type + description: 'Environment type.' + required: true + values: + - :PRODUCTION + - :STAGING + - :TEST + - :DEVELOPMENT + - !ruby/object:Api::Type::Array + name: developerOwners + description: 'Developer team that owns development and coding.' + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: displayName + description: 'Contact''s name.' + - !ruby/object:Api::Type::String + name: email + description: 'Required. Email address of the contacts.' + required: true + - !ruby/object:Api::Type::Array + name: operatorOwners + description: 'Operator team that ensures runtime and operations.' + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: displayName + description: 'Contact''s name.' + - !ruby/object:Api::Type::String + name: email + description: 'Required. Email address of the contacts.' + required: true + - !ruby/object:Api::Type::Array + name: businessOwners + description: 'Business team that ensures user needs are met and value + is delivered' + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: displayName + description: 'Contact''s name.' + - !ruby/object:Api::Type::String + name: email + description: 'Required. Email address of the contacts.' + required: true + - !ruby/object:Api::Type::String + name: discoveredService + diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' +======= - name: 'name' type: String description: "Identifier. The resource name of a Service. Format:\n\"projects/{host-project-id}/locations/{location}/applications/{application-id}/services/{service-id}\"" @@ -213,10 +412,28 @@ properties: required: true - name: 'discoveredService' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: 'Immutable. The resource name of the original discovered service.' required: true immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: createTime + description: 'Output only. Create time.' + output: true + - !ruby/object:Api::Type::String + name: updateTime + description: 'Output only. Update time.' + output: true + - !ruby/object:Api::Type::String + name: uid + description: "Output only. A universally unique identifier (UUID) for the `Service` + in the UUID4\nformat." + output: true + - !ruby/object:Api::Type::String + name: state +======= diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' - name: 'createTime' type: String @@ -233,5 +450,6 @@ properties: output: true - name: 'state' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: "Output only. Service state. Possible values: STATE_UNSPECIFIED CREATING ACTIVE DELETING DETACHED" output: true diff --git a/mmv1/products/apphub/ServiceProjectAttachment.yaml b/mmv1/products/apphub/ServiceProjectAttachment.yaml index 8eb51ca7b9a2..65efbde29dbc 100644 --- a/mmv1/products/apphub/ServiceProjectAttachment.yaml +++ b/mmv1/products/apphub/ServiceProjectAttachment.yaml @@ -11,6 +11,65 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD + +--- !ruby/object:Api::Resource +base_url: projects/{{project}}/locations/global/serviceProjectAttachments +create_url: projects/{{project}}/locations/global/serviceProjectAttachments?serviceProjectAttachmentId={{service_project_attachment_id}} +self_link: projects/{{project}}/locations/global/serviceProjectAttachments/{{service_project_attachment_id}} +id_format: projects/{{project}}/locations/global/serviceProjectAttachments/{{service_project_attachment_id}} +import_format: + - projects/{{project}}/locations/global/serviceProjectAttachments/{{service_project_attachment_id}} +name: ServiceProjectAttachment +description: | + Represents a Service project attachment to the Host Project. +immutable: true +autogen_async: true +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: name + base_url: "{{op_id}}" + wait_ms: 1000 + timeouts: + result: !ruby/object:Api::OpAsync::Result + path: response + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: done + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: error + message: message +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: 'templates/terraform/constants/apphub_service_project.go.erb' +examples: + - !ruby/object:Provider::Terraform::Examples + name: "service_project_attachment_basic" + external_providers: ["random", "time"] + primary_resource_id: "example" + config_path: "templates/terraform/examples/apphub_service_project_attachment_basic.tf.erb" + vars: + service_project_attachment_id: "project-1" + test_env_vars: + org_id: :ORG_ID + host_project: :PROJECT_NAME + - !ruby/object:Provider::Terraform::Examples + name: "service_project_attachment_full" + external_providers: ["random", "time"] + primary_resource_id: "example2" + config_path: "templates/terraform/examples/apphub_service_project_attachment_full.tf.erb" + vars: + service_project_attachment_id: "project-1" + test_env_vars: + org_id: :ORG_ID + host_project: :PROJECT_NAME +parameters: + - !ruby/object:Api::Type::String + name: serviceProjectAttachmentId +======= --- name: 'ServiceProjectAttachment' description: | @@ -65,6 +124,7 @@ examples: parameters: - name: 'serviceProjectAttachmentId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: "Required. The service project attachment identifier must contain the project_id of the service project specified in the service_project_attachment.service_project field. Hint: \"projects/{project_id}\"" @@ -72,6 +132,18 @@ parameters: required: true immutable: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: name + output: true + description: | + "Identifier. The resource name of a ServiceProjectAttachment. Format:\"projects/{host-project-id}/locations/global/serviceProjectAttachments/{service-project-id}.\"" + - !ruby/object:Api::Type::String + name: serviceProject + diff_suppress_func: 'ServiceProjectDiffSuppress' + custom_expand: 'templates/terraform/custom_expand/apphub_service_project.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/apphub_service_project.go.erb' +======= - name: 'name' type: String description: | @@ -79,11 +151,32 @@ properties: output: true - name: 'serviceProject' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | "Immutable. Service project name in the format: \"projects/abc\" or \"projects/123\". As input, project name with either project id or number are accepted. As output, this field will contain project number." immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: createTime + description: 'Output only. Create time.' + output: true + - !ruby/object:Api::Type::String + name: uid + description: "Output only. A globally unique identifier (in UUID4 format) for the `ServiceProjectAttachment`." + output: true + - !ruby/object:Api::Type::Enum + name: 'state' + description: | + ServiceProjectAttachment state. + output: true + values: + - :STATE_UNSPECIFIED + - :CREATING + - :ACTIVE + - :DELETING +======= diff_suppress_func: 'ServiceProjectDiffSuppress' custom_flatten: 'templates/terraform/custom_flatten/apphub_service_project.go.tmpl' custom_expand: 'templates/terraform/custom_expand/apphub_service_project.go.tmpl' @@ -105,3 +198,4 @@ properties: - 'CREATING' - 'ACTIVE' - 'DELETING' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/apphub/Workload.yaml b/mmv1/products/apphub/Workload.yaml index 60b53e8de302..a0c9a38cf10a 100644 --- a/mmv1/products/apphub/Workload.yaml +++ b/mmv1/products/apphub/Workload.yaml @@ -11,6 +11,79 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +base_url: projects/{{project}}/locations/{{location}}/applications/{{application_id}}/workloads +create_url: projects/{{project}}/locations/{{location}}/applications/{{application_id}}/workloads?workloadId={{workload_id}} +self_link: projects/{{project}}/locations/{{location}}/applications/{{application_id}}/workloads/{{workload_id}} +id_format: projects/{{project}}/locations/{{location}}/applications/{{application_id}}/workloads/{{workload_id}} +import_format: + - projects/{{project}}/locations/{{location}}/applications/{{application_id}}/workloads/{{workload_id}} +name: Workload +description: 'Workload represents a binary deployment (such as Managed Instance Groups (MIGs), GKE deployments, etc.) that performs the smallest logical subset of business functionality. + It registers identified workload to the Application.' +autogen_async: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: "apphub_workload_basic" + external_providers: ["random", "time"] + primary_resource_id: "example" + vars: + application_id: "example-application-1" + service_project_attachment_id: "project-1" + ilb_network: "l7-ilb-network" + ilb_subnet: "l7-ilb-subnet" + instance_template: "l7-ilb-mig-template" + mig: "l7-ilb-mig1" + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + - !ruby/object:Provider::Terraform::Examples + name: "apphub_workload_full" + external_providers: ["random", "time"] + primary_resource_id: "example" + vars: + application_id: "example-application-1" + service_project_attachment_id: "project-1" + display_name: "Example Service Full" + desc: 'Register service for testing' + business_name: "Alice" + business_email: "alice@google.com" + developer_name: "Bob" + developer_email: "bob@google.com" + operator_name: "Charlie" + operator_email: "charlie@google.com" + ilb_network: "l7-ilb-network" + ilb_subnet: "l7-ilb-subnet" + instance_template: "l7-ilb-mig-template" + mig: "l7-ilb-mig1" + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: name + base_url: "{{op_id}}" + wait_ms: 1000 + timeouts: + result: !ruby/object:Api::OpAsync::Result + path: response + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: done + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: error + message: message +update_verb: :PATCH +update_mask: true +parameters: + - !ruby/object:Api::Type::String + name: location +======= --- name: 'Workload' description: 'Workload represents a binary deployment (such as Managed Instance Groups (MIGs), GKE deployments, etc.) that performs the smallest logical subset of business functionality. @@ -81,23 +154,161 @@ examples: parameters: - name: 'location' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: 'Part of `parent`. Full resource name of a parent Application. Example: projects/{HOST_PROJECT_ID}/locations/{LOCATION}/applications/{APPLICATION_ID}' url_param_only: true required: true immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: applicationId +======= - name: 'applicationId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: 'Part of `parent`. Full resource name of a parent Application. Example: projects/{HOST_PROJECT_ID}/locations/{LOCATION}/applications/{APPLICATION_ID}' url_param_only: true required: true immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: workloadId +======= - name: 'workloadId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: 'The Workload identifier.' url_param_only: true required: true immutable: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: name + output: true + description: "Identifier. The resource name of the Workload. Format:\"projects/{host-project-id}/locations/{location}/applications/{application-id}/workloads/{workload-id}\"" + - !ruby/object:Api::Type::String + name: displayName + description: 'User-defined name for the Workload.' + - !ruby/object:Api::Type::String + name: description + description: 'User-defined description of a Workload.' + - !ruby/object:Api::Type::NestedObject + output: true + name: workloadReference + description: 'Reference of an underlying compute resource represented by the Workload.' + properties: + - !ruby/object:Api::Type::String + name: uri + description: 'Output only. The underlying compute resource uri.' + output: true + - !ruby/object:Api::Type::NestedObject + output: true + name: workloadProperties + description: 'Properties of an underlying compute resource represented by the Workload.' + properties: + - !ruby/object:Api::Type::String + name: gcpProject + description: "Output only. The service project identifier that the underlying + cloud resource resides in. Empty for non cloud resources." + output: true + - !ruby/object:Api::Type::String + name: location + description: "Output only. The location that the underlying compute resource resides + in (e.g us-west1)." + output: true + - !ruby/object:Api::Type::String + name: zone + description: "Output only. The location that the underlying compute resource resides + in if it is zonal (e.g us-west1-a)." + output: true + - !ruby/object:Api::Type::String + name: discoveredWorkload + diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' + description: 'Immutable. The resource name of the original discovered workload.' + required: true + immutable: true + - !ruby/object:Api::Type::NestedObject + name: attributes + description: 'Consumer provided attributes.' + properties: + - !ruby/object:Api::Type::NestedObject + name: criticality + description: 'Criticality of the Application, Service, or Workload' + properties: + - !ruby/object:Api::Type::Enum + name: type + description: 'Criticality type.' + required: true + values: + - :MISSION_CRITICAL + - :HIGH + - :MEDIUM + - :LOW + - !ruby/object:Api::Type::NestedObject + name: environment + description: 'Environment of the Application, Service, or Workload' + properties: + - !ruby/object:Api::Type::Enum + name: type + description: 'Environment type.' + required: true + values: + - :PRODUCTION + - :STAGING + - :TEST + - :DEVELOPMENT + - !ruby/object:Api::Type::Array + name: developerOwners + description: 'Developer team that owns development and coding.' + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: displayName + description: 'Contact''s name.' + - !ruby/object:Api::Type::String + name: email + description: 'Email address of the contacts.' + required: true + - !ruby/object:Api::Type::Array + name: operatorOwners + description: 'Operator team that ensures runtime and operations.' + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: displayName + description: 'Contact''s name.' + - !ruby/object:Api::Type::String + name: email + description: 'Email address of the contacts.' + required: true + - !ruby/object:Api::Type::Array + name: businessOwners + description: 'Business team that ensures user needs are met and value is delivered' + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: displayName + description: 'Contact''s name.' + - !ruby/object:Api::Type::String + name: email + description: 'Email address of the contacts.' + required: true + - !ruby/object:Api::Type::String + name: createTime + description: 'Output only. Create time.' + output: true + - !ruby/object:Api::Type::String + name: updateTime + description: 'Output only. Update time.' + output: true + - !ruby/object:Api::Type::String + name: uid + description: "Output only. A universally unique identifier (UUID) for the `Workload` in the UUID4 format." + output: true + - !ruby/object:Api::Type::String + name: state +======= - name: 'name' type: String description: "Identifier. The resource name of the Workload. Format:\"projects/{host-project-id}/locations/{location}/applications/{application-id}/workloads/{workload-id}\"" @@ -226,5 +437,6 @@ properties: output: true - name: 'state' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: "Output only. Workload state. Possible values: STATE_UNSPECIFIED CREATING ACTIVE DELETING DETACHED" output: true diff --git a/mmv1/products/apphub/go_Application.yaml b/mmv1/products/apphub/go_Application.yaml new file mode 100644 index 000000000000..241e2b4cc1f5 --- /dev/null +++ b/mmv1/products/apphub/go_Application.yaml @@ -0,0 +1,192 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Application' +description: 'Application is a functional grouping of Services and Workloads that helps achieve a desired end-to-end business functionality. + Services and Workloads are owned by the Application.' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/applications' +self_link: 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/applications?applicationId={{application_id}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: +examples: + - name: 'application_basic' + config_path: 'templates/terraform/examples/go/apphub_application_basic.tf.tmpl' + primary_resource_id: 'example' + vars: + application_id: 'example-application' + - name: 'application_full' + config_path: 'templates/terraform/examples/go/apphub_application_full.tf.tmpl' + primary_resource_id: 'example2' + vars: + application_id: 'example-application' + display_name: 'Application Full' + desc: 'Application for testing' + business_name: 'Alice' + business_email: 'alice@google.com' + developer_name: 'Bob' + developer_email: 'bob@google.com' + operator_name: 'Charlie' + operator_email: 'charlie@google.com' +parameters: + - name: 'location' + type: String + description: 'Part of `parent`. See documentation of `projectsId`.' + url_param_only: true + required: true + immutable: true + - name: 'applicationId' + type: String + description: 'Required. The Application identifier.' + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: "Identifier. The resource name of an Application. Format:\n\"projects/{host-project-id}/locations/{location}/applications/{application-id}\"" + output: true + - name: 'displayName' + type: String + description: 'Optional. User-defined name for the Application.' + - name: 'description' + type: String + description: 'Optional. User-defined description of an Application.' + - name: 'attributes' + type: NestedObject + description: 'Consumer provided attributes.' + properties: + - name: 'criticality' + type: NestedObject + description: 'Criticality of the Application, Service, or Workload' + properties: + - name: 'type' + type: Enum + description: 'Criticality type.' + required: true + enum_values: + - 'MISSION_CRITICAL' + - 'HIGH' + - 'MEDIUM' + - 'LOW' + - name: 'environment' + type: NestedObject + description: 'Environment of the Application, Service, or Workload' + properties: + - name: 'type' + type: Enum + description: 'Environment type.' + required: true + enum_values: + - 'PRODUCTION' + - 'STAGING' + - 'TEST' + - 'DEVELOPMENT' + - name: 'developerOwners' + type: Array + description: 'Optional. Developer team that owns development and coding.' + item_type: + type: NestedObject + properties: + - name: 'displayName' + type: String + description: 'Optional. Contact''s name.' + - name: 'email' + type: String + description: 'Required. Email address of the contacts.' + required: true + - name: 'operatorOwners' + type: Array + description: 'Optional. Operator team that ensures runtime and operations.' + item_type: + type: NestedObject + properties: + - name: 'displayName' + type: String + description: 'Optional. Contact''s name.' + - name: 'email' + type: String + description: 'Required. Email address of the contacts.' + required: true + - name: 'businessOwners' + type: Array + description: 'Optional. Business team that ensures user needs are met and value + is delivered' + item_type: + type: NestedObject + properties: + - name: 'displayName' + type: String + description: 'Optional. Contact''s name.' + - name: 'email' + type: String + description: 'Required. Email address of the contacts.' + required: true + - name: 'createTime' + type: String + description: 'Output only. Create time.' + output: true + - name: 'updateTime' + type: String + description: 'Output only. Update time.' + output: true + - name: 'scope' + type: NestedObject + description: 'Scope of an application.' + required: true + properties: + - name: 'type' + type: Enum + description: "Required. Scope Type. \n Possible values:\nREGIONAL" + required: true + enum_values: + - 'REGIONAL' + - name: 'uid' + type: String + description: 'Output only. A universally unique identifier (in UUID4 format) for + the `Application`.' + output: true + - name: 'state' + type: Enum + description: "Output only. Application state. \n Possible values:\n STATE_UNSPECIFIED\nCREATING\nACTIVE\nDELETING" + output: true + enum_values: + - 'STATE_UNSPECIFIED' + - 'CREATING' + - 'ACTIVE' + - 'DELETING' diff --git a/mmv1/products/apphub/go_Service.yaml b/mmv1/products/apphub/go_Service.yaml new file mode 100644 index 000000000000..c821f75d5cec --- /dev/null +++ b/mmv1/products/apphub/go_Service.yaml @@ -0,0 +1,238 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Service' +description: 'Service is a network/api interface that exposes some functionality to clients for consumption over the network. + Service typically has one or more Workloads behind it. It registers identified service to the Application.' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}/services/{{service_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}/services' +self_link: 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}/services/{{service_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}/services?serviceId={{service_id}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}/services/{{service_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: +examples: + - name: 'apphub_service_basic' + primary_resource_id: 'example' + vars: + application_id: 'example-application-1' + service_project_attachment_id: 'project-1' + ilb_network: 'l7-ilb-network' + ilb_subnet: 'l7-ilb-subnet' + forwarding_rule: 'l7-ilb-forwarding-rule' + backend_service: 'l7-ilb-backend-subnet' + health_check: 'l7-ilb-hc' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + external_providers: ["random", "time"] + - name: 'apphub_service_full' + primary_resource_id: 'example' + vars: + application_id: 'example-application-1' + service_project_attachment_id: 'project-1' + display_name: 'Example Service Full' + desc: 'Register service for testing' + business_name: 'Alice' + business_email: 'alice@google.com' + developer_name: 'Bob' + developer_email: 'bob@google.com' + operator_name: 'Charlie' + operator_email: 'charlie@google.com' + ilb_network: 'l7-ilb-network' + ilb_subnet: 'l7-ilb-subnet' + forwarding_rule: 'l7-ilb-forwarding-rule' + backend_service: 'l7-ilb-backend-subnet' + health_check: 'l7-ilb-hc' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + external_providers: ["random", "time"] +parameters: + - name: 'location' + type: String + description: 'Part of `parent`. Full resource name of a parent Application. Example: projects/{HOST_PROJECT_ID}/locations/{LOCATION}/applications/{APPLICATION_ID}' + url_param_only: true + required: true + immutable: true + - name: 'applicationId' + type: String + description: 'Part of `parent`. Full resource name of a parent Application. Example: projects/{HOST_PROJECT_ID}/locations/{LOCATION}/applications/{APPLICATION_ID}' + url_param_only: true + required: true + immutable: true + - name: 'serviceId' + type: String + description: 'The Service identifier.' + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: "Identifier. The resource name of a Service. Format:\n\"projects/{host-project-id}/locations/{location}/applications/{application-id}/services/{service-id}\"" + output: true + - name: 'displayName' + type: String + description: 'User-defined name for the Service.' + - name: 'description' + type: String + description: 'User-defined description of a Service.' + - name: 'serviceReference' + type: NestedObject + description: 'Reference to an underlying networking resource that can comprise a + Service.' + output: true + properties: + - name: 'uri' + type: String + description: "Output only. The underlying resource URI (For example, URI of Forwarding + Rule, URL Map,\nand Backend Service)." + output: true + - name: 'serviceProperties' + type: NestedObject + description: 'Properties of an underlying cloud resource that can comprise a Service.' + output: true + properties: + - name: 'gcpProject' + type: String + description: "Output only. The service project identifier that the underlying + cloud resource resides in." + output: true + - name: 'location' + type: String + description: "Output only. The location that the underlying resource resides in, + for example, us-west1." + output: true + - name: 'zone' + type: String + description: "Output only. The location that the underlying resource resides in + if it is zonal, for example, us-west1-a)." + output: true + - name: 'attributes' + type: NestedObject + description: 'Consumer provided attributes.' + properties: + - name: 'criticality' + type: NestedObject + description: 'Criticality of the Application, Service, or Workload' + properties: + - name: 'type' + type: Enum + description: 'Criticality type.' + required: true + enum_values: + - 'MISSION_CRITICAL' + - 'HIGH' + - 'MEDIUM' + - 'LOW' + - name: 'environment' + type: NestedObject + description: 'Environment of the Application, Service, or Workload' + properties: + - name: 'type' + type: Enum + description: 'Environment type.' + required: true + enum_values: + - 'PRODUCTION' + - 'STAGING' + - 'TEST' + - 'DEVELOPMENT' + - name: 'developerOwners' + type: Array + description: 'Developer team that owns development and coding.' + item_type: + type: NestedObject + properties: + - name: 'displayName' + type: String + description: 'Contact''s name.' + - name: 'email' + type: String + description: 'Required. Email address of the contacts.' + required: true + - name: 'operatorOwners' + type: Array + description: 'Operator team that ensures runtime and operations.' + item_type: + type: NestedObject + properties: + - name: 'displayName' + type: String + description: 'Contact''s name.' + - name: 'email' + type: String + description: 'Required. Email address of the contacts.' + required: true + - name: 'businessOwners' + type: Array + description: 'Business team that ensures user needs are met and value + is delivered' + item_type: + type: NestedObject + properties: + - name: 'displayName' + type: String + description: 'Contact''s name.' + - name: 'email' + type: String + description: 'Required. Email address of the contacts.' + required: true + - name: 'discoveredService' + type: String + description: 'Immutable. The resource name of the original discovered + service.' + required: true + immutable: true + diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' + - name: 'createTime' + type: String + description: 'Output only. Create time.' + output: true + - name: 'updateTime' + type: String + description: 'Output only. Update time.' + output: true + - name: 'uid' + type: String + description: "Output only. A universally unique identifier (UUID) for the `Service` + in the UUID4\nformat." + output: true + - name: 'state' + type: String + description: "Output only. Service state. Possible values: STATE_UNSPECIFIED CREATING ACTIVE DELETING DETACHED" + output: true diff --git a/mmv1/products/apphub/go_ServiceProjectAttachment.yaml b/mmv1/products/apphub/go_ServiceProjectAttachment.yaml new file mode 100644 index 000000000000..7fd1138037e5 --- /dev/null +++ b/mmv1/products/apphub/go_ServiceProjectAttachment.yaml @@ -0,0 +1,108 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'ServiceProjectAttachment' +description: | + Represents a Service project attachment to the Host Project. +docs: +id_format: 'projects/{{project}}/locations/global/serviceProjectAttachments/{{service_project_attachment_id}}' +base_url: 'projects/{{project}}/locations/global/serviceProjectAttachments' +self_link: 'projects/{{project}}/locations/global/serviceProjectAttachments/{{service_project_attachment_id}}' +create_url: 'projects/{{project}}/locations/global/serviceProjectAttachments?serviceProjectAttachmentId={{service_project_attachment_id}}' +immutable: true +import_format: + - 'projects/{{project}}/locations/global/serviceProjectAttachments/{{service_project_attachment_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: + constants: 'templates/terraform/constants/go/apphub_service_project.go.tmpl' +examples: + - name: 'service_project_attachment_basic' + config_path: 'templates/terraform/examples/go/apphub_service_project_attachment_basic.tf.tmpl' + primary_resource_id: 'example' + vars: + service_project_attachment_id: 'project-1' + test_env_vars: + org_id: 'ORG_ID' + host_project: 'PROJECT_NAME' + external_providers: ["random", "time"] + - name: 'service_project_attachment_full' + config_path: 'templates/terraform/examples/go/apphub_service_project_attachment_full.tf.tmpl' + primary_resource_id: 'example2' + vars: + service_project_attachment_id: 'project-1' + test_env_vars: + org_id: 'ORG_ID' + host_project: 'PROJECT_NAME' + external_providers: ["random", "time"] +parameters: + - name: 'serviceProjectAttachmentId' + type: String + description: "Required. The service project attachment identifier must contain the + project_id of the service project specified in the service_project_attachment.service_project + field. Hint: \"projects/{project_id}\"" + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: | + "Identifier. The resource name of a ServiceProjectAttachment. Format:\"projects/{host-project-id}/locations/global/serviceProjectAttachments/{service-project-id}.\"" + output: true + - name: 'serviceProject' + type: String + description: | + "Immutable. Service project name in the format: \"projects/abc\" + or \"projects/123\". As input, project name with either project id or number + are accepted. As output, this field will contain project number." + immutable: true + diff_suppress_func: 'ServiceProjectDiffSuppress' + custom_flatten: 'templates/terraform/custom_flatten/go/apphub_service_project.go.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/apphub_service_project.go.tmpl' + - name: 'createTime' + type: String + description: 'Output only. Create time.' + output: true + - name: 'uid' + type: String + description: "Output only. A globally unique identifier (in UUID4 format) for the `ServiceProjectAttachment`." + output: true + - name: 'state' + type: Enum + description: | + ServiceProjectAttachment state. + output: true + enum_values: + - 'STATE_UNSPECIFIED' + - 'CREATING' + - 'ACTIVE' + - 'DELETING' diff --git a/mmv1/products/apphub/go_Workload.yaml b/mmv1/products/apphub/go_Workload.yaml new file mode 100644 index 000000000000..b020d2925e0c --- /dev/null +++ b/mmv1/products/apphub/go_Workload.yaml @@ -0,0 +1,231 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Workload' +description: 'Workload represents a binary deployment (such as Managed Instance Groups (MIGs), GKE deployments, etc.) that performs the smallest logical subset of business functionality. + It registers identified workload to the Application.' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}/workloads/{{workload_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}/workloads' +self_link: 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}/workloads/{{workload_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}/workloads?workloadId={{workload_id}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}/workloads/{{workload_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: +examples: + - name: 'apphub_workload_basic' + primary_resource_id: 'example' + vars: + application_id: 'example-application-1' + service_project_attachment_id: 'project-1' + ilb_network: 'l7-ilb-network' + ilb_subnet: 'l7-ilb-subnet' + instance_template: 'l7-ilb-mig-template' + mig: 'l7-ilb-mig1' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + external_providers: ["random", "time"] + - name: 'apphub_workload_full' + primary_resource_id: 'example' + vars: + application_id: 'example-application-1' + service_project_attachment_id: 'project-1' + display_name: 'Example Service Full' + desc: 'Register service for testing' + business_name: 'Alice' + business_email: 'alice@google.com' + developer_name: 'Bob' + developer_email: 'bob@google.com' + operator_name: 'Charlie' + operator_email: 'charlie@google.com' + ilb_network: 'l7-ilb-network' + ilb_subnet: 'l7-ilb-subnet' + instance_template: 'l7-ilb-mig-template' + mig: 'l7-ilb-mig1' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + external_providers: ["random", "time"] +parameters: + - name: 'location' + type: String + description: 'Part of `parent`. Full resource name of a parent Application. Example: projects/{HOST_PROJECT_ID}/locations/{LOCATION}/applications/{APPLICATION_ID}' + url_param_only: true + required: true + immutable: true + - name: 'applicationId' + type: String + description: 'Part of `parent`. Full resource name of a parent Application. Example: projects/{HOST_PROJECT_ID}/locations/{LOCATION}/applications/{APPLICATION_ID}' + url_param_only: true + required: true + immutable: true + - name: 'workloadId' + type: String + description: 'The Workload identifier.' + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: "Identifier. The resource name of the Workload. Format:\"projects/{host-project-id}/locations/{location}/applications/{application-id}/workloads/{workload-id}\"" + output: true + - name: 'displayName' + type: String + description: 'User-defined name for the Workload.' + - name: 'description' + type: String + description: 'User-defined description of a Workload.' + - name: 'workloadReference' + type: NestedObject + description: 'Reference of an underlying compute resource represented by the Workload.' + output: true + properties: + - name: 'uri' + type: String + description: 'Output only. The underlying compute resource uri.' + output: true + - name: 'workloadProperties' + type: NestedObject + description: 'Properties of an underlying compute resource represented by the Workload.' + output: true + properties: + - name: 'gcpProject' + type: String + description: "Output only. The service project identifier that the underlying + cloud resource resides in. Empty for non cloud resources." + output: true + - name: 'location' + type: String + description: "Output only. The location that the underlying compute resource resides + in (e.g us-west1)." + output: true + - name: 'zone' + type: String + description: "Output only. The location that the underlying compute resource resides + in if it is zonal (e.g us-west1-a)." + output: true + - name: 'discoveredWorkload' + type: String + description: 'Immutable. The resource name of the original discovered workload.' + required: true + immutable: true + diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' + - name: 'attributes' + type: NestedObject + description: 'Consumer provided attributes.' + properties: + - name: 'criticality' + type: NestedObject + description: 'Criticality of the Application, Service, or Workload' + properties: + - name: 'type' + type: Enum + description: 'Criticality type.' + required: true + enum_values: + - 'MISSION_CRITICAL' + - 'HIGH' + - 'MEDIUM' + - 'LOW' + - name: 'environment' + type: NestedObject + description: 'Environment of the Application, Service, or Workload' + properties: + - name: 'type' + type: Enum + description: 'Environment type.' + required: true + enum_values: + - 'PRODUCTION' + - 'STAGING' + - 'TEST' + - 'DEVELOPMENT' + - name: 'developerOwners' + type: Array + description: 'Developer team that owns development and coding.' + item_type: + type: NestedObject + properties: + - name: 'displayName' + type: String + description: 'Contact''s name.' + - name: 'email' + type: String + description: 'Email address of the contacts.' + required: true + - name: 'operatorOwners' + type: Array + description: 'Operator team that ensures runtime and operations.' + item_type: + type: NestedObject + properties: + - name: 'displayName' + type: String + description: 'Contact''s name.' + - name: 'email' + type: String + description: 'Email address of the contacts.' + required: true + - name: 'businessOwners' + type: Array + description: 'Business team that ensures user needs are met and value is delivered' + item_type: + type: NestedObject + properties: + - name: 'displayName' + type: String + description: 'Contact''s name.' + - name: 'email' + type: String + description: 'Email address of the contacts.' + required: true + - name: 'createTime' + type: String + description: 'Output only. Create time.' + output: true + - name: 'updateTime' + type: String + description: 'Output only. Update time.' + output: true + - name: 'uid' + type: String + description: "Output only. A universally unique identifier (UUID) for the `Workload` in the UUID4 format." + output: true + - name: 'state' + type: String + description: "Output only. Workload state. Possible values: STATE_UNSPECIFIED CREATING ACTIVE DELETING DETACHED" + output: true diff --git a/mmv1/products/apphub/go_product.yaml b/mmv1/products/apphub/go_product.yaml new file mode 100644 index 000000000000..ce83ca90e290 --- /dev/null +++ b/mmv1/products/apphub/go_product.yaml @@ -0,0 +1,22 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Apphub' +display_name: 'App Hub' +versions: + - name: 'ga' + base_url: 'https://apphub.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/apphub/product.yaml b/mmv1/products/apphub/product.yaml index 78db0b99b055..0f4821d0332b 100644 --- a/mmv1/products/apphub/product.yaml +++ b/mmv1/products/apphub/product.yaml @@ -1,4 +1,13 @@ +<<<<<<< HEAD # Copyright 2024 Google Inc. +======= +<<<<<<<< HEAD:mmv1/templates/terraform/decoders/unwrap_route_policy_resource.go.erb +<%# The license inside this block applies to this file. +# Copyright 2018 Google Inc. +======== +# Copyright 2024 Google Inc. +>>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856:mmv1/products/apphub/product.yaml +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -10,7 +19,39 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD + +<<<<<<<< HEAD:mmv1/products/apphub/product.yaml + +--- !ruby/object:Api::Product +name: Apphub +display_name: App Hub +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://apphub.googleapis.com/v1/ +scopes: + - https://www.googleapis.com/auth/cloud-platform +======== +--- +name: 'DeploymentManager' +display_name: 'Cloud Deployment Manager' +versions: + - name: 'ga' + base_url: 'https://www.googleapis.com/deploymentmanager/v2/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856:mmv1/products/deploymentmanager/product.yaml +======= +-%> +v, ok := res["resource"] +if !ok || v == nil { + return res, nil +} +<<<<<<<< HEAD:mmv1/templates/terraform/decoders/unwrap_route_policy_resource.go.erb +return v.(map[string]interface{}), nil +======== --- name: 'Apphub' display_name: 'App Hub' @@ -19,3 +60,5 @@ versions: base_url: 'https://apphub.googleapis.com/v1/' scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856:mmv1/products/apphub/product.yaml +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/artifactregistry/Repository.yaml b/mmv1/products/artifactregistry/Repository.yaml index f5749bb71791..6146569e29c6 100644 --- a/mmv1/products/artifactregistry/Repository.yaml +++ b/mmv1/products/artifactregistry/Repository.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,52 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Repository' +base_url: projects/{{project}}/locations/{{location}}/repositories +create_url: projects/{{project}}/locations/{{location}}/repositories?repository_id={{repository_id}} +self_link: projects/{{project}}/locations/{{location}}/repositories/{{repository_id}} +update_verb: :PATCH +update_mask: true +description: A repository for storing artifacts +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/artifact-registry/docs/overview' + api: 'https://cloud.google.com/artifact-registry/docs/reference/rest/v1/projects.locations.repositories' +iam_policy: !ruby/object:Api::Resource::IamPolicy + method_name_separator: + ':' + # TODO (camthornton): Change to repository_id in 4.0 + parent_resource_attribute: 'repository' + import_format: + [ + 'projects/{{project}}/locations/{{location}}/repositories/{{repository}}', + '{{repository}}', + ] + base_url: projects/{{project}}/locations/{{location}}/repositories/{{name}} + self_link: projects/{{project}}/locations/{{location}}/repositories/{{name}} + allowed_iam_role: 'roles/artifactregistry.reader' +id_format: projects/{{project}}/locations/{{location}}/repositories/{{repository_id}} +import_format: + [ + 'projects/{{project}}/locations/{{location}}/repositories/{{repository_id}}', + '{{repository_id}}', + ] +autogen_async: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'artifact_registry_repository_basic' + primary_resource_id: 'my-repo' + primary_resource_name: "fmt.Sprintf(\"tf-test-my-repository%s\", + context[\"random_suffix\"\ + ])" + vars: + repository_id: 'my-repository' + desc: 'example docker repository' + - !ruby/object:Provider::Terraform::Examples + name: 'artifact_registry_repository_docker' +======= --- name: 'Repository' description: A repository for storing artifacts @@ -69,18 +119,30 @@ examples: repository_id: 'my-repository' desc: 'example docker repository' - name: 'artifact_registry_repository_docker' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'my-repo' vars: repository_id: 'my-repository' desc: 'example docker repository' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'artifact_registry_repository_cmek' +======= - name: 'artifact_registry_repository_cmek' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'my-repo' vars: repository_id: 'my-repository' kms_key_name: 'kms-key' test_vars_overrides: +<<<<<<< HEAD + kms_key_name: 'acctest.BootstrapKMSKeyInLocation(t, "us-central1").CryptoKey.Name' + - !ruby/object:Provider::Terraform::Examples + name: 'artifact_registry_repository_virtual' +======= 'kms_key_name': 'acctest.BootstrapKMSKeyInLocation(t, "us-central1").CryptoKey.Name' - name: 'artifact_registry_repository_virtual' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'my-repo' vars: repository_id: 'my-repository' @@ -88,28 +150,58 @@ examples: upstream_repository_id: 'my-repository-upstream' upstream_desc: 'example docker repository (upstream source)' upstream_policy_id: 'my-repository-upstream' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'artifact_registry_repository_remote' +======= - name: 'artifact_registry_repository_remote' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'my-repo' vars: repository_id: 'my-repository' desc: 'example remote docker repository' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'artifact_registry_repository_remote_apt' +======= - name: 'artifact_registry_repository_remote_apt' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'my-repo' vars: repository_id: 'debian-buster' desc: 'example remote apt repository' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'artifact_registry_repository_remote_yum' +======= - name: 'artifact_registry_repository_remote_yum' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'my-repo' vars: repository_id: 'rocky-9' desc: 'example remote yum repository' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'artifact_registry_repository_cleanup' +======= - name: 'artifact_registry_repository_cleanup' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'my-repo' vars: repository_id: 'my-repository' desc: 'example docker repository with cleanup policies' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'artifact_registry_repository_remote_dockerhub_auth' + primary_resource_id: 'my-repo' + # Ignore this field as it is INPUT_ONLY. AR will not return this in the + # response. + ignore_read_extra: + - 'remote_repository_config.0.disable_upstream_validation' +======= - name: 'artifact_registry_repository_remote_dockerhub_auth' primary_resource_id: 'my-repo' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: repository_id: 'example-dockerhub-remote' desc: 'example remote dockerhub repository with credentials' @@ -117,12 +209,22 @@ examples: secret_resource_id: 'example-remote-secret' username: 'remote-username' secret_data: 'remote-password' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'artifact_registry_repository_remote_docker_custom_with_auth' + primary_resource_id: 'my-repo' + ignore_read_extra: + # Ignore this field as it is INPUT_ONLY. AR will not return this in the + # response. + - 'remote_repository_config.0.disable_upstream_validation' +======= # Ignore this field as it is INPUT_ONLY. AR will not return this in the # response. ignore_read_extra: - 'remote_repository_config.0.disable_upstream_validation' - name: 'artifact_registry_repository_remote_docker_custom_with_auth' primary_resource_id: 'my-repo' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: repository_id: 'example-docker-custom-remote' desc: 'example remote custom docker repository with credentials' @@ -130,12 +232,21 @@ examples: secret_resource_id: 'example-remote-secret' username: 'remote-username' secret_data: 'remote-password' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'artifact_registry_repository_remote_maven_custom_with_auth' + primary_resource_id: 'my-repo' +======= +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 ignore_read_extra: # Ignore this field as it is INPUT_ONLY. AR will not return this in the # response. - 'remote_repository_config.0.disable_upstream_validation' +<<<<<<< HEAD +======= - name: 'artifact_registry_repository_remote_maven_custom_with_auth' primary_resource_id: 'my-repo' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: repository_id: 'example-maven-custom-remote' desc: 'example remote custom maven repository with credentials' @@ -143,12 +254,21 @@ examples: secret_resource_id: 'example-remote-secret' username: 'remote-username' secret_data: 'remote-password' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'artifact_registry_repository_remote_npm_custom_with_auth' + primary_resource_id: 'my-repo' +======= +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 ignore_read_extra: # Ignore this field as it is INPUT_ONLY. AR will not return this in the # response. - 'remote_repository_config.0.disable_upstream_validation' +<<<<<<< HEAD +======= - name: 'artifact_registry_repository_remote_npm_custom_with_auth' primary_resource_id: 'my-repo' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: repository_id: 'example-npm-custom-remote' desc: 'example remote custom npm repository with credentials' @@ -156,12 +276,21 @@ examples: secret_resource_id: 'example-remote-secret' username: 'remote-username' secret_data: 'remote-password' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'artifact_registry_repository_remote_python_custom_with_auth' + primary_resource_id: 'my-repo' +======= +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 ignore_read_extra: # Ignore this field as it is INPUT_ONLY. AR will not return this in the # response. - 'remote_repository_config.0.disable_upstream_validation' +<<<<<<< HEAD +======= - name: 'artifact_registry_repository_remote_python_custom_with_auth' primary_resource_id: 'my-repo' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: repository_id: 'example-python-custom-remote' desc: 'example remote custom python repository with credentials' @@ -169,6 +298,15 @@ examples: secret_resource_id: 'example-remote-secret' username: 'remote-username' secret_data: 'remote-password' +<<<<<<< HEAD +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: templates/terraform/constants/artifact_registry_repository.go.erb + encoder: templates/terraform/encoders/location_from_region.go.erb + pre_create: templates/terraform/pre_create/artifact_registry_remote_repository.go.erb +properties: + - !ruby/object:Api::Type::String + name: name +======= ignore_read_extra: # Ignore this field as it is INPUT_ONLY. AR will not return this in the # response. @@ -177,10 +315,34 @@ parameters: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- The name of the repository, for example: "repo1" output: true +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/shortname_to_url.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + - !ruby/object:Api::Type::String + name: repository_id + description: |- + The last part of the repository name, for example: + "repo1" + required: true + immutable: true + url_param_only: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + - !ruby/object:Api::Type::String + name: 'location' + description: | + The name of the location this repository is located in. + required: false + immutable: true + url_param_only: true + default_from_api: true + - !ruby/object:Api::Type::String + name: format +======= custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' custom_expand: 'templates/terraform/custom_expand/shortname_to_url.go.tmpl' - name: 'repository_id' @@ -202,6 +364,7 @@ properties: default_from_api: true - name: 'format' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- The format of packages that are stored in the repository. Supported formats can be found [here](https://cloud.google.com/artifact-registry/docs/supported-formats). @@ -210,26 +373,52 @@ properties: required: true immutable: true diff_suppress_func: 'tpgresource.CaseDiffSuppress' +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: description + description: |- + The user-provided description of the repository. + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' +======= - name: 'description' type: String description: |- The user-provided description of the repository. - name: 'labels' type: KeyValueLabels +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Labels with user-defined metadata. This field may contain up to 64 entries. Label keys and values may be no longer than 63 characters. Label keys must begin with a lowercase letter and may only contain lowercase letters, numeric characters, underscores, and dashes. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'kmsKeyName' +======= - name: 'kmsKeyName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- The Cloud KMS resource name of the customer managed encryption key that’s used to encrypt the contents of the Repository. Has the form: `projects/my-project/locations/my-region/keyRings/my-kr/cryptoKeys/my-key`. This value may not be changed after the Repository has been created. immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Time + name: createTime + description: The time when the repository was created. + output: true + - !ruby/object:Api::Type::Time + name: updateTime + description: The time when the repository was last updated. + output: true + - !ruby/object:Api::Type::NestedObject + name: 'dockerConfig' +======= - name: 'createTime' type: Time description: The time when the repository was created. @@ -240,16 +429,26 @@ properties: output: true - name: 'dockerConfig' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Docker repository config contains repository level configuration for the repositories of docker type. allow_empty_object: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'immutableTags' + description: |- + The repository which enabled this flag prevents all tags from being modified, moved or deleted. This does not prevent tags from being created. + - !ruby/object:Api::Type::NestedObject + name: 'mavenConfig' +======= - name: 'immutableTags' type: Boolean description: |- The repository which enabled this flag prevents all tags from being modified, moved or deleted. This does not prevent tags from being created. - name: 'mavenConfig' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- MavenRepositoryConfig is maven related repository details. Provides additional configuration details for repositories of the maven @@ -257,12 +456,70 @@ properties: allow_empty_object: true properties: # Maven properties. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'allowSnapshotOverwrites' +======= - name: 'allowSnapshotOverwrites' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- The repository with this flag will allow publishing the same snapshot versions. immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'versionPolicy' + description: |- + Version policy defines the versions that the registry will accept. + immutable: true + values: + - :VERSION_POLICY_UNSPECIFIED + - :RELEASE + - :SNAPSHOT + default_value: :VERSION_POLICY_UNSPECIFIED + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb' + - !ruby/object:Api::Type::Enum + name: 'mode' + description: |- + The mode configures the repository to serve artifacts from different sources. + immutable: true + values: + - :STANDARD_REPOSITORY + - :VIRTUAL_REPOSITORY + - :REMOTE_REPOSITORY + default_value: :STANDARD_REPOSITORY + - !ruby/object:Api::Type::NestedObject + name: 'virtualRepositoryConfig' + conflicts: + - remote_repository_config + description: |- + Configuration specific for a Virtual Repository. + properties: + - !ruby/object:Api::Type::Array + name: 'upstreamPolicies' + diff_suppress_func: 'upstreamPoliciesDiffSuppress' + description: |- + Policies that configure the upstream artifacts distributed by the Virtual + Repository. Upstream policies cannot be set on a standard repository. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'id' + description: |- + The user-provided ID of the upstream policy. + - !ruby/object:Api::Type::String + name: 'repository' + description: | + A reference to the repository resource, for example: + "projects/p1/locations/us-central1/repository/repo1". + - !ruby/object:Api::Type::Integer + name: 'priority' + description: |- + Entries with a greater priority value take precedence in the pull order. + - !ruby/object:Api::Type::Map + name: 'cleanupPolicies' +======= - name: 'versionPolicy' type: Enum description: |- @@ -315,11 +572,28 @@ properties: Entries with a greater priority value take precedence in the pull order. - name: 'cleanupPolicies' type: Map +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Cleanup policies for this repository. Cleanup policies indicate when certain package versions can be automatically deleted. Map keys are policy IDs supplied by users during policy creation. They must unique within a repository and be under 128 characters in length. +<<<<<<< HEAD + key_name: id + key_description: |- + The policy ID. Must be unique within a repository. + value_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Enum + name: action + description: |- + Policy action. + values: + - :DELETE + - :KEEP + - !ruby/object:Api::Type::NestedObject + name: condition +======= key_name: 'id' key_description: |- The policy ID. Must be unique within a repository. @@ -336,10 +610,49 @@ properties: - 'KEEP' - name: 'condition' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Policy condition for matching versions. # TODO (jrsb): exactly_one_of: condition, mostRecentVersions properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: tagState + description: |- + Match versions by tag status. + values: + - :TAGGED + - :UNTAGGED + - :ANY + default_value: :ANY + - !ruby/object:Api::Type::Array + name: tagPrefixes + description: |- + Match versions by tag prefix. Applied on any prefix match. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: versionNamePrefixes + description: |- + Match versions by version name prefix. Applied on any prefix match. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: packageNamePrefixes + description: |- + Match versions by package prefix. Applied on any prefix match. + item_type: Api::Type::String + - !ruby/object:Api::Type::String + name: olderThan + description: |- + Match versions older than a duration. + diff_suppress_func: 'tpgresource.DurationDiffSuppress' + - !ruby/object:Api::Type::String + name: newerThan + description: |- + Match versions newer than a duration. + diff_suppress_func: 'tpgresource.DurationDiffSuppress' + - !ruby/object:Api::Type::NestedObject + name: mostRecentVersions +======= - name: 'tagState' type: Enum description: |- @@ -379,11 +692,51 @@ properties: diff_suppress_func: 'tpgresource.DurationDiffSuppress' - name: 'mostRecentVersions' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Policy condition for retaining a minimum number of versions. May only be specified with a Keep action. # TODO (jrsb): exactly_one_of: condition, mostRecentVersions properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: packageNamePrefixes + description: |- + Match versions by package prefix. Applied on any prefix match. + item_type: Api::Type::String + - !ruby/object:Api::Type::Integer + name: keepCount + description: |- + Minimum number of versions to keep. + - !ruby/object:Api::Type::NestedObject + name: 'remoteRepositoryConfig' + conflicts: + - virtual_repository_config + description: |- + Configuration specific for a Remote Repository. + immutable: true + properties: + - !ruby/object:Api::Type::String + name: 'description' + description: |- + The description of the remote source. + immutable: true + - !ruby/object:Api::Type::NestedObject + name: 'aptRepository' + exactly_one_of: + - remoteRepositoryConfig.0.apt_repository + - remoteRepositoryConfig.0.docker_repository + - remoteRepositoryConfig.0.maven_repository + - remoteRepositoryConfig.0.npm_repository + - remoteRepositoryConfig.0.python_repository + - remoteRepositoryConfig.0.yum_repository + description: |- + Specific settings for an Apt remote repository. + immutable: true + properties: + - !ruby/object:Api::Type::NestedObject + name: 'publicRepository' +======= - name: 'packageNamePrefixes' type: Array description: |- @@ -422,10 +775,43 @@ properties: properties: - name: 'publicRepository' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- One of the publicly available Apt repositories supported by Artifact Registry. immutable: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'repositoryBase' + required: true + description: |- + A common public repository base for Apt, e.g. `"debian/dists/buster"` + immutable: true + values: + - :DEBIAN + - :UBUNTU + - !ruby/object:Api::Type::String + name: 'repositoryPath' + required: true + description: |- + Specific repository from the base. + immutable: true + - !ruby/object:Api::Type::NestedObject + name: 'dockerRepository' + exactly_one_of: + - remoteRepositoryConfig.0.apt_repository + - remoteRepositoryConfig.0.docker_repository + - remoteRepositoryConfig.0.maven_repository + - remoteRepositoryConfig.0.npm_repository + - remoteRepositoryConfig.0.python_repository + - remoteRepositoryConfig.0.yum_repository + description: |- + Specific settings for a Docker remote repository. + immutable: true + properties: + - !ruby/object:Api::Type::Enum + name: 'publicRepository' +======= - name: 'repositoryBase' type: Enum description: |- @@ -456,11 +842,21 @@ properties: properties: - name: 'publicRepository' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Address of the remote repository. immutable: true conflicts: - remoteRepositoryConfig.0.docker_repository.0.custom_repository +<<<<<<< HEAD + values: + - :DOCKER_HUB + # Eventually lets delete default_value and custom_flatten in a major release + default_value: :DOCKER_HUB + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb' + - !ruby/object:Api::Type::NestedObject + name: 'customRepository' +======= custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' # Eventually lets delete default_value and custom_flatten in a major release default_value: "DOCKER_HUB" @@ -468,12 +864,35 @@ properties: - 'DOCKER_HUB' - name: 'customRepository' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Settings for a remote repository with a custom uri. immutable: true conflicts: - remoteRepositoryConfig.0.docker_repository.0.public_repository properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'uri' + description: |- + Specific uri to the registry, e.g. `"https://registry-1.docker.io"` + immutable: true + - !ruby/object:Api::Type::NestedObject + name: 'mavenRepository' + exactly_one_of: + - remoteRepositoryConfig.0.apt_repository + - remoteRepositoryConfig.0.docker_repository + - remoteRepositoryConfig.0.maven_repository + - remoteRepositoryConfig.0.npm_repository + - remoteRepositoryConfig.0.python_repository + - remoteRepositoryConfig.0.yum_repository + description: |- + Specific settings for a Maven remote repository. + immutable: true + properties: + - !ruby/object:Api::Type::Enum + name: 'publicRepository' +======= - name: 'uri' type: String description: |- @@ -494,11 +913,21 @@ properties: properties: - name: 'publicRepository' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Address of the remote repository. immutable: true conflicts: - remoteRepositoryConfig.0.maven_repository.0.custom_repository +<<<<<<< HEAD + values: + - :MAVEN_CENTRAL + # Eventually lets delete default_value and custom_flatten in a major release + default_value: :MAVEN_CENTRAL + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb' + - !ruby/object:Api::Type::NestedObject + name: 'customRepository' +======= custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' # Eventually lets delete default_value and custom_flatten in a major release default_value: "MAVEN_CENTRAL" @@ -506,12 +935,35 @@ properties: - 'MAVEN_CENTRAL' - name: 'customRepository' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Settings for a remote repository with a custom uri. immutable: true conflicts: - remoteRepositoryConfig.0.maven_repository.0.public_repository properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'uri' + description: |- + Specific uri to the registry, e.g. `"https://repo.maven.apache.org/maven2"` + immutable: true + - !ruby/object:Api::Type::NestedObject + name: 'npmRepository' + exactly_one_of: + - remoteRepositoryConfig.0.apt_repository + - remoteRepositoryConfig.0.docker_repository + - remoteRepositoryConfig.0.maven_repository + - remoteRepositoryConfig.0.npm_repository + - remoteRepositoryConfig.0.python_repository + - remoteRepositoryConfig.0.yum_repository + description: |- + Specific settings for an Npm remote repository. + immutable: true + properties: + - !ruby/object:Api::Type::Enum + name: 'publicRepository' +======= - name: 'uri' type: String description: |- @@ -532,11 +984,21 @@ properties: properties: - name: 'publicRepository' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Address of the remote repository. immutable: true conflicts: - remoteRepositoryConfig.0.npm_repository.0.custom_repository +<<<<<<< HEAD + values: + - :NPMJS + # Eventually lets delete default_value and custom_flatten in a major release + default_value: :NPMJS + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb' + - !ruby/object:Api::Type::NestedObject + name: 'customRepository' +======= custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' # Eventually lets delete default_value and custom_flatten in a major release default_value: "NPMJS" @@ -544,12 +1006,35 @@ properties: - 'NPMJS' - name: 'customRepository' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Settings for a remote repository with a custom uri. immutable: true conflicts: - remoteRepositoryConfig.0.npm_repository.0.public_repository properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'uri' + description: |- + Specific uri to the registry, e.g. `"https://registry.npmjs.org"` + immutable: true + - !ruby/object:Api::Type::NestedObject + name: 'pythonRepository' + exactly_one_of: + - remoteRepositoryConfig.0.apt_repository + - remoteRepositoryConfig.0.docker_repository + - remoteRepositoryConfig.0.maven_repository + - remoteRepositoryConfig.0.npm_repository + - remoteRepositoryConfig.0.python_repository + - remoteRepositoryConfig.0.yum_repository + description: |- + Specific settings for a Python remote repository. + immutable: true + properties: + - !ruby/object:Api::Type::Enum + name: 'publicRepository' +======= - name: 'uri' type: String description: |- @@ -570,11 +1055,21 @@ properties: properties: - name: 'publicRepository' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Address of the remote repository. immutable: true conflicts: - remoteRepositoryConfig.0.python_repository.0.custom_repository +<<<<<<< HEAD + values: + - :PYPI + # Eventually lets delete default_value and custom_flatten in a major release + default_value: :PYPI + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb' + - !ruby/object:Api::Type::NestedObject + name: 'customRepository' +======= custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' # Eventually lets delete default_value and custom_flatten in a major release default_value: "PYPI" @@ -582,12 +1077,35 @@ properties: - 'PYPI' - name: 'customRepository' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Settings for a remote repository with a custom uri. immutable: true conflicts: - remoteRepositoryConfig.0.python_repository.0.public_repository properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'uri' + description: |- + Specific uri to the registry, e.g. `"https://pypi.io"` + immutable: true + - !ruby/object:Api::Type::NestedObject + name: 'yumRepository' + exactly_one_of: + - remoteRepositoryConfig.0.apt_repository + - remoteRepositoryConfig.0.docker_repository + - remoteRepositoryConfig.0.maven_repository + - remoteRepositoryConfig.0.npm_repository + - remoteRepositoryConfig.0.python_repository + - remoteRepositoryConfig.0.yum_repository + description: |- + Specific settings for an Yum remote repository. + immutable: true + properties: + - !ruby/object:Api::Type::NestedObject + name: 'publicRepository' +======= - name: 'uri' type: String description: |- @@ -608,10 +1126,34 @@ properties: properties: - name: 'publicRepository' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- One of the publicly available Yum repositories supported by Artifact Registry. immutable: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'repositoryBase' + required: true + description: |- + A common public repository base for Yum. + immutable: true + values: + - :CENTOS + - :CENTOS_DEBUG + - :CENTOS_VAULT + - :CENTOS_STREAM + - :ROCKY + - :EPEL + - !ruby/object:Api::Type::String + name: 'repositoryPath' + required: true + description: |- + Specific repository from the base, e.g. `"pub/rocky/9/BaseOS/x86_64/os"` + immutable: true + - !ruby/object:Api::Type::NestedObject + name: 'upstreamCredentials' +======= - name: 'repositoryBase' type: Enum description: |- @@ -633,16 +1175,31 @@ properties: immutable: true - name: 'upstreamCredentials' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- The credentials used to access the remote repository. immutable: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'usernamePasswordCredentials' +======= - name: 'usernamePasswordCredentials' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Use username and password to access the remote repository. immutable: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'username' + description: |- + The username to access the remote repository. + immutable: true + - !ruby/object:Api::Type::String + name: 'passwordSecretVersion' +======= - name: 'username' type: String description: |- @@ -650,11 +1207,24 @@ properties: immutable: true - name: 'passwordSecretVersion' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- The Secret Manager key version that holds the password to access the remote repository. Must be in the format of `projects/{project}/secrets/{secret}/versions/{version}`. immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'disableUpstreamValidation' + # Ignore read on this field because it is INPUT_ONLY. + # Need to use custom flatten because ignore_read doesn't work with nested fields. + custom_flatten: 'templates/terraform/custom_flatten/artifactregistry_rr_disable_upstream_validation.go.erb' + description: |- + If true, the remote repository upstream and upstream credentials will + not be validated. + - !ruby/object:Api::Type::Boolean + name: 'cleanupPolicyDryRun' +======= - name: 'disableUpstreamValidation' type: Boolean description: |- @@ -665,6 +1235,7 @@ properties: custom_flatten: 'templates/terraform/custom_flatten/artifactregistry_rr_disable_upstream_validation.go.tmpl' - name: 'cleanupPolicyDryRun' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- If true, the cleanup pipeline is prevented from deleting versions in this repository. diff --git a/mmv1/products/artifactregistry/VPCSCConfig.yaml b/mmv1/products/artifactregistry/VPCSCConfig.yaml index 01bde3cfff05..0e81fe90dee5 100644 --- a/mmv1/products/artifactregistry/VPCSCConfig.yaml +++ b/mmv1/products/artifactregistry/VPCSCConfig.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,16 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'VPCSCConfig' +description: |- + The Artifact Registry VPC SC config that applies to a Project. +references: !ruby/object:Api::Resource::ReferenceLinks + api: 'https://cloud.google.com/artifact-registry/docs/reference/rest/v1/VPCSCConfig' +min_version: beta +docs: !ruby/object:Provider::Terraform::Docs +======= --- name: 'VPCSCConfig' description: |- @@ -20,6 +34,7 @@ references: guides: api: 'https://cloud.google.com/artifact-registry/docs/reference/rest/v1/VPCSCConfig' docs: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 note: |- VPC SC configs are automatically created for a given location. Creating a resource of this type will acquire and update the resource that already @@ -28,6 +43,49 @@ docs: base_url: 'projects/{{project}}/locations/{{location}}/vpcscConfig' self_link: 'projects/{{project}}/locations/{{location}}/vpcscConfig' create_url: 'projects/{{project}}/locations/{{location}}/vpcscConfig' +<<<<<<< HEAD +create_verb: :PATCH +update_verb: :PATCH +skip_delete: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'artifact_registry_vpcsc_config' + # Requires VPC SC Policy configured on organization + skip_test: true + primary_resource_id: 'my-config' +autogen_async: false +async: !ruby/object:Api::OpAsync + actions: [] + # necessary to compile + operation: !ruby/object:Api::OpAsync::Operation + base_url: '{{op_id}}' +custom_code: !ruby/object:Provider::Terraform::CustomCode + encoder: templates/terraform/encoders/location_from_region.go.erb +parameters: + - !ruby/object:Api::Type::String + name: location + required: false + immutable: true + url_param_only: true + default_from_api: true + description: | + The name of the location this config is located in. + - !ruby/object:Api::Type::String + name: name + output: true + description: |- + The name of the project's VPC SC Config. + Always of the form: projects/{project}/location/{location}/vpcscConfig +properties: + - !ruby/object:Api::Type::Enum + name: vpcscPolicy + min_version: beta + description: |- + The VPC SC policy for project and location. + values: + - :DENY + - :ALLOW +======= create_verb: 'PATCH' update_verb: 'PATCH' exclude_delete: true @@ -76,3 +134,4 @@ properties: enum_values: - 'DENY' - 'ALLOW' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/artifactregistry/go_Repository.yaml b/mmv1/products/artifactregistry/go_Repository.yaml new file mode 100644 index 000000000000..9c48e6b45b4b --- /dev/null +++ b/mmv1/products/artifactregistry/go_Repository.yaml @@ -0,0 +1,671 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Repository' +description: A repository for storing artifacts +references: + guides: + 'Official Documentation': 'https://cloud.google.com/artifact-registry/docs/overview' + api: 'https://cloud.google.com/artifact-registry/docs/reference/rest/v1/projects.locations.repositories' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/repositories/{{repository_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/repositories' +self_link: 'projects/{{project}}/locations/{{location}}/repositories/{{repository_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/repositories?repository_id={{repository_id}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/repositories/{{repository_id}}' + - '{{repository_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +iam_policy: + method_name_separator: ':' + allowed_iam_role: 'roles/artifactregistry.reader' + # TODO (camthornton): Change to repository_id in 4.0 + parent_resource_attribute: 'repository' + base_url: 'projects/{{project}}/locations/{{location}}/repositories/{{name}}' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + self_link: 'projects/{{project}}/locations/{{location}}/repositories/{{name}}' + import_format: + - 'projects/{{project}}/locations/{{location}}/repositories/{{repository}}' + - '{{repository}}' +custom_code: + constants: 'templates/terraform/constants/go/artifact_registry_repository.go.tmpl' + encoder: 'templates/terraform/encoders/go/location_from_region.go.tmpl' + pre_create: 'templates/terraform/pre_create/go/artifact_registry_remote_repository.go.tmpl' +examples: + - name: 'artifact_registry_repository_basic' + primary_resource_id: 'my-repo' + primary_resource_name: 'fmt.Sprintf("tf-test-my-repository%s", context["random_suffix"])' + vars: + repository_id: 'my-repository' + desc: 'example docker repository' + - name: 'artifact_registry_repository_docker' + primary_resource_id: 'my-repo' + vars: + repository_id: 'my-repository' + desc: 'example docker repository' + - name: 'artifact_registry_repository_cmek' + primary_resource_id: 'my-repo' + vars: + repository_id: 'my-repository' + kms_key_name: 'kms-key' + test_vars_overrides: + 'kms_key_name': 'acctest.BootstrapKMSKeyInLocation(t, "us-central1").CryptoKey.Name' + - name: 'artifact_registry_repository_virtual' + primary_resource_id: 'my-repo' + vars: + repository_id: 'my-repository' + desc: 'example virtual docker repository' + upstream_repository_id: 'my-repository-upstream' + upstream_desc: 'example docker repository (upstream source)' + upstream_policy_id: 'my-repository-upstream' + - name: 'artifact_registry_repository_remote' + primary_resource_id: 'my-repo' + vars: + repository_id: 'my-repository' + desc: 'example remote docker repository' + - name: 'artifact_registry_repository_remote_apt' + primary_resource_id: 'my-repo' + vars: + repository_id: 'debian-buster' + desc: 'example remote apt repository' + - name: 'artifact_registry_repository_remote_yum' + primary_resource_id: 'my-repo' + vars: + repository_id: 'rocky-9' + desc: 'example remote yum repository' + - name: 'artifact_registry_repository_cleanup' + primary_resource_id: 'my-repo' + vars: + repository_id: 'my-repository' + desc: 'example docker repository with cleanup policies' + - name: 'artifact_registry_repository_remote_dockerhub_auth' + primary_resource_id: 'my-repo' + vars: + repository_id: 'example-dockerhub-remote' + desc: 'example remote dockerhub repository with credentials' + secret_id: 'example-secret' + secret_resource_id: 'example-remote-secret' + username: 'remote-username' + secret_data: 'remote-password' + # Ignore this field as it is INPUT_ONLY. AR will not return this in the + # response. + ignore_read_extra: + - 'remote_repository_config.0.disable_upstream_validation' + - name: 'artifact_registry_repository_remote_docker_custom_with_auth' + primary_resource_id: 'my-repo' + vars: + repository_id: 'example-docker-custom-remote' + desc: 'example remote custom docker repository with credentials' + secret_id: 'example-secret' + secret_resource_id: 'example-remote-secret' + username: 'remote-username' + secret_data: 'remote-password' + ignore_read_extra: + # Ignore this field as it is INPUT_ONLY. AR will not return this in the + # response. + - 'remote_repository_config.0.disable_upstream_validation' + - name: 'artifact_registry_repository_remote_maven_custom_with_auth' + primary_resource_id: 'my-repo' + vars: + repository_id: 'example-maven-custom-remote' + desc: 'example remote custom maven repository with credentials' + secret_id: 'example-secret' + secret_resource_id: 'example-remote-secret' + username: 'remote-username' + secret_data: 'remote-password' + ignore_read_extra: + # Ignore this field as it is INPUT_ONLY. AR will not return this in the + # response. + - 'remote_repository_config.0.disable_upstream_validation' + - name: 'artifact_registry_repository_remote_npm_custom_with_auth' + primary_resource_id: 'my-repo' + vars: + repository_id: 'example-npm-custom-remote' + desc: 'example remote custom npm repository with credentials' + secret_id: 'example-secret' + secret_resource_id: 'example-remote-secret' + username: 'remote-username' + secret_data: 'remote-password' + ignore_read_extra: + # Ignore this field as it is INPUT_ONLY. AR will not return this in the + # response. + - 'remote_repository_config.0.disable_upstream_validation' + - name: 'artifact_registry_repository_remote_python_custom_with_auth' + primary_resource_id: 'my-repo' + vars: + repository_id: 'example-python-custom-remote' + desc: 'example remote custom python repository with credentials' + secret_id: 'example-secret' + secret_resource_id: 'example-remote-secret' + username: 'remote-username' + secret_data: 'remote-password' + ignore_read_extra: + # Ignore this field as it is INPUT_ONLY. AR will not return this in the + # response. + - 'remote_repository_config.0.disable_upstream_validation' +parameters: +properties: + - name: 'name' + type: String + description: |- + The name of the repository, for example: + "repo1" + output: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/shortname_to_url.go.tmpl' + - name: 'repository_id' + type: String + description: |- + The last part of the repository name, for example: + "repo1" + url_param_only: true + required: true + immutable: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + - name: 'location' + type: String + description: | + The name of the location this repository is located in. + url_param_only: true + required: false + immutable: true + default_from_api: true + - name: 'format' + type: String + description: |- + The format of packages that are stored in the repository. Supported formats + can be found [here](https://cloud.google.com/artifact-registry/docs/supported-formats). + You can only create alpha formats if you are a member of the + [alpha user group](https://cloud.google.com/artifact-registry/docs/supported-formats#alpha-access). + required: true + immutable: true + diff_suppress_func: 'tpgresource.CaseDiffSuppress' + - name: 'description' + type: String + description: |- + The user-provided description of the repository. + - name: 'labels' + type: KeyValueLabels + description: | + Labels with user-defined metadata. + This field may contain up to 64 entries. Label keys and values may be no + longer than 63 characters. Label keys must begin with a lowercase letter + and may only contain lowercase letters, numeric characters, underscores, + and dashes. + - name: 'kmsKeyName' + type: String + description: |- + The Cloud KMS resource name of the customer managed encryption key that’s + used to encrypt the contents of the Repository. Has the form: + `projects/my-project/locations/my-region/keyRings/my-kr/cryptoKeys/my-key`. + This value may not be changed after the Repository has been created. + immutable: true + - name: 'createTime' + type: Time + description: The time when the repository was created. + output: true + - name: 'updateTime' + type: Time + description: The time when the repository was last updated. + output: true + - name: 'dockerConfig' + type: NestedObject + description: |- + Docker repository config contains repository level configuration for the repositories of docker type. + allow_empty_object: true + properties: + - name: 'immutableTags' + type: Boolean + description: |- + The repository which enabled this flag prevents all tags from being modified, moved or deleted. This does not prevent tags from being created. + - name: 'mavenConfig' + type: NestedObject + description: |- + MavenRepositoryConfig is maven related repository details. + Provides additional configuration details for repositories of the maven + format type. + allow_empty_object: true + properties: + # Maven properties. + - name: 'allowSnapshotOverwrites' + type: Boolean + description: |- + The repository with this flag will allow publishing the same + snapshot versions. + immutable: true + - name: 'versionPolicy' + type: Enum + description: |- + Version policy defines the versions that the registry will accept. + immutable: true + custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' + default_value: "VERSION_POLICY_UNSPECIFIED" + enum_values: + - 'VERSION_POLICY_UNSPECIFIED' + - 'RELEASE' + - 'SNAPSHOT' + - name: 'mode' + type: Enum + description: |- + The mode configures the repository to serve artifacts from different sources. + immutable: true + default_value: "STANDARD_REPOSITORY" + enum_values: + - 'STANDARD_REPOSITORY' + - 'VIRTUAL_REPOSITORY' + - 'REMOTE_REPOSITORY' + - name: 'virtualRepositoryConfig' + type: NestedObject + description: |- + Configuration specific for a Virtual Repository. + conflicts: + - remote_repository_config + properties: + - name: 'upstreamPolicies' + type: Array + description: |- + Policies that configure the upstream artifacts distributed by the Virtual + Repository. Upstream policies cannot be set on a standard repository. + diff_suppress_func: 'upstreamPoliciesDiffSuppress' + item_type: + type: NestedObject + properties: + - name: 'id' + type: String + description: |- + The user-provided ID of the upstream policy. + - name: 'repository' + type: String + description: | + A reference to the repository resource, for example: + "projects/p1/locations/us-central1/repository/repo1". + - name: 'priority' + type: Integer + description: |- + Entries with a greater priority value take precedence in the pull order. + - name: 'cleanupPolicies' + type: Map + description: |- + Cleanup policies for this repository. Cleanup policies indicate when + certain package versions can be automatically deleted. + Map keys are policy IDs supplied by users during policy creation. They must + unique within a repository and be under 128 characters in length. + key_name: 'id' + key_description: |- + The policy ID. Must be unique within a repository. + value_type: + name: cleanupPolicies + type: NestedObject + properties: + - name: 'action' + type: Enum + description: |- + Policy action. + enum_values: + - 'DELETE' + - 'KEEP' + - name: 'condition' + type: NestedObject + description: |- + Policy condition for matching versions. + # TODO (jrsb): exactly_one_of: condition, mostRecentVersions + properties: + - name: 'tagState' + type: Enum + description: |- + Match versions by tag status. + default_value: "ANY" + enum_values: + - 'TAGGED' + - 'UNTAGGED' + - 'ANY' + - name: 'tagPrefixes' + type: Array + description: |- + Match versions by tag prefix. Applied on any prefix match. + item_type: + type: String + - name: 'versionNamePrefixes' + type: Array + description: |- + Match versions by version name prefix. Applied on any prefix match. + item_type: + type: String + - name: 'packageNamePrefixes' + type: Array + description: |- + Match versions by package prefix. Applied on any prefix match. + item_type: + type: String + - name: 'olderThan' + type: String + description: |- + Match versions older than a duration. + diff_suppress_func: 'tpgresource.DurationDiffSuppress' + - name: 'newerThan' + type: String + description: |- + Match versions newer than a duration. + diff_suppress_func: 'tpgresource.DurationDiffSuppress' + - name: 'mostRecentVersions' + type: NestedObject + description: |- + Policy condition for retaining a minimum number of versions. May only be + specified with a Keep action. + # TODO (jrsb): exactly_one_of: condition, mostRecentVersions + properties: + - name: 'packageNamePrefixes' + type: Array + description: |- + Match versions by package prefix. Applied on any prefix match. + item_type: + type: String + - name: 'keepCount' + type: Integer + description: |- + Minimum number of versions to keep. + - name: 'remoteRepositoryConfig' + type: NestedObject + description: |- + Configuration specific for a Remote Repository. + immutable: true + conflicts: + - virtual_repository_config + properties: + - name: 'description' + type: String + description: |- + The description of the remote source. + immutable: true + - name: 'aptRepository' + type: NestedObject + description: |- + Specific settings for an Apt remote repository. + immutable: true + exactly_one_of: + - 'remoteRepositoryConfig.0.apt_repository' + - 'remoteRepositoryConfig.0.docker_repository' + - 'remoteRepositoryConfig.0.maven_repository' + - 'remoteRepositoryConfig.0.npm_repository' + - 'remoteRepositoryConfig.0.python_repository' + - 'remoteRepositoryConfig.0.yum_repository' + properties: + - name: 'publicRepository' + type: NestedObject + description: |- + One of the publicly available Apt repositories supported by Artifact Registry. + immutable: true + properties: + - name: 'repositoryBase' + type: Enum + description: |- + A common public repository base for Apt, e.g. `"debian/dists/buster"` + required: true + immutable: true + enum_values: + - 'DEBIAN' + - 'UBUNTU' + - name: 'repositoryPath' + type: String + description: |- + Specific repository from the base. + required: true + immutable: true + - name: 'dockerRepository' + type: NestedObject + description: |- + Specific settings for a Docker remote repository. + immutable: true + exactly_one_of: + - 'remoteRepositoryConfig.0.apt_repository' + - 'remoteRepositoryConfig.0.docker_repository' + - 'remoteRepositoryConfig.0.maven_repository' + - 'remoteRepositoryConfig.0.npm_repository' + - 'remoteRepositoryConfig.0.python_repository' + - 'remoteRepositoryConfig.0.yum_repository' + properties: + - name: 'publicRepository' + type: Enum + description: |- + Address of the remote repository. + immutable: true + conflicts: + - remoteRepositoryConfig.0.docker_repository.0.custom_repository + custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' + # Eventually lets delete default_value and custom_flatten in a major release + default_value: "DOCKER_HUB" + enum_values: + - 'DOCKER_HUB' + - name: 'customRepository' + type: NestedObject + description: |- + Settings for a remote repository with a custom uri. + immutable: true + conflicts: + - remoteRepositoryConfig.0.docker_repository.0.public_repository + properties: + - name: 'uri' + type: String + description: |- + Specific uri to the registry, e.g. `"https://registry-1.docker.io"` + immutable: true + - name: 'mavenRepository' + type: NestedObject + description: |- + Specific settings for a Maven remote repository. + immutable: true + exactly_one_of: + - 'remoteRepositoryConfig.0.apt_repository' + - 'remoteRepositoryConfig.0.docker_repository' + - 'remoteRepositoryConfig.0.maven_repository' + - 'remoteRepositoryConfig.0.npm_repository' + - 'remoteRepositoryConfig.0.python_repository' + - 'remoteRepositoryConfig.0.yum_repository' + properties: + - name: 'publicRepository' + type: Enum + description: |- + Address of the remote repository. + immutable: true + conflicts: + - remoteRepositoryConfig.0.maven_repository.0.custom_repository + custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' + # Eventually lets delete default_value and custom_flatten in a major release + default_value: "MAVEN_CENTRAL" + enum_values: + - 'MAVEN_CENTRAL' + - name: 'customRepository' + type: NestedObject + description: |- + Settings for a remote repository with a custom uri. + immutable: true + conflicts: + - remoteRepositoryConfig.0.maven_repository.0.public_repository + properties: + - name: 'uri' + type: String + description: |- + Specific uri to the registry, e.g. `"https://repo.maven.apache.org/maven2"` + immutable: true + - name: 'npmRepository' + type: NestedObject + description: |- + Specific settings for an Npm remote repository. + immutable: true + exactly_one_of: + - 'remoteRepositoryConfig.0.apt_repository' + - 'remoteRepositoryConfig.0.docker_repository' + - 'remoteRepositoryConfig.0.maven_repository' + - 'remoteRepositoryConfig.0.npm_repository' + - 'remoteRepositoryConfig.0.python_repository' + - 'remoteRepositoryConfig.0.yum_repository' + properties: + - name: 'publicRepository' + type: Enum + description: |- + Address of the remote repository. + immutable: true + conflicts: + - remoteRepositoryConfig.0.npm_repository.0.custom_repository + custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' + # Eventually lets delete default_value and custom_flatten in a major release + default_value: "NPMJS" + enum_values: + - 'NPMJS' + - name: 'customRepository' + type: NestedObject + description: |- + Settings for a remote repository with a custom uri. + immutable: true + conflicts: + - remoteRepositoryConfig.0.npm_repository.0.public_repository + properties: + - name: 'uri' + type: String + description: |- + Specific uri to the registry, e.g. `"https://registry.npmjs.org"` + immutable: true + - name: 'pythonRepository' + type: NestedObject + description: |- + Specific settings for a Python remote repository. + immutable: true + exactly_one_of: + - 'remoteRepositoryConfig.0.apt_repository' + - 'remoteRepositoryConfig.0.docker_repository' + - 'remoteRepositoryConfig.0.maven_repository' + - 'remoteRepositoryConfig.0.npm_repository' + - 'remoteRepositoryConfig.0.python_repository' + - 'remoteRepositoryConfig.0.yum_repository' + properties: + - name: 'publicRepository' + type: Enum + description: |- + Address of the remote repository. + immutable: true + conflicts: + - remoteRepositoryConfig.0.python_repository.0.custom_repository + custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' + # Eventually lets delete default_value and custom_flatten in a major release + default_value: "PYPI" + enum_values: + - 'PYPI' + - name: 'customRepository' + type: NestedObject + description: |- + Settings for a remote repository with a custom uri. + immutable: true + conflicts: + - remoteRepositoryConfig.0.python_repository.0.public_repository + properties: + - name: 'uri' + type: String + description: |- + Specific uri to the registry, e.g. `"https://pypi.io"` + immutable: true + - name: 'yumRepository' + type: NestedObject + description: |- + Specific settings for an Yum remote repository. + immutable: true + exactly_one_of: + - 'remoteRepositoryConfig.0.apt_repository' + - 'remoteRepositoryConfig.0.docker_repository' + - 'remoteRepositoryConfig.0.maven_repository' + - 'remoteRepositoryConfig.0.npm_repository' + - 'remoteRepositoryConfig.0.python_repository' + - 'remoteRepositoryConfig.0.yum_repository' + properties: + - name: 'publicRepository' + type: NestedObject + description: |- + One of the publicly available Yum repositories supported by Artifact Registry. + immutable: true + properties: + - name: 'repositoryBase' + type: Enum + description: |- + A common public repository base for Yum. + required: true + immutable: true + enum_values: + - 'CENTOS' + - 'CENTOS_DEBUG' + - 'CENTOS_VAULT' + - 'CENTOS_STREAM' + - 'ROCKY' + - 'EPEL' + - name: 'repositoryPath' + type: String + description: |- + Specific repository from the base, e.g. `"pub/rocky/9/BaseOS/x86_64/os"` + required: true + immutable: true + - name: 'upstreamCredentials' + type: NestedObject + description: |- + The credentials used to access the remote repository. + immutable: true + properties: + - name: 'usernamePasswordCredentials' + type: NestedObject + description: |- + Use username and password to access the remote repository. + immutable: true + properties: + - name: 'username' + type: String + description: |- + The username to access the remote repository. + immutable: true + - name: 'passwordSecretVersion' + type: String + description: |- + The Secret Manager key version that holds the password to access the + remote repository. Must be in the format of + `projects/{project}/secrets/{secret}/versions/{version}`. + immutable: true + - name: 'disableUpstreamValidation' + type: Boolean + description: |- + If true, the remote repository upstream and upstream credentials will + not be validated. + # Ignore read on this field because it is INPUT_ONLY. + # Need to use custom flatten because ignore_read doesn't work with nested fields. + custom_flatten: 'templates/terraform/custom_flatten/go/artifactregistry_rr_disable_upstream_validation.go.tmpl' + - name: 'cleanupPolicyDryRun' + type: Boolean + description: |- + If true, the cleanup pipeline is prevented from deleting versions in this + repository. diff --git a/mmv1/products/artifactregistry/go_VPCSCConfig.yaml b/mmv1/products/artifactregistry/go_VPCSCConfig.yaml new file mode 100644 index 000000000000..a1582a58cc4b --- /dev/null +++ b/mmv1/products/artifactregistry/go_VPCSCConfig.yaml @@ -0,0 +1,79 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'VPCSCConfig' +description: |- + The Artifact Registry VPC SC config that applies to a Project. +min_version: 'beta' +references: + guides: + api: 'https://cloud.google.com/artifact-registry/docs/reference/rest/v1/VPCSCConfig' +docs: + note: |- + VPC SC configs are automatically created for a given location. Creating a + resource of this type will acquire and update the resource that already + exists at the location. Deleting this resource will remove the config from + your Terraform state but leave the resource as is. +base_url: 'projects/{{project}}/locations/{{location}}/vpcscConfig' +self_link: 'projects/{{project}}/locations/{{location}}/vpcscConfig' +create_url: 'projects/{{project}}/locations/{{location}}/vpcscConfig' +create_verb: 'PATCH' +update_verb: 'PATCH' +exclude_delete: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: [''] + type: 'OpAsync' + # necessary to compile + operation: + base_url: '{{op_id}}' + result: + resource_inside_response: false +custom_code: + encoder: 'templates/terraform/encoders/go/location_from_region.go.tmpl' +examples: + - name: 'artifact_registry_vpcsc_config' + primary_resource_id: 'my-config' + # Requires VPC SC Policy configured on organization + exclude_test: true +parameters: + - name: 'location' + type: String + description: | + The name of the location this config is located in. + min_version: 'beta' + url_param_only: true + required: false + immutable: true + default_from_api: true + - name: 'name' + type: String + description: |- + The name of the project's VPC SC Config. + Always of the form: projects/{project}/location/{location}/vpcscConfig + min_version: 'beta' + output: true +properties: + - name: 'vpcscPolicy' + type: Enum + description: |- + The VPC SC policy for project and location. + min_version: 'beta' + enum_values: + - 'DENY' + - 'ALLOW' diff --git a/mmv1/products/artifactregistry/go_product.yaml b/mmv1/products/artifactregistry/go_product.yaml new file mode 100644 index 000000000000..7e2842eb9ec3 --- /dev/null +++ b/mmv1/products/artifactregistry/go_product.yaml @@ -0,0 +1,36 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'ArtifactRegistry' +display_name: 'Artifact Registry' +versions: + - name: 'beta' + base_url: 'https://artifactregistry.googleapis.com/v1/' + - name: 'ga' + base_url: 'https://artifactregistry.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' +async: + type: "OpAsync" + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' diff --git a/mmv1/products/artifactregistry/product.yaml b/mmv1/products/artifactregistry/product.yaml index c8c98003c1cd..c14f3ecb0383 100644 --- a/mmv1/products/artifactregistry/product.yaml +++ b/mmv1/products/artifactregistry/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2020 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,36 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: ArtifactRegistry +display_name: Artifact Registry +scopes: + - https://www.googleapis.com/auth/cloud-platform +versions: + - !ruby/object:Api::Product::Version + name: beta + base_url: https://artifactregistry.googleapis.com/v1/ + - !ruby/object:Api::Product::Version + name: ga + base_url: https://artifactregistry.googleapis.com/v1/ +async: !ruby/object:Api::OpAsync + actions: ['create', 'delete'] + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error +======= --- name: 'ArtifactRegistry' display_name: 'Artifact Registry' @@ -31,5 +65,6 @@ async: path: 'response' resource_inside_response: true error: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 path: 'error' message: 'message' diff --git a/mmv1/products/backupdr/BackupVault.yaml b/mmv1/products/backupdr/BackupVault.yaml index 1a455d31d662..2ac0b250a479 100644 --- a/mmv1/products/backupdr/BackupVault.yaml +++ b/mmv1/products/backupdr/BackupVault.yaml @@ -11,6 +11,66 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +base_url: projects/{{project}}/locations/{{location}}/backupVaults +create_url: projects/{{project}}/locations/{{location}}/backupVaults?backupVaultId={{backup_vault_id}} +update_url: projects/{{project}}/locations/{{location}}/backupVaults/{{backup_vault_id}}?force={{force_update}} +delete_url: projects/{{project}}/locations/{{location}}/backupVaults/{{backup_vault_id}}?force={{force_delete}}&allowMissing={{allow_missing}} +self_link: projects/{{project}}/locations/{{location}}/backupVaults/{{backup_vault_id}} +id_format: projects/{{project}}/locations/{{location}}/backupVaults/{{backup_vault_id}} +import_format: + - projects/{{project}}/locations/{{location}}/backupVaults/{{backup_vault_id}} +name: BackupVault +description: Container to store and organize immutable and indelible backups. +autogen_async: true +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: name + base_url: "{{op_id}}" + wait_ms: 1000 + timeouts: + result: !ruby/object:Api::OpAsync::Result + path: response + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: done + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: error + message: message +update_verb: :PATCH +update_mask: true +examples: + - !ruby/object:Provider::Terraform::Examples + min_version: beta + name: 'backup_dr_backup_vault_full' + primary_resource_id: 'backup-vault-test' + vars: + backup_vault_id: 'backup-vault-test' + test_env_vars: + project: :PROJECT_NAME +parameters: + - !ruby/object:Api::Type::String + name: location + description: "The GCP location for the backup vault. " + url_param_only: true + required: true + immutable: true + - !ruby/object:Api::Type::String + name: backupVaultId + description: "Required. ID of the requesting object." + url_param_only: true + required: true + immutable: true + - !ruby/object:Api::Type::Boolean + name: 'force_update' + default_value: false + url_param_only: true +======= --- name: 'BackupVault' description: Container to store and organize immutable and indelible backups. @@ -70,20 +130,102 @@ parameters: immutable: true - name: 'force_update' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If set, allow update to extend the minimum enforced retention for backup vault. This overrides the restriction against conflicting retention periods. This conflict may occur when the expiration schedule defined by the associated backup plan is shorter than the minimum retention set by the backup vault. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'force_delete' + default_value: false + url_param_only: true +======= min_version: 'beta' url_param_only: true default_value: false - name: 'force_delete' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If set, the following restrictions against deletion of the backup vault instance can be overridden: * deletion of a backup vault instance containing no backups, but still containing empty datasources. * deletion of a backup vault instance that is being referenced by an active backup plan. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'allow_missing' + default_value: false + url_param_only: true + description: | + Allow idempotent deletion of backup vault. The request will still succeed in case the backup vault does not exist. +properties: + - !ruby/object:Api::Type::String + name: name + description: 'Output only. Identifier. The resource name. ' + output: true + - !ruby/object:Api::Type::String + name: description + description: 'Optional. The description of the BackupVault instance (2048 characters + or less). ' + - !ruby/object:Api::Type::KeyValueLabels + name: labels + description: "Optional. Resource labels to represent user provided metadata. " + - !ruby/object:Api::Type::String + name: createTime + description: 'Output only. The time when the instance was created. ' + output: true + - !ruby/object:Api::Type::String + name: updateTime + description: 'Output only. The time when the instance was updated. ' + output: true + - !ruby/object:Api::Type::String + name: backupMinimumEnforcedRetentionDuration + description: "Required. The default and minimum enforced retention for each backup + within the backup vault. The enforced retention for each backup can be extended. " + required: true + - !ruby/object:Api::Type::Boolean + name: deletable + description: 'Output only. Set to true when there are no backups nested under this + resource. ' + output: true + - !ruby/object:Api::Type::String + name: etag + output: true + description: "Optional. Server specified ETag for the backup vault resource to prevent + simultaneous updates from overwiting each other. " + - !ruby/object:Api::Type::String + name: state + description: "Output only. The BackupVault resource instance state. \n + Possible values:\n STATE_UNSPECIFIED\n CREATING\n ACTIVE\n DELETING\n ERROR" + output: true + - !ruby/object:Api::Type::String + name: effectiveTime + description: 'Optional. Time after which the BackupVault resource is locked. ' + - !ruby/object:Api::Type::String + name: backupCount + description: 'Output only. The number of backups in this backup vault. ' + output: true + - !ruby/object:Api::Type::String + name: serviceAccount + description: "Output only. Service account used by the BackupVault Service for this + BackupVault. The user should grant this account permissions in their workload + project to enable the service to run backups and restores there. " + output: true + - !ruby/object:Api::Type::String + name: totalStoredBytes + description: 'Output only. Total size of the storage used by all backup resources. ' + output: true + - !ruby/object:Api::Type::String + name: uid + description: "Output only. Output only Immutable after resource creation until + resource deletion. " + output: true + - !ruby/object:Api::Type::KeyValueAnnotations + name: annotations + description: "Optional. User annotations. See https://google.aip.dev/128#annotations\nStores + small amounts of arbitrary data. " +======= min_version: 'beta' url_param_only: true default_value: false @@ -175,3 +317,4 @@ properties: description: "Optional. User annotations. See https://google.aip.dev/128#annotations\nStores small amounts of arbitrary data. " min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/backupdr/ManagementServer.yaml b/mmv1/products/backupdr/ManagementServer.yaml index 0705c465ceb6..a4c1748bc2da 100644 --- a/mmv1/products/backupdr/ManagementServer.yaml +++ b/mmv1/products/backupdr/ManagementServer.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,31 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'ManagementServer' +min_version: beta +base_url: projects/{{project}}/locations/{{location}}/managementServers +create_url: projects/{{project}}/locations/{{location}}/managementServers/?management_server_id={{name}} +self_link: projects/{{project}}/locations/{{location}}/managementServers/{{name}} +create_verb: :POST +immutable: true +delete_url: projects/{{project}}/locations/{{location}}/managementServers/{{name}} +description: A Backup and DR Management Server (Also referred as Management Console) +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/backup-disaster-recovery/docs' + api: 'https://cloud.google.com/backup-disaster-recovery/docs/deployment/deployment-plan' +autogen_async: true +timeouts: !ruby/object:Api::Timeouts + insert_minutes: 40 + delete_minutes: 40 +examples: + - !ruby/object:Provider::Terraform::Examples + min_version: beta + name: 'backup_dr_management_server' + primary_resource_id: 'ms-console' +======= --- name: 'ManagementServer' description: A Backup and DR Management Server (Also referred as Management Console) @@ -48,10 +77,78 @@ examples: - name: 'backup_dr_management_server' primary_resource_id: 'ms-console' min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: network_name: 'vpc-network' managementserver_name: 'ms-console' test_env_vars: +<<<<<<< HEAD + project: :PROJECT_NAME + skip_test: true +parameters: + - !ruby/object:Api::Type::String + name: 'location' + required: true + url_param_only: true + description: | + The location for the management server (management console) + - !ruby/object:Api::Type::String + name: 'name' + required: true + url_param_only: true + description: |- + The name of management server (management console) + custom_expand: 'templates/terraform/custom_expand/shortname_to_url.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' +properties: + - !ruby/object:Api::Type::Enum + name: 'type' + values: + - :BACKUP_RESTORE + default_value: :BACKUP_RESTORE + description: | + The type of management server (management console). + - !ruby/object:Api::Type::Array + name: 'networks' + description: | + Network details to create management server (management console). + required: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'network' + description: | + Network with format `projects/{{project_id}}/global/networks/{{network_id}}` + required: true + - !ruby/object:Api::Type::Enum + name: 'peeringMode' + description: | + Type of Network peeringMode + values: + - :PRIVATE_SERVICE_ACCESS + default_value: :PRIVATE_SERVICE_ACCESS + ## outputs + - !ruby/object:Api::Type::String + name: 'oauth2ClientId' + description: | + The oauth2ClientId of management console. + output: true + - !ruby/object:Api::Type::NestedObject + name: 'managementUri' + description: |- + The management console URI + output: true + properties: + - !ruby/object:Api::Type::String + name: 'webUi' + description: |- + The management console webUi. + output: true + - !ruby/object:Api::Type::String + name: 'api' + description: |- + The management console api endpoint. +======= project: 'PROJECT_NAME' exclude_test: true parameters: @@ -128,4 +225,5 @@ properties: description: |- The management console api endpoint. min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 output: true diff --git a/mmv1/products/backupdr/go_BackupVault.yaml b/mmv1/products/backupdr/go_BackupVault.yaml new file mode 100644 index 000000000000..2270f1b45c9d --- /dev/null +++ b/mmv1/products/backupdr/go_BackupVault.yaml @@ -0,0 +1,178 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'BackupVault' +description: Container to store and organize immutable and indelible backups. +min_version: 'beta' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/backupVaults/{{backup_vault_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/backupVaults' +self_link: 'projects/{{project}}/locations/{{location}}/backupVaults/{{backup_vault_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/backupVaults?backupVaultId={{backup_vault_id}}' +update_url: 'projects/{{project}}/locations/{{location}}/backupVaults/{{backup_vault_id}}?force={{force_update}}' +update_verb: 'PATCH' +update_mask: true +delete_url: 'projects/{{project}}/locations/{{location}}/backupVaults/{{backup_vault_id}}?force={{force_delete}}&allowMissing={{allow_missing}}' +import_format: + - 'projects/{{project}}/locations/{{location}}/backupVaults/{{backup_vault_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: +examples: + - name: 'backup_dr_backup_vault_full' + primary_resource_id: 'backup-vault-test' + min_version: 'beta' + vars: + backup_vault_id: 'backup-vault-test' + test_env_vars: + project: 'PROJECT_NAME' +parameters: + - name: 'location' + type: String + description: "The GCP location for the backup vault. " + min_version: 'beta' + url_param_only: true + required: true + immutable: true + - name: 'backupVaultId' + type: String + description: "Required. ID of the requesting object." + min_version: 'beta' + url_param_only: true + required: true + immutable: true + - name: 'force_update' + type: Boolean + description: | + If set, allow update to extend the minimum enforced retention for backup vault. This overrides + the restriction against conflicting retention periods. This conflict may occur when the + expiration schedule defined by the associated backup plan is shorter than the minimum + retention set by the backup vault. + min_version: 'beta' + url_param_only: true + default_value: false + - name: 'force_delete' + type: Boolean + description: | + If set, the following restrictions against deletion of the backup vault instance can be overridden: + * deletion of a backup vault instance containing no backups, but still containing empty datasources. + * deletion of a backup vault instance that is being referenced by an active backup plan. + min_version: 'beta' + url_param_only: true + default_value: false + - name: 'allow_missing' + type: Boolean + description: | + Allow idempotent deletion of backup vault. The request will still succeed in case the backup vault does not exist. + min_version: 'beta' + url_param_only: true + default_value: false +properties: + - name: 'name' + type: String + description: 'Output only. Identifier. The resource name. ' + min_version: 'beta' + output: true + - name: 'description' + type: String + description: 'Optional. The description of the BackupVault instance (2048 characters + or less). ' + min_version: 'beta' + - name: 'labels' + type: KeyValueLabels + description: "Optional. Resource labels to represent user provided metadata. " + min_version: 'beta' + - name: 'createTime' + type: String + description: 'Output only. The time when the instance was created. ' + min_version: 'beta' + output: true + - name: 'updateTime' + type: String + description: 'Output only. The time when the instance was updated. ' + min_version: 'beta' + output: true + - name: 'backupMinimumEnforcedRetentionDuration' + type: String + description: "Required. The default and minimum enforced retention for each backup + within the backup vault. The enforced retention for each backup can be extended. " + min_version: 'beta' + required: true + - name: 'deletable' + type: Boolean + description: 'Output only. Set to true when there are no backups nested under this + resource. ' + min_version: 'beta' + output: true + - name: 'etag' + type: String + description: "Optional. Server specified ETag for the backup vault resource to prevent + simultaneous updates from overwiting each other. " + min_version: 'beta' + output: true + - name: 'state' + type: String + description: "Output only. The BackupVault resource instance state. \n + Possible values:\n STATE_UNSPECIFIED\n CREATING\n ACTIVE\n DELETING\n ERROR" + min_version: 'beta' + output: true + - name: 'effectiveTime' + type: String + description: 'Optional. Time after which the BackupVault resource is locked. ' + min_version: 'beta' + - name: 'backupCount' + type: String + description: 'Output only. The number of backups in this backup vault. ' + min_version: 'beta' + output: true + - name: 'serviceAccount' + type: String + description: "Output only. Service account used by the BackupVault Service for this + BackupVault. The user should grant this account permissions in their workload + project to enable the service to run backups and restores there. " + min_version: 'beta' + output: true + - name: 'totalStoredBytes' + type: String + description: 'Output only. Total size of the storage used by all backup resources. ' + min_version: 'beta' + output: true + - name: 'uid' + type: String + description: "Output only. Output only Immutable after resource creation until + resource deletion. " + min_version: 'beta' + output: true + - name: 'annotations' + type: KeyValueAnnotations + description: "Optional. User annotations. See https://google.aip.dev/128#annotations\nStores + small amounts of arbitrary data. " + min_version: 'beta' diff --git a/mmv1/products/backupdr/go_ManagementServer.yaml b/mmv1/products/backupdr/go_ManagementServer.yaml new file mode 100644 index 000000000000..aeec4ec97fd3 --- /dev/null +++ b/mmv1/products/backupdr/go_ManagementServer.yaml @@ -0,0 +1,132 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'ManagementServer' +description: A Backup and DR Management Server (Also referred as Management Console) +min_version: 'beta' +references: + guides: + 'Official Documentation': 'https://cloud.google.com/backup-disaster-recovery/docs' + api: 'https://cloud.google.com/backup-disaster-recovery/docs/deployment/deployment-plan' +docs: +base_url: 'projects/{{project}}/locations/{{location}}/managementServers' +self_link: 'projects/{{project}}/locations/{{location}}/managementServers/{{name}}' +create_url: 'projects/{{project}}/locations/{{location}}/managementServers/?management_server_id={{name}}' +delete_url: 'projects/{{project}}/locations/{{location}}/managementServers/{{name}}' +immutable: true +timeouts: + insert_minutes: 40 + update_minutes: 20 + delete_minutes: 40 +autogen_async: true +async: + actions: ['create', 'delete'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: +examples: + - name: 'backup_dr_management_server' + primary_resource_id: 'ms-console' + min_version: 'beta' + vars: + network_name: 'vpc-network' + managementserver_name: 'ms-console' + test_env_vars: + project: 'PROJECT_NAME' + exclude_test: true +parameters: + - name: 'location' + type: String + description: | + The location for the management server (management console) + min_version: 'beta' + url_param_only: true + required: true + - name: 'name' + type: String + description: |- + The name of management server (management console) + min_version: 'beta' + url_param_only: true + required: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/shortname_to_url.go.tmpl' +properties: + - name: 'type' + type: Enum + description: | + The type of management server (management console). + min_version: 'beta' + default_value: "BACKUP_RESTORE" + enum_values: + - 'BACKUP_RESTORE' + - name: 'networks' + type: Array + description: | + Network details to create management server (management console). + min_version: 'beta' + required: true + item_type: + type: NestedObject + properties: + - name: 'network' + type: String + description: | + Network with format `projects/{{project_id}}/global/networks/{{network_id}}` + min_version: 'beta' + required: true + - name: 'peeringMode' + type: Enum + description: | + Type of Network peeringMode + min_version: 'beta' + default_value: "PRIVATE_SERVICE_ACCESS" + enum_values: + - 'PRIVATE_SERVICE_ACCESS' + ## outputs + - name: 'oauth2ClientId' + type: String + description: | + The oauth2ClientId of management console. + min_version: 'beta' + output: true + - name: 'managementUri' + type: NestedObject + description: |- + The management console URI + min_version: 'beta' + output: true + properties: + - name: 'webUi' + type: String + description: |- + The management console webUi. + min_version: 'beta' + output: true + - name: 'api' + type: String + description: |- + The management console api endpoint. + min_version: 'beta' + output: true diff --git a/mmv1/products/backupdr/go_product.yaml b/mmv1/products/backupdr/go_product.yaml new file mode 100644 index 000000000000..c2a50b6b6705 --- /dev/null +++ b/mmv1/products/backupdr/go_product.yaml @@ -0,0 +1,34 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'BackupDR' +display_name: 'Backup and DR Service' +versions: + - name: 'beta' + base_url: 'https://backupdr.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' +async: + type: "OpAsync" + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' diff --git a/mmv1/products/backupdr/product.yaml b/mmv1/products/backupdr/product.yaml index ca3302aadfdd..65ab61af4109 100644 --- a/mmv1/products/backupdr/product.yaml +++ b/mmv1/products/backupdr/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,33 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: BackupDR +display_name: Backup and DR Service +scopes: + - https://www.googleapis.com/auth/cloud-platform +versions: + - !ruby/object:Api::Product::Version + name: beta + base_url: https://backupdr.googleapis.com/v1/ +async: !ruby/object:Api::OpAsync + actions: ['create', 'delete'] + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error +======= --- name: 'BackupDR' display_name: 'Backup and DR Service' @@ -29,5 +60,6 @@ async: path: 'response' resource_inside_response: true error: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 path: 'error' message: 'message' diff --git a/mmv1/products/beyondcorp/AppConnection.yaml b/mmv1/products/beyondcorp/AppConnection.yaml index 8c84d05b3e8b..339d005dd765 100644 --- a/mmv1/products/beyondcorp/AppConnection.yaml +++ b/mmv1/products/beyondcorp/AppConnection.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,13 +15,56 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +======= --- +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 name: 'AppConnection' description: "A BeyondCorp AppConnection resource represents a BeyondCorp protected AppConnection to a remote application.\nIt creates all the necessary GCP components needed for creating a BeyondCorp protected AppConnection. \nMultiple connectors can be authorised for a single AppConnection.\n" +<<<<<<< HEAD +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/beyondcorp-enterprise/docs/enable-app-connector' + api: 'https://cloud.google.com/beyondcorp/docs/reference/rest#rest-resource:-v1.projects.locations.appconnections' +base_url: projects/{{project}}/locations/{{region}}/appConnections +self_link: projects/{{project}}/locations/{{region}}/appConnections/{{name}} +create_url: projects/{{project}}/locations/{{region}}/appConnections?app_connection_id={{name}} +update_verb: :PATCH +update_mask: true +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + timeouts: !ruby/object:Api::Timeouts + insert_minutes: 30 + update_minutes: 30 + delete_minutes: 30 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +autogen_async: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'beyondcorp_app_connection_basic' + primary_resource_id: 'app_connection' + primary_resource_name: + 'fmt.Sprintf("tf_test_my_app_connection%s", context["random_suffix"])' +======= references: guides: 'Official Documentation': 'https://cloud.google.com/beyondcorp-enterprise/docs/enable-app-connector' @@ -55,19 +102,54 @@ examples: - name: 'beyondcorp_app_connection_basic' primary_resource_id: 'app_connection' primary_resource_name: 'fmt.Sprintf("tf_test_my_app_connection%s", context["random_suffix"])' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: account_id: 'my-account' app_connector_name: 'my-app-connector' app_connection_name: 'my-app-connection' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'beyondcorp_app_connection_full' + primary_resource_id: 'app_connection' + primary_resource_name: + 'fmt.Sprintf("tf_test_my_app_connection%s", context["random_suffix"])' +======= - name: 'beyondcorp_app_connection_full' primary_resource_id: 'app_connection' primary_resource_name: 'fmt.Sprintf("tf_test_my_app_connection%s", context["random_suffix"])' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: account_id: 'my-account' app_gateway_name: 'my-app-gateway' app_connector_name: 'my-app-connector' app_connection_name: 'my-app-connection' display_name: 'some display name' +<<<<<<< HEAD +properties: + - !ruby/object:Api::Type::String + name: 'name' + required: true + immutable: true + description: | + ID of the AppConnection. + url_param_only: true + - !ruby/object:Api::Type::String + name: 'region' + description: | + The region of the AppConnection. + immutable: true + url_param_only: true + - !ruby/object:Api::Type::String + name: 'displayName' + description: | + An arbitrary user-provided name for the AppConnection. + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: | + Resource labels to represent user provided metadata. + - !ruby/object:Api::Type::String + name: 'type' +======= parameters: properties: - name: 'name' @@ -93,17 +175,42 @@ properties: Resource labels to represent user provided metadata. - name: 'type' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The type of network connectivity used by the AppConnection. Refer to https://cloud.google.com/beyondcorp/docs/reference/rest/v1/projects.locations.appConnections#type for a list of possible values. immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'applicationEndpoint' +======= - name: 'applicationEndpoint' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Address of the remote application endpoint for the BeyondCorp AppConnection. required: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'host' + description: | + Hostname or IP address of the remote application endpoint. + required: true + - !ruby/object:Api::Type::Integer + name: 'port' + description: | + Port of the remote application endpoint. + required: true + - !ruby/object:Api::Type::Array + name: connectors + item_type: Api::Type::String + description: | + List of AppConnectors that are authorised to be associated with this AppConnection + - !ruby/object:Api::Type::NestedObject + name: gateway +======= - name: 'host' type: String description: | @@ -122,10 +229,20 @@ properties: type: String - name: 'gateway' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Gateway used by the AppConnection. default_from_api: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'appGateway' + description: | + AppGateway name in following format: projects/{project_id}/locations/{locationId}/appgateways/{gateway_id}. + required: true + - !ruby/object:Api::Type::String + name: 'type' +======= - name: 'appGateway' type: String description: | @@ -133,10 +250,20 @@ properties: required: true - name: 'type' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The type of hosting used by the gateway. Refer to https://cloud.google.com/beyondcorp/docs/reference/rest/v1/projects.locations.appConnections#Type_1 for a list of possible values. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'uri' + description: | + Server-defined URI for this resource. + output: true + - !ruby/object:Api::Type::Integer + name: 'ingressPort' +======= - name: 'uri' type: String description: | @@ -144,6 +271,7 @@ properties: output: true - name: 'ingressPort' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Ingress port reserved on the gateways for this AppConnection, if not specified or zero, the default port is 19443. output: true diff --git a/mmv1/products/beyondcorp/AppConnector.yaml b/mmv1/products/beyondcorp/AppConnector.yaml index 9bcc62c089c5..c21871918f03 100644 --- a/mmv1/products/beyondcorp/AppConnector.yaml +++ b/mmv1/products/beyondcorp/AppConnector.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,7 +15,11 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +======= --- +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 name: 'AppConnector' description: "A BeyondCorp AppConnector resource represents an application facing component @@ -19,6 +27,49 @@ description: is used to establish connectivity between the \nremote enterprise environment and GCP. It initiates connections to the applications and can proxy the \ndata from users over the connection.\n" +<<<<<<< HEAD +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/beyondcorp-enterprise/docs/enable-app-connector' + api: 'https://cloud.google.com/beyondcorp/docs/reference/rest#rest-resource:-v1.projects.locations.appconnectors' +base_url: projects/{{project}}/locations/{{region}}/appConnectors +self_link: projects/{{project}}/locations/{{region}}/appConnectors/{{name}} +create_url: projects/{{project}}/locations/{{region}}/appConnectors?app_connector_id={{name}} +update_verb: :PATCH +update_mask: true +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +autogen_async: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'beyondcorp_app_connector_basic' + primary_resource_id: 'app_connector' + primary_resource_name: + 'fmt.Sprintf("tf_test_my_app_connector%s", context["random_suffix"])' + vars: + app_connector_name: 'my-app-connector' + account_id: 'my-account' + - !ruby/object:Provider::Terraform::Examples + name: 'beyondcorp_app_connector_full' + primary_resource_id: 'app_connector' + primary_resource_name: + 'fmt.Sprintf("tf_test_my_app_connector%s", context["random_suffix"])' +======= references: guides: 'Official Documentation': 'https://cloud.google.com/beyondcorp-enterprise/docs/enable-app-connector' @@ -58,10 +109,37 @@ examples: - name: 'beyondcorp_app_connector_full' primary_resource_id: 'app_connector' primary_resource_name: 'fmt.Sprintf("tf_test_my_app_connector%s", context["random_suffix"])' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: app_connector_name: 'my-app-connector' account_id: 'my-account' display_name: 'some display name' +<<<<<<< HEAD +properties: + - !ruby/object:Api::Type::String + name: 'name' + required: true + immutable: true + description: | + ID of the AppConnector. + url_param_only: true + - !ruby/object:Api::Type::String + name: 'region' + description: | + The region of the AppConnector. + immutable: true + url_param_only: true + - !ruby/object:Api::Type::String + name: 'displayName' + description: | + An arbitrary user-provided name for the AppConnector. + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: | + Resource labels to represent user provided metadata. + - !ruby/object:Api::Type::NestedObject + name: 'principalInfo' +======= parameters: properties: - name: 'name' @@ -87,16 +165,41 @@ properties: Resource labels to represent user provided metadata. - name: 'principalInfo' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Principal information about the Identity of the AppConnector. required: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'serviceAccount' +======= - name: 'serviceAccount' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | ServiceAccount represents a GCP service account. required: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'email' + description: | + Email address of the service account. + required: true + - !ruby/object:Api::Type::Enum + name: 'state' + output: true + description: | + Represents the different states of a AppConnector. + values: + - :STATE_UNSPECIFIED + - :CREATING + - :CREATED + - :UPDATING + - :DELETING + - :DOWN +======= - name: 'email' type: String description: | @@ -114,3 +217,4 @@ properties: - 'UPDATING' - 'DELETING' - 'DOWN' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/beyondcorp/AppGateway.yaml b/mmv1/products/beyondcorp/AppGateway.yaml index e228ec4b3999..cf1d61d9a69d 100644 --- a/mmv1/products/beyondcorp/AppGateway.yaml +++ b/mmv1/products/beyondcorp/AppGateway.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,13 +15,124 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +======= --- +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 name: 'AppGateway' description: "A BeyondCorp AppGateway resource represents a BeyondCorp protected AppGateway to a remote application. It creates \nall the necessary GCP components needed for creating a BeyondCorp protected AppGateway. Multiple connectors can be \n\ authorised for a single AppGateway.\n" +<<<<<<< HEAD +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/beyondcorp-enterprise/docs/enable-app-connector' + api: 'https://cloud.google.com/beyondcorp/docs/reference/rest#rest-resource:-v1.projects.locations.appgateways' +base_url: projects/{{project}}/locations/{{region}}/appGateways +self_link: projects/{{project}}/locations/{{region}}/appGateways/{{name}} +create_url: projects/{{project}}/locations/{{region}}/appGateways?app_gateway_id={{name}} +# This resources is not updatable +immutable: true +schema_version: 1 +state_upgraders: true +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + timeouts: !ruby/object:Api::Timeouts + insert_minutes: 20 + delete_minutes: 20 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +autogen_async: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'beyondcorp_app_gateway_basic' + primary_resource_id: 'app_gateway' + primary_resource_name: + 'fmt.Sprintf("tf_test_my_app_gateway%s", context["random_suffix"])' + vars: + app_gateway_name: 'my-app-gateway' + - !ruby/object:Provider::Terraform::Examples + name: 'beyondcorp_app_gateway_full' + primary_resource_id: 'app_gateway' + primary_resource_name: + 'fmt.Sprintf("tf_test_my_app_gateway%s", context["random_suffix"])' + vars: + app_gateway_name: 'my-app-gateway' + display_name: 'some display name' +properties: + - !ruby/object:Api::Type::String + name: 'name' + required: true + immutable: true + description: | + ID of the AppGateway. + url_param_only: true + - !ruby/object:Api::Type::String + name: 'region' + description: | + The region of the AppGateway. + immutable: true + url_param_only: true + - !ruby/object:Api::Type::Enum + name: 'type' + description: | + The type of network connectivity used by the AppGateway. + values: + - :TYPE_UNSPECIFIED + - :TCP_PROXY + default_value: :TYPE_UNSPECIFIED + - !ruby/object:Api::Type::Enum + name: 'hostType' + description: | + The type of hosting used by the AppGateway. + values: + - :HOST_TYPE_UNSPECIFIED + - :GCP_REGIONAL_MIG + default_value: :HOST_TYPE_UNSPECIFIED + - !ruby/object:Api::Type::String + name: 'displayName' + description: | + An arbitrary user-provided name for the AppGateway. + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: | + Resource labels to represent user provided metadata. + - !ruby/object:Api::Type::Enum + name: 'state' + output: true + description: | + Represents the different states of a AppGateway. + values: + - :STATE_UNSPECIFIED + - :CREATING + - :CREATED + - :UPDATING + - :DELETING + - :DOWN + - !ruby/object:Api::Type::String + name: 'uri' + output: true + description: | + Server-defined URI for this resource. + - !ruby/object:Api::Type::NestedObject + name: 'allocatedConnections' +======= references: guides: 'Official Documentation': 'https://cloud.google.com/beyondcorp-enterprise/docs/enable-app-connector' @@ -123,15 +238,25 @@ properties: output: true - name: 'allocatedConnections' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of connections allocated for the Gateway. output: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'pscUri' + description: | + The PSC uri of an allocated connection. + - !ruby/object:Api::Type::Integer + name: 'ingressPort' +======= - name: 'pscUri' type: String description: | The PSC uri of an allocated connection. - name: 'ingressPort' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The ingress port of an allocated connection. diff --git a/mmv1/products/beyondcorp/go_AppConnection.yaml b/mmv1/products/beyondcorp/go_AppConnection.yaml new file mode 100644 index 000000000000..287bed2319fa --- /dev/null +++ b/mmv1/products/beyondcorp/go_AppConnection.yaml @@ -0,0 +1,150 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'AppConnection' +description: + "A BeyondCorp AppConnection resource represents a BeyondCorp protected + AppConnection to a remote application.\nIt creates all the necessary GCP + components needed for creating a BeyondCorp protected AppConnection. + \nMultiple connectors can be authorised for a single AppConnection.\n" +references: + guides: + 'Official Documentation': 'https://cloud.google.com/beyondcorp-enterprise/docs/enable-app-connector' + api: 'https://cloud.google.com/beyondcorp/docs/reference/rest#rest-resource:-v1.projects.locations.appconnections' +docs: +base_url: 'projects/{{project}}/locations/{{region}}/appConnections' +self_link: 'projects/{{project}}/locations/{{region}}/appConnections/{{name}}' +create_url: 'projects/{{project}}/locations/{{region}}/appConnections?app_connection_id={{name}}' +update_verb: 'PATCH' +update_mask: true +timeouts: + insert_minutes: 30 + update_minutes: 30 + delete_minutes: 30 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + timeouts: + insert_minutes: 30 + update_minutes: 30 + delete_minutes: 30 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: +examples: + - name: 'beyondcorp_app_connection_basic' + primary_resource_id: 'app_connection' + primary_resource_name: 'fmt.Sprintf("tf_test_my_app_connection%s", context["random_suffix"])' + vars: + account_id: 'my-account' + app_connector_name: 'my-app-connector' + app_connection_name: 'my-app-connection' + - name: 'beyondcorp_app_connection_full' + primary_resource_id: 'app_connection' + primary_resource_name: 'fmt.Sprintf("tf_test_my_app_connection%s", context["random_suffix"])' + vars: + account_id: 'my-account' + app_gateway_name: 'my-app-gateway' + app_connector_name: 'my-app-connector' + app_connection_name: 'my-app-connection' + display_name: 'some display name' +parameters: +properties: + - name: 'name' + type: String + description: | + ID of the AppConnection. + url_param_only: true + required: true + immutable: true + - name: 'region' + type: String + description: | + The region of the AppConnection. + url_param_only: true + immutable: true + - name: 'displayName' + type: String + description: | + An arbitrary user-provided name for the AppConnection. + - name: 'labels' + type: KeyValueLabels + description: | + Resource labels to represent user provided metadata. + - name: 'type' + type: String + description: | + The type of network connectivity used by the AppConnection. Refer + to https://cloud.google.com/beyondcorp/docs/reference/rest/v1/projects.locations.appConnections#type + for a list of possible values. + immutable: true + - name: 'applicationEndpoint' + type: NestedObject + description: | + Address of the remote application endpoint for the BeyondCorp AppConnection. + required: true + properties: + - name: 'host' + type: String + description: | + Hostname or IP address of the remote application endpoint. + required: true + - name: 'port' + type: Integer + description: | + Port of the remote application endpoint. + required: true + - name: 'connectors' + type: Array + description: | + List of AppConnectors that are authorised to be associated with this AppConnection + item_type: + type: String + - name: 'gateway' + type: NestedObject + description: | + Gateway used by the AppConnection. + default_from_api: true + properties: + - name: 'appGateway' + type: String + description: | + AppGateway name in following format: projects/{project_id}/locations/{locationId}/appgateways/{gateway_id}. + required: true + - name: 'type' + type: String + description: | + The type of hosting used by the gateway. Refer to + https://cloud.google.com/beyondcorp/docs/reference/rest/v1/projects.locations.appConnections#Type_1 + for a list of possible values. + - name: 'uri' + type: String + description: | + Server-defined URI for this resource. + output: true + - name: 'ingressPort' + type: Integer + description: | + Ingress port reserved on the gateways for this AppConnection, if not specified or zero, the default port is 19443. + output: true diff --git a/mmv1/products/beyondcorp/go_AppConnector.yaml b/mmv1/products/beyondcorp/go_AppConnector.yaml new file mode 100644 index 000000000000..1e322033d474 --- /dev/null +++ b/mmv1/products/beyondcorp/go_AppConnector.yaml @@ -0,0 +1,117 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'AppConnector' +description: + "A BeyondCorp AppConnector resource represents an application facing component + deployed proximal to \nand with direct access to the application instances. It + is used to establish connectivity between the \nremote enterprise environment + and GCP. It initiates connections to the applications and can proxy the \ndata + from users over the connection.\n" +references: + guides: + 'Official Documentation': 'https://cloud.google.com/beyondcorp-enterprise/docs/enable-app-connector' + api: 'https://cloud.google.com/beyondcorp/docs/reference/rest#rest-resource:-v1.projects.locations.appconnectors' +docs: +base_url: 'projects/{{project}}/locations/{{region}}/appConnectors' +self_link: 'projects/{{project}}/locations/{{region}}/appConnectors/{{name}}' +create_url: 'projects/{{project}}/locations/{{region}}/appConnectors?app_connector_id={{name}}' +update_verb: 'PATCH' +update_mask: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: +examples: + - name: 'beyondcorp_app_connector_basic' + primary_resource_id: 'app_connector' + primary_resource_name: 'fmt.Sprintf("tf_test_my_app_connector%s", context["random_suffix"])' + vars: + app_connector_name: 'my-app-connector' + account_id: 'my-account' + - name: 'beyondcorp_app_connector_full' + primary_resource_id: 'app_connector' + primary_resource_name: 'fmt.Sprintf("tf_test_my_app_connector%s", context["random_suffix"])' + vars: + app_connector_name: 'my-app-connector' + account_id: 'my-account' + display_name: 'some display name' +parameters: +properties: + - name: 'name' + type: String + description: | + ID of the AppConnector. + url_param_only: true + required: true + immutable: true + - name: 'region' + type: String + description: | + The region of the AppConnector. + url_param_only: true + immutable: true + - name: 'displayName' + type: String + description: | + An arbitrary user-provided name for the AppConnector. + - name: 'labels' + type: KeyValueLabels + description: | + Resource labels to represent user provided metadata. + - name: 'principalInfo' + type: NestedObject + description: | + Principal information about the Identity of the AppConnector. + required: true + properties: + - name: 'serviceAccount' + type: NestedObject + description: | + ServiceAccount represents a GCP service account. + required: true + properties: + - name: 'email' + type: String + description: | + Email address of the service account. + required: true + - name: 'state' + type: Enum + description: | + Represents the different states of a AppConnector. + output: true + enum_values: + - 'STATE_UNSPECIFIED' + - 'CREATING' + - 'CREATED' + - 'UPDATING' + - 'DELETING' + - 'DOWN' diff --git a/mmv1/products/beyondcorp/go_AppGateway.yaml b/mmv1/products/beyondcorp/go_AppGateway.yaml new file mode 100644 index 000000000000..4e241268ac3d --- /dev/null +++ b/mmv1/products/beyondcorp/go_AppGateway.yaml @@ -0,0 +1,138 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'AppGateway' +description: "A BeyondCorp AppGateway resource represents a BeyondCorp protected + AppGateway to a remote application. It creates \nall the necessary GCP + components needed for creating a BeyondCorp protected AppGateway. Multiple + connectors can be \n\ + authorised for a single AppGateway.\n" +references: + guides: + 'Official Documentation': 'https://cloud.google.com/beyondcorp-enterprise/docs/enable-app-connector' + api: 'https://cloud.google.com/beyondcorp/docs/reference/rest#rest-resource:-v1.projects.locations.appgateways' +docs: +base_url: 'projects/{{project}}/locations/{{region}}/appGateways' +self_link: 'projects/{{project}}/locations/{{region}}/appGateways/{{name}}' +create_url: 'projects/{{project}}/locations/{{region}}/appGateways?app_gateway_id={{name}}' +# This resources is not updatable +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: +schema_version: 1 +state_upgraders: true +examples: + - name: 'beyondcorp_app_gateway_basic' + primary_resource_id: 'app_gateway' + primary_resource_name: 'fmt.Sprintf("tf_test_my_app_gateway%s", context["random_suffix"])' + vars: + app_gateway_name: 'my-app-gateway' + - name: 'beyondcorp_app_gateway_full' + primary_resource_id: 'app_gateway' + primary_resource_name: 'fmt.Sprintf("tf_test_my_app_gateway%s", context["random_suffix"])' + vars: + app_gateway_name: 'my-app-gateway' + display_name: 'some display name' +parameters: +properties: + - name: 'name' + type: String + description: | + ID of the AppGateway. + url_param_only: true + required: true + immutable: true + - name: 'region' + type: String + description: | + The region of the AppGateway. + url_param_only: true + immutable: true + - name: 'type' + type: Enum + description: | + The type of network connectivity used by the AppGateway. + default_value: "TYPE_UNSPECIFIED" + enum_values: + - 'TYPE_UNSPECIFIED' + - 'TCP_PROXY' + - name: 'hostType' + type: Enum + description: | + The type of hosting used by the AppGateway. + default_value: "HOST_TYPE_UNSPECIFIED" + enum_values: + - 'HOST_TYPE_UNSPECIFIED' + - 'GCP_REGIONAL_MIG' + - name: 'displayName' + type: String + description: | + An arbitrary user-provided name for the AppGateway. + - name: 'labels' + type: KeyValueLabels + description: | + Resource labels to represent user provided metadata. + - name: 'state' + type: Enum + description: | + Represents the different states of a AppGateway. + output: true + enum_values: + - 'STATE_UNSPECIFIED' + - 'CREATING' + - 'CREATED' + - 'UPDATING' + - 'DELETING' + - 'DOWN' + - name: 'uri' + type: String + description: | + Server-defined URI for this resource. + output: true + - name: 'allocatedConnections' + type: NestedObject + description: | + A list of connections allocated for the Gateway. + output: true + properties: + - name: 'pscUri' + type: String + description: | + The PSC uri of an allocated connection. + - name: 'ingressPort' + type: Integer + description: | + The ingress port of an allocated connection. diff --git a/mmv1/products/beyondcorp/go_product.yaml b/mmv1/products/beyondcorp/go_product.yaml new file mode 100644 index 000000000000..ff7a934c2034 --- /dev/null +++ b/mmv1/products/beyondcorp/go_product.yaml @@ -0,0 +1,22 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Beyondcorp' +display_name: 'BeyondCorp' +versions: + - name: 'ga' + base_url: 'https://beyondcorp.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/beyondcorp/product.yaml b/mmv1/products/beyondcorp/product.yaml index 947673f83ca1..c6545e0af938 100644 --- a/mmv1/products/beyondcorp/product.yaml +++ b/mmv1/products/beyondcorp/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2022 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -10,6 +14,17 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: Beyondcorp +display_name: BeyondCorp +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://beyondcorp.googleapis.com/v1/ +scopes: + - https://www.googleapis.com/auth/cloud-platform +======= --- name: 'Beyondcorp' @@ -19,3 +34,4 @@ versions: base_url: 'https://beyondcorp.googleapis.com/v1/' scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/biglake/Catalog.yaml b/mmv1/products/biglake/Catalog.yaml index 4d14cc3cd65d..9a1ca90a5595 100644 --- a/mmv1/products/biglake/Catalog.yaml +++ b/mmv1/products/biglake/Catalog.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -12,6 +16,46 @@ # limitations under the License. --- +<<<<<<< HEAD +!ruby/object:Api::Resource +name: "Catalog" +description: | + Catalogs are top-level containers for Databases and Tables. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + "Manage open source metadata with BigLake Metastore": "https://cloud.google.com/bigquery/docs/manage-open-source-metadata#create_catalogs" + api: "https://cloud.google.com/bigquery/docs/reference/biglake/rest/v1/projects.locations.catalogs" +base_url: "projects/{{project}}/locations/{{location}}/catalogs" +self_link: "projects/{{project}}/locations/{{location}}/catalogs/{{name}}" +immutable: true +create_url: "projects/{{project}}/locations/{{location}}/catalogs?catalogId={{name}}" +examples: + - !ruby/object:Provider::Terraform::Examples + name: "bigquery_biglake_catalog" + primary_resource_id: "default" + vars: + name: "my_catalog" +parameters: + - !ruby/object:Api::Type::String + name: "location" + required: true + immutable: true + url_param_only: true + description: | + The geographic location where the Catalog should reside. + - !ruby/object:Api::Type::String + name: "name" + required: true + immutable: true + url_param_only: true + description: | + The name of the Catalog. Format: + projects/{project_id_or_number}/locations/{locationId}/catalogs/{catalogId} +properties: + - !ruby/object:Api::Type::String + name: "createTime" + output: true +======= name: 'Catalog' description: | Catalogs are top-level containers for Databases and Tables. @@ -53,30 +97,52 @@ parameters: properties: - name: 'createTime' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Output only. The creation time of the catalog. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: "updateTime" + output: true +======= output: true - name: 'updateTime' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Output only. The last modification time of the catalog. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: "deleteTime" + output: true +======= output: true - name: 'deleteTime' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Output only. The deletion time of the catalog. Only set after the catalog is deleted. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: "expireTime" + output: true +======= output: true - name: 'expireTime' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Output only. The time when this catalog is considered expired. Only set after the catalog is deleted. Only set after the catalog is deleted. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. +<<<<<<< HEAD +======= output: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/biglake/Database.yaml b/mmv1/products/biglake/Database.yaml index 911f9f52a8c5..218a569e54ee 100644 --- a/mmv1/products/biglake/Database.yaml +++ b/mmv1/products/biglake/Database.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -12,6 +16,49 @@ # limitations under the License. --- +<<<<<<< HEAD +!ruby/object:Api::Resource +name: "Database" +description: | + Databases are containers of tables. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + "Manage open source metadata with BigLake Metastore": "https://cloud.google.com/bigquery/docs/manage-open-source-metadata#create_databases" + api: "https://cloud.google.com/bigquery/docs/reference/biglake/rest/v1/projects.locations.catalogs.databases" +base_url: "{{catalog}}/databases" +self_link: "{{catalog}}/databases/{{name}}" +create_url: "{{catalog}}/databases?databaseId={{name}}" +id_format: "{{catalog}}/databases/{{name}}" +import_format: ["{{%catalog}}/databases/{{name}}"] +update_mask: true +update_verb: :PATCH +examples: + - !ruby/object:Provider::Terraform::Examples + name: "biglake_database" + primary_resource_id: "database" + vars: + name: "my_database" + catalog_id: "my_catalog" + bucket_id: "my_bucket" +parameters: + - !ruby/object:Api::Type::String + name: "catalog" + required: true + immutable: true + url_param_only: true + description: | + The parent catalog. + - !ruby/object:Api::Type::String + name: "name" + required: true + immutable: true + url_param_only: true + description: | + The name of the database. +properties: + - !ruby/object:Api::Type::String + name: "createTime" +======= name: 'Database' description: | Databases are containers of tables. @@ -58,36 +105,72 @@ parameters: properties: - name: 'createTime' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Output only. The creation time of the database. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: "updateTime" +======= - name: 'updateTime' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Output only. The last modification time of the database. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: "deleteTime" +======= - name: 'deleteTime' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Output only. The deletion time of the database. Only set after the database is deleted. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: "expireTime" +======= - name: 'expireTime' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Output only. The time when this database is considered expired. Only set after the database is deleted. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". output: true +<<<<<<< HEAD + + - !ruby/object:Api::Type::String + name: "type" + required: true + description: | + The database type. + - !ruby/object:Api::Type::NestedObject + name: "hiveOptions" + required: true + description: | + Options of a Hive database. + properties: + - !ruby/object:Api::Type::String + name: "locationUri" + description: | + Cloud Storage folder URI where the database data is stored, starting with "gs://". + - !ruby/object:Api::Type::KeyValuePairs + name: "parameters" +======= - name: 'type' type: String description: | @@ -105,6 +188,7 @@ properties: Cloud Storage folder URI where the database data is stored, starting with "gs://". - name: 'parameters' type: KeyValuePairs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Stores user supplied Hive database parameters. An object containing a list of"key": value pairs. diff --git a/mmv1/products/biglake/Table.yaml b/mmv1/products/biglake/Table.yaml index cd8376bddf49..07230c9c9a55 100644 --- a/mmv1/products/biglake/Table.yaml +++ b/mmv1/products/biglake/Table.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -12,6 +16,51 @@ # limitations under the License. --- +<<<<<<< HEAD +!ruby/object:Api::Resource +name: "Table" +description: | + Represents a table. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + "Manage open source metadata with BigLake Metastore": "https://cloud.google.com/bigquery/docs/manage-open-source-metadata#create_tables" + api: "https://cloud.google.com/bigquery/docs/reference/biglake/rest/v1/projects.locations.catalogs.databases.tables" +base_url: "{{database}}/tables" +self_link: "{{database}}/tables/{{name}}" +create_url: "{{database}}/tables?tableId={{name}}" +id_format: "{{database}}/tables/{{name}}" +import_format: ["{{%database}}/tables/{{name}}"] +update_verb: :PATCH +update_mask: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: "biglake_table" + primary_resource_id: "table" + vars: + name: "my_table" + catalog: "my_catalog" + database: "my_database" + bucket: "my_bucket" + +parameters: + - !ruby/object:Api::Type::String + name: "name" + required: true + immutable: true + url_param_only: true + description: | + Output only. The name of the Table. Format: + projects/{project_id_or_number}/locations/{locationId}/catalogs/{catalogId}/databases/{databaseId}/tables/{tableId} + - !ruby/object:Api::Type::String + name: "database" + immutable: true + url_param_only: true + description: | + The id of the parent database. +properties: + - !ruby/object:Api::Type::String + name: "createTime" +======= name: 'Table' description: | Represents a table. @@ -59,44 +108,81 @@ parameters: properties: - name: 'createTime' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Output only. The creation time of the table. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: "updateTime" +======= - name: 'updateTime' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Output only. The last modification time of the table. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: "deleteTime" +======= - name: 'deleteTime' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Output only. The deletion time of the table. Only set after the table is deleted. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: "expireTime" +======= - name: 'expireTime' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Output only. The time when this table is considered expired. Only set after the table is deleted. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: "etag" +======= - name: 'etag' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The checksum of a table object computed by the server based on the value of other fields. It may be sent on update requests to ensure the client has an up-to-date value before proceeding. It is only checked for update table operations. output: true +<<<<<<< HEAD + + - !ruby/object:Api::Type::Enum + name: "type" + description: | + The database type. + values: + - :HIVE + - !ruby/object:Api::Type::NestedObject + name: "hiveOptions" + description: | + Options of a Hive table. + properties: + - !ruby/object:Api::Type::KeyValuePairs + name: "parameters" +======= - name: 'type' type: Enum description: | @@ -110,10 +196,32 @@ properties: properties: - name: 'parameters' type: KeyValuePairs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Stores user supplied Hive table parameters. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: "tableType" + description: | + Hive table type. For example, MANAGED_TABLE, EXTERNAL_TABLE. + - !ruby/object:Api::Type::NestedObject + name: "storageDescriptor" + description: | + Stores physical storage information on the data. + properties: + - !ruby/object:Api::Type::String + name: "locationUri" + description: | + Cloud Storage folder URI where the table data is stored, starting with "gs://". + - !ruby/object:Api::Type::String + name: "inputFormat" + description: | + The fully qualified Java class name of the input format. + - !ruby/object:Api::Type::String + name: "outputFormat" +======= - name: 'tableType' type: String description: | @@ -133,5 +241,6 @@ properties: The fully qualified Java class name of the input format. - name: 'outputFormat' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The fully qualified Java class name of the output format. diff --git a/mmv1/products/biglake/go_Catalog.yaml b/mmv1/products/biglake/go_Catalog.yaml new file mode 100644 index 000000000000..de624f1fa61d --- /dev/null +++ b/mmv1/products/biglake/go_Catalog.yaml @@ -0,0 +1,83 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Catalog' +description: | + Catalogs are top-level containers for Databases and Tables. +references: + guides: + 'Manage open source metadata with BigLake Metastore': 'https://cloud.google.com/bigquery/docs/manage-open-source-metadata#create_catalogs' + api: 'https://cloud.google.com/bigquery/docs/reference/biglake/rest/v1/projects.locations.catalogs' +docs: +base_url: 'projects/{{project}}/locations/{{location}}/catalogs' +self_link: 'projects/{{project}}/locations/{{location}}/catalogs/{{name}}' +create_url: 'projects/{{project}}/locations/{{location}}/catalogs?catalogId={{name}}' +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: +examples: + - name: 'bigquery_biglake_catalog' + primary_resource_id: 'default' + vars: + name: 'my_catalog' +parameters: + - name: 'location' + type: String + description: | + The geographic location where the Catalog should reside. + url_param_only: true + required: true + immutable: true + - name: 'name' + type: String + description: | + The name of the Catalog. Format: + projects/{project_id_or_number}/locations/{locationId}/catalogs/{catalogId} + url_param_only: true + required: true + immutable: true +properties: + - name: 'createTime' + type: String + description: | + Output only. The creation time of the catalog. A timestamp in RFC3339 UTC + "Zulu" format, with nanosecond resolution and up to nine fractional + digits. + output: true + - name: 'updateTime' + type: String + description: | + Output only. The last modification time of the catalog. A timestamp in + RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine + fractional digits. + output: true + - name: 'deleteTime' + type: String + description: | + Output only. The deletion time of the catalog. Only set after the catalog + is deleted. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond + resolution and up to nine fractional digits. + output: true + - name: 'expireTime' + type: String + description: | + Output only. The time when this catalog is considered expired. Only set + after the catalog is deleted. Only set after the catalog is deleted. + A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and + up to nine fractional digits. + output: true diff --git a/mmv1/products/biglake/go_Database.yaml b/mmv1/products/biglake/go_Database.yaml new file mode 100644 index 000000000000..a7d294804377 --- /dev/null +++ b/mmv1/products/biglake/go_Database.yaml @@ -0,0 +1,112 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Database' +description: | + Databases are containers of tables. +references: + guides: + 'Manage open source metadata with BigLake Metastore': 'https://cloud.google.com/bigquery/docs/manage-open-source-metadata#create_databases' + api: 'https://cloud.google.com/bigquery/docs/reference/biglake/rest/v1/projects.locations.catalogs.databases' +docs: +id_format: '{{catalog}}/databases/{{name}}' +base_url: '{{catalog}}/databases' +self_link: '{{catalog}}/databases/{{name}}' +create_url: '{{catalog}}/databases?databaseId={{name}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - '{{%catalog}}/databases/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: +examples: + - name: 'biglake_database' + primary_resource_id: 'database' + vars: + name: 'my_database' + catalog_id: 'my_catalog' + bucket_id: 'my_bucket' +parameters: + - name: 'catalog' + type: String + description: | + The parent catalog. + url_param_only: true + required: true + immutable: true + - name: 'name' + type: String + description: | + The name of the database. + url_param_only: true + required: true + immutable: true +properties: + - name: 'createTime' + type: String + description: | + Output only. The creation time of the database. A timestamp in RFC3339 + UTC "Zulu" format, with nanosecond resolution and up to nine fractional + digits. Examples: "2014-10-02T15:01:23Z" and + "2014-10-02T15:01:23.045123456Z". + output: true + - name: 'updateTime' + type: String + description: | + Output only. The last modification time of the database. A timestamp in + RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine + fractional digits. Examples: "2014-10-02T15:01:23Z" and + "2014-10-02T15:01:23.045123456Z". + output: true + - name: 'deleteTime' + type: String + description: | + Output only. The deletion time of the database. Only set after the + database is deleted. A timestamp in RFC3339 UTC "Zulu" format, with + nanosecond resolution and up to nine fractional digits. Examples: + "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + output: true + - name: 'expireTime' + type: String + description: | + Output only. The time when this database is considered expired. Only set + after the database is deleted. A timestamp in RFC3339 UTC "Zulu" format, + with nanosecond resolution and up to nine fractional digits. Examples: + "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + output: true + - name: 'type' + type: String + description: | + The database type. + required: true + - name: 'hiveOptions' + type: NestedObject + description: | + Options of a Hive database. + required: true + properties: + - name: 'locationUri' + type: String + description: | + Cloud Storage folder URI where the database data is stored, starting with "gs://". + - name: 'parameters' + type: KeyValuePairs + description: | + Stores user supplied Hive database parameters. An object containing a + list of"key": value pairs. + Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. diff --git a/mmv1/products/biglake/go_Table.yaml b/mmv1/products/biglake/go_Table.yaml new file mode 100644 index 000000000000..e7d6f241501d --- /dev/null +++ b/mmv1/products/biglake/go_Table.yaml @@ -0,0 +1,138 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Table' +description: | + Represents a table. +references: + guides: + 'Manage open source metadata with BigLake Metastore': 'https://cloud.google.com/bigquery/docs/manage-open-source-metadata#create_tables' + api: 'https://cloud.google.com/bigquery/docs/reference/biglake/rest/v1/projects.locations.catalogs.databases.tables' +docs: +id_format: '{{database}}/tables/{{name}}' +base_url: '{{database}}/tables' +self_link: '{{database}}/tables/{{name}}' +create_url: '{{database}}/tables?tableId={{name}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - '{{%database}}/tables/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: +examples: + - name: 'biglake_table' + primary_resource_id: 'table' + vars: + name: 'my_table' + catalog: 'my_catalog' + database: 'my_database' + bucket: 'my_bucket' +parameters: + - name: 'name' + type: String + description: | + Output only. The name of the Table. Format: + projects/{project_id_or_number}/locations/{locationId}/catalogs/{catalogId}/databases/{databaseId}/tables/{tableId} + url_param_only: true + required: true + immutable: true + - name: 'database' + type: String + description: | + The id of the parent database. + url_param_only: true + immutable: true +properties: + - name: 'createTime' + type: String + description: | + Output only. The creation time of the table. A timestamp in RFC3339 UTC + "Zulu" format, with nanosecond resolution and up to nine fractional + digits. Examples: "2014-10-02T15:01:23Z" and + "2014-10-02T15:01:23.045123456Z". + output: true + - name: 'updateTime' + type: String + description: | + Output only. The last modification time of the table. A timestamp in + RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine + fractional digits. Examples: "2014-10-02T15:01:23Z" and + "2014-10-02T15:01:23.045123456Z". + output: true + - name: 'deleteTime' + type: String + description: | + Output only. The deletion time of the table. Only set after the + table is deleted. A timestamp in RFC3339 UTC "Zulu" format, with + nanosecond resolution and up to nine fractional digits. Examples: + "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + output: true + - name: 'expireTime' + type: String + description: | + Output only. The time when this table is considered expired. Only set + after the table is deleted. A timestamp in RFC3339 UTC "Zulu" format, + with nanosecond resolution and up to nine fractional digits. Examples: + "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + output: true + - name: 'etag' + type: String + description: | + The checksum of a table object computed by the server based on the value + of other fields. It may be sent on update requests to ensure the client + has an up-to-date value before proceeding. It is only checked for update + table operations. + output: true + - name: 'type' + type: Enum + description: | + The database type. + enum_values: + - 'HIVE' + - name: 'hiveOptions' + type: NestedObject + description: | + Options of a Hive table. + properties: + - name: 'parameters' + type: KeyValuePairs + description: | + Stores user supplied Hive table parameters. An object containing a + list of "key": value pairs. + Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. + - name: 'tableType' + type: String + description: | + Hive table type. For example, MANAGED_TABLE, EXTERNAL_TABLE. + - name: 'storageDescriptor' + type: NestedObject + description: | + Stores physical storage information on the data. + properties: + - name: 'locationUri' + type: String + description: | + Cloud Storage folder URI where the table data is stored, starting with "gs://". + - name: 'inputFormat' + type: String + description: | + The fully qualified Java class name of the input format. + - name: 'outputFormat' + type: String + description: | + The fully qualified Java class name of the output format. diff --git a/mmv1/products/biglake/go_product.yaml b/mmv1/products/biglake/go_product.yaml new file mode 100644 index 000000000000..d60030540160 --- /dev/null +++ b/mmv1/products/biglake/go_product.yaml @@ -0,0 +1,22 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Biglake' +display_name: 'Biglake' +versions: + - name: 'ga' + base_url: 'https://biglake.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/bigquery' diff --git a/mmv1/products/biglake/product.yaml b/mmv1/products/biglake/product.yaml index ace0ecd93f81..0176365e6561 100644 --- a/mmv1/products/biglake/product.yaml +++ b/mmv1/products/biglake/product.yaml @@ -1,4 +1,13 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= +<<<<<<<< HEAD:mmv1/templates/terraform/decoders/network_endpoint.go.erb +<%# The license inside this block applies to this file. +# Copyright 2017 Google Inc. +======== # Copyright 2024 Google Inc. +>>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856:mmv1/products/biglake/product.yaml +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -10,7 +19,28 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- +!ruby/object:Api::Product +name: Biglake +display_name: Biglake +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://biglake.googleapis.com/v1/ +scopes: + - https://www.googleapis.com/auth/bigquery +======= +-%> +v, ok := res["networkEndpoint"] +if !ok || v == nil { + return res, nil +} + +<<<<<<<< HEAD:mmv1/templates/terraform/decoders/network_endpoint.go.erb +return v.(map[string]interface{}), nil +======== --- name: 'Biglake' display_name: 'Biglake' @@ -19,3 +49,5 @@ versions: base_url: 'https://biglake.googleapis.com/v1/' scopes: - 'https://www.googleapis.com/auth/bigquery' +>>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856:mmv1/products/biglake/product.yaml +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/bigquery/Dataset.yaml b/mmv1/products/bigquery/Dataset.yaml index 35597b1f2913..4fd9bec31341 100644 --- a/mmv1/products/bigquery/Dataset.yaml +++ b/mmv1/products/bigquery/Dataset.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,26 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Dataset' +kind: 'bigquery#dataset' +base_url: projects/{{project}}/datasets +self_link: projects/{{project}}/datasets/{{dataset_id}} +has_self_link: true +description: | + Datasets allow you to organize and control access to your tables. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Datasets Intro': 'https://cloud.google.com/bigquery/docs/datasets-intro' + api: 'https://cloud.google.com/bigquery/docs/reference/rest/v2/datasets' +import_format: ['projects/{{project}}/datasets/{{dataset_id}}'] +delete_url: projects/{{project}}/datasets/{{dataset_id}}?deleteContents={{delete_contents_on_destroy}} +skip_sweeper: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_dataset_basic' +======= --- name: 'Dataset' kind: 'bigquery#dataset' @@ -40,10 +64,23 @@ custom_code: exclude_sweeper: true examples: - name: 'bigquery_dataset_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'dataset' vars: dataset_id: 'example_dataset' account_name: 'bqowner' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_dataset_with_max_time_travel_hours' + primary_resource_id: 'dataset' + skip_docs: true + vars: + dataset_id: 'example_dataset' + account_name: 'bqowner' + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_dataset_cmek' + skip_test: true +======= - name: 'bigquery_dataset_with_max_time_travel_hours' primary_resource_id: 'dataset' vars: @@ -51,25 +88,71 @@ examples: account_name: 'bqowner' exclude_docs: true - name: 'bigquery_dataset_cmek' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'dataset' vars: dataset_id: 'example_dataset' key_name: 'example-key' keyring_name: 'example-keyring' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_dataset_authorized_dataset' +======= exclude_test: true - name: 'bigquery_dataset_authorized_dataset' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'dataset' vars: private: 'private' public: 'public' account_name: 'bqowner' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_dataset_authorized_routine' +======= - name: 'bigquery_dataset_authorized_routine' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'private' vars: private_dataset: 'private_dataset' public_dataset: 'public_dataset' public_routine: 'public_routine' test_env_vars: +<<<<<<< HEAD + service_account: :SERVICE_ACCT + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_dataset_case_insensitive_names' + primary_resource_id: 'dataset' + skip_docs: true + vars: + dataset_id: 'example_dataset' + account_name: 'bqowner' + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_dataset_default_collation_set' + primary_resource_id: 'dataset' + skip_docs: true + vars: + dataset_id: 'example_dataset' + account_name: 'bqowner' + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_dataset_external_reference_aws_test' + primary_resource_id: 'dataset' + skip_docs: true + vars: + dataset_id: 'example_dataset' + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_dataset_external_reference_aws' + primary_resource_id: 'dataset' + skip_test: true + vars: + dataset_id: 'example_dataset' + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_dataset_resource_tags' + primary_resource_id: 'dataset' + primary_resource_name: + 'fmt.Sprintf("tf_test_dataset%s", context["random_suffix"])' + skip_docs: true +======= service_account: 'SERVICE_ACCT' - name: 'bigquery_dataset_case_insensitive_names' primary_resource_id: 'dataset' @@ -96,29 +179,70 @@ examples: - name: 'bigquery_dataset_resource_tags' primary_resource_id: 'dataset' primary_resource_name: 'fmt.Sprintf("tf_test_dataset%s", context["random_suffix"])' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: dataset_id: 'dataset' tag_key1: 'tag_key1' tag_value1: 'tag_value1' tag_key2: 'tag_key2' tag_value2: 'tag_value2' +<<<<<<< HEAD +virtual_fields: + - !ruby/object:Api::Type::Boolean + name: 'delete_contents_on_destroy' + default_value: false +======= exclude_docs: true virtual_fields: - name: 'delete_contents_on_destroy' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If set to `true`, delete all the tables in the dataset when destroying the resource; otherwise, destroying the resource will fail if tables are present. +<<<<<<< HEAD +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: templates/terraform/constants/bigquery_dataset.go.erb +docs: !ruby/object:Provider::Terraform::Docs + warning: | + You must specify the role field using the legacy format `OWNER` instead of `roles/bigquery.dataOwner`. + The API does accept both formats but it will always return the legacy format which results in Terraform + showing permanent diff on each plan and apply operation. +properties: + - !ruby/object:Api::Type::String + name: 'maxTimeTravelHours' +======= type: Boolean default_value: false parameters: properties: - name: 'maxTimeTravelHours' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: 'Defines the time travel window in hours. The value can be from 48 to 168 hours (2 to 7 days).' default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'access' + description: + 'An array of objects that define dataset access for one or more entities.' + default_from_api: true + is_set: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'domain' + description: | + A domain to grant access to. Any users signed in with the + domain specified will be granted the specified access + - !ruby/object:Api::Type::String + name: 'groupByEmail' + description: An email address of a Google Group to grant access to. + - !ruby/object:Api::Type::String + name: 'role' +======= - name: 'access' type: Array description: @@ -138,20 +262,40 @@ properties: description: An email address of a Google Group to grant access to. - name: 'role' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Describes the rights granted to the user specified by the other member of the access object. Basic, predefined, and custom roles are supported. Predefined roles that have equivalent basic roles are swapped by the API to their basic counterparts. See [official docs](https://cloud.google.com/bigquery/docs/access-control). +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'specialGroup' +======= - name: 'specialGroup' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A special group to grant access to. Possible values include: * `projectOwners`: Owners of the enclosing project. * `projectReaders`: Readers of the enclosing project. * `projectWriters`: Writers of the enclosing project. * `allAuthenticatedUsers`: All authenticated BigQuery users. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'iamMember' + description: | + Some other type of member that appears in the IAM Policy but isn't a user, + group, domain, or special group. For example: `allUsers` + - !ruby/object:Api::Type::String + name: 'userByEmail' + description: | + An email address of a user to grant access to. For example: + fred@example.com + - !ruby/object:Api::Type::NestedObject + name: 'view' +======= - name: 'iamMember' type: String description: | @@ -164,6 +308,7 @@ properties: fred@example.com - name: 'view' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A view from a different dataset to grant access to. Queries executed against that view will have read access to tables in @@ -171,6 +316,18 @@ properties: set. If that view is updated by any user, access to the view needs to be granted again via an update operation. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'datasetId' + description: The ID of the dataset containing this table. + required: true + - !ruby/object:Api::Type::String + name: 'projectId' + description: The ID of the project containing this table. + required: true + - !ruby/object:Api::Type::String + name: 'tableId' +======= - name: 'datasetId' type: String description: The ID of the dataset containing this table. @@ -181,11 +338,42 @@ properties: required: true - name: 'tableId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The ID of the table. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 1,024 characters. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'dataset' + description: | + Grants all resources of particular types in a particular dataset read access to the current dataset. + properties: + - !ruby/object:Api::Type::NestedObject + name: 'dataset' + required: true + description: | + The dataset this entry applies to + properties: + - !ruby/object:Api::Type::String + name: 'datasetId' + description: The ID of the dataset containing this table. + required: true + - !ruby/object:Api::Type::String + name: 'projectId' + description: The ID of the project containing this table. + required: true + - !ruby/object:Api::Type::Array + name: 'targetTypes' + description: | + Which resources in the dataset this entry applies to. Currently, only views are supported, + but additional target types may be added in the future. Possible values: VIEWS + item_type: Api::Type::String + required: true + - !ruby/object:Api::Type::NestedObject + name: 'routine' +======= - name: 'dataset' type: NestedObject description: | @@ -215,6 +403,7 @@ properties: type: String - name: 'routine' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A routine from a different dataset to grant access to. Queries executed against that routine will have read access to tables in @@ -222,6 +411,18 @@ properties: set. If that routine is updated by any user, access to the routine needs to be granted again via an update operation. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'datasetId' + description: The ID of the dataset containing this table. + required: true + - !ruby/object:Api::Type::String + name: 'projectId' + description: The ID of the project containing this table. + required: true + - !ruby/object:Api::Type::String + name: 'routineId' +======= - name: 'datasetId' type: String description: The ID of the dataset containing this table. @@ -232,11 +433,22 @@ properties: required: true - name: 'routineId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The ID of the routine. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 256 characters. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'creationTime' + output: true + description: | + The time when this dataset was created, in milliseconds since the + epoch. + - !ruby/object:Api::Type::NestedObject + name: 'datasetReference' +======= - name: 'creationTime' type: Integer description: | @@ -245,23 +457,36 @@ properties: output: true - name: 'datasetReference' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: 'A reference that identifies the dataset.' required: true immutable: true flatten_object: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'datasetId' +======= - name: 'datasetId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A unique ID for this dataset, without the project name. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 1,024 characters. required: true immutable: true +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + function: 'validateDatasetId' + - !ruby/object:Api::Type::Integer + name: 'defaultTableExpirationMs' +======= validation: function: 'validateDatasetId' - name: 'defaultTableExpirationMs' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The default lifetime of all tables in the dataset, in milliseconds. The minimum value is 3600000 milliseconds (one hour). @@ -274,10 +499,17 @@ properties: table expires, or if you provide an explicit `expirationTime` when creating a table, that value takes precedence over the default expiration time indicated by this property. +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + function: 'validateDefaultTableExpirationMs' + - !ruby/object:Api::Type::Integer + name: 'defaultPartitionExpirationMs' +======= validation: function: 'validateDefaultTableExpirationMs' - name: 'defaultPartitionExpirationMs' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The default partition expiration for all partitioned tables in the dataset, in milliseconds. @@ -292,6 +524,18 @@ properties: table. If you provide an explicit `timePartitioning.expirationMs` when creating or updating a partitioned table, that value takes precedence over the default partition expiration time indicated by this property. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'description' + description: A user-friendly description of the dataset + - !ruby/object:Api::Type::String + name: 'etag' + description: | + A hash of the resource. + output: true + - !ruby/object:Api::Type::NestedObject + name: 'externalDatasetReference' +======= - name: 'description' type: String description: A user-friendly description of the dataset @@ -302,23 +546,47 @@ properties: output: true - name: 'externalDatasetReference' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Information about the external metadata storage where the dataset is defined. immutable: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'externalSource' +======= - name: 'externalSource' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | External source that backs this dataset. required: true immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'connection' +======= - name: 'connection' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The connection id that is used to access the externalSource. Format: projects/{projectId}/locations/{locationId}/connections/{connectionId} required: true immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'friendlyName' + description: A descriptive name for the dataset + send_empty_value: true + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: | + The labels associated with this dataset. You can use these to + organize and group your datasets. + - !ruby/object:Api::Type::Integer + name: 'lastModifiedTime' +======= - name: 'friendlyName' type: String description: A descriptive name for the dataset @@ -330,12 +598,18 @@ properties: organize and group your datasets. - name: 'lastModifiedTime' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The date when this dataset or any of its tables was last modified, in milliseconds since the epoch. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'location' +======= - name: 'location' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The geographic location where the dataset should reside. See [official docs](https://cloud.google.com/bigquery/docs/dataset-locations). @@ -345,33 +619,58 @@ properties: contains at least two geographic places. The default value is multi-regional location `US`. Changing this forces a new resource to be created. +<<<<<<< HEAD + default_value: US + immutable: true + custom_flatten: templates/terraform/custom_flatten/bigquery_dataset_location.go.erb + diff_suppress_func: 'tpgresource.CaseDiffSuppress' + - !ruby/object:Api::Type::NestedObject + name: 'defaultEncryptionConfiguration' +======= immutable: true diff_suppress_func: 'tpgresource.CaseDiffSuppress' custom_flatten: 'templates/terraform/custom_flatten/bigquery_dataset_location.go.tmpl' default_value: "US" - name: 'defaultEncryptionConfiguration' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The default encryption key for all tables in the dataset. Once this property is set, all newly-created partitioned tables in the dataset will have encryption key set to this value, unless table creation request (or query) overrides the key. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'kmsKeyName' + required: true +======= - name: 'kmsKeyName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Describes the Cloud KMS encryption key that will be used to protect destination BigQuery table. The BigQuery Service Account associated with your project requires access to this encryption key. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'isCaseInsensitive' +======= required: true - name: 'isCaseInsensitive' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | TRUE if the dataset and its table names are case-insensitive, otherwise FALSE. By default, this is FALSE, which means the dataset and its table names are case-sensitive. This field does not affect routine references. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'defaultCollation' +======= - name: 'defaultCollation' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Defines the default collation specification of future tables created in the dataset. If a table is created in this dataset without table-level @@ -384,8 +683,13 @@ properties: - 'und:ci': undetermined locale, case insensitive. - '': empty string. Default to case-sensitive behavior. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'storageBillingModel' +======= - name: 'storageBillingModel' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the storage billing model for the dataset. Set this flag value to LOGICAL to use logical bytes for storage billing, @@ -393,8 +697,13 @@ properties: LOGICAL is the default if this flag isn't specified. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::KeyValuePairs + name: 'resourceTags' +======= - name: 'resourceTags' type: KeyValuePairs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for example "123456789012/environment" where 123456789012 is the diff --git a/mmv1/products/bigquery/DatasetAccess.yaml b/mmv1/products/bigquery/DatasetAccess.yaml index 60b58b49e6df..06bfaefe6160 100644 --- a/mmv1/products/bigquery/DatasetAccess.yaml +++ b/mmv1/products/bigquery/DatasetAccess.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,19 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'DatasetAccess' +immutable: true +base_url: projects/{{project}}/datasets/{{dataset_id}} +self_link: projects/{{project}}/datasets/{{dataset_id}} +create_verb: :PATCH +delete_verb: :PATCH +nested_query: !ruby/object:Api::Resource::NestedQuery + keys: + - access + modify_by_patch: true +======= --- name: 'DatasetAccess' description: | @@ -42,6 +59,7 @@ timeouts: insert_minutes: 20 update_minutes: 20 delete_minutes: 20 +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 identity: - role - userByEmail @@ -52,6 +70,30 @@ identity: - view - dataset - routine +<<<<<<< HEAD +description: | + Gives dataset access for a single entity. This resource is intended to be used in cases where + it is not possible to compile a full list of access blocks to include in a + `google_bigquery_dataset` resource, to enable them to be added separately. + + ~> **Note:** If this resource is used alongside a `google_bigquery_dataset` resource, the + dataset resource must either have no defined `access` blocks or a `lifecycle` block with + `ignore_changes = [access]` so they don't fight over which accesses should be on the dataset. + Additionally, both resource cannot be modified in the same apply. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Controlling access to datasets': 'https://cloud.google.com/bigquery/docs/dataset-access-controls' + api: 'https://cloud.google.com/bigquery/docs/reference/rest/v2/datasets' +exclude_import: true +skip_sweeper: true +exclude_tgc: true +error_retry_predicates: ['transport_tpg.IsBigqueryIAMQuotaError'] +mutex: '{{dataset_id}}' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_dataset_access_basic_user' + skip_test: true # not importable +======= nested_query: keys: - access @@ -68,47 +110,87 @@ error_retry_predicates: - 'transport_tpg.IsBigqueryIAMQuotaError' examples: - name: 'bigquery_dataset_access_basic_user' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'access' vars: dataset_id: 'example_dataset' account_name: 'bqowner' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_dataset_access_view' + skip_test: true # not importable +======= # not importable exclude_test: true - name: 'bigquery_dataset_access_view' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'access' vars: dataset_id: 'example_dataset' dataset_id2: 'example_dataset2' table_id: 'example_table' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_dataset_access_authorized_dataset' + skip_test: true # not importable +======= # not importable exclude_test: true - name: 'bigquery_dataset_access_authorized_dataset' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'access' vars: private: 'private' public: 'public' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_dataset_access_authorized_routine' + skip_test: true # not importable + primary_resource_type: 'google_bigquery_dataset_access' +======= # not importable exclude_test: true - name: 'bigquery_dataset_access_authorized_routine' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'authorized_routine' vars: private_dataset: 'private_dataset' public_dataset: 'public_dataset' public_routine: 'public_routine' +<<<<<<< HEAD +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: templates/terraform/constants/bigquery_dataset_access.go.erb + post_create: templates/terraform/post_create/bigquery_dataset_access.go.erb + extra_schema_entry: templates/terraform/extra_schema_entry/bigquery_dataset_access.go.erb +docs: !ruby/object:Provider::Terraform::Docs + warning: | + You must specify the role field using the legacy format `OWNER` instead of `roles/bigquery.dataOwner`. + The API does accept both formats but it will always return the legacy format which results in Terraform + showing permanent diff on each plan and apply operation. +properties: + - !ruby/object:Api::Type::String + name: 'datasetId' +======= # not importable exclude_test: true parameters: properties: - name: 'datasetId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A unique ID for this dataset, without the project name. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 1,024 characters. required: true ignore_read: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'role' +======= - name: 'role' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Describes the rights granted to the user specified by the other member of the access object. Basic, predefined, and custom roles are @@ -117,13 +199,47 @@ properties: post-create. See [official docs](https://cloud.google.com/bigquery/docs/access-control). diff_suppress_func: 'resourceBigQueryDatasetAccessRoleDiffSuppress' +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/bigquery_access_role.go.erb' + - !ruby/object:Api::Type::String + name: 'userByEmail' +======= custom_expand: 'templates/terraform/custom_expand/bigquery_access_role.go.tmpl' - name: 'userByEmail' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An email address of a user to grant access to. For example: fred@example.com exactly_one_of: +<<<<<<< HEAD + - user_by_email + - group_by_email + - domain + - special_group + - iam_member + - view + - dataset + - routine + custom_expand: 'templates/terraform/custom_expand/string_to_lower_case.go.erb' + diff_suppress_func: resourceBigQueryDatasetAccessIamMemberDiffSuppress + - !ruby/object:Api::Type::String + name: 'groupByEmail' + description: An email address of a Google Group to grant access to. + exactly_one_of: + - user_by_email + - group_by_email + - domain + - special_group + - iam_member + - view + - dataset + - routine + custom_expand: 'templates/terraform/custom_expand/string_to_lower_case.go.erb' + diff_suppress_func: resourceBigQueryDatasetAccessIamMemberDiffSuppress + - !ruby/object:Api::Type::String + name: 'domain' +======= - 'user_by_email' - 'group_by_email' - 'domain' @@ -150,10 +266,24 @@ properties: custom_expand: 'templates/terraform/custom_expand/string_to_lower_case.go.tmpl' - name: 'domain' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A domain to grant access to. Any users signed in with the domain specified will be granted the specified access exactly_one_of: +<<<<<<< HEAD + - user_by_email + - group_by_email + - domain + - special_group + - iam_member + - view + - dataset + - routine + diff_suppress_func: resourceBigQueryDatasetAccessIamMemberDiffSuppress + - !ruby/object:Api::Type::String + name: 'specialGroup' +======= - 'user_by_email' - 'group_by_email' - 'domain' @@ -165,6 +295,7 @@ properties: diff_suppress_func: 'resourceBigQueryDatasetAccessIamMemberDiffSuppress' - name: 'specialGroup' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A special group to grant access to. Possible values include: * `projectOwners`: Owners of the enclosing project. @@ -172,6 +303,19 @@ properties: * `projectWriters`: Writers of the enclosing project. * `allAuthenticatedUsers`: All authenticated BigQuery users. exactly_one_of: +<<<<<<< HEAD + - user_by_email + - group_by_email + - domain + - special_group + - iam_member + - view + - dataset + - routine + diff_suppress_func: resourceBigQueryDatasetAccessIamMemberDiffSuppress + - !ruby/object:Api::Type::String + name: 'iamMember' +======= - 'user_by_email' - 'group_by_email' - 'domain' @@ -183,10 +327,24 @@ properties: diff_suppress_func: 'resourceBigQueryDatasetAccessIamMemberDiffSuppress' - name: 'iamMember' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group. For example: `allUsers` exactly_one_of: +<<<<<<< HEAD + - user_by_email + - group_by_email + - domain + - special_group + - iam_member + - view + - dataset + - routine + diff_suppress_func: resourceBigQueryDatasetAccessIamMemberDiffSuppress + - !ruby/object:Api::Type::NestedObject + name: 'view' +======= - 'user_by_email' - 'group_by_email' - 'domain' @@ -198,6 +356,7 @@ properties: diff_suppress_func: 'resourceBigQueryDatasetAccessIamMemberDiffSuppress' - name: 'view' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A view from a different dataset to grant access to. Queries executed against that view will have read access to tables in @@ -205,6 +364,27 @@ properties: set. If that view is updated by any user, access to the view needs to be granted again via an update operation. exactly_one_of: +<<<<<<< HEAD + - user_by_email + - group_by_email + - domain + - special_group + - iam_member + - view + - dataset + - routine + properties: + - !ruby/object:Api::Type::String + name: 'datasetId' + description: The ID of the dataset containing this table. + required: true + - !ruby/object:Api::Type::String + name: 'projectId' + description: The ID of the project containing this table. + required: true + - !ruby/object:Api::Type::String + name: 'tableId' +======= - 'user_by_email' - 'group_by_email' - 'domain' @@ -224,11 +404,51 @@ properties: required: true - name: 'tableId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The ID of the table. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 1,024 characters. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'dataset' + description: | + Grants all resources of particular types in a particular dataset read access to the current dataset. + exactly_one_of: + - user_by_email + - group_by_email + - domain + - special_group + - iam_member + - view + - dataset + - routine + properties: + - !ruby/object:Api::Type::NestedObject + name: 'dataset' + required: true + description: | + The dataset this entry applies to + properties: + - !ruby/object:Api::Type::String + name: 'datasetId' + description: The ID of the dataset containing this table. + required: true + - !ruby/object:Api::Type::String + name: 'projectId' + description: The ID of the project containing this table. + required: true + - !ruby/object:Api::Type::Array + name: 'targetTypes' + description: | + Which resources in the dataset this entry applies to. Currently, only views are supported, + but additional target types may be added in the future. Possible values: VIEWS + item_type: Api::Type::String + required: true + - !ruby/object:Api::Type::NestedObject + name: 'routine' +======= - name: 'dataset' type: NestedObject description: | @@ -267,6 +487,7 @@ properties: type: String - name: 'routine' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A routine from a different dataset to grant access to. Queries executed against that routine will have read access to tables in @@ -274,6 +495,27 @@ properties: set. If that routine is updated by any user, access to the routine needs to be granted again via an update operation. exactly_one_of: +<<<<<<< HEAD + - user_by_email + - group_by_email + - domain + - special_group + - iam_member + - view + - dataset + - routine + properties: + - !ruby/object:Api::Type::String + name: 'datasetId' + description: The ID of the dataset containing this table. + required: true + - !ruby/object:Api::Type::String + name: 'projectId' + description: The ID of the project containing this table. + required: true + - !ruby/object:Api::Type::String + name: 'routineId' +======= - 'user_by_email' - 'group_by_email' - 'domain' @@ -293,6 +535,7 @@ properties: required: true - name: 'routineId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The ID of the routine. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length diff --git a/mmv1/products/bigquery/Job.yaml b/mmv1/products/bigquery/Job.yaml index 89637b3e9ffd..dd4a89304baa 100644 --- a/mmv1/products/bigquery/Job.yaml +++ b/mmv1/products/bigquery/Job.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,38 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Job' +kind: 'bigquery#job' +base_url: projects/{{project}}/jobs +self_link: projects/{{project}}/jobs/{{job_id}}?location={{location}} +immutable: true +schema_version: 1 +state_upgraders: true +description: | + Jobs are actions that BigQuery runs on your behalf to load data, export data, query data, or copy data. + Once a BigQuery job is created, it cannot be changed or deleted. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'BigQuery Jobs Intro': 'https://cloud.google.com/bigquery/docs/jobs-overview' + api: 'https://cloud.google.com/bigquery/docs/reference/rest/v2/jobs' +import_format: + [ + 'projects/{{project}}/jobs/{{job_id}}/location/{{location}}', + 'projects/{{project}}/jobs/{{job_id}}', + '{{project}}/{{job_id}}', + '{{job_id}}', + ] +skip_delete: true +id_format: projects/{{project}}/jobs/{{job_id}} +async: !ruby/object:Provider::Terraform::PollAsync + check_response_func_existence: transport_tpg.PollCheckForExistence + actions: ['create'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_job_query' +======= --- name: 'Job' kind: 'bigquery#job' @@ -50,6 +86,7 @@ schema_version: 1 state_upgraders: true examples: - name: 'bigquery_job_query' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'job' vars: job_id: 'job_query' @@ -57,7 +94,12 @@ examples: ignore_read_extra: - 'etag' - 'status.0.state' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_job_query_table_reference' +======= - name: 'bigquery_job_query_table_reference' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'job' vars: job_id: 'job_query' @@ -67,13 +109,41 @@ examples: - 'query.0.default_dataset.0.dataset_id' - 'query.0.destination_table.0.table_id' - 'status.0.state' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_job_load' +======= - name: 'bigquery_job_load' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 + primary_resource_id: 'job' + vars: + job_id: 'job_load' + ignore_read_extra: + - 'etag' + - 'status.0.state' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_job_load_geojson' primary_resource_id: 'job' vars: job_id: 'job_load' + bucket_name: 'bq-geojson' # Keep small(er) to avoid downstream acctest having too-long a bucket name + test_env_vars: + project: :PROJECT_NAME + ignore_read_extra: + - 'etag' + - 'status.0.state' + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_job_load_parquet' + primary_resource_id: 'job' + vars: + job_id: "job_load" ignore_read_extra: - 'etag' - 'status.0.state' + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_job_load_table_reference' +======= - name: 'bigquery_job_load_geojson' primary_resource_id: 'job' vars: @@ -93,6 +163,7 @@ examples: - 'etag' - 'status.0.state' - name: 'bigquery_job_load_table_reference' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'job' vars: job_id: 'job_load' @@ -100,9 +171,15 @@ examples: - 'etag' - 'load.0.destination_table.0.table_id' - 'status.0.state' +<<<<<<< HEAD + skip_docs: true # there are a lot of examples for this resource, so omitting some that are similar to others + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_job_copy' +======= # there are a lot of examples for this resource, so omitting some that are similar to others exclude_docs: true - name: 'bigquery_job_copy' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'job' vars: job_id: 'job_copy' @@ -110,11 +187,20 @@ examples: key_name: 'example-key' keyring_name: 'example-keyring' test_env_vars: +<<<<<<< HEAD + project: :PROJECT_NAME + ignore_read_extra: + - 'etag' + - 'status.0.state' + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_job_copy_table_reference' +======= project: 'PROJECT_NAME' ignore_read_extra: - 'etag' - 'status.0.state' - name: 'bigquery_job_copy_table_reference' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'job' vars: job_id: 'job_copy' @@ -122,16 +208,26 @@ examples: key_name: 'example-key' keyring_name: 'example-keyring' test_env_vars: +<<<<<<< HEAD + project: :PROJECT_NAME +======= project: 'PROJECT_NAME' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 ignore_read_extra: - 'etag' - 'copy.0.destination_table.0.table_id' - 'copy.0.source_tables.0.table_id' - 'copy.0.source_tables.1.table_id' - 'status.0.state' +<<<<<<< HEAD + skip_docs: true # there are a lot of examples for this resource, so omitting some that are similar to others + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_job_extract' +======= # there are a lot of examples for this resource, so omitting some that are similar to others exclude_docs: true - name: 'bigquery_job_extract' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'job' vars: job_id: 'job_extract' @@ -139,7 +235,12 @@ examples: ignore_read_extra: - 'etag' - 'status.0.state' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_job_extract_table_reference' +======= - name: 'bigquery_job_extract_table_reference' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'job' vars: job_id: 'job_extract' @@ -148,6 +249,20 @@ examples: - 'etag' - 'extract.0.source_table.0.table_id' - 'status.0.state' +<<<<<<< HEAD + skip_docs: true # there are a lot of examples for this resource, so omitting some that are similar to others +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: templates/terraform/constants/bigquery_job.go + encoder: templates/terraform/encoders/bigquery_job.go.erb +properties: + - !ruby/object:Api::Type::String + name: 'user_email' + output: true + description: | + Email address of the user who ran the job. + - !ruby/object:Api::Type::NestedObject + name: 'configuration' +======= # there are a lot of examples for this resource, so omitting some that are similar to others exclude_docs: true parameters: @@ -159,10 +274,37 @@ properties: output: true - name: 'configuration' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: 'Describes the job configuration.' required: true flatten_object: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'jobType' + description: | + The type of the job. + output: true + - !ruby/object:Api::Type::String + name: 'jobTimeoutMs' + description: | + Job timeout in milliseconds. If this time limit is exceeded, BigQuery may attempt to terminate the job. + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: | + The labels associated with this job. You can use these to organize and group your jobs. + - !ruby/object:Api::Type::NestedObject + name: 'query' + description: 'Configures a query job.' + exactly_one_of: + - configuration.0.query + - configuration.0.load + - configuration.0.copy + - configuration.0.extract + properties: + - !ruby/object:Api::Type::String + name: 'query' +======= - name: 'jobType' type: String description: | @@ -187,17 +329,41 @@ properties: properties: - name: 'query' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | SQL query text to execute. The useLegacySql field can be used to indicate whether the query uses legacy SQL or standard SQL. *NOTE*: queries containing [DML language](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-manipulation-language) (`DELETE`, `UPDATE`, `MERGE`, `INSERT`) must specify `create_disposition = ""` and `write_disposition = ""`. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'destinationTable' +======= - name: 'destinationTable' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Describes the table where the query results should be stored. This property must be set for large results that exceed the maximum response size. For queries that produce anonymous (cached) results, this field will be populated by BigQuery. +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/bigquery_table_ref.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/bigquery_table_ref_query_destinationtable.go.erb' + default_from_api: true + properties: + - !ruby/object:Api::Type::String + name: 'projectId' + description: 'The ID of the project containing this table.' + required: false + default_from_api: true + - !ruby/object:Api::Type::String + name: 'datasetId' + description: 'The ID of the dataset containing this table.' + required: false + default_from_api: true + - !ruby/object:Api::Type::String + name: 'tableId' +======= default_from_api: true custom_flatten: 'templates/terraform/custom_flatten/bigquery_table_ref_query_destinationtable.go.tmpl' custom_expand: 'templates/terraform/custom_expand/bigquery_table_ref.go.tmpl' @@ -214,11 +380,22 @@ properties: default_from_api: true - name: 'tableId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The table. Can be specified `{{table_id}}` if `project_id` and `dataset_id` are also set, or of the form `projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}` if not. required: true diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'userDefinedFunctionResources' + description: | + Describes user-defined function resources used in the query. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'resourceUri' +======= - name: 'userDefinedFunctionResources' type: Array description: | @@ -228,29 +405,49 @@ properties: properties: - name: 'resourceUri' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # TODO (mbang): exactly_one_of: resourceUri, inlineCode description: 'A code resource to load from a Google Cloud Storage URI (gs://bucket/path).' +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'inlineCode' +======= - name: 'inlineCode' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # TODO (mbang): exactly_one_of: resourceUri, inlineCode description: | An inline resource that contains code for a user-defined function (UDF). Providing a inline code resource is equivalent to providing a URI for a file containing the same code. +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'createDisposition' +======= - name: 'createDisposition' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies whether the job is allowed to create new tables. The following values are supported: CREATE_IF_NEEDED: If the table does not exist, BigQuery creates the table. CREATE_NEVER: The table must already exist. If it does not, a 'notFound' error is returned in the job result. Creation, truncation and append actions occur as one atomic update upon job completion +<<<<<<< HEAD + default_value: :CREATE_IF_NEEDED + values: + - :CREATE_IF_NEEDED + - :CREATE_NEVER + - !ruby/object:Api::Type::Enum + name: 'writeDisposition' +======= default_value: "CREATE_IF_NEEDED" enum_values: - 'CREATE_IF_NEEDED' - 'CREATE_NEVER' - name: 'writeDisposition' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the action that occurs if the destination table already exists. The following values are supported: WRITE_TRUNCATE: If the table already exists, BigQuery overwrites the table data and uses the schema from the query result. @@ -258,6 +455,22 @@ properties: WRITE_EMPTY: If the table already exists and contains data, a 'duplicate' error is returned in the job result. Each action is atomic and only occurs if BigQuery is able to complete the job successfully. Creation, truncation and append actions occur as one atomic update upon job completion. +<<<<<<< HEAD + default_value: :WRITE_EMPTY + values: + - :WRITE_TRUNCATE + - :WRITE_APPEND + - :WRITE_EMPTY + - !ruby/object:Api::Type::NestedObject + name: 'defaultDataset' + description: | + Specifies the default dataset to use for unqualified table names in the query. Note that this does not alter behavior of unqualified dataset names. + custom_expand: 'templates/terraform/custom_expand/bigquery_dataset_ref.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/bigquery_dataset_ref.go.erb' + properties: + - !ruby/object:Api::Type::String + name: 'datasetId' +======= default_value: "WRITE_EMPTY" enum_values: - 'WRITE_TRUNCATE' @@ -272,11 +485,29 @@ properties: properties: - name: 'datasetId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The dataset. Can be specified `{{dataset_id}}` if `project_id` is also set, or of the form `projects/{{project}}/datasets/{{dataset_id}}` if not. required: true diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'projectId' + description: 'The ID of the project containing this table.' + required: false + default_from_api: true + - !ruby/object:Api::Type::Enum + name: 'priority' + description: | + Specifies a priority for the query. + default_value: :INTERACTIVE + values: + - :INTERACTIVE + - :BATCH + - !ruby/object:Api::Type::Boolean + name: 'allowLargeResults' +======= - name: 'projectId' type: String description: 'The ID of the project containing this table.' @@ -292,17 +523,42 @@ properties: - 'BATCH' - name: 'allowLargeResults' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If true and query uses legacy SQL dialect, allows the query to produce arbitrarily large result tables at a slight cost in performance. Requires destinationTable to be set. For standard SQL queries, this flag is ignored and large results are always allowed. However, you must still set destinationTable when result size exceeds the allowed maximum response size. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'useQueryCache' +======= - name: 'useQueryCache' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Whether to look for the result in the query cache. The query cache is a best-effort cache that will be flushed whenever tables in the query are modified. Moreover, the query cache is only available when a query does not have a destination table specified. The default value is true. default_value: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'flattenResults' + description: | + If true and query uses legacy SQL dialect, flattens all nested and repeated fields in the query results. + allowLargeResults must be true if this is set to false. For standard SQL queries, this flag is ignored and results are never flattened. + - !ruby/object:Api::Type::Integer + name: 'maximumBillingTier' + description: | + Limits the billing tier for this job. Queries that have resource usage beyond this tier will fail (without incurring a charge). + If unspecified, this will be set to your project default. + - !ruby/object:Api::Type::String + name: 'maximumBytesBilled' + description: | + Limits the bytes billed for this job. Queries that will have bytes billed beyond this limit will fail (without incurring a charge). + If unspecified, this will be set to your project default. + - !ruby/object:Api::Type::Boolean + name: 'useLegacySql' +======= - name: 'flattenResults' type: Boolean description: | @@ -320,16 +576,26 @@ properties: If unspecified, this will be set to your project default. - name: 'useLegacySql' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies whether to use BigQuery's legacy SQL dialect for this query. The default value is true. If set to false, the query will use BigQuery's standard SQL. send_empty_value: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'parameterMode' + description: | + Standard SQL only. Set to POSITIONAL to use positional (?) query parameters or to NAMED to use named (@myparam) query parameters in this query. + - !ruby/object:Api::Type::Array + name: 'schemaUpdateOptions' +======= - name: 'parameterMode' type: String description: | Standard SQL only. Set to POSITIONAL to use positional (?) query parameters or to NAMED to use named (@myparam) query parameters in this query. - name: 'schemaUpdateOptions' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Allows the schema of the destination table to be updated as a side effect of the query job. Schema update options are supported in two cases: when writeDisposition is WRITE_APPEND; @@ -338,6 +604,17 @@ properties: One or more of the following values are specified: ALLOW_FIELD_ADDITION: allow adding a nullable field to the schema. ALLOW_FIELD_RELAXATION: allow relaxing a required field in the original schema to nullable. +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::NestedObject + name: 'destinationEncryptionConfiguration' + description: | + Custom encryption configuration (e.g., Cloud KMS keys) + custom_flatten: 'templates/terraform/custom_flatten/bigquery_kms_version.go.erb' + properties: + - !ruby/object:Api::Type::String + name: 'kmsKeyName' +======= item_type: type: String - name: 'destinationEncryptionConfiguration' @@ -348,10 +625,32 @@ properties: properties: - name: 'kmsKeyName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Describes the Cloud KMS encryption key that will be used to protect destination BigQuery table. The BigQuery Service Account associated with your project requires access to this encryption key. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'kmsKeyVersion' + description: | + Describes the Cloud KMS encryption key version used to protect destination BigQuery table. + output: true + - !ruby/object:Api::Type::NestedObject + name: 'scriptOptions' + description: | + Options controlling the execution of scripts. + properties: + - !ruby/object:Api::Type::String + name: 'statementTimeoutMs' + description: 'Timeout period for each statement in a script.' + at_least_one_of: + - configuration.0.query.0.script_options.0.statement_timeout_ms + - configuration.0.query.0.script_options.0.statement_byte_budget + - configuration.0.query.0.script_options.0.key_result_statement + - !ruby/object:Api::Type::String + name: 'statementByteBudget' +======= - name: 'kmsKeyVersion' type: String description: | @@ -371,19 +670,47 @@ properties: - 'configuration.0.query.0.script_options.0.key_result_statement' - name: 'statementByteBudget' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: 'Limit on the number of bytes billed per statement. Exceeding this budget results in an error.' at_least_one_of: +<<<<<<< HEAD + - configuration.0.query.0.script_options.0.statement_timeout_ms + - configuration.0.query.0.script_options.0.statement_byte_budget + - configuration.0.query.0.script_options.0.key_result_statement + - !ruby/object:Api::Type::Enum + name: 'keyResultStatement' +======= - 'configuration.0.query.0.script_options.0.statement_timeout_ms' - 'configuration.0.query.0.script_options.0.statement_byte_budget' - 'configuration.0.query.0.script_options.0.key_result_statement' - name: 'keyResultStatement' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Determines which statement in the script represents the "key result", used to populate the schema and query results of the script job. at_least_one_of: +<<<<<<< HEAD + - configuration.0.query.0.script_options.0.statement_timeout_ms + - configuration.0.query.0.script_options.0.statement_byte_budget + - configuration.0.query.0.script_options.0.key_result_statement + values: + - :LAST + - :FIRST_SELECT + - !ruby/object:Api::Type::NestedObject + name: 'load' + description: 'Configures a load job.' + exactly_one_of: + - configuration.0.query + - configuration.0.load + - configuration.0.copy + - configuration.0.extract + properties: + - !ruby/object:Api::Type::Array + name: 'sourceUris' +======= - 'configuration.0.query.0.script_options.0.statement_timeout_ms' - 'configuration.0.query.0.script_options.0.statement_byte_budget' - 'configuration.0.query.0.script_options.0.key_result_statement' @@ -401,6 +728,7 @@ properties: properties: - name: 'sourceUris' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The fully-qualified URIs that point to your data in Google Cloud. For Google Cloud Storage URIs: Each URI can contain one '\*' wildcard character @@ -408,6 +736,30 @@ properties: to external data sources. For Google Cloud Bigtable URIs: Exactly one URI can be specified and it has be a fully specified and valid HTTPS URL for a Google Cloud Bigtable table. For Google Cloud Datastore backups: Exactly one URI can be specified. Also, the '\*' wildcard character is not allowed. +<<<<<<< HEAD + item_type: Api::Type::String + required: true + - !ruby/object:Api::Type::NestedObject + name: 'destinationTable' + description: | + The destination table to load the data into. + required: true + custom_expand: 'templates/terraform/custom_expand/bigquery_table_ref.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/bigquery_table_ref_load_destinationtable.go.erb' + properties: + - !ruby/object:Api::Type::String + name: 'projectId' + description: 'The ID of the project containing this table.' + required: false + default_from_api: true + - !ruby/object:Api::Type::String + name: 'datasetId' + description: 'The ID of the dataset containing this table.' + required: false + default_from_api: true + - !ruby/object:Api::Type::String + name: 'tableId' +======= required: true item_type: type: String @@ -431,24 +783,39 @@ properties: default_from_api: true - name: 'tableId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The table. Can be specified `{{table_id}}` if `project_id` and `dataset_id` are also set, or of the form `projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}` if not. required: true diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'createDisposition' +======= - name: 'createDisposition' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies whether the job is allowed to create new tables. The following values are supported: CREATE_IF_NEEDED: If the table does not exist, BigQuery creates the table. CREATE_NEVER: The table must already exist. If it does not, a 'notFound' error is returned in the job result. Creation, truncation and append actions occur as one atomic update upon job completion +<<<<<<< HEAD + default_value: :CREATE_IF_NEEDED + values: + - :CREATE_IF_NEEDED + - :CREATE_NEVER + - !ruby/object:Api::Type::Enum + name: 'writeDisposition' +======= default_value: "CREATE_IF_NEEDED" enum_values: - 'CREATE_IF_NEEDED' - 'CREATE_NEVER' - name: 'writeDisposition' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the action that occurs if the destination table already exists. The following values are supported: WRITE_TRUNCATE: If the table already exists, BigQuery overwrites the table data and uses the schema from the query result. @@ -456,6 +823,15 @@ properties: WRITE_EMPTY: If the table already exists and contains data, a 'duplicate' error is returned in the job result. Each action is atomic and only occurs if BigQuery is able to complete the job successfully. Creation, truncation and append actions occur as one atomic update upon job completion. +<<<<<<< HEAD + default_value: :WRITE_EMPTY + values: + - :WRITE_TRUNCATE + - :WRITE_APPEND + - :WRITE_EMPTY + - !ruby/object:Api::Type::String + name: 'nullMarker' +======= default_value: "WRITE_EMPTY" enum_values: - 'WRITE_TRUNCATE' @@ -463,14 +839,21 @@ properties: - 'WRITE_EMPTY' - name: 'nullMarker' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies a string that represents a null value in a CSV file. For example, if you specify "\N", BigQuery interprets "\N" as a null value when loading a CSV file. The default value is the empty string. If you set this property to a custom value, BigQuery throws an error if an empty string is present for all data types except for STRING and BYTE. For STRING and BYTE columns, BigQuery interprets the empty string as an empty value. +<<<<<<< HEAD + default_value: '' + - !ruby/object:Api::Type::String + name: 'fieldDelimiter' +======= default_value: "" - name: 'fieldDelimiter' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The separator for fields in a CSV file. The separator can be any ISO-8859-1 single-byte character. To use a character in the range 128-255, you must encode the character as UTF8. BigQuery converts @@ -478,8 +861,13 @@ properties: data in its raw, binary state. BigQuery also supports the escape sequence "\t" to specify a tab separator. The default value is a comma (','). default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'skipLeadingRows' +======= - name: 'skipLeadingRows' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The number of rows at the top of a CSV file that BigQuery will skip when loading the data. The default value is 0. This property is useful if you have header rows in the file that should be skipped. @@ -489,59 +877,104 @@ properties: skipLeadingRows is 0 - Instructs autodetect that there are no headers and data should be read starting from the first row. skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to detect headers in row N. If headers are not detected, row N is just skipped. Otherwise row N is used to extract column names for the detected schema. +<<<<<<< HEAD + default_value: 0 + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.IntAtLeast(0)' + - !ruby/object:Api::Type::String + name: 'encoding' +======= validation: function: 'validation.IntAtLeast(0)' default_value: 0 - name: 'encoding' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The character encoding of the data. The supported values are UTF-8 or ISO-8859-1. The default value is UTF-8. BigQuery decodes the data after the raw, binary data has been split using the values of the quote and fieldDelimiter properties. +<<<<<<< HEAD + default_value: 'UTF-8' + - !ruby/object:Api::Type::String + name: 'quote' +======= default_value: "UTF-8" - name: 'quote' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The value that is used to quote data sections in a CSV file. BigQuery converts the string to ISO-8859-1 encoding, and then uses the first byte of the encoded string to split the data in its raw, binary state. The default value is a double-quote ('"'). If your data does not contain quoted sections, set the property value to an empty string. If your data contains quoted newline characters, you must also set the allowQuotedNewlines property to true. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'maxBadRecords' +======= - name: 'maxBadRecords' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The maximum number of bad records that BigQuery can ignore when running the job. If the number of bad records exceeds this value, an invalid error is returned in the job result. The default value is 0, which requires that all records are valid. default_value: 0 +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'allowQuotedNewlines' +======= - name: 'allowQuotedNewlines' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates if BigQuery should allow quoted data sections that contain newline characters in a CSV file. The default value is false. default_value: false +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'sourceFormat' +======= - name: 'sourceFormat' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The format of the data files. For CSV files, specify "CSV". For datastore backups, specify "DATASTORE_BACKUP". For newline-delimited JSON, specify "NEWLINE_DELIMITED_JSON". For Avro, specify "AVRO". For parquet, specify "PARQUET". For orc, specify "ORC". [Beta] For Bigtable, specify "BIGTABLE". The default value is CSV. +<<<<<<< HEAD + default_value: 'CSV' + - !ruby/object:Api::Type::String + name: 'jsonExtension' +======= default_value: "CSV" - name: 'jsonExtension' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If sourceFormat is set to newline-delimited JSON, indicates whether it should be processed as a JSON variant such as GeoJSON. For a sourceFormat other than JSON, omit this field. If the sourceFormat is newline-delimited JSON: - for newline-delimited GeoJSON: set to GEOJSON. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'allowJaggedRows' +======= - name: 'allowJaggedRows' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Accept rows that are missing trailing optional columns. The missing values are treated as nulls. If false, records with missing trailing columns are treated as bad records, and if there are too many bad records, an invalid error is returned in the job result. The default value is false. Only applicable to CSV, ignored for other formats. default_value: false +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'ignoreUnknownValues' +======= - name: 'ignoreUnknownValues' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates if BigQuery should allow extra values that are not represented in the table schema. If true, the extra values are ignored. If false, records with extra columns are treated as bad records, @@ -550,12 +983,26 @@ properties: CSV: Trailing columns JSON: Named values that don't match any column names default_value: false +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'projectionFields' +======= - name: 'projectionFields' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If sourceFormat is set to "DATASTORE_BACKUP", indicates which entity properties to load into BigQuery from a Cloud Datastore backup. Property names are case sensitive and must be top-level properties. If no properties are specified, BigQuery loads all properties. If any named property isn't found in the Cloud Datastore backup, an invalid error is returned in the job result. +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Boolean + name: 'autodetect' + description: | + Indicates if we should automatically infer the options and schema for CSV and JSON sources. + - !ruby/object:Api::Type::Array + name: 'schemaUpdateOptions' +======= item_type: type: String - name: 'autodetect' @@ -564,6 +1011,7 @@ properties: Indicates if we should automatically infer the options and schema for CSV and JSON sources. - name: 'schemaUpdateOptions' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Allows the schema of the destination table to be updated as a side effect of the load job if a schema is autodetected or supplied in the job configuration. Schema update options are supported in two cases: when writeDisposition is WRITE_APPEND; @@ -571,6 +1019,16 @@ properties: For normal tables, WRITE_TRUNCATE will always overwrite the schema. One or more of the following values are specified: ALLOW_FIELD_ADDITION: allow adding a nullable field to the schema. ALLOW_FIELD_RELAXATION: allow relaxing a required field in the original schema to nullable. +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::NestedObject + name: 'timePartitioning' + description: | + Time-based partitioning specification for the destination table. + properties: + - !ruby/object:Api::Type::String + name: 'type' +======= item_type: type: String - name: 'timePartitioning' @@ -580,20 +1038,40 @@ properties: properties: - name: 'type' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The only type supported is DAY, which will generate one partition per day. Providing an empty string used to cause an error, but in OnePlatform the field will be treated as unset. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'expirationMs' + description: | + Number of milliseconds for which to keep the storage for a partition. A wrapper is used here because 0 is an invalid value. + - !ruby/object:Api::Type::String + name: 'field' +======= - name: 'expirationMs' type: String description: | Number of milliseconds for which to keep the storage for a partition. A wrapper is used here because 0 is an invalid value. - name: 'field' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If not set, the table is partitioned by pseudo column '_PARTITIONTIME'; if set, the table is partitioned by this field. The field must be a top-level TIMESTAMP or DATE field. Its mode must be NULLABLE or REQUIRED. A wrapper is used here because an empty string is an invalid value. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'destinationEncryptionConfiguration' + description: | + Custom encryption configuration (e.g., Cloud KMS keys) + custom_flatten: 'templates/terraform/custom_flatten/bigquery_kms_version.go.erb' + properties: + - !ruby/object:Api::Type::String + name: 'kmsKeyName' +======= - name: 'destinationEncryptionConfiguration' type: NestedObject description: | @@ -602,10 +1080,64 @@ properties: properties: - name: 'kmsKeyName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Describes the Cloud KMS encryption key that will be used to protect destination BigQuery table. The BigQuery Service Account associated with your project requires access to this encryption key. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'kmsKeyVersion' + description: | + Describes the Cloud KMS encryption key version used to protect destination BigQuery table. + output: true + - !ruby/object:Api::Type::NestedObject + name: 'parquetOptions' + description: | + Parquet Options for load and make external tables. + properties: + - !ruby/object:Api::Type::Boolean + name: 'enumAsString' + description: | + If sourceFormat is set to PARQUET, indicates whether to infer Parquet ENUM logical type as STRING instead of BYTES by default. + - !ruby/object:Api::Type::Boolean + name: 'enableListInference' + description: | + If sourceFormat is set to PARQUET, indicates whether to use schema inference specifically for Parquet LIST logical type. + at_least_one_of: + - configuration.0.load.0.parquet_options.0.enum_as_string + - configuration.0.load.0.parquet_options.0.enable_list_inference + - !ruby/object:Api::Type::NestedObject + name: 'copy' + description: 'Copies a table.' + exactly_one_of: + - configuration.0.query + - configuration.0.load + - configuration.0.copy + - configuration.0.extract + properties: + - !ruby/object:Api::Type::Array + name: 'sourceTables' + description: | + Source tables to copy. + required: true + custom_expand: 'templates/terraform/custom_expand/bigquery_table_ref_array.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/bigquery_table_ref_copy_sourcetables.go.erb' + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'projectId' + description: 'The ID of the project containing this table.' + required: false + default_from_api: true + - !ruby/object:Api::Type::String + name: 'datasetId' + description: 'The ID of the dataset containing this table.' + required: false + default_from_api: true + - !ruby/object:Api::Type::String + name: 'tableId' +======= - name: 'kmsKeyVersion' type: String description: | @@ -658,11 +1190,32 @@ properties: default_from_api: true - name: 'tableId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The table. Can be specified `{{table_id}}` if `project_id` and `dataset_id` are also set, or of the form `projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}` if not. required: true diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'destinationTable' + description: 'The destination table.' + custom_expand: 'templates/terraform/custom_expand/bigquery_table_ref.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/bigquery_table_ref_copy_destinationtable.go.erb' + properties: + - !ruby/object:Api::Type::String + name: 'projectId' + description: 'The ID of the project containing this table.' + required: false + default_from_api: true + - !ruby/object:Api::Type::String + name: 'datasetId' + description: 'The ID of the dataset containing this table.' + required: false + default_from_api: true + - !ruby/object:Api::Type::String + name: 'tableId' +======= - name: 'destinationTable' type: NestedObject description: 'The destination table.' @@ -681,24 +1234,39 @@ properties: default_from_api: true - name: 'tableId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The table. Can be specified `{{table_id}}` if `project_id` and `dataset_id` are also set, or of the form `projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}` if not. required: true diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'createDisposition' +======= - name: 'createDisposition' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies whether the job is allowed to create new tables. The following values are supported: CREATE_IF_NEEDED: If the table does not exist, BigQuery creates the table. CREATE_NEVER: The table must already exist. If it does not, a 'notFound' error is returned in the job result. Creation, truncation and append actions occur as one atomic update upon job completion +<<<<<<< HEAD + default_value: :CREATE_IF_NEEDED + values: + - :CREATE_IF_NEEDED + - :CREATE_NEVER + - !ruby/object:Api::Type::Enum + name: 'writeDisposition' +======= default_value: "CREATE_IF_NEEDED" enum_values: - 'CREATE_IF_NEEDED' - 'CREATE_NEVER' - name: 'writeDisposition' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the action that occurs if the destination table already exists. The following values are supported: WRITE_TRUNCATE: If the table already exists, BigQuery overwrites the table data and uses the schema from the query result. @@ -706,6 +1274,21 @@ properties: WRITE_EMPTY: If the table already exists and contains data, a 'duplicate' error is returned in the job result. Each action is atomic and only occurs if BigQuery is able to complete the job successfully. Creation, truncation and append actions occur as one atomic update upon job completion. +<<<<<<< HEAD + default_value: :WRITE_EMPTY + values: + - :WRITE_TRUNCATE + - :WRITE_APPEND + - :WRITE_EMPTY + - !ruby/object:Api::Type::NestedObject + name: 'destinationEncryptionConfiguration' + description: | + Custom encryption configuration (e.g., Cloud KMS keys) + custom_flatten: 'templates/terraform/custom_flatten/bigquery_kms_version.go.erb' + properties: + - !ruby/object:Api::Type::String + name: 'kmsKeyName' +======= default_value: "WRITE_EMPTY" enum_values: - 'WRITE_TRUNCATE' @@ -719,10 +1302,40 @@ properties: properties: - name: 'kmsKeyName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Describes the Cloud KMS encryption key that will be used to protect destination BigQuery table. The BigQuery Service Account associated with your project requires access to this encryption key. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'kmsKeyVersion' + description: | + Describes the Cloud KMS encryption key version used to protect destination BigQuery table. + output: true + - !ruby/object:Api::Type::NestedObject + name: 'extract' + description: 'Configures an extract job.' + exactly_one_of: + - configuration.0.query + - configuration.0.load + - configuration.0.copy + - configuration.0.extract + properties: + - !ruby/object:Api::Type::Array + name: 'destinationUris' + description: | + A list of fully-qualified Google Cloud Storage URIs where the extracted table should be written. + required: true + item_type: Api::Type::String + - !ruby/object:Api::Type::Boolean + name: 'printHeader' + description: | + Whether to print out a header row in the results. Default is true. + default_value: true + - !ruby/object:Api::Type::String + name: 'fieldDelimiter' +======= - name: 'kmsKeyVersion' type: String description: | @@ -751,17 +1364,57 @@ properties: default_value: true - name: 'fieldDelimiter' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | When extracting data in CSV format, this defines the delimiter to use between fields in the exported data. Default is ',' default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'destinationFormat' +======= - name: 'destinationFormat' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The exported file format. Possible values include CSV, NEWLINE_DELIMITED_JSON and AVRO for tables and SAVED_MODEL for models. The default value for tables is CSV. Tables with nested or repeated fields cannot be exported as CSV. The default value for models is SAVED_MODEL. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'compression' + description: | + The compression type to use for exported files. Possible values include GZIP, DEFLATE, SNAPPY, and NONE. + The default value is NONE. DEFLATE and SNAPPY are only supported for Avro. + default_value: 'NONE' + - !ruby/object:Api::Type::Boolean + name: 'useAvroLogicalTypes' + description: | + Whether to use logical types when extracting to AVRO format. + - !ruby/object:Api::Type::NestedObject + name: 'sourceTable' + description: | + A reference to the table being exported. + exactly_one_of: + - configuration.0.extract.0.source_table + - configuration.0.extract.0.source_model + custom_expand: 'templates/terraform/custom_expand/bigquery_table_ref.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/bigquery_table_ref_extract_sourcetable.go.erb' + properties: + - !ruby/object:Api::Type::String + name: 'projectId' + description: 'The ID of the project containing this table.' + required: false + default_from_api: true + - !ruby/object:Api::Type::String + name: 'datasetId' + description: 'The ID of the dataset containing this table.' + required: false + default_from_api: true + - !ruby/object:Api::Type::String + name: 'tableId' +======= - name: 'compression' type: String description: | @@ -794,11 +1447,36 @@ properties: default_from_api: true - name: 'tableId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The table. Can be specified `{{table_id}}` if `project_id` and `dataset_id` are also set, or of the form `projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}` if not. required: true diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'sourceModel' + description: | + A reference to the model being exported. + exactly_one_of: + - configuration.0.extract.0.source_table + - configuration.0.extract.0.source_model + properties: + - !ruby/object:Api::Type::String + name: 'projectId' + description: 'The ID of the project containing this model.' + required: true + - !ruby/object:Api::Type::String + name: 'datasetId' + description: 'The ID of the dataset containing this model.' + required: true + - !ruby/object:Api::Type::String + name: 'modelId' + description: 'The ID of the model.' + required: true + - !ruby/object:Api::Type::NestedObject + name: 'jobReference' +======= - name: 'sourceModel' type: NestedObject description: | @@ -821,10 +1499,47 @@ properties: required: true - name: 'jobReference' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Reference describing the unique-per-user name of the job. flatten_object: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'jobId' + description: | + The ID of the job. The ID must contain only letters (a-z, A-Z), numbers (0-9), underscores (_), or dashes (-). The maximum length is 1,024 characters. + required: true + - !ruby/object:Api::Type::String + name: 'location' + description: | + The geographic location of the job. The default value is US. + default_value: 'US' + - !ruby/object:Api::Type::NestedObject + name: 'status' + output: true + description: | + The status of this job. Examine this value when polling an asynchronous job to see if the job is complete. + properties: + - !ruby/object:Api::Type::NestedObject + name: 'errorResult' + output: true + description: | + Final error result of the job. If present, indicates that the job has completed and was unsuccessful. + properties: + - !ruby/object:Api::Type::String + name: 'reason' + description: A short error code that summarizes the error. + - !ruby/object:Api::Type::String + name: 'location' + description: Specifies where the error occurred, if present. + - !ruby/object:Api::Type::String + name: 'message' + description: A human-readable description of the error. + - !ruby/object:Api::Type::Array + name: 'errors' + output: true +======= - name: 'jobId' type: String description: | @@ -858,10 +1573,29 @@ properties: description: A human-readable description of the error. - name: 'errors' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The first errors encountered during the running of the job. The final message includes the number of errors that caused the process to stop. Errors here do not necessarily mean that the job has not completed or was unsuccessful. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'reason' + description: A short error code that summarizes the error. + - !ruby/object:Api::Type::String + name: 'location' + description: Specifies where the error occurred, if present. + - !ruby/object:Api::Type::String + name: 'message' + description: A human-readable description of the error. + - !ruby/object:Api::Type::String + name: 'state' + output: true + description: | + Running state of the job. Valid states include 'PENDING', 'RUNNING', and 'DONE'. +======= output: true item_type: type: NestedObject @@ -880,3 +1614,4 @@ properties: description: | Running state of the job. Valid states include 'PENDING', 'RUNNING', and 'DONE'. output: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/bigquery/Routine.yaml b/mmv1/products/bigquery/Routine.yaml index 759b27b169e6..d2e17bfca4fc 100644 --- a/mmv1/products/bigquery/Routine.yaml +++ b/mmv1/products/bigquery/Routine.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,51 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Routine' +kind: 'bigquery#routine' +base_url: projects/{{project}}/datasets/{{dataset_id}}/routines +self_link: projects/{{project}}/datasets/{{dataset_id}}/routines/{{routine_id}} +description: | + A user-defined function or a stored procedure that belongs to a Dataset +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Routines Intro': 'https://cloud.google.com/bigquery/docs/reference/rest/v2/routines' + api: 'https://cloud.google.com/bigquery/docs/reference/rest/v2/routines' +import_format: + ['projects/{{project}}/datasets/{{dataset_id}}/routines/{{routine_id}}'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_routine_basic' + primary_resource_id: 'sproc' + primary_resource_name: "fmt.Sprintf(\"tf_test_dataset_id%s\", + context[\"random_suffix\"\ + ]), fmt.Sprintf(\"tf_test_table_id%s\", context[\"random_suffix\"])" + vars: + dataset_id: 'dataset_id' + routine_id: 'routine_id' + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_routine_json' + primary_resource_id: 'sproc' + primary_resource_name: "fmt.Sprintf(\"tf_test_dataset_id%s\", + context[\"random_suffix\"\ + ]), fmt.Sprintf(\"tf_test_table_id%s\", context[\"random_suffix\"])" + vars: + dataset_id: 'dataset_id' + routine_id: 'routine_id' + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_routine_tvf' + primary_resource_id: 'sproc' + primary_resource_name: "fmt.Sprintf(\"tf_test_dataset_id%s\", + context[\"random_suffix\"\ + ]), fmt.Sprintf(\"tf_test_table_id%s\", context[\"random_suffix\"])" + vars: + dataset_id: 'dataset_id' + routine_id: 'routine_id' + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_routine_pyspark' +======= --- name: 'Routine' kind: 'bigquery#routine' @@ -50,34 +99,73 @@ examples: dataset_id: 'dataset_id' routine_id: 'routine_id' - name: 'bigquery_routine_pyspark' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'pyspark' vars: dataset_id: 'dataset_id' connection_id: 'connection_id' routine_id: 'routine_id' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_routine_pyspark_mainfile' +======= - name: 'bigquery_routine_pyspark_mainfile' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'pyspark_mainfile' vars: dataset_id: 'dataset_id' connection_id: 'connection_id' routine_id: 'routine_id' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_routine_spark_jar' +======= - name: 'bigquery_routine_spark_jar' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'spark_jar' vars: dataset_id: 'dataset_id' connection_id: 'connection_id' routine_id: 'routine_id' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_routine_data_governance_type' +======= - name: 'bigquery_routine_data_governance_type' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'custom_masking_routine' vars: dataset_id: 'dataset_id' routine_id: 'routine_id' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + skip_test: true + name: 'bigquery_routine_remote_function' +======= - name: 'bigquery_routine_remote_function' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'remote_function' vars: dataset_id: 'dataset_id' connection_id: 'connection_id' routine_id: 'routine_id' +<<<<<<< HEAD +properties: + - !ruby/object:Api::Type::NestedObject + name: routineReference + description: Reference describing the ID of this routine + required: true + custom_expand: 'templates/terraform/custom_expand/bigquery_routine_ref.go.erb' + flatten_object: true + properties: + - !ruby/object:Api::Type::String + name: 'datasetId' + description: The ID of the dataset containing this routine + required: true + immutable: true + - !ruby/object:Api::Type::String + name: 'routineId' +======= exclude_test: true parameters: properties: @@ -95,12 +183,75 @@ properties: immutable: true - name: 'routineId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: The ID of the the routine. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 256 characters. required: true immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'routineType' + immutable: true + required: true + description: The type of routine. + values: + - :SCALAR_FUNCTION + - :PROCEDURE + - :TABLE_VALUED_FUNCTION + - !ruby/object:Api::Type::Integer + name: 'creationTime' + output: true + description: | + The time when this routine was created, in milliseconds since the + epoch. + - !ruby/object:Api::Type::Integer + name: 'lastModifiedTime' + output: true + description: | + The time when this routine was modified, in milliseconds since the + epoch. + - !ruby/object:Api::Type::Enum + name: 'language' + description: | + The language of the routine. + values: + - :SQL + - :JAVASCRIPT + - :PYTHON + - :JAVA + - :SCALA + - !ruby/object:Api::Type::Array + name: 'arguments' + description: Input/output argument of a function or a stored procedure. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + description: | + The name of this argument. Can be absent for function return argument. + - !ruby/object:Api::Type::Enum + name: 'argumentKind' + description: Defaults to FIXED_TYPE. + values: + - :FIXED_TYPE + - :ANY_TYPE + default_value: :FIXED_TYPE + - !ruby/object:Api::Type::Enum + name: 'mode' + description: | + Specifies whether the argument is input or output. Can be set for procedures only. + values: + - :IN + - :OUT + - :INOUT + # This is a string instead of a NestedObject because schemas contain ColumnSchemas, + # which can contain nested StandardSqlDataType. + # We'll have people provide the json blob for the schema instead. + - !ruby/object:Api::Type::String + name: 'dataType' +======= - name: 'routineType' type: Enum description: The type of routine. @@ -162,6 +313,7 @@ properties: # We'll have people provide the json blob for the schema instead. - name: 'dataType' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A JSON schema for the data type. Required unless argumentKind = ANY_TYPE. ~>**NOTE**: Because this field expects a JSON string, any changes to the string @@ -170,6 +322,17 @@ properties: or replaced STRUCT field type with RECORD field type, we currently cannot suppress the recurring diff this causes. As a workaround, we recommend using the schema as returned by the API. +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/json_schema.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := + structure.NormalizeJsonString(v); return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::String + name: 'returnType' +======= state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' custom_expand: 'templates/terraform/custom_expand/json_schema.tmpl' @@ -177,6 +340,7 @@ properties: function: 'validation.StringIsJSON' - name: 'returnType' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A JSON schema for the return type. Optional if language = "SQL"; required otherwise. If absent, the return type is inferred from definitionBody at query time in each query @@ -187,6 +351,17 @@ properties: d the order of values or replaced STRUCT field type with RECORD field type, we currently cannot suppress the recurring diff this causes. As a workaround, we recommend using the schema as returned by the API. +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/json_schema.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::String + name: 'returnTableType' +======= state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' custom_expand: 'templates/terraform/custom_expand/json_schema.tmpl' @@ -194,12 +369,67 @@ properties: function: 'validation.StringIsJSON' - name: 'returnTableType' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Optional. Can be set only if routineType = "TABLE_VALUED_FUNCTION". If absent, the return table type is inferred from definitionBody at query time in each query that references this routine. If present, then the columns in the evaluated table result will be cast to match the column types specificed in return table type, at query time. +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/json_schema.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::Array + name: 'importedLibraries' + description: | + Optional. If language = "JAVASCRIPT", this field stores the path of the + imported JAVASCRIPT libraries. + item_type: Api::Type::String + - !ruby/object:Api::Type::String + name: 'definitionBody' + required: true + description: | + The body of the routine. For functions, this is the expression in the AS clause. + If language=SQL, it is the substring inside (but excluding) the parentheses. + - !ruby/object:Api::Type::String + name: 'description' + description: The description of the routine if defined. + - !ruby/object:Api::Type::Enum + name: 'determinismLevel' + description: The determinism level of the JavaScript UDF if defined. + values: + - :DETERMINISM_LEVEL_UNSPECIFIED + - :DETERMINISTIC + - :NOT_DETERMINISTIC + - !ruby/object:Api::Type::Enum + name: 'dataGovernanceType' + description: If set to DATA_MASKING, the function is validated and made available as a masking function. For more information, see https://cloud.google.com/bigquery/docs/user-defined-functions#custom-mask + values: + - :DATA_MASKING + - !ruby/object:Api::Type::NestedObject + name: 'sparkOptions' + description: | + Optional. If language is one of "PYTHON", "JAVA", "SCALA", this field stores the options for spark stored procedure. + properties: + - !ruby/object:Api::Type::String + name: 'connection' + description: | + Fully qualified name of the user-provided Spark connection object. + Format: "projects/{projectId}/locations/{locationId}/connections/{connectionId}" + - !ruby/object:Api::Type::String + name: 'runtimeVersion' + description: Runtime version. If not specified, the default runtime version is used. + - !ruby/object:Api::Type::String + name: 'containerImage' + description: Custom container image for the runtime environment. + - !ruby/object:Api::Type::KeyValuePairs + name: "properties" +======= state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' custom_expand: 'templates/terraform/custom_expand/json_schema.tmpl' @@ -251,17 +481,65 @@ properties: description: Custom container image for the runtime environment. - name: 'properties' type: KeyValuePairs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Configuration properties as a set of key/value pairs, which will be passed on to the Spark application. For more information, see Apache Spark and the procedure option list. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'mainFileUri' +======= - name: 'mainFileUri' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The main file/jar URI of the Spark application. Exactly one of the definitionBody field and the mainFileUri field must be set for Python. Exactly one of mainClass and mainFileUri field should be set for Java/Scala language type. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'pyFileUris' + description: | + Python files to be placed on the PYTHONPATH for PySpark application. Supported file types: .py, .egg, and .zip. For more information about Apache Spark, see Apache Spark. + item_type: Api::Type::String + default_from_api: true + - !ruby/object:Api::Type::Array + name: 'jarUris' + description: | + JARs to include on the driver and executor CLASSPATH. For more information about Apache Spark, see Apache Spark. + item_type: Api::Type::String + default_from_api: true + - !ruby/object:Api::Type::Array + name: 'fileUris' + description: | + Files to be placed in the working directory of each executor. For more information about Apache Spark, see Apache Spark. + item_type: Api::Type::String + default_from_api: true + - !ruby/object:Api::Type::Array + name: 'archiveUris' + description: | + Archive files to be extracted into the working directory of each executor. For more information about Apache Spark, see Apache Spark. + item_type: Api::Type::String + default_from_api: true + - !ruby/object:Api::Type::String + name: 'mainClass' + description: | + The fully qualified name of a class in jarUris, for example, com.example.wordcount. + Exactly one of mainClass and main_jar_uri field should be set for Java/Scala language type. + - !ruby/object:Api::Type::NestedObject + name: 'remoteFunctionOptions' + description: Remote function specific options. + properties: + - !ruby/object:Api::Type::String + name: 'endpoint' + description: | + Endpoint of the user-provided remote service, e.g. + `https://us-east1-my_gcf_project.cloudfunctions.net/remote_add` + - !ruby/object:Api::Type::String + name: 'connection' +======= - name: 'pyFileUris' type: Array description: | @@ -306,12 +584,18 @@ properties: `https://us-east1-my_gcf_project.cloudfunctions.net/remote_add` - name: 'connection' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Fully qualified name of the user-provided connection object which holds the authentication information to send requests to the remote service. Format: "projects/{projectId}/locations/{locationId}/connections/{connectionId}" +<<<<<<< HEAD + - !ruby/object:Api::Type::KeyValuePairs + name: 'userDefinedContext' +======= - name: 'userDefinedContext' type: KeyValuePairs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | User-defined context as a set of key/value pairs, which will be sent as function invocation context together with batched arguments in the requests to the remote @@ -320,8 +604,13 @@ properties: An object containing a list of "key": value pairs. Example: `{ "name": "wrench", "mass": "1.3kg", "count": "3" }`. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'maxBatchingRows' +======= - name: 'maxBatchingRows' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Max number of rows in each batch sent to the remote service. If absent or if 0, BigQuery dynamically decides the number of rows in a batch. diff --git a/mmv1/products/bigquery/Table.yaml b/mmv1/products/bigquery/Table.yaml index 02eb4ac6a67f..a42414dd2782 100644 --- a/mmv1/products/bigquery/Table.yaml +++ b/mmv1/products/bigquery/Table.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,36 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Table' +kind: 'bigquery#table' +base_url: 'projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}' +description: | + A Table that belongs to a Dataset +self_link: 'projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}' +exclude_resource: true +iam_policy: !ruby/object:Api::Resource::IamPolicy + method_name_separator: ':' + parent_resource_type: 'google_bigquery_table' + parent_resource_attribute: 'table_id' + fetch_iam_policy_verb: :POST + allowed_iam_role: 'roles/bigquery.dataOwner' + iam_policy_version: '1' +id_format: '{{table_id}}' +import_format: + [ + 'projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}', + '{{table_id}}', + ] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_bigquery_table' + primary_resource_id: 'test' + primary_resource_name: "fmt.Sprintf(\"tf_test_dataset_id%s\", + context[\"random_suffix\"\ + ]), fmt.Sprintf(\"tf_test_table_id%s\", context[\"random_suffix\"])" +======= --- name: 'Table' kind: 'bigquery#table' @@ -41,12 +75,34 @@ examples: - name: 'bigquery_bigquery_table' primary_resource_id: 'test' primary_resource_name: 'fmt.Sprintf("tf_test_dataset_id%s", context["random_suffix"]), fmt.Sprintf("tf_test_table_id%s", context["random_suffix"])' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: dataset_id: 'dataset_id' table_id: 'table_id' parameters: # TODO(alexstephen): Remove once we have support for placing # nested object fields in URL +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'dataset' + description: Name of the dataset +properties: + - !ruby/object:Api::Type::NestedObject + name: tableReference + description: Reference describing the ID of this table + properties: + - !ruby/object:Api::Type::String + name: 'datasetId' + description: The ID of the dataset containing this table + - !ruby/object:Api::Type::String + name: 'projectId' + description: The ID of the project containing this table + - !ruby/object:Api::Type::String + name: 'tableId' + description: The ID of the the table + - !ruby/object:Api::Type::Array + name: 'clustering' +======= - name: 'dataset' type: String description: Name of the dataset @@ -66,12 +122,39 @@ properties: description: The ID of the the table - name: 'clustering' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | One or more fields on which data should be clustered. Only top-level, non-repeated, simple-type fields are supported. When you cluster a table using multiple columns, the order of columns you specify is important. The order of the specified columns determines the sort order of the data. +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Integer + name: 'creationTime' + output: true + description: | + The time when this dataset was created, in milliseconds since the + epoch. + - !ruby/object:Api::Type::String + name: 'description' + description: A user-friendly description of the dataset + - !ruby/object:Api::Type::String + name: 'friendlyName' + description: A descriptive name for this table + - !ruby/object:Api::Type::String + name: 'id' + description: 'An opaque ID uniquely identifying the table.' + output: true + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: | + The labels associated with this dataset. You can use these to + organize and group your datasets + - !ruby/object:Api::Type::Integer + name: 'lastModifiedTime' +======= item_type: type: String - name: 'creationTime' @@ -97,31 +180,59 @@ properties: organize and group your datasets - name: 'lastModifiedTime' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The time when this table was last modified, in milliseconds since the epoch. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'location' +======= - name: 'location' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The geographic location where the table resides. This value is inherited from the dataset. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'name' + description: 'Name of the table' + - !ruby/object:Api::Type::Integer + name: 'numBytes' +======= - name: 'name' type: String description: 'Name of the table' - name: 'numBytes' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The size of this table in bytes, excluding any data in the streaming buffer. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'numLongTermBytes' +======= - name: 'numLongTermBytes' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The number of bytes in the table that are considered "long-term storage". output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'numRows' + description: | + The number of rows of data in this table, excluding any data in the + streaming buffer. + - !ruby/object:Api::Type::Boolean + name: 'requirePartitionFilter' +======= - name: 'numRows' type: Integer description: | @@ -129,10 +240,37 @@ properties: streaming buffer. - name: 'requirePartitionFilter' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If set to true, queries over this table require a partition filter that can be used for partition elimination to be specified. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'type' + description: 'Describes the table type' + values: + - :TABLE + - :VIEW + - :EXTERNAL + output: true + - !ruby/object:Api::Type::NestedObject + name: 'view' + description: The view definition. + properties: + - !ruby/object:Api::Type::Boolean + name: 'useLegacySql' + description: | + Specifies whether to use BigQuery's legacy SQL for this view + - !ruby/object:Api::Type::Array + name: 'userDefinedFunctionResources' + description: | + Describes user-defined function resources used in the query. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'inlineCode' +======= - name: 'type' type: Enum description: 'Describes the table type' @@ -158,12 +296,27 @@ properties: properties: - name: 'inlineCode' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An inline resource that contains code for a user-defined function (UDF). Providing a inline code resource is equivalent to providing a URI for a file containing the same code. # TODO: Convert into cross-product ResourceRef +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'resourceUri' + description: | + A code resource to load from a Google Cloud Storage URI + (gs://bucket/path). + - !ruby/object:Api::Type::NestedObject + name: 'timePartitioning' + description: | + If specified, configures time-based partitioning for this table. + properties: + - !ruby/object:Api::Type::Integer + name: 'expirationMs' +======= - name: 'resourceUri' type: String description: | @@ -176,14 +329,20 @@ properties: properties: - name: 'expirationMs' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Number of milliseconds for which to keep the storage for a partition. If unspecified when the table is created in a dataset that has `defaultPartitionExpirationMs`, it will inherit the value of `defaultPartitionExpirationMs` from the dataset. To specify a unlimited expiration, set the value to 0. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'field' +======= - name: 'field' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If not set, the table is partitioned by pseudo column, referenced via either '_PARTITIONTIME' as TIMESTAMP type, or @@ -191,6 +350,17 @@ properties: is instead partitioned by this field. The field must be a top-level TIMESTAMP or DATE field. Its mode must be NULLABLE or REQUIRED. +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'type' + description: | + The only type supported is DAY, which will generate one partition + per day. + values: + - :DAY + - !ruby/object:Api::Type::NestedObject + name: 'streamingBuffer' +======= - name: 'type' type: Enum description: | @@ -200,31 +370,98 @@ properties: - 'DAY' - name: 'streamingBuffer' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Contains information regarding this table's streaming buffer, if one is present. This field will be absent if the table is not being streamed to or if there is no data in the streaming buffer. output: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'estimatedBytes' +======= - name: 'estimatedBytes' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A lower-bound estimate of the number of bytes currently in the streaming buffer. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'estimatedRows' +======= - name: 'estimatedRows' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A lower-bound estimate of the number of rows currently in the streaming buffer. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'oldestEntryTime' +======= - name: 'oldestEntryTime' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Contains the timestamp of the oldest entry in the streaming buffer, in milliseconds since the epoch, if the streaming buffer is available. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'schema' + description: Describes the schema of this table + properties: + - !ruby/object:Api::Type::Array + name: 'fields' + description: Describes the fields in a table. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'description' + description: | + The field description. The maximum length is 1,024 + characters. + - !ruby/object:Api::Type::Array + name: 'fields' + description: | + Describes the nested schema fields if the type property is + set to RECORD. + item_type: Api::Type::String + - !ruby/object:Api::Type::Enum + name: 'mode' + description: The field mode + values: + - :NULLABLE + - :REQUIRED + - :REPEATED + - !ruby/object:Api::Type::String + name: 'name' + description: The field name + - !ruby/object:Api::Type::Enum + name: 'type' + description: 'The field data type' + values: + - :STRING + - :BYTES + - :INTEGER + - :FLOAT + - :TIMESTAMP + - :DATE + - :TIME + - :DATETIME + - :RECORD + - !ruby/object:Api::Type::NestedObject + name: 'encryptionConfiguration' + description: Custom encryption configuration + properties: + - !ruby/object:Api::Type::String + name: 'kmsKeyName' +======= - name: 'schema' type: NestedObject description: Describes the schema of this table @@ -276,11 +513,21 @@ properties: properties: - name: 'kmsKeyName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Describes the Cloud KMS encryption key that will be used to protect destination BigQuery table. The BigQuery Service Account associated with your project requires access to this encryption key. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'expirationTime' + description: | + The time when this table expires, in milliseconds since the epoch. If + not present, the table will persist indefinitely. + - !ruby/object:Api::Type::NestedObject + name: 'externalDataConfiguration' +======= - name: 'expirationTime' type: Integer description: | @@ -288,11 +535,53 @@ properties: not present, the table will persist indefinitely. - name: 'externalDataConfiguration' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Describes the data format, location, and other properties of a table stored outside of BigQuery. By defining these properties, the data source can then be queried as if it were a standard BigQuery table. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'autodetect' + description: | + Try to detect schema and format options automatically. Any option + specified explicitly will be honored. + - !ruby/object:Api::Type::Enum + name: 'compression' + description: The compression type of the data source + values: + - :GZIP + - :NONE + - !ruby/object:Api::Type::Boolean + name: 'ignoreUnknownValues' + description: | + Indicates if BigQuery should allow extra values that are not + represented in the table schema + - !ruby/object:Api::Type::Integer + name: 'maxBadRecords' + description: | + The maximum number of bad records that BigQuery can ignore when reading data + default_value: 0 + - !ruby/object:Api::Type::Enum + name: 'sourceFormat' + description: The data format + values: + - :CSV + - :GOOGLE_SHEETS + - :NEWLINE_DELIMITED_JSON + - :AVRO + - :DATASTORE_BACKUP + - :BIGTABLE + - :ORC + - :PARQUET + - :ICEBERG + - :DELTA_LAKE + # TODO: Investigate if this is feasible as a ResourceRef + # This is a very complicated ResourceRef (one-to-many, where the many are cross-product). + - !ruby/object:Api::Type::Array + name: 'sourceUris' +======= - name: 'autodetect' type: Boolean description: | @@ -332,6 +621,7 @@ properties: # This is a very complicated ResourceRef (one-to-many, where the many are cross-product). - name: 'sourceUris' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The fully-qualified URIs that point to your data in Google Cloud. For Google Cloud Storage URIs: Each URI can contain one '\*' @@ -342,6 +632,58 @@ properties: Bigtable table. For Google Cloud Datastore backups, exactly one URI can be specified. Also, the '\*' wildcard character is not allowed. +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::NestedObject + name: 'schema' + description: + 'The schema for the data. Schema is required for CSV and JSON formats' + properties: + - !ruby/object:Api::Type::Array + name: 'fields' + description: 'Describes the fields in a table.' + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'description' + description: The field description + - !ruby/object:Api::Type::Array + name: 'fields' + description: | + Describes the nested schema fields if the type property + is set to RECORD + item_type: Api::Type::String + - !ruby/object:Api::Type::Enum + name: 'mode' + description: Field mode. + values: + - :NULLABLE + - :REQUIRED + - :REPEATED + - !ruby/object:Api::Type::String + name: 'name' + description: Field name + - !ruby/object:Api::Type::Enum + name: 'type' + description: Field data type + values: + - :STRING + - :BYTES + - :INTEGER + - :FLOAT + - :TIMESTAMP + - :DATE + - :TIME + - :DATETIME + - :RECORD + - !ruby/object:Api::Type::NestedObject + name: 'googleSheetsOptions' + description: + 'Additional options if sourceFormat is set to GOOGLE_SHEETS.' + properties: + - !ruby/object:Api::Type::Integer + name: 'skipLeadingRows' +======= item_type: type: String - name: 'schema' @@ -395,10 +737,42 @@ properties: properties: - name: 'skipLeadingRows' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The number of rows at the top of a Google Sheet that BigQuery will skip when reading the data. default_value: 0 +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'csvOptions' + description: Additional properties to set if sourceFormat is set to CSV. + properties: + - !ruby/object:Api::Type::Boolean + name: 'allowJaggedRows' + description: | + Indicates if BigQuery should accept rows that are missing + trailing optional columns + - !ruby/object:Api::Type::Boolean + name: 'allowQuotedNewlines' + description: | + Indicates if BigQuery should allow quoted data sections that + contain newline characters in a CSV file + - !ruby/object:Api::Type::Enum + name: 'encoding' + description: 'The character encoding of the data' + values: + - :UTF-8 + - :ISO-8859-1 + - !ruby/object:Api::Type::String + name: 'fieldDelimiter' + description: 'The separator for fields in a CSV file' + - !ruby/object:Api::Type::String + name: 'quote' + description: + 'The value that is used to quote data sections in a CSV file' + - !ruby/object:Api::Type::Integer + name: 'skipLeadingRows' +======= - name: 'csvOptions' type: NestedObject description: Additional properties to set if sourceFormat is set to CSV. @@ -428,10 +802,50 @@ properties: 'The value that is used to quote data sections in a CSV file' - name: 'skipLeadingRows' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The number of rows at the top of a CSV file that BigQuery will skip when reading the data. default_value: 0 +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'bigtableOptions' + description: 'Additional options if sourceFormat is set to BIGTABLE.' + properties: + - !ruby/object:Api::Type::Boolean + name: 'ignoreUnspecifiedColumnFamilies' + description: | + If field is true, then the column families that are not specified in + columnFamilies list are not exposed in the table schema + - !ruby/object:Api::Type::Boolean + name: 'readRowkeyAsString' + description: | + If field is true, then the rowkey column families will be + read and converted to string. + - !ruby/object:Api::Type::Array + name: 'columnFamilies' + description: | + List of column families to expose in the table schema along + with their types. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Array + name: 'columns' + description: | + Lists of columns that should be exposed as individual + fields as opposed to a list of (column name, value) pairs. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Enum + name: 'encoding' + description: + The encoding of the values when the type is not STRING + values: + - :TEXT + - :BINARY + - !ruby/object:Api::Type::String + name: 'fieldName' +======= - name: 'bigtableOptions' type: NestedObject description: 'Additional options if sourceFormat is set to BIGTABLE.' @@ -471,11 +885,59 @@ properties: - 'BINARY' - name: 'fieldName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If the qualifier is not a valid BigQuery field identifier, a valid identifier must be provided as the column field name and is used as field name in queries. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'onlyReadLatest' + description: | + If this is set, only the latest version of value in this column are exposed + - !ruby/object:Api::Type::String + name: 'qualifierString' + description: Qualifier of the column + required: true + - !ruby/object:Api::Type::Enum + name: 'type' + description: + The type to convert the value in cells of this column + values: + - :BYTES + - :STRING + - :INTEGER + - :FLOAT + - :BOOLEAN + - !ruby/object:Api::Type::Enum + name: 'encoding' + description: + The encoding of the values when the type is not STRING + values: + - :TEXT + - :BINARY + - !ruby/object:Api::Type::String + name: 'familyId' + description: Identifier of the column family. + - !ruby/object:Api::Type::Boolean + name: 'onlyReadLatest' + description: | + If this is set only the latest version of value are + exposed for all columns in this column family + - !ruby/object:Api::Type::Enum + name: 'type' + description: + The type to convert the value in cells of this column family + values: + - :BYTES + - :STRING + - :INTEGER + - :FLOAT + - :BOOLEAN + - !ruby/object:Api::Type::NestedObject + name: 'tableReplicationInfo' +======= - name: 'onlyReadLatest' type: Boolean description: | @@ -521,10 +983,27 @@ properties: - 'BOOLEAN' - name: 'tableReplicationInfo' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Replication info of a table created using "AS REPLICA" DDL like: `CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv`. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'sourceProjectId' + description: The ID of the source project. + required: true + - !ruby/object:Api::Type::String + name: 'sourceDatasetId' + description: The ID of the source dataset. + required: true + - !ruby/object:Api::Type::String + name: 'sourceTableId' + description: The ID of the source materialized view. + required: true + - !ruby/object:Api::Type::Integer + name: 'replicationIntervalMs' +======= - name: 'sourceProjectId' type: String description: The ID of the source project. @@ -539,12 +1018,18 @@ properties: required: true - name: 'replicationIntervalMs' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The interval at which the source materialized view is polled for updates. The default is 300000. default_value: 300000 +<<<<<<< HEAD + - !ruby/object:Api::Type::KeyValuePairs + name: 'resourceTags' +======= - name: 'resourceTags' type: KeyValuePairs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for example "123456789012/environment" where 123456789012 is the diff --git a/mmv1/products/bigquery/go_Dataset.yaml b/mmv1/products/bigquery/go_Dataset.yaml new file mode 100644 index 000000000000..987fd97fa7a5 --- /dev/null +++ b/mmv1/products/bigquery/go_Dataset.yaml @@ -0,0 +1,404 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Dataset' +kind: 'bigquery#dataset' +description: | + Datasets allow you to organize and control access to your tables. +references: + guides: + 'Datasets Intro': 'https://cloud.google.com/bigquery/docs/datasets-intro' + api: 'https://cloud.google.com/bigquery/docs/reference/rest/v2/datasets' +docs: + warning: | + You must specify the role field using the legacy format `OWNER` instead of `roles/bigquery.dataOwner`. + The API does accept both formats but it will always return the legacy format which results in Terraform + showing permanent diff on each plan and apply operation. +base_url: 'projects/{{project}}/datasets' +self_link: 'projects/{{project}}/datasets/{{dataset_id}}' +has_self_link: true +delete_url: 'projects/{{project}}/datasets/{{dataset_id}}?deleteContents={{delete_contents_on_destroy}}' +import_format: + - 'projects/{{project}}/datasets/{{dataset_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + constants: 'templates/terraform/constants/go/bigquery_dataset.go.tmpl' +exclude_sweeper: true +examples: + - name: 'bigquery_dataset_basic' + primary_resource_id: 'dataset' + vars: + dataset_id: 'example_dataset' + account_name: 'bqowner' + - name: 'bigquery_dataset_with_max_time_travel_hours' + primary_resource_id: 'dataset' + vars: + dataset_id: 'example_dataset' + account_name: 'bqowner' + exclude_docs: true + - name: 'bigquery_dataset_cmek' + primary_resource_id: 'dataset' + vars: + dataset_id: 'example_dataset' + key_name: 'example-key' + keyring_name: 'example-keyring' + exclude_test: true + - name: 'bigquery_dataset_authorized_dataset' + primary_resource_id: 'dataset' + vars: + private: 'private' + public: 'public' + account_name: 'bqowner' + - name: 'bigquery_dataset_authorized_routine' + primary_resource_id: 'private' + vars: + private_dataset: 'private_dataset' + public_dataset: 'public_dataset' + public_routine: 'public_routine' + test_env_vars: + service_account: 'SERVICE_ACCT' + - name: 'bigquery_dataset_case_insensitive_names' + primary_resource_id: 'dataset' + vars: + dataset_id: 'example_dataset' + account_name: 'bqowner' + exclude_docs: true + - name: 'bigquery_dataset_default_collation_set' + primary_resource_id: 'dataset' + vars: + dataset_id: 'example_dataset' + account_name: 'bqowner' + exclude_docs: true + - name: 'bigquery_dataset_external_reference_aws_test' + primary_resource_id: 'dataset' + vars: + dataset_id: 'example_dataset' + exclude_docs: true + - name: 'bigquery_dataset_external_reference_aws' + primary_resource_id: 'dataset' + vars: + dataset_id: 'example_dataset' + exclude_test: true + - name: 'bigquery_dataset_resource_tags' + primary_resource_id: 'dataset' + primary_resource_name: 'fmt.Sprintf("tf_test_dataset%s", context["random_suffix"])' + vars: + dataset_id: 'dataset' + tag_key1: 'tag_key1' + tag_value1: 'tag_value1' + tag_key2: 'tag_key2' + tag_value2: 'tag_value2' + exclude_docs: true +virtual_fields: + - name: 'delete_contents_on_destroy' + description: | + If set to `true`, delete all the tables in the + dataset when destroying the resource; otherwise, + destroying the resource will fail if tables are present. + type: Boolean + default_value: false +parameters: +properties: + - name: 'maxTimeTravelHours' + type: String + description: + 'Defines the time travel window in hours. The value can be from 48 to 168 + hours (2 to 7 days).' + default_from_api: true + - name: 'access' + type: Array + description: + 'An array of objects that define dataset access for one or more entities.' + is_set: true + default_from_api: true + item_type: + type: NestedObject + properties: + - name: 'domain' + type: String + description: | + A domain to grant access to. Any users signed in with the + domain specified will be granted the specified access + - name: 'groupByEmail' + type: String + description: An email address of a Google Group to grant access to. + - name: 'role' + type: String + description: | + Describes the rights granted to the user specified by the other + member of the access object. Basic, predefined, and custom roles + are supported. Predefined roles that have equivalent basic roles + are swapped by the API to their basic counterparts. See + [official docs](https://cloud.google.com/bigquery/docs/access-control). + - name: 'specialGroup' + type: String + description: | + A special group to grant access to. Possible values include: + * `projectOwners`: Owners of the enclosing project. + * `projectReaders`: Readers of the enclosing project. + * `projectWriters`: Writers of the enclosing project. + * `allAuthenticatedUsers`: All authenticated BigQuery users. + - name: 'iamMember' + type: String + description: | + Some other type of member that appears in the IAM Policy but isn't a user, + group, domain, or special group. For example: `allUsers` + - name: 'userByEmail' + type: String + description: | + An email address of a user to grant access to. For example: + fred@example.com + - name: 'view' + type: NestedObject + description: | + A view from a different dataset to grant access to. Queries + executed against that view will have read access to tables in + this dataset. The role field is not required when this field is + set. If that view is updated by any user, access to the view + needs to be granted again via an update operation. + properties: + - name: 'datasetId' + type: String + description: The ID of the dataset containing this table. + required: true + - name: 'projectId' + type: String + description: The ID of the project containing this table. + required: true + - name: 'tableId' + type: String + description: | + The ID of the table. The ID must contain only letters (a-z, + A-Z), numbers (0-9), or underscores (_). The maximum length + is 1,024 characters. + required: true + - name: 'dataset' + type: NestedObject + description: | + Grants all resources of particular types in a particular dataset read access to the current dataset. + properties: + - name: 'dataset' + type: NestedObject + description: | + The dataset this entry applies to + required: true + properties: + - name: 'datasetId' + type: String + description: The ID of the dataset containing this table. + required: true + - name: 'projectId' + type: String + description: The ID of the project containing this table. + required: true + - name: 'targetTypes' + type: Array + description: | + Which resources in the dataset this entry applies to. Currently, only views are supported, + but additional target types may be added in the future. Possible values: VIEWS + required: true + item_type: + type: String + - name: 'routine' + type: NestedObject + description: | + A routine from a different dataset to grant access to. Queries + executed against that routine will have read access to tables in + this dataset. The role field is not required when this field is + set. If that routine is updated by any user, access to the routine + needs to be granted again via an update operation. + properties: + - name: 'datasetId' + type: String + description: The ID of the dataset containing this table. + required: true + - name: 'projectId' + type: String + description: The ID of the project containing this table. + required: true + - name: 'routineId' + type: String + description: | + The ID of the routine. The ID must contain only letters (a-z, + A-Z), numbers (0-9), or underscores (_). The maximum length + is 256 characters. + required: true + - name: 'creationTime' + type: Integer + description: | + The time when this dataset was created, in milliseconds since the + epoch. + output: true + - name: 'datasetReference' + type: NestedObject + description: 'A reference that identifies the dataset.' + required: true + immutable: true + flatten_object: true + properties: + - name: 'datasetId' + type: String + description: | + A unique ID for this dataset, without the project name. The ID + must contain only letters (a-z, A-Z), numbers (0-9), or + underscores (_). The maximum length is 1,024 characters. + required: true + immutable: true + validation: + function: 'validateDatasetId' + - name: 'defaultTableExpirationMs' + type: Integer + description: | + The default lifetime of all tables in the dataset, in milliseconds. + The minimum value is 3600000 milliseconds (one hour). + Once this property is set, all newly-created tables in the dataset + will have an `expirationTime` property set to the creation time plus + the value in this property, and changing the value will only affect + new tables, not existing ones. When the `expirationTime` for a given + table is reached, that table will be deleted automatically. + If a table's `expirationTime` is modified or removed before the + table expires, or if you provide an explicit `expirationTime` when + creating a table, that value takes precedence over the default + expiration time indicated by this property. + validation: + function: 'validateDefaultTableExpirationMs' + - name: 'defaultPartitionExpirationMs' + type: Integer + description: | + The default partition expiration for all partitioned tables in + the dataset, in milliseconds. + Once this property is set, all newly-created partitioned tables in + the dataset will have an `expirationMs` property in the `timePartitioning` + settings set to this value, and changing the value will only + affect new tables, not existing ones. The storage in a partition will + have an expiration time of its partition time plus this value. + Setting this property overrides the use of `defaultTableExpirationMs` + for partitioned tables: only one of `defaultTableExpirationMs` and + `defaultPartitionExpirationMs` will be used for any new partitioned + table. If you provide an explicit `timePartitioning.expirationMs` when + creating or updating a partitioned table, that value takes precedence + over the default partition expiration time indicated by this property. + - name: 'description' + type: String + description: A user-friendly description of the dataset + - name: 'etag' + type: String + description: | + A hash of the resource. + output: true + - name: 'externalDatasetReference' + type: NestedObject + description: | + Information about the external metadata storage where the dataset is defined. + immutable: true + properties: + - name: 'externalSource' + type: String + description: | + External source that backs this dataset. + required: true + immutable: true + - name: 'connection' + type: String + description: | + The connection id that is used to access the externalSource. + Format: projects/{projectId}/locations/{locationId}/connections/{connectionId} + required: true + immutable: true + - name: 'friendlyName' + type: String + description: A descriptive name for the dataset + send_empty_value: true + - name: 'labels' + type: KeyValueLabels + description: | + The labels associated with this dataset. You can use these to + organize and group your datasets. + - name: 'lastModifiedTime' + type: Integer + description: | + The date when this dataset or any of its tables was last modified, in + milliseconds since the epoch. + output: true + - name: 'location' + type: String + description: | + The geographic location where the dataset should reside. + See [official docs](https://cloud.google.com/bigquery/docs/dataset-locations). + There are two types of locations, regional or multi-regional. A regional + location is a specific geographic place, such as Tokyo, and a multi-regional + location is a large geographic area, such as the United States, that + contains at least two geographic places. + The default value is multi-regional location `US`. + Changing this forces a new resource to be created. + immutable: true + diff_suppress_func: 'tpgresource.CaseDiffSuppress' + custom_flatten: 'templates/terraform/custom_flatten/go/bigquery_dataset_location.go.tmpl' + default_value: "US" + - name: 'defaultEncryptionConfiguration' + type: NestedObject + description: | + The default encryption key for all tables in the dataset. Once this property is set, + all newly-created partitioned tables in the dataset will have encryption key set to + this value, unless table creation request (or query) overrides the key. + properties: + - name: 'kmsKeyName' + type: String + description: | + Describes the Cloud KMS encryption key that will be used to protect destination + BigQuery table. The BigQuery Service Account associated with your project requires + access to this encryption key. + required: true + - name: 'isCaseInsensitive' + type: Boolean + description: | + TRUE if the dataset and its table names are case-insensitive, otherwise FALSE. + By default, this is FALSE, which means the dataset and its table names are + case-sensitive. This field does not affect routine references. + default_from_api: true + - name: 'defaultCollation' + type: String + description: | + Defines the default collation specification of future tables created + in the dataset. If a table is created in this dataset without table-level + default collation, then the table inherits the dataset default collation, + which is applied to the string fields that do not have explicit collation + specified. A change to this field affects only tables created afterwards, + and does not alter the existing tables. + + The following values are supported: + - 'und:ci': undetermined locale, case insensitive. + - '': empty string. Default to case-sensitive behavior. + default_from_api: true + - name: 'storageBillingModel' + type: String + description: | + Specifies the storage billing model for the dataset. + Set this flag value to LOGICAL to use logical bytes for storage billing, + or to PHYSICAL to use physical bytes instead. + + LOGICAL is the default if this flag isn't specified. + default_from_api: true + - name: 'resourceTags' + type: KeyValuePairs + description: | + The tags attached to this table. Tag keys are globally unique. Tag key is expected to be + in the namespaced format, for example "123456789012/environment" where 123456789012 is the + ID of the parent organization or project resource for this tag key. Tag value is expected + to be the short name, for example "Production". See [Tag definitions](/iam/docs/tags-access-control#definitions) + for more details. diff --git a/mmv1/products/bigquery/go_DatasetAccess.yaml b/mmv1/products/bigquery/go_DatasetAccess.yaml new file mode 100644 index 000000000000..ab766f7e9dd0 --- /dev/null +++ b/mmv1/products/bigquery/go_DatasetAccess.yaml @@ -0,0 +1,301 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'DatasetAccess' +description: | + Gives dataset access for a single entity. This resource is intended to be used in cases where + it is not possible to compile a full list of access blocks to include in a + `google_bigquery_dataset` resource, to enable them to be added separately. + + ~> **Note:** If this resource is used alongside a `google_bigquery_dataset` resource, the + dataset resource must either have no defined `access` blocks or a `lifecycle` block with + `ignore_changes = [access]` so they don't fight over which accesses should be on the dataset. + Additionally, both resource cannot be modified in the same apply. +references: + guides: + 'Controlling access to datasets': 'https://cloud.google.com/bigquery/docs/dataset-access-controls' + api: 'https://cloud.google.com/bigquery/docs/reference/rest/v2/datasets' +docs: + warning: | + You must specify the role field using the legacy format `OWNER` instead of `roles/bigquery.dataOwner`. + The API does accept both formats but it will always return the legacy format which results in Terraform + showing permanent diff on each plan and apply operation. +base_url: 'projects/{{project}}/datasets/{{dataset_id}}' +self_link: 'projects/{{project}}/datasets/{{dataset_id}}' +create_verb: 'PATCH' +delete_verb: 'PATCH' +immutable: true +mutex: '{{dataset_id}}' +exclude_import: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +identity: + - role + - userByEmail + - groupByEmail + - domain + - specialGroup + - iamMember + - view + - dataset + - routine +nested_query: + keys: + - access + is_list_of_ids: false + modify_by_patch: true +custom_code: + extra_schema_entry: 'templates/terraform/extra_schema_entry/go/bigquery_dataset_access.go.tmpl' + constants: 'templates/terraform/constants/go/bigquery_dataset_access.go.tmpl' + post_create: 'templates/terraform/post_create/go/bigquery_dataset_access.go.tmpl' +exclude_tgc: true +exclude_sweeper: true +error_retry_predicates: + + - 'transport_tpg.IsBigqueryIAMQuotaError' +examples: + - name: 'bigquery_dataset_access_basic_user' + primary_resource_id: 'access' + vars: + dataset_id: 'example_dataset' + account_name: 'bqowner' + # not importable + exclude_test: true + - name: 'bigquery_dataset_access_view' + primary_resource_id: 'access' + vars: + dataset_id: 'example_dataset' + dataset_id2: 'example_dataset2' + table_id: 'example_table' + # not importable + exclude_test: true + - name: 'bigquery_dataset_access_authorized_dataset' + primary_resource_id: 'access' + vars: + private: 'private' + public: 'public' + # not importable + exclude_test: true + - name: 'bigquery_dataset_access_authorized_routine' + primary_resource_id: 'authorized_routine' + vars: + private_dataset: 'private_dataset' + public_dataset: 'public_dataset' + public_routine: 'public_routine' + # not importable + exclude_test: true +parameters: +properties: + - name: 'datasetId' + type: String + description: | + A unique ID for this dataset, without the project name. The ID + must contain only letters (a-z, A-Z), numbers (0-9), or + underscores (_). The maximum length is 1,024 characters. + required: true + ignore_read: true + - name: 'role' + type: String + description: | + Describes the rights granted to the user specified by the other + member of the access object. Basic, predefined, and custom roles are + supported. Predefined roles that have equivalent basic roles are + swapped by the API to their basic counterparts, and will show a diff + post-create. See + [official docs](https://cloud.google.com/bigquery/docs/access-control). + diff_suppress_func: 'resourceBigQueryDatasetAccessRoleDiffSuppress' + custom_expand: 'templates/terraform/custom_expand/go/bigquery_access_role.go.tmpl' + - name: 'userByEmail' + type: String + description: | + An email address of a user to grant access to. For example: + fred@example.com + exactly_one_of: + - 'user_by_email' + - 'group_by_email' + - 'domain' + - 'special_group' + - 'iam_member' + - 'view' + - 'dataset' + - 'routine' + diff_suppress_func: 'resourceBigQueryDatasetAccessIamMemberDiffSuppress' + custom_expand: 'templates/terraform/custom_expand/go/string_to_lower_case.go.tmpl' + - name: 'groupByEmail' + type: String + description: An email address of a Google Group to grant access to. + exactly_one_of: + - 'user_by_email' + - 'group_by_email' + - 'domain' + - 'special_group' + - 'iam_member' + - 'view' + - 'dataset' + - 'routine' + diff_suppress_func: 'resourceBigQueryDatasetAccessIamMemberDiffSuppress' + custom_expand: 'templates/terraform/custom_expand/go/string_to_lower_case.go.tmpl' + - name: 'domain' + type: String + description: | + A domain to grant access to. Any users signed in with the + domain specified will be granted the specified access + exactly_one_of: + - 'user_by_email' + - 'group_by_email' + - 'domain' + - 'special_group' + - 'iam_member' + - 'view' + - 'dataset' + - 'routine' + diff_suppress_func: 'resourceBigQueryDatasetAccessIamMemberDiffSuppress' + - name: 'specialGroup' + type: String + description: | + A special group to grant access to. Possible values include: + * `projectOwners`: Owners of the enclosing project. + * `projectReaders`: Readers of the enclosing project. + * `projectWriters`: Writers of the enclosing project. + * `allAuthenticatedUsers`: All authenticated BigQuery users. + exactly_one_of: + - 'user_by_email' + - 'group_by_email' + - 'domain' + - 'special_group' + - 'iam_member' + - 'view' + - 'dataset' + - 'routine' + diff_suppress_func: 'resourceBigQueryDatasetAccessIamMemberDiffSuppress' + - name: 'iamMember' + type: String + description: | + Some other type of member that appears in the IAM Policy but isn't a user, + group, domain, or special group. For example: `allUsers` + exactly_one_of: + - 'user_by_email' + - 'group_by_email' + - 'domain' + - 'special_group' + - 'iam_member' + - 'view' + - 'dataset' + - 'routine' + diff_suppress_func: 'resourceBigQueryDatasetAccessIamMemberDiffSuppress' + - name: 'view' + type: NestedObject + description: | + A view from a different dataset to grant access to. Queries + executed against that view will have read access to tables in + this dataset. The role field is not required when this field is + set. If that view is updated by any user, access to the view + needs to be granted again via an update operation. + exactly_one_of: + - 'user_by_email' + - 'group_by_email' + - 'domain' + - 'special_group' + - 'iam_member' + - 'view' + - 'dataset' + - 'routine' + properties: + - name: 'datasetId' + type: String + description: The ID of the dataset containing this table. + required: true + - name: 'projectId' + type: String + description: The ID of the project containing this table. + required: true + - name: 'tableId' + type: String + description: | + The ID of the table. The ID must contain only letters (a-z, + A-Z), numbers (0-9), or underscores (_). The maximum length + is 1,024 characters. + required: true + - name: 'dataset' + type: NestedObject + description: | + Grants all resources of particular types in a particular dataset read access to the current dataset. + exactly_one_of: + - 'user_by_email' + - 'group_by_email' + - 'domain' + - 'special_group' + - 'iam_member' + - 'view' + - 'dataset' + - 'routine' + properties: + - name: 'dataset' + type: NestedObject + description: | + The dataset this entry applies to + required: true + properties: + - name: 'datasetId' + type: String + description: The ID of the dataset containing this table. + required: true + - name: 'projectId' + type: String + description: The ID of the project containing this table. + required: true + - name: 'targetTypes' + type: Array + description: | + Which resources in the dataset this entry applies to. Currently, only views are supported, + but additional target types may be added in the future. Possible values: VIEWS + required: true + item_type: + type: String + - name: 'routine' + type: NestedObject + description: | + A routine from a different dataset to grant access to. Queries + executed against that routine will have read access to tables in + this dataset. The role field is not required when this field is + set. If that routine is updated by any user, access to the routine + needs to be granted again via an update operation. + exactly_one_of: + - 'user_by_email' + - 'group_by_email' + - 'domain' + - 'special_group' + - 'iam_member' + - 'view' + - 'dataset' + - 'routine' + properties: + - name: 'datasetId' + type: String + description: The ID of the dataset containing this table. + required: true + - name: 'projectId' + type: String + description: The ID of the project containing this table. + required: true + - name: 'routineId' + type: String + description: | + The ID of the routine. The ID must contain only letters (a-z, + A-Z), numbers (0-9), or underscores (_). The maximum length + is 256 characters. + required: true diff --git a/mmv1/products/bigquery/go_Job.yaml b/mmv1/products/bigquery/go_Job.yaml new file mode 100644 index 000000000000..b359f2d41742 --- /dev/null +++ b/mmv1/products/bigquery/go_Job.yaml @@ -0,0 +1,883 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Job' +kind: 'bigquery#job' +description: | + Jobs are actions that BigQuery runs on your behalf to load data, export data, query data, or copy data. + Once a BigQuery job is created, it cannot be changed or deleted. +references: + guides: + 'BigQuery Jobs Intro': 'https://cloud.google.com/bigquery/docs/jobs-overview' + api: 'https://cloud.google.com/bigquery/docs/reference/rest/v2/jobs' +docs: +id_format: 'projects/{{project}}/jobs/{{job_id}}' +base_url: 'projects/{{project}}/jobs' +self_link: 'projects/{{project}}/jobs/{{job_id}}?location={{location}}' +exclude_delete: true +immutable: true +import_format: + - 'projects/{{project}}/jobs/{{job_id}}/location/{{location}}' + - 'projects/{{project}}/jobs/{{job_id}}' + - '{{project}}/{{job_id}}' + - '{{job_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + type: 'PollAsync' + check_response_func_existence: 'transport_tpg.PollCheckForExistence' + check_response_func_absence: 'transport_tpg.PollCheckForAbsence' + suppress_error: false + target_occurrences: 1 + actions: ['create'] +custom_code: + constants: 'templates/terraform/constants/go/bigquery_job.go.tmpl' + encoder: 'templates/terraform/encoders/go/bigquery_job.go.tmpl' +schema_version: 1 +state_upgraders: true +examples: + - name: 'bigquery_job_query' + primary_resource_id: 'job' + vars: + job_id: 'job_query' + account_name: 'bqowner' + ignore_read_extra: + - 'etag' + - 'status.0.state' + - name: 'bigquery_job_query_table_reference' + primary_resource_id: 'job' + vars: + job_id: 'job_query' + account_name: 'bqowner' + ignore_read_extra: + - 'etag' + - 'query.0.default_dataset.0.dataset_id' + - 'query.0.destination_table.0.table_id' + - 'status.0.state' + - name: 'bigquery_job_load' + primary_resource_id: 'job' + vars: + job_id: 'job_load' + ignore_read_extra: + - 'etag' + - 'status.0.state' + - name: 'bigquery_job_load_geojson' + primary_resource_id: 'job' + vars: + job_id: 'job_load' + # Keep small(er) to avoid downstream acctest having too-long a bucket name + bucket_name: 'bq-geojson' + test_env_vars: + project: 'PROJECT_NAME' + ignore_read_extra: + - 'etag' + - 'status.0.state' + - name: 'bigquery_job_load_parquet' + primary_resource_id: 'job' + vars: + job_id: 'job_load' + ignore_read_extra: + - 'etag' + - 'status.0.state' + - name: 'bigquery_job_load_table_reference' + primary_resource_id: 'job' + vars: + job_id: 'job_load' + ignore_read_extra: + - 'etag' + - 'load.0.destination_table.0.table_id' + - 'status.0.state' + # there are a lot of examples for this resource, so omitting some that are similar to others + exclude_docs: true + - name: 'bigquery_job_copy' + primary_resource_id: 'job' + vars: + job_id: 'job_copy' + account_name: 'bqowner' + key_name: 'example-key' + keyring_name: 'example-keyring' + test_env_vars: + project: 'PROJECT_NAME' + ignore_read_extra: + - 'etag' + - 'status.0.state' + - name: 'bigquery_job_copy_table_reference' + primary_resource_id: 'job' + vars: + job_id: 'job_copy' + account_name: 'bqowner' + key_name: 'example-key' + keyring_name: 'example-keyring' + test_env_vars: + project: 'PROJECT_NAME' + ignore_read_extra: + - 'etag' + - 'copy.0.destination_table.0.table_id' + - 'copy.0.source_tables.0.table_id' + - 'copy.0.source_tables.1.table_id' + - 'status.0.state' + # there are a lot of examples for this resource, so omitting some that are similar to others + exclude_docs: true + - name: 'bigquery_job_extract' + primary_resource_id: 'job' + vars: + job_id: 'job_extract' + account_name: 'bqowner' + ignore_read_extra: + - 'etag' + - 'status.0.state' + - name: 'bigquery_job_extract_table_reference' + primary_resource_id: 'job' + vars: + job_id: 'job_extract' + account_name: 'bqowner' + ignore_read_extra: + - 'etag' + - 'extract.0.source_table.0.table_id' + - 'status.0.state' + # there are a lot of examples for this resource, so omitting some that are similar to others + exclude_docs: true +parameters: +properties: + - name: 'user_email' + type: String + description: | + Email address of the user who ran the job. + output: true + - name: 'configuration' + type: NestedObject + description: 'Describes the job configuration.' + required: true + flatten_object: true + properties: + - name: 'jobType' + type: String + description: | + The type of the job. + output: true + - name: 'jobTimeoutMs' + type: String + description: | + Job timeout in milliseconds. If this time limit is exceeded, BigQuery may attempt to terminate the job. + - name: 'labels' + type: KeyValueLabels + description: | + The labels associated with this job. You can use these to organize and group your jobs. + - name: 'query' + type: NestedObject + description: 'Configures a query job.' + exactly_one_of: + - 'configuration.0.query' + - 'configuration.0.load' + - 'configuration.0.copy' + - 'configuration.0.extract' + properties: + - name: 'query' + type: String + description: | + SQL query text to execute. The useLegacySql field can be used to indicate whether the query uses legacy SQL or standard SQL. + *NOTE*: queries containing [DML language](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-manipulation-language) + (`DELETE`, `UPDATE`, `MERGE`, `INSERT`) must specify `create_disposition = ""` and `write_disposition = ""`. + required: true + - name: 'destinationTable' + type: NestedObject + description: | + Describes the table where the query results should be stored. + This property must be set for large results that exceed the maximum response size. + For queries that produce anonymous (cached) results, this field will be populated by BigQuery. + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/go/bigquery_table_ref_query_destinationtable.go.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/bigquery_table_ref.go.tmpl' + properties: + - name: 'projectId' + type: String + description: 'The ID of the project containing this table.' + required: false + default_from_api: true + - name: 'datasetId' + type: String + description: 'The ID of the dataset containing this table.' + required: false + default_from_api: true + - name: 'tableId' + type: String + description: | + The table. Can be specified `{{table_id}}` if `project_id` and `dataset_id` are also set, + or of the form `projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}` if not. + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' + - name: 'userDefinedFunctionResources' + type: Array + description: | + Describes user-defined function resources used in the query. + item_type: + type: NestedObject + properties: + - name: 'resourceUri' + type: String + # TODO (mbang): exactly_one_of: resourceUri, inlineCode + description: + 'A code resource to load from a Google Cloud Storage URI + (gs://bucket/path).' + - name: 'inlineCode' + type: String + # TODO (mbang): exactly_one_of: resourceUri, inlineCode + description: | + An inline resource that contains code for a user-defined function (UDF). + Providing a inline code resource is equivalent to providing a URI for a file containing the same code. + - name: 'createDisposition' + type: Enum + description: | + Specifies whether the job is allowed to create new tables. The following values are supported: + CREATE_IF_NEEDED: If the table does not exist, BigQuery creates the table. + CREATE_NEVER: The table must already exist. If it does not, a 'notFound' error is returned in the job result. + Creation, truncation and append actions occur as one atomic update upon job completion + default_value: "CREATE_IF_NEEDED" + enum_values: + - 'CREATE_IF_NEEDED' + - 'CREATE_NEVER' + - name: 'writeDisposition' + type: Enum + description: | + Specifies the action that occurs if the destination table already exists. The following values are supported: + WRITE_TRUNCATE: If the table already exists, BigQuery overwrites the table data and uses the schema from the query result. + WRITE_APPEND: If the table already exists, BigQuery appends the data to the table. + WRITE_EMPTY: If the table already exists and contains data, a 'duplicate' error is returned in the job result. + Each action is atomic and only occurs if BigQuery is able to complete the job successfully. + Creation, truncation and append actions occur as one atomic update upon job completion. + default_value: "WRITE_EMPTY" + enum_values: + - 'WRITE_TRUNCATE' + - 'WRITE_APPEND' + - 'WRITE_EMPTY' + - name: 'defaultDataset' + type: NestedObject + description: | + Specifies the default dataset to use for unqualified table names in the query. Note that this does not alter behavior of unqualified dataset names. + custom_flatten: 'templates/terraform/custom_flatten/go/bigquery_dataset_ref.go.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/bigquery_dataset_ref.go.tmpl' + properties: + - name: 'datasetId' + type: String + description: | + The dataset. Can be specified `{{dataset_id}}` if `project_id` is also set, + or of the form `projects/{{project}}/datasets/{{dataset_id}}` if not. + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' + - name: 'projectId' + type: String + description: 'The ID of the project containing this table.' + required: false + default_from_api: true + - name: 'priority' + type: Enum + description: | + Specifies a priority for the query. + default_value: "INTERACTIVE" + enum_values: + - 'INTERACTIVE' + - 'BATCH' + - name: 'allowLargeResults' + type: Boolean + description: | + If true and query uses legacy SQL dialect, allows the query to produce arbitrarily large result tables at a slight cost in performance. + Requires destinationTable to be set. For standard SQL queries, this flag is ignored and large results are always allowed. + However, you must still set destinationTable when result size exceeds the allowed maximum response size. + - name: 'useQueryCache' + type: Boolean + description: | + Whether to look for the result in the query cache. The query cache is a best-effort cache that will be flushed whenever + tables in the query are modified. Moreover, the query cache is only available when a query does not have a destination table specified. + The default value is true. + default_value: true + - name: 'flattenResults' + type: Boolean + description: | + If true and query uses legacy SQL dialect, flattens all nested and repeated fields in the query results. + allowLargeResults must be true if this is set to false. For standard SQL queries, this flag is ignored and results are never flattened. + - name: 'maximumBillingTier' + type: Integer + description: | + Limits the billing tier for this job. Queries that have resource usage beyond this tier will fail (without incurring a charge). + If unspecified, this will be set to your project default. + - name: 'maximumBytesBilled' + type: String + description: | + Limits the bytes billed for this job. Queries that will have bytes billed beyond this limit will fail (without incurring a charge). + If unspecified, this will be set to your project default. + - name: 'useLegacySql' + type: Boolean + description: | + Specifies whether to use BigQuery's legacy SQL dialect for this query. The default value is true. + If set to false, the query will use BigQuery's standard SQL. + send_empty_value: true + - name: 'parameterMode' + type: String + description: | + Standard SQL only. Set to POSITIONAL to use positional (?) query parameters or to NAMED to use named (@myparam) query parameters in this query. + - name: 'schemaUpdateOptions' + type: Array + description: | + Allows the schema of the destination table to be updated as a side effect of the query job. + Schema update options are supported in two cases: when writeDisposition is WRITE_APPEND; + when writeDisposition is WRITE_TRUNCATE and the destination table is a partition of a table, + specified by partition decorators. For normal tables, WRITE_TRUNCATE will always overwrite the schema. + One or more of the following values are specified: + ALLOW_FIELD_ADDITION: allow adding a nullable field to the schema. + ALLOW_FIELD_RELAXATION: allow relaxing a required field in the original schema to nullable. + item_type: + type: String + - name: 'destinationEncryptionConfiguration' + type: NestedObject + description: | + Custom encryption configuration (e.g., Cloud KMS keys) + custom_flatten: 'templates/terraform/custom_flatten/go/bigquery_kms_version.go.tmpl' + properties: + - name: 'kmsKeyName' + type: String + description: | + Describes the Cloud KMS encryption key that will be used to protect destination BigQuery table. + The BigQuery Service Account associated with your project requires access to this encryption key. + required: true + - name: 'kmsKeyVersion' + type: String + description: | + Describes the Cloud KMS encryption key version used to protect destination BigQuery table. + output: true + - name: 'scriptOptions' + type: NestedObject + description: | + Options controlling the execution of scripts. + properties: + - name: 'statementTimeoutMs' + type: String + description: 'Timeout period for each statement in a script.' + at_least_one_of: + - 'configuration.0.query.0.script_options.0.statement_timeout_ms' + - 'configuration.0.query.0.script_options.0.statement_byte_budget' + - 'configuration.0.query.0.script_options.0.key_result_statement' + - name: 'statementByteBudget' + type: String + description: + 'Limit on the number of bytes billed per statement. Exceeding + this budget results in an error.' + at_least_one_of: + - 'configuration.0.query.0.script_options.0.statement_timeout_ms' + - 'configuration.0.query.0.script_options.0.statement_byte_budget' + - 'configuration.0.query.0.script_options.0.key_result_statement' + - name: 'keyResultStatement' + type: Enum + description: | + Determines which statement in the script represents the "key result", + used to populate the schema and query results of the script job. + at_least_one_of: + - 'configuration.0.query.0.script_options.0.statement_timeout_ms' + - 'configuration.0.query.0.script_options.0.statement_byte_budget' + - 'configuration.0.query.0.script_options.0.key_result_statement' + enum_values: + - 'LAST' + - 'FIRST_SELECT' + - name: 'load' + type: NestedObject + description: 'Configures a load job.' + exactly_one_of: + - 'configuration.0.query' + - 'configuration.0.load' + - 'configuration.0.copy' + - 'configuration.0.extract' + properties: + - name: 'sourceUris' + type: Array + description: | + The fully-qualified URIs that point to your data in Google Cloud. + For Google Cloud Storage URIs: Each URI can contain one '\*' wildcard character + and it must come after the 'bucket' name. Size limits related to load jobs apply + to external data sources. For Google Cloud Bigtable URIs: Exactly one URI can be + specified and it has be a fully specified and valid HTTPS URL for a Google Cloud Bigtable table. + For Google Cloud Datastore backups: Exactly one URI can be specified. Also, the '\*' wildcard character is not allowed. + required: true + item_type: + type: String + - name: 'destinationTable' + type: NestedObject + description: | + The destination table to load the data into. + required: true + custom_flatten: 'templates/terraform/custom_flatten/go/bigquery_table_ref_load_destinationtable.go.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/bigquery_table_ref.go.tmpl' + properties: + - name: 'projectId' + type: String + description: 'The ID of the project containing this table.' + required: false + default_from_api: true + - name: 'datasetId' + type: String + description: 'The ID of the dataset containing this table.' + required: false + default_from_api: true + - name: 'tableId' + type: String + description: | + The table. Can be specified `{{table_id}}` if `project_id` and `dataset_id` are also set, + or of the form `projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}` if not. + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' + - name: 'createDisposition' + type: Enum + description: | + Specifies whether the job is allowed to create new tables. The following values are supported: + CREATE_IF_NEEDED: If the table does not exist, BigQuery creates the table. + CREATE_NEVER: The table must already exist. If it does not, a 'notFound' error is returned in the job result. + Creation, truncation and append actions occur as one atomic update upon job completion + default_value: "CREATE_IF_NEEDED" + enum_values: + - 'CREATE_IF_NEEDED' + - 'CREATE_NEVER' + - name: 'writeDisposition' + type: Enum + description: | + Specifies the action that occurs if the destination table already exists. The following values are supported: + WRITE_TRUNCATE: If the table already exists, BigQuery overwrites the table data and uses the schema from the query result. + WRITE_APPEND: If the table already exists, BigQuery appends the data to the table. + WRITE_EMPTY: If the table already exists and contains data, a 'duplicate' error is returned in the job result. + Each action is atomic and only occurs if BigQuery is able to complete the job successfully. + Creation, truncation and append actions occur as one atomic update upon job completion. + default_value: "WRITE_EMPTY" + enum_values: + - 'WRITE_TRUNCATE' + - 'WRITE_APPEND' + - 'WRITE_EMPTY' + - name: 'nullMarker' + type: String + description: | + Specifies a string that represents a null value in a CSV file. For example, if you specify "\N", BigQuery interprets "\N" as a null value + when loading a CSV file. The default value is the empty string. If you set this property to a custom value, BigQuery throws an error if an + empty string is present for all data types except for STRING and BYTE. For STRING and BYTE columns, BigQuery interprets the empty string as + an empty value. + default_value: "" + - name: 'fieldDelimiter' + type: String + description: | + The separator for fields in a CSV file. The separator can be any ISO-8859-1 single-byte character. + To use a character in the range 128-255, you must encode the character as UTF8. BigQuery converts + the string to ISO-8859-1 encoding, and then uses the first byte of the encoded string to split the + data in its raw, binary state. BigQuery also supports the escape sequence "\t" to specify a tab separator. + The default value is a comma (','). + default_from_api: true + - name: 'skipLeadingRows' + type: Integer + description: | + The number of rows at the top of a CSV file that BigQuery will skip when loading the data. + The default value is 0. This property is useful if you have header rows in the file that should be skipped. + When autodetect is on, the behavior is the following: + skipLeadingRows unspecified - Autodetect tries to detect headers in the first row. If they are not detected, + the row is read as data. Otherwise data is read starting from the second row. + skipLeadingRows is 0 - Instructs autodetect that there are no headers and data should be read starting from the first row. + skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to detect headers in row N. If headers are not detected, + row N is just skipped. Otherwise row N is used to extract column names for the detected schema. + validation: + function: 'validation.IntAtLeast(0)' + default_value: 0 + - name: 'encoding' + type: String + description: | + The character encoding of the data. The supported values are UTF-8 or ISO-8859-1. + The default value is UTF-8. BigQuery decodes the data after the raw, binary data + has been split using the values of the quote and fieldDelimiter properties. + default_value: "UTF-8" + - name: 'quote' + type: String + description: | + The value that is used to quote data sections in a CSV file. BigQuery converts the string to ISO-8859-1 encoding, + and then uses the first byte of the encoded string to split the data in its raw, binary state. + The default value is a double-quote ('"'). If your data does not contain quoted sections, set the property value to an empty string. + If your data contains quoted newline characters, you must also set the allowQuotedNewlines property to true. + default_from_api: true + - name: 'maxBadRecords' + type: Integer + description: | + The maximum number of bad records that BigQuery can ignore when running the job. If the number of bad records exceeds this value, + an invalid error is returned in the job result. The default value is 0, which requires that all records are valid. + default_value: 0 + - name: 'allowQuotedNewlines' + type: Boolean + description: | + Indicates if BigQuery should allow quoted data sections that contain newline characters in a CSV file. + The default value is false. + default_value: false + - name: 'sourceFormat' + type: String + description: | + The format of the data files. For CSV files, specify "CSV". For datastore backups, specify "DATASTORE_BACKUP". + For newline-delimited JSON, specify "NEWLINE_DELIMITED_JSON". For Avro, specify "AVRO". For parquet, specify "PARQUET". + For orc, specify "ORC". [Beta] For Bigtable, specify "BIGTABLE". + The default value is CSV. + default_value: "CSV" + - name: 'jsonExtension' + type: String + description: | + If sourceFormat is set to newline-delimited JSON, indicates whether it should be processed as a JSON variant such as GeoJSON. + For a sourceFormat other than JSON, omit this field. If the sourceFormat is newline-delimited JSON: - for newline-delimited + GeoJSON: set to GEOJSON. + - name: 'allowJaggedRows' + type: Boolean + description: | + Accept rows that are missing trailing optional columns. The missing values are treated as nulls. + If false, records with missing trailing columns are treated as bad records, and if there are too many bad records, + an invalid error is returned in the job result. The default value is false. Only applicable to CSV, ignored for other formats. + default_value: false + - name: 'ignoreUnknownValues' + type: Boolean + description: | + Indicates if BigQuery should allow extra values that are not represented in the table schema. + If true, the extra values are ignored. If false, records with extra columns are treated as bad records, + and if there are too many bad records, an invalid error is returned in the job result. + The default value is false. The sourceFormat property determines what BigQuery treats as an extra value: + CSV: Trailing columns + JSON: Named values that don't match any column names + default_value: false + - name: 'projectionFields' + type: Array + description: | + If sourceFormat is set to "DATASTORE_BACKUP", indicates which entity properties to load into BigQuery from a Cloud Datastore backup. + Property names are case sensitive and must be top-level properties. If no properties are specified, BigQuery loads all properties. + If any named property isn't found in the Cloud Datastore backup, an invalid error is returned in the job result. + item_type: + type: String + - name: 'autodetect' + type: Boolean + description: | + Indicates if we should automatically infer the options and schema for CSV and JSON sources. + - name: 'schemaUpdateOptions' + type: Array + description: | + Allows the schema of the destination table to be updated as a side effect of the load job if a schema is autodetected or + supplied in the job configuration. Schema update options are supported in two cases: when writeDisposition is WRITE_APPEND; + when writeDisposition is WRITE_TRUNCATE and the destination table is a partition of a table, specified by partition decorators. + For normal tables, WRITE_TRUNCATE will always overwrite the schema. One or more of the following values are specified: + ALLOW_FIELD_ADDITION: allow adding a nullable field to the schema. + ALLOW_FIELD_RELAXATION: allow relaxing a required field in the original schema to nullable. + item_type: + type: String + - name: 'timePartitioning' + type: NestedObject + description: | + Time-based partitioning specification for the destination table. + properties: + - name: 'type' + type: String + description: | + The only type supported is DAY, which will generate one partition per day. Providing an empty string used to cause an error, + but in OnePlatform the field will be treated as unset. + required: true + - name: 'expirationMs' + type: String + description: | + Number of milliseconds for which to keep the storage for a partition. A wrapper is used here because 0 is an invalid value. + - name: 'field' + type: String + description: | + If not set, the table is partitioned by pseudo column '_PARTITIONTIME'; if set, the table is partitioned by this field. + The field must be a top-level TIMESTAMP or DATE field. Its mode must be NULLABLE or REQUIRED. + A wrapper is used here because an empty string is an invalid value. + - name: 'destinationEncryptionConfiguration' + type: NestedObject + description: | + Custom encryption configuration (e.g., Cloud KMS keys) + custom_flatten: 'templates/terraform/custom_flatten/go/bigquery_kms_version.go.tmpl' + properties: + - name: 'kmsKeyName' + type: String + description: | + Describes the Cloud KMS encryption key that will be used to protect destination BigQuery table. + The BigQuery Service Account associated with your project requires access to this encryption key. + required: true + - name: 'kmsKeyVersion' + type: String + description: | + Describes the Cloud KMS encryption key version used to protect destination BigQuery table. + output: true + - name: 'parquetOptions' + type: NestedObject + description: | + Parquet Options for load and make external tables. + properties: + - name: 'enumAsString' + type: Boolean + description: | + If sourceFormat is set to PARQUET, indicates whether to infer Parquet ENUM logical type as STRING instead of BYTES by default. + - name: 'enableListInference' + type: Boolean + description: | + If sourceFormat is set to PARQUET, indicates whether to use schema inference specifically for Parquet LIST logical type. + at_least_one_of: + - 'configuration.0.load.0.parquet_options.0.enum_as_string' + - 'configuration.0.load.0.parquet_options.0.enable_list_inference' + - name: 'copy' + type: NestedObject + description: 'Copies a table.' + exactly_one_of: + - 'configuration.0.query' + - 'configuration.0.load' + - 'configuration.0.copy' + - 'configuration.0.extract' + properties: + - name: 'sourceTables' + type: Array + description: | + Source tables to copy. + required: true + custom_flatten: 'templates/terraform/custom_flatten/go/bigquery_table_ref_copy_sourcetables.go.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/bigquery_table_ref_array.go.tmpl' + item_type: + type: NestedObject + properties: + - name: 'projectId' + type: String + description: 'The ID of the project containing this table.' + required: false + default_from_api: true + - name: 'datasetId' + type: String + description: 'The ID of the dataset containing this table.' + required: false + default_from_api: true + - name: 'tableId' + type: String + description: | + The table. Can be specified `{{table_id}}` if `project_id` and `dataset_id` are also set, + or of the form `projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}` if not. + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' + - name: 'destinationTable' + type: NestedObject + description: 'The destination table.' + custom_flatten: 'templates/terraform/custom_flatten/go/bigquery_table_ref_copy_destinationtable.go.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/bigquery_table_ref.go.tmpl' + properties: + - name: 'projectId' + type: String + description: 'The ID of the project containing this table.' + required: false + default_from_api: true + - name: 'datasetId' + type: String + description: 'The ID of the dataset containing this table.' + required: false + default_from_api: true + - name: 'tableId' + type: String + description: | + The table. Can be specified `{{table_id}}` if `project_id` and `dataset_id` are also set, + or of the form `projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}` if not. + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' + - name: 'createDisposition' + type: Enum + description: | + Specifies whether the job is allowed to create new tables. The following values are supported: + CREATE_IF_NEEDED: If the table does not exist, BigQuery creates the table. + CREATE_NEVER: The table must already exist. If it does not, a 'notFound' error is returned in the job result. + Creation, truncation and append actions occur as one atomic update upon job completion + default_value: "CREATE_IF_NEEDED" + enum_values: + - 'CREATE_IF_NEEDED' + - 'CREATE_NEVER' + - name: 'writeDisposition' + type: Enum + description: | + Specifies the action that occurs if the destination table already exists. The following values are supported: + WRITE_TRUNCATE: If the table already exists, BigQuery overwrites the table data and uses the schema from the query result. + WRITE_APPEND: If the table already exists, BigQuery appends the data to the table. + WRITE_EMPTY: If the table already exists and contains data, a 'duplicate' error is returned in the job result. + Each action is atomic and only occurs if BigQuery is able to complete the job successfully. + Creation, truncation and append actions occur as one atomic update upon job completion. + default_value: "WRITE_EMPTY" + enum_values: + - 'WRITE_TRUNCATE' + - 'WRITE_APPEND' + - 'WRITE_EMPTY' + - name: 'destinationEncryptionConfiguration' + type: NestedObject + description: | + Custom encryption configuration (e.g., Cloud KMS keys) + custom_flatten: 'templates/terraform/custom_flatten/go/bigquery_kms_version.go.tmpl' + properties: + - name: 'kmsKeyName' + type: String + description: | + Describes the Cloud KMS encryption key that will be used to protect destination BigQuery table. + The BigQuery Service Account associated with your project requires access to this encryption key. + required: true + - name: 'kmsKeyVersion' + type: String + description: | + Describes the Cloud KMS encryption key version used to protect destination BigQuery table. + output: true + - name: 'extract' + type: NestedObject + description: 'Configures an extract job.' + exactly_one_of: + - 'configuration.0.query' + - 'configuration.0.load' + - 'configuration.0.copy' + - 'configuration.0.extract' + properties: + - name: 'destinationUris' + type: Array + description: | + A list of fully-qualified Google Cloud Storage URIs where the extracted table should be written. + required: true + item_type: + type: String + - name: 'printHeader' + type: Boolean + description: | + Whether to print out a header row in the results. Default is true. + default_value: true + - name: 'fieldDelimiter' + type: String + description: | + When extracting data in CSV format, this defines the delimiter to use between fields in the exported data. + Default is ',' + default_from_api: true + - name: 'destinationFormat' + type: String + description: | + The exported file format. Possible values include CSV, NEWLINE_DELIMITED_JSON and AVRO for tables and SAVED_MODEL for models. + The default value for tables is CSV. Tables with nested or repeated fields cannot be exported as CSV. + The default value for models is SAVED_MODEL. + default_from_api: true + - name: 'compression' + type: String + description: | + The compression type to use for exported files. Possible values include GZIP, DEFLATE, SNAPPY, and NONE. + The default value is NONE. DEFLATE and SNAPPY are only supported for Avro. + default_value: "NONE" + - name: 'useAvroLogicalTypes' + type: Boolean + description: | + Whether to use logical types when extracting to AVRO format. + - name: 'sourceTable' + type: NestedObject + description: | + A reference to the table being exported. + exactly_one_of: + - 'configuration.0.extract.0.source_table' + - 'configuration.0.extract.0.source_model' + custom_flatten: 'templates/terraform/custom_flatten/go/bigquery_table_ref_extract_sourcetable.go.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/bigquery_table_ref.go.tmpl' + properties: + - name: 'projectId' + type: String + description: 'The ID of the project containing this table.' + required: false + default_from_api: true + - name: 'datasetId' + type: String + description: 'The ID of the dataset containing this table.' + required: false + default_from_api: true + - name: 'tableId' + type: String + description: | + The table. Can be specified `{{table_id}}` if `project_id` and `dataset_id` are also set, + or of the form `projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}` if not. + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' + - name: 'sourceModel' + type: NestedObject + description: | + A reference to the model being exported. + exactly_one_of: + - 'configuration.0.extract.0.source_table' + - 'configuration.0.extract.0.source_model' + properties: + - name: 'projectId' + type: String + description: 'The ID of the project containing this model.' + required: true + - name: 'datasetId' + type: String + description: 'The ID of the dataset containing this model.' + required: true + - name: 'modelId' + type: String + description: 'The ID of the model.' + required: true + - name: 'jobReference' + type: NestedObject + description: | + Reference describing the unique-per-user name of the job. + flatten_object: true + properties: + - name: 'jobId' + type: String + description: | + The ID of the job. The ID must contain only letters (a-z, A-Z), numbers (0-9), underscores (_), or dashes (-). The maximum length is 1,024 characters. + required: true + - name: 'location' + type: String + description: | + The geographic location of the job. The default value is US. + default_value: "US" + - name: 'status' + type: NestedObject + description: | + The status of this job. Examine this value when polling an asynchronous job to see if the job is complete. + output: true + properties: + - name: 'errorResult' + type: NestedObject + description: | + Final error result of the job. If present, indicates that the job has completed and was unsuccessful. + output: true + properties: + - name: 'reason' + type: String + description: A short error code that summarizes the error. + - name: 'location' + type: String + description: Specifies where the error occurred, if present. + - name: 'message' + type: String + description: A human-readable description of the error. + - name: 'errors' + type: Array + description: | + The first errors encountered during the running of the job. The final message + includes the number of errors that caused the process to stop. Errors here do + not necessarily mean that the job has not completed or was unsuccessful. + output: true + item_type: + type: NestedObject + properties: + - name: 'reason' + type: String + description: A short error code that summarizes the error. + - name: 'location' + type: String + description: Specifies where the error occurred, if present. + - name: 'message' + type: String + description: A human-readable description of the error. + - name: 'state' + type: String + description: | + Running state of the job. Valid states include 'PENDING', 'RUNNING', and 'DONE'. + output: true diff --git a/mmv1/products/bigquery/go_Routine.yaml b/mmv1/products/bigquery/go_Routine.yaml new file mode 100644 index 000000000000..820f9f60792f --- /dev/null +++ b/mmv1/products/bigquery/go_Routine.yaml @@ -0,0 +1,328 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Routine' +kind: 'bigquery#routine' +description: | + A user-defined function or a stored procedure that belongs to a Dataset +references: + guides: + 'Routines Intro': 'https://cloud.google.com/bigquery/docs/reference/rest/v2/routines' + api: 'https://cloud.google.com/bigquery/docs/reference/rest/v2/routines' +docs: +base_url: 'projects/{{project}}/datasets/{{dataset_id}}/routines' +self_link: 'projects/{{project}}/datasets/{{dataset_id}}/routines/{{routine_id}}' +import_format: + - 'projects/{{project}}/datasets/{{dataset_id}}/routines/{{routine_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: +examples: + - name: 'bigquery_routine_basic' + primary_resource_id: 'sproc' + primary_resource_name: 'fmt.Sprintf("tf_test_dataset_id%s", context["random_suffix"]), fmt.Sprintf("tf_test_table_id%s", context["random_suffix"])' + vars: + dataset_id: 'dataset_id' + routine_id: 'routine_id' + - name: 'bigquery_routine_json' + primary_resource_id: 'sproc' + primary_resource_name: 'fmt.Sprintf("tf_test_dataset_id%s", context["random_suffix"]), fmt.Sprintf("tf_test_table_id%s", context["random_suffix"])' + vars: + dataset_id: 'dataset_id' + routine_id: 'routine_id' + - name: 'bigquery_routine_tvf' + primary_resource_id: 'sproc' + primary_resource_name: 'fmt.Sprintf("tf_test_dataset_id%s", context["random_suffix"]), fmt.Sprintf("tf_test_table_id%s", context["random_suffix"])' + vars: + dataset_id: 'dataset_id' + routine_id: 'routine_id' + - name: 'bigquery_routine_pyspark' + primary_resource_id: 'pyspark' + vars: + dataset_id: 'dataset_id' + connection_id: 'connection_id' + routine_id: 'routine_id' + - name: 'bigquery_routine_pyspark_mainfile' + primary_resource_id: 'pyspark_mainfile' + vars: + dataset_id: 'dataset_id' + connection_id: 'connection_id' + routine_id: 'routine_id' + - name: 'bigquery_routine_spark_jar' + primary_resource_id: 'spark_jar' + vars: + dataset_id: 'dataset_id' + connection_id: 'connection_id' + routine_id: 'routine_id' + - name: 'bigquery_routine_data_governance_type' + primary_resource_id: 'custom_masking_routine' + vars: + dataset_id: 'dataset_id' + routine_id: 'routine_id' + - name: 'bigquery_routine_remote_function' + primary_resource_id: 'remote_function' + vars: + dataset_id: 'dataset_id' + connection_id: 'connection_id' + routine_id: 'routine_id' + exclude_test: true +parameters: +properties: + - name: 'routineReference' + type: NestedObject + description: Reference describing the ID of this routine + required: true + custom_expand: 'templates/terraform/custom_expand/go/bigquery_routine_ref.go.tmpl' + flatten_object: true + properties: + - name: 'datasetId' + type: String + description: The ID of the dataset containing this routine + required: true + immutable: true + - name: 'routineId' + type: String + description: + The ID of the the routine. The ID must contain only letters (a-z, + A-Z), numbers (0-9), or underscores (_). The maximum length is 256 + characters. + required: true + immutable: true + - name: 'routineType' + type: Enum + description: The type of routine. + required: true + immutable: true + enum_values: + - 'SCALAR_FUNCTION' + - 'PROCEDURE' + - 'TABLE_VALUED_FUNCTION' + - name: 'creationTime' + type: Integer + description: | + The time when this routine was created, in milliseconds since the + epoch. + output: true + - name: 'lastModifiedTime' + type: Integer + description: | + The time when this routine was modified, in milliseconds since the + epoch. + output: true + - name: 'language' + type: Enum + description: | + The language of the routine. + enum_values: + - 'SQL' + - 'JAVASCRIPT' + - 'PYTHON' + - 'JAVA' + - 'SCALA' + - name: 'arguments' + type: Array + description: Input/output argument of a function or a stored procedure. + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + The name of this argument. Can be absent for function return argument. + - name: 'argumentKind' + type: Enum + description: Defaults to FIXED_TYPE. + default_value: "FIXED_TYPE" + enum_values: + - 'FIXED_TYPE' + - 'ANY_TYPE' + - name: 'mode' + type: Enum + description: | + Specifies whether the argument is input or output. Can be set for procedures only. + enum_values: + - 'IN' + - 'OUT' + - 'INOUT' + # This is a string instead of a NestedObject because schemas contain ColumnSchemas, + # which can contain nested StandardSqlDataType. + # We'll have people provide the json blob for the schema instead. + - name: 'dataType' + type: String + description: | + A JSON schema for the data type. Required unless argumentKind = ANY_TYPE. + ~>**NOTE**: Because this field expects a JSON string, any changes to the string + will create a diff, even if the JSON itself hasn't changed. If the API returns + a different value for the same schema, e.g. it switched the order of values + or replaced STRUCT field type with RECORD field type, we currently cannot + suppress the recurring diff this causes. As a workaround, we recommend using + the schema as returned by the API. + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/go/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/json_schema.tmpl' + validation: + function: 'validation.StringIsJSON' + - name: 'returnType' + type: String + description: | + A JSON schema for the return type. Optional if language = "SQL"; required otherwise. + If absent, the return type is inferred from definitionBody at query time in each query + that references this routine. If present, then the evaluated result will be cast to + the specified returned type at query time. ~>**NOTE**: Because this field expects a JSON + string, any changes to the string will create a diff, even if the JSON itself hasn't + changed. If the API returns a different value for the same schema, e.g. it switche + d the order of values or replaced STRUCT field type with RECORD field type, we currently + cannot suppress the recurring diff this causes. As a workaround, we recommend using + the schema as returned by the API. + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/go/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/json_schema.tmpl' + validation: + function: 'validation.StringIsJSON' + - name: 'returnTableType' + type: String + description: | + Optional. Can be set only if routineType = "TABLE_VALUED_FUNCTION". + + If absent, the return table type is inferred from definitionBody at query time in each query + that references this routine. If present, then the columns in the evaluated table result will + be cast to match the column types specificed in return table type, at query time. + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/go/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/json_schema.tmpl' + validation: + function: 'validation.StringIsJSON' + - name: 'importedLibraries' + type: Array + description: | + Optional. If language = "JAVASCRIPT", this field stores the path of the + imported JAVASCRIPT libraries. + item_type: + type: String + - name: 'definitionBody' + type: String + description: | + The body of the routine. For functions, this is the expression in the AS clause. + If language=SQL, it is the substring inside (but excluding) the parentheses. + required: true + - name: 'description' + type: String + description: The description of the routine if defined. + - name: 'determinismLevel' + type: Enum + description: The determinism level of the JavaScript UDF if defined. + enum_values: + - 'DETERMINISM_LEVEL_UNSPECIFIED' + - 'DETERMINISTIC' + - 'NOT_DETERMINISTIC' + - name: 'dataGovernanceType' + type: Enum + description: If set to DATA_MASKING, the function is validated and made available as a masking function. For more information, see https://cloud.google.com/bigquery/docs/user-defined-functions#custom-mask + enum_values: + - 'DATA_MASKING' + - name: 'sparkOptions' + type: NestedObject + description: | + Optional. If language is one of "PYTHON", "JAVA", "SCALA", this field stores the options for spark stored procedure. + properties: + - name: 'connection' + type: String + description: | + Fully qualified name of the user-provided Spark connection object. + Format: "projects/{projectId}/locations/{locationId}/connections/{connectionId}" + - name: 'runtimeVersion' + type: String + description: Runtime version. If not specified, the default runtime version is used. + - name: 'containerImage' + type: String + description: Custom container image for the runtime environment. + - name: 'properties' + type: KeyValuePairs + description: | + Configuration properties as a set of key/value pairs, which will be passed on to the Spark application. + For more information, see Apache Spark and the procedure option list. + An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. + default_from_api: true + - name: 'mainFileUri' + type: String + description: | + The main file/jar URI of the Spark application. + Exactly one of the definitionBody field and the mainFileUri field must be set for Python. + Exactly one of mainClass and mainFileUri field should be set for Java/Scala language type. + - name: 'pyFileUris' + type: Array + description: | + Python files to be placed on the PYTHONPATH for PySpark application. Supported file types: .py, .egg, and .zip. For more information about Apache Spark, see Apache Spark. + default_from_api: true + item_type: + type: String + - name: 'jarUris' + type: Array + description: | + JARs to include on the driver and executor CLASSPATH. For more information about Apache Spark, see Apache Spark. + default_from_api: true + item_type: + type: String + - name: 'fileUris' + type: Array + description: | + Files to be placed in the working directory of each executor. For more information about Apache Spark, see Apache Spark. + default_from_api: true + item_type: + type: String + - name: 'archiveUris' + type: Array + description: | + Archive files to be extracted into the working directory of each executor. For more information about Apache Spark, see Apache Spark. + default_from_api: true + item_type: + type: String + - name: 'mainClass' + type: String + description: | + The fully qualified name of a class in jarUris, for example, com.example.wordcount. + Exactly one of mainClass and main_jar_uri field should be set for Java/Scala language type. + - name: 'remoteFunctionOptions' + type: NestedObject + description: Remote function specific options. + properties: + - name: 'endpoint' + type: String + description: | + Endpoint of the user-provided remote service, e.g. + `https://us-east1-my_gcf_project.cloudfunctions.net/remote_add` + - name: 'connection' + type: String + description: | + Fully qualified name of the user-provided connection object which holds + the authentication information to send requests to the remote service. + Format: "projects/{projectId}/locations/{locationId}/connections/{connectionId}" + - name: 'userDefinedContext' + type: KeyValuePairs + description: | + User-defined context as a set of key/value pairs, which will be sent as function + invocation context together with batched arguments in the requests to the remote + service. The total number of bytes of keys and values must be less than 8KB. + + An object containing a list of "key": value pairs. Example: + `{ "name": "wrench", "mass": "1.3kg", "count": "3" }`. + default_from_api: true + - name: 'maxBatchingRows' + type: String + description: | + Max number of rows in each batch sent to the remote service. If absent or if 0, + BigQuery dynamically decides the number of rows in a batch. diff --git a/mmv1/products/bigquery/go_Table.yaml b/mmv1/products/bigquery/go_Table.yaml new file mode 100644 index 000000000000..6aa09b83cc74 --- /dev/null +++ b/mmv1/products/bigquery/go_Table.yaml @@ -0,0 +1,553 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Table' +kind: 'bigquery#table' +description: | + A Table that belongs to a Dataset +exclude_resource: true +docs: +id_format: '{{table_id}}' +base_url: 'projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}' +self_link: 'projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}' +import_format: + - 'projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}' + - '{{table_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: + method_name_separator: ':' + parent_resource_type: 'google_bigquery_table' + fetch_iam_policy_verb: 'POST' + allowed_iam_role: 'roles/bigquery.dataOwner' + parent_resource_attribute: 'table_id' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + iam_policy_version: '1' +custom_code: +examples: + - name: 'bigquery_bigquery_table' + primary_resource_id: 'test' + primary_resource_name: 'fmt.Sprintf("tf_test_dataset_id%s", context["random_suffix"]), fmt.Sprintf("tf_test_table_id%s", context["random_suffix"])' + vars: + dataset_id: 'dataset_id' + table_id: 'table_id' +parameters: + # TODO(alexstephen): Remove once we have support for placing + # nested object fields in URL + - name: 'dataset' + type: String + description: Name of the dataset +properties: + - name: 'tableReference' + type: NestedObject + description: Reference describing the ID of this table + properties: + - name: 'datasetId' + type: String + description: The ID of the dataset containing this table + - name: 'projectId' + type: String + description: The ID of the project containing this table + - name: 'tableId' + type: String + description: The ID of the the table + - name: 'clustering' + type: Array + description: | + One or more fields on which data should be clustered. Only + top-level, non-repeated, simple-type fields are supported. When + you cluster a table using multiple columns, the order of columns + you specify is important. The order of the specified columns + determines the sort order of the data. + item_type: + type: String + - name: 'creationTime' + type: Integer + description: | + The time when this dataset was created, in milliseconds since the + epoch. + output: true + - name: 'description' + type: String + description: A user-friendly description of the dataset + - name: 'friendlyName' + type: String + description: A descriptive name for this table + - name: 'id' + type: String + description: 'An opaque ID uniquely identifying the table.' + output: true + - name: 'labels' + type: KeyValueLabels + description: | + The labels associated with this dataset. You can use these to + organize and group your datasets + - name: 'lastModifiedTime' + type: Integer + description: | + The time when this table was last modified, in milliseconds since the + epoch. + output: true + - name: 'location' + type: String + description: | + The geographic location where the table resides. This value is + inherited from the dataset. + output: true + - name: 'name' + type: String + description: 'Name of the table' + - name: 'numBytes' + type: Integer + description: | + The size of this table in bytes, excluding any data in the streaming + buffer. + output: true + - name: 'numLongTermBytes' + type: Integer + description: | + The number of bytes in the table that are considered "long-term + storage". + output: true + - name: 'numRows' + type: Integer + description: | + The number of rows of data in this table, excluding any data in the + streaming buffer. + - name: 'requirePartitionFilter' + type: Boolean + description: | + If set to true, queries over this table require a partition filter + that can be used for partition elimination to be specified. + output: true + - name: 'type' + type: Enum + description: 'Describes the table type' + output: true + enum_values: + - 'TABLE' + - 'VIEW' + - 'EXTERNAL' + - name: 'view' + type: NestedObject + description: The view definition. + properties: + - name: 'useLegacySql' + type: Boolean + description: | + Specifies whether to use BigQuery's legacy SQL for this view + - name: 'userDefinedFunctionResources' + type: Array + description: | + Describes user-defined function resources used in the query. + item_type: + type: NestedObject + properties: + - name: 'inlineCode' + type: String + description: | + An inline resource that contains code for a user-defined + function (UDF). Providing a inline code resource is + equivalent to providing a URI for a file containing the + same code. + # TODO: Convert into cross-product ResourceRef + - name: 'resourceUri' + type: String + description: | + A code resource to load from a Google Cloud Storage URI + (gs://bucket/path). + - name: 'timePartitioning' + type: NestedObject + description: | + If specified, configures time-based partitioning for this table. + properties: + - name: 'expirationMs' + type: Integer + description: | + Number of milliseconds for which to keep the storage for a + partition. If unspecified when the table is created in a dataset + that has `defaultPartitionExpirationMs`, it will inherit + the value of `defaultPartitionExpirationMs` from the dataset. + To specify a unlimited expiration, set the value to 0. + - name: 'field' + type: String + description: | + If not set, the table is partitioned by pseudo column, + referenced via either '_PARTITIONTIME' as TIMESTAMP type, or + '_PARTITIONDATE' as DATE type. If field is specified, the table + is instead partitioned by this field. The field must be a + top-level TIMESTAMP or DATE field. Its mode must be NULLABLE or + REQUIRED. + - name: 'type' + type: Enum + description: | + The only type supported is DAY, which will generate one partition + per day. + enum_values: + - 'DAY' + - name: 'streamingBuffer' + type: NestedObject + description: | + Contains information regarding this table's streaming buffer, if one + is present. This field will be absent if the table is not being + streamed to or if there is no data in the streaming buffer. + output: true + properties: + - name: 'estimatedBytes' + type: Integer + description: | + A lower-bound estimate of the number of bytes currently in the + streaming buffer. + output: true + - name: 'estimatedRows' + type: Integer + description: | + A lower-bound estimate of the number of rows currently in the + streaming buffer. + output: true + - name: 'oldestEntryTime' + type: Integer + description: | + Contains the timestamp of the oldest entry in the streaming + buffer, in milliseconds since the epoch, if the streaming buffer + is available. + output: true + - name: 'schema' + type: NestedObject + description: Describes the schema of this table + properties: + - name: 'fields' + type: Array + description: Describes the fields in a table. + item_type: + type: NestedObject + properties: + - name: 'description' + type: String + description: | + The field description. The maximum length is 1,024 + characters. + - name: 'fields' + type: Array + description: | + Describes the nested schema fields if the type property is + set to RECORD. + item_type: + type: String + - name: 'mode' + type: Enum + description: The field mode + enum_values: + - 'NULLABLE' + - 'REQUIRED' + - 'REPEATED' + - name: 'name' + type: String + description: The field name + - name: 'type' + type: Enum + description: 'The field data type' + enum_values: + - 'STRING' + - 'BYTES' + - 'INTEGER' + - 'FLOAT' + - 'TIMESTAMP' + - 'DATE' + - 'TIME' + - 'DATETIME' + - 'RECORD' + - name: 'encryptionConfiguration' + type: NestedObject + description: Custom encryption configuration + properties: + - name: 'kmsKeyName' + type: String + description: | + Describes the Cloud KMS encryption key that will be used to + protect destination BigQuery table. The BigQuery Service Account + associated with your project requires access to this encryption + key. + - name: 'expirationTime' + type: Integer + description: | + The time when this table expires, in milliseconds since the epoch. If + not present, the table will persist indefinitely. + - name: 'externalDataConfiguration' + type: NestedObject + description: | + Describes the data format, location, and other properties of a table + stored outside of BigQuery. By defining these properties, the data + source can then be queried as if it were a standard BigQuery table. + properties: + - name: 'autodetect' + type: Boolean + description: | + Try to detect schema and format options automatically. Any option + specified explicitly will be honored. + - name: 'compression' + type: Enum + description: The compression type of the data source + enum_values: + - 'GZIP' + - 'NONE' + - name: 'ignoreUnknownValues' + type: Boolean + description: | + Indicates if BigQuery should allow extra values that are not + represented in the table schema + - name: 'maxBadRecords' + type: Integer + description: | + The maximum number of bad records that BigQuery can ignore when reading data + default_value: 0 + - name: 'sourceFormat' + type: Enum + description: The data format + enum_values: + - 'CSV' + - 'GOOGLE_SHEETS' + - 'NEWLINE_DELIMITED_JSON' + - 'AVRO' + - 'DATASTORE_BACKUP' + - 'BIGTABLE' + - 'ORC' + - 'PARQUET' + - 'ICEBERG' + - 'DELTA_LAKE' + # TODO: Investigate if this is feasible as a ResourceRef + # This is a very complicated ResourceRef (one-to-many, where the many are cross-product). + - name: 'sourceUris' + type: Array + description: | + The fully-qualified URIs that point to your data in Google Cloud. + For Google Cloud Storage URIs: Each URI can contain one '\*' + wildcard character and it must come after the 'bucket' name. Size + limits related to load jobs apply to external data sources. For + Google Cloud Bigtable URIs: Exactly one URI can be specified and it + has be a fully specified and valid HTTPS URL for a Google Cloud + Bigtable table. For Google Cloud Datastore backups, exactly one + URI can be specified. Also, the '\*' wildcard character is not + allowed. + item_type: + type: String + - name: 'schema' + type: NestedObject + description: + 'The schema for the data. Schema is required for CSV and JSON formats' + properties: + - name: 'fields' + type: Array + description: 'Describes the fields in a table.' + item_type: + type: NestedObject + properties: + - name: 'description' + type: String + description: The field description + - name: 'fields' + type: Array + description: | + Describes the nested schema fields if the type property + is set to RECORD + item_type: + type: String + - name: 'mode' + type: Enum + description: Field mode. + enum_values: + - 'NULLABLE' + - 'REQUIRED' + - 'REPEATED' + - name: 'name' + type: String + description: Field name + - name: 'type' + type: Enum + description: Field data type + enum_values: + - 'STRING' + - 'BYTES' + - 'INTEGER' + - 'FLOAT' + - 'TIMESTAMP' + - 'DATE' + - 'TIME' + - 'DATETIME' + - 'RECORD' + - name: 'googleSheetsOptions' + type: NestedObject + description: + 'Additional options if sourceFormat is set to GOOGLE_SHEETS.' + properties: + - name: 'skipLeadingRows' + type: Integer + description: | + The number of rows at the top of a Google Sheet that BigQuery + will skip when reading the data. + default_value: 0 + - name: 'csvOptions' + type: NestedObject + description: Additional properties to set if sourceFormat is set to CSV. + properties: + - name: 'allowJaggedRows' + type: Boolean + description: | + Indicates if BigQuery should accept rows that are missing + trailing optional columns + - name: 'allowQuotedNewlines' + type: Boolean + description: | + Indicates if BigQuery should allow quoted data sections that + contain newline characters in a CSV file + - name: 'encoding' + type: Enum + description: 'The character encoding of the data' + enum_values: + - 'UTF-8' + - 'ISO-8859-1' + - name: 'fieldDelimiter' + type: String + description: 'The separator for fields in a CSV file' + - name: 'quote' + type: String + description: + 'The value that is used to quote data sections in a CSV file' + - name: 'skipLeadingRows' + type: Integer + description: | + The number of rows at the top of a CSV file that BigQuery + will skip when reading the data. + default_value: 0 + - name: 'bigtableOptions' + type: NestedObject + description: 'Additional options if sourceFormat is set to BIGTABLE.' + properties: + - name: 'ignoreUnspecifiedColumnFamilies' + type: Boolean + description: | + If field is true, then the column families that are not specified in + columnFamilies list are not exposed in the table schema + - name: 'readRowkeyAsString' + type: Boolean + description: | + If field is true, then the rowkey column families will be + read and converted to string. + - name: 'columnFamilies' + type: Array + description: | + List of column families to expose in the table schema along + with their types. + item_type: + type: NestedObject + properties: + - name: 'columns' + type: Array + description: | + Lists of columns that should be exposed as individual + fields as opposed to a list of (column name, value) pairs. + item_type: + type: NestedObject + properties: + - name: 'encoding' + type: Enum + description: + The encoding of the values when the type is not STRING + enum_values: + - 'TEXT' + - 'BINARY' + - name: 'fieldName' + type: String + description: | + If the qualifier is not a valid BigQuery field + identifier, a valid identifier must be provided as + the column field name and is used as field name in + queries. + - name: 'onlyReadLatest' + type: Boolean + description: | + If this is set, only the latest version of value in this column are exposed + - name: 'qualifierString' + type: String + description: Qualifier of the column + required: true + - name: 'type' + type: Enum + description: + The type to convert the value in cells of this column + enum_values: + - 'BYTES' + - 'STRING' + - 'INTEGER' + - 'FLOAT' + - 'BOOLEAN' + - name: 'encoding' + type: Enum + description: + The encoding of the values when the type is not STRING + enum_values: + - 'TEXT' + - 'BINARY' + - name: 'familyId' + type: String + description: Identifier of the column family. + - name: 'onlyReadLatest' + type: Boolean + description: | + If this is set only the latest version of value are + exposed for all columns in this column family + - name: 'type' + type: Enum + description: + The type to convert the value in cells of this column family + enum_values: + - 'BYTES' + - 'STRING' + - 'INTEGER' + - 'FLOAT' + - 'BOOLEAN' + - name: 'tableReplicationInfo' + type: NestedObject + description: | + Replication info of a table created using "AS REPLICA" DDL like: + `CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv`. + properties: + - name: 'sourceProjectId' + type: String + description: The ID of the source project. + required: true + - name: 'sourceDatasetId' + type: String + description: The ID of the source dataset. + required: true + - name: 'sourceTableId' + type: String + description: The ID of the source materialized view. + required: true + - name: 'replicationIntervalMs' + type: Integer + description: | + The interval at which the source materialized view is polled for updates. The default is + 300000. + default_value: 300000 + - name: 'resourceTags' + type: KeyValuePairs + description: | + The tags attached to this table. Tag keys are globally unique. Tag key is expected to be + in the namespaced format, for example "123456789012/environment" where 123456789012 is the + ID of the parent organization or project resource for this tag key. Tag value is expected + to be the short name, for example "Production". diff --git a/mmv1/products/bigquery/go_product.yaml b/mmv1/products/bigquery/go_product.yaml new file mode 100644 index 000000000000..804848d8e0f3 --- /dev/null +++ b/mmv1/products/bigquery/go_product.yaml @@ -0,0 +1,25 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'BigQuery' +legacy_name: 'bigquery' +display_name: 'BigQuery' +versions: + - name: 'ga' + base_url: 'https://bigquery.googleapis.com/bigquery/v2/' + - name: 'beta' + base_url: 'https://bigquery.googleapis.com/bigquery/v2/' +scopes: + - 'https://www.googleapis.com/auth/bigquery' diff --git a/mmv1/products/bigquery/product.yaml b/mmv1/products/bigquery/product.yaml index 2babfba49601..7bf5d9d828b5 100644 --- a/mmv1/products/bigquery/product.yaml +++ b/mmv1/products/bigquery/product.yaml @@ -1,4 +1,12 @@ +<<<<<<< HEAD +<<<<<<<< HEAD:mmv1/products/bigquery/product.yaml +# Copyright 2017 Google Inc. +======== # Copyright 2024 Google Inc. +>>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856:mmv1/products/redis/product.yaml +======= +# Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +19,40 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +<<<<<<<< HEAD:mmv1/products/bigquery/product.yaml +--- !ruby/object:Api::Product +name: BigQuery +display_name: BigQuery +legacy_name: 'bigquery' +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://bigquery.googleapis.com/bigquery/v2/ + - !ruby/object:Api::Product::Version + name: beta + base_url: https://bigquery.googleapis.com/bigquery/v2/ +scopes: + - https://www.googleapis.com/auth/bigquery +======== +--- +name: 'Redis' +display_name: 'Memorystore (Redis)' +versions: + - name: 'ga' + base_url: 'https://redis.googleapis.com/v1/' + - name: 'beta' + base_url: 'https://redis.googleapis.com/v1beta1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' +async: + type: "OpAsync" + operation: + base_url: '{{op_id}}' + result: + resource_inside_response: false +>>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856:mmv1/products/redis/product.yaml +======= --- name: 'BigQuery' legacy_name: 'bigquery' @@ -22,3 +64,4 @@ versions: base_url: 'https://bigquery.googleapis.com/bigquery/v2/' scopes: - 'https://www.googleapis.com/auth/bigquery' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/bigqueryanalyticshub/Listing.yaml b/mmv1/products/bigqueryanalyticshub/Listing.yaml index a65d420ca9bf..0d0b5df44433 100644 --- a/mmv1/products/bigqueryanalyticshub/Listing.yaml +++ b/mmv1/products/bigqueryanalyticshub/Listing.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,45 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Listing' +base_url: projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}/listings +create_url: projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}/listings?listing_id={{listing_id}} +self_link: projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}/listings/{{listing_id}} +update_verb: :PATCH +update_mask: true +description: A Bigquery Analytics Hub data exchange listing +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/bigquery/docs/analytics-hub-introduction' + api: 'https://cloud.google.com/bigquery/docs/reference/analytics-hub/rest/v1/projects.locations.dataExchanges.listings' +iam_policy: !ruby/object:Api::Resource::IamPolicy + method_name_separator: ':' + fetch_iam_policy_verb: :POST + parent_resource_attribute: 'listing_id' + import_format: + [ + 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}/listings/{{listing_id}}', + '{{listing_id}}', + ] +id_format: projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}/listings/{{listing_id}} +import_format: + [ + 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}/listings/{{listing_id}}', + ] +# Skipping the sweeper due to the non-standard base_url +skip_sweeper: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_analyticshub_listing_basic' + primary_resource_id: 'listing' + primary_resource_name: "fmt.Sprintf(\"tf_test_my_data_exchange%s\", + context[\"\ + random_suffix\"]), fmt.Sprintf(\"tf_test_my_listing%s\", + context[\"random_suffix\"\ + ])" +======= --- name: 'Listing' description: A Bigquery Analytics Hub data exchange listing @@ -46,27 +89,117 @@ examples: - name: 'bigquery_analyticshub_listing_basic' primary_resource_id: 'listing' primary_resource_name: 'fmt.Sprintf("tf_test_my_data_exchange%s", context["random_suffix"]), fmt.Sprintf("tf_test_my_listing%s", context["random_suffix"])' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 region_override: 'US' vars: data_exchange_id: 'my_data_exchange' listing_id: 'my_listing' desc: 'example data exchange' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_analyticshub_listing_restricted' + primary_resource_id: 'listing' + primary_resource_name: "fmt.Sprintf(\"tf_test_my_data_exchange%s\", + context[\"\ + random_suffix\"]), fmt.Sprintf(\"tf_test_my_listing%s\", + context[\"random_suffix\"\ + ])" +======= - name: 'bigquery_analyticshub_listing_restricted' primary_resource_id: 'listing' primary_resource_name: 'fmt.Sprintf("tf_test_my_data_exchange%s", context["random_suffix"]), fmt.Sprintf("tf_test_my_listing%s", context["random_suffix"])' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 region_override: 'US' vars: data_exchange_id: 'my_data_exchange' listing_id: 'my_listing' desc: 'example data exchange' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_analyticshub_listing_dcr' + primary_resource_id: 'listing' + primary_resource_name: "fmt.Sprintf(\"tf_test_my_data_exchange%s\", + context[\"\ + random_suffix\"]), fmt.Sprintf(\"tf_test_my_listing%s\", + context[\"random_suffix\"\ + ])" +======= - name: 'bigquery_analyticshub_listing_dcr' primary_resource_id: 'listing' primary_resource_name: 'fmt.Sprintf("tf_test_my_data_exchange%s", context["random_suffix"]), fmt.Sprintf("tf_test_my_listing%s", context["random_suffix"])' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 region_override: 'US' vars: data_exchange_id: 'dcr_data_exchange' listing_id: 'dcr_listing' desc: 'example dcr data exchange' +<<<<<<< HEAD +properties: + - !ruby/object:Api::Type::String + name: name + description: |- + The resource name of the listing. e.g. "projects/myproject/locations/US/dataExchanges/123/listings/456" + output: true + - !ruby/object:Api::Type::String + name: data_exchange_id + description: |- + The ID of the data exchange. Must contain only Unicode letters, numbers (0-9), underscores (_). Should not use characters that require URL-escaping, or characters outside of ASCII, spaces. + required: true + immutable: true + url_param_only: true + - !ruby/object:Api::Type::String + name: listing_id + description: |- + The ID of the listing. Must contain only Unicode letters, numbers (0-9), underscores (_). Should not use characters that require URL-escaping, or characters outside of ASCII, spaces. + required: true + immutable: true + url_param_only: true + - !ruby/object:Api::Type::String + name: 'location' + description: | + The name of the location this data exchange listing. + required: true + immutable: true + url_param_only: true + - !ruby/object:Api::Type::String + name: displayName + description: |- + Human-readable display name of the listing. The display name must contain only Unicode letters, numbers (0-9), underscores (_), dashes (-), spaces ( ), ampersands (&) and can't start or end with spaces. + required: true + - !ruby/object:Api::Type::String + name: description + description: |- + Short description of the listing. The description must not contain Unicode non-characters and C0 and C1 control codes except tabs (HT), new lines (LF), carriage returns (CR), and page breaks (FF). + - !ruby/object:Api::Type::String + name: primaryContact + description: |- + Email or URL of the primary point of contact of the listing. + - !ruby/object:Api::Type::String + name: documentation + description: |- + Documentation describing the listing. + - !ruby/object:Api::Type::String + name: icon + description: |- + Base64 encoded image representing the listing. + - !ruby/object:Api::Type::String + name: requestAccess + description: |- + Email or URL of the request access of the listing. Subscribers can use this reference to request access. + - !ruby/object:Api::Type::NestedObject + name: dataProvider + description: Details of the data provider who owns the source data. + properties: + - !ruby/object:Api::Type::String + name: 'name' + required: true + description: Name of the data provider. + - !ruby/object:Api::Type::String + name: 'primaryContact' + description: Email or URL of the data provider. + - !ruby/object:Api::Type::NestedObject + name: publisher +======= parameters: properties: - name: 'name' @@ -133,10 +266,27 @@ properties: description: Email or URL of the data provider. - name: 'publisher' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: Details of the publisher who owns the listing and who can share the source data. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'name' + required: true + description: Name of the listing publisher. + - !ruby/object:Api::Type::String + name: 'primaryContact' + description: Email or URL of the listing publisher. + - !ruby/object:Api::Type::Array + name: 'categories' + description: | + Categories of the listing. Up to two categories are allowed. + item_type: Api::Type::String + - !ruby/object:Api::Type::NestedObject + name: bigqueryDataset +======= - name: 'name' type: String description: Name of the listing publisher. @@ -152,16 +302,53 @@ properties: type: String - name: 'bigqueryDataset' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: Shared dataset i.e. BigQuery dataset source. required: true immutable: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'dataset' + immutable: true +======= - name: 'dataset' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: Resource name of the dataset source for this listing. e.g. projects/myproject/datasets/123 required: true +<<<<<<< HEAD + diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' + - !ruby/object:Api::Type::Array + name: selectedResources + description: Resource in this dataset that is selectively shared. This field is required for data clean room exchanges. + immutable: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'table' + immutable: true + diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' + description: | + Format: For table: projects/{projectId}/datasets/{datasetId}/tables/{tableId} Example:"projects/test_project/datasets/test_dataset/tables/test_table" + - !ruby/object:Api::Type::NestedObject + name: restrictedExportConfig + description: If set, restricted export configuration will be propagated and enforced on the linked dataset. + properties: + - !ruby/object:Api::Type::Boolean + name: 'enabled' + description: + If true, enable restricted export. + - !ruby/object:Api::Type::Boolean + name: 'restrictDirectTableAccess' + output: true + description: + If true, restrict direct table access(read api/tabledata.list) on linked table. + - !ruby/object:Api::Type::Boolean + name: 'restrictQueryResult' +======= immutable: true diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' - name: 'selectedResources' @@ -192,5 +379,6 @@ properties: output: true - name: 'restrictQueryResult' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: If true, restrict export of query result derived from restricted linked dataset table. diff --git a/mmv1/products/bigqueryanalyticshub/go_DataExchange.yaml b/mmv1/products/bigqueryanalyticshub/go_DataExchange.yaml new file mode 100644 index 000000000000..207306765337 --- /dev/null +++ b/mmv1/products/bigqueryanalyticshub/go_DataExchange.yaml @@ -0,0 +1,139 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'DataExchange' +description: A Bigquery Analytics Hub data exchange +references: + guides: + 'Official Documentation': 'https://cloud.google.com/bigquery/docs/analytics-hub-introduction' + api: 'https://cloud.google.com/bigquery/docs/reference/analytics-hub/rest/v1/projects.locations.dataExchanges' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/dataExchanges' +self_link: 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/dataExchanges?data_exchange_id={{data_exchange_id}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}' + - '{{data_exchange_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: + method_name_separator: ':' + fetch_iam_policy_verb: 'POST' + parent_resource_attribute: 'data_exchange_id' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}' + - '{{data_exchange_id}}' +custom_code: +examples: + - name: 'bigquery_analyticshub_data_exchange_basic' + primary_resource_id: 'data_exchange' + primary_resource_name: 'fmt.Sprintf("tf_test_my_data_exchange%s", context["random_suffix"])' + region_override: 'US' + vars: + data_exchange_id: 'my_data_exchange' + desc: 'example data exchange' + - name: 'bigquery_analyticshub_data_exchange_dcr' + primary_resource_id: 'data_exchange' + primary_resource_name: 'fmt.Sprintf("tf_test_my_data_exchange%s", context["random_suffix"])' + region_override: 'US' + vars: + data_exchange_id: 'dcr_data_exchange' + desc: 'example dcr data exchange' +parameters: +properties: + - name: 'name' + type: String + description: |- + The resource name of the data exchange, for example: + "projects/myproject/locations/US/dataExchanges/123" + output: true + - name: 'data_exchange_id' + type: String + description: |- + The ID of the data exchange. Must contain only Unicode letters, numbers (0-9), underscores (_). Should not use characters that require URL-escaping, or characters outside of ASCII, spaces. + url_param_only: true + required: true + immutable: true + - name: 'location' + type: String + description: | + The name of the location this data exchange. + url_param_only: true + required: true + immutable: true + - name: 'displayName' + type: String + description: |- + Human-readable display name of the data exchange. The display name must contain only Unicode letters, numbers (0-9), underscores (_), dashes (-), spaces ( ), and must not start or end with spaces. + required: true + - name: 'description' + type: String + description: |- + Description of the data exchange. + - name: 'primaryContact' + type: String + description: |- + Email or URL of the primary point of contact of the data exchange. + - name: 'documentation' + type: String + description: |- + Documentation describing the data exchange. + - name: 'listingCount' + type: Integer + description: |- + Number of listings contained in the data exchange. + output: true + - name: 'icon' + type: String + description: |- + Base64 encoded image representing the data exchange. + - name: 'sharingEnvironmentConfig' + type: NestedObject + description: | + Configurable data sharing environment option for a data exchange. + This field is required for data clean room exchanges. + immutable: true + default_from_api: true + properties: + - name: 'defaultExchangeConfig' + type: NestedObject + description: | + Default Analytics Hub data exchange, used for secured data sharing. + immutable: true + send_empty_value: true + allow_empty_object: true + exactly_one_of: + - 'sharing_environment_config.0.default_exchange_config' + - 'sharing_environment_config.0.dcr_exchange_config' + properties: + [] + - name: 'dcrExchangeConfig' + type: NestedObject + description: | + Data Clean Room (DCR), used for privacy-safe and secured data sharing. + immutable: true + send_empty_value: true + allow_empty_object: true + exactly_one_of: + - 'sharing_environment_config.0.default_exchange_config' + - 'sharing_environment_config.0.dcr_exchange_config' + properties: + [] diff --git a/mmv1/products/bigqueryanalyticshub/go_Listing.yaml b/mmv1/products/bigqueryanalyticshub/go_Listing.yaml new file mode 100644 index 000000000000..ed980a56addc --- /dev/null +++ b/mmv1/products/bigqueryanalyticshub/go_Listing.yaml @@ -0,0 +1,197 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Listing' +description: A Bigquery Analytics Hub data exchange listing +references: + guides: + 'Official Documentation': 'https://cloud.google.com/bigquery/docs/analytics-hub-introduction' + api: 'https://cloud.google.com/bigquery/docs/reference/analytics-hub/rest/v1/projects.locations.dataExchanges.listings' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}/listings/{{listing_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}/listings' +self_link: 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}/listings/{{listing_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}/listings?listing_id={{listing_id}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}/listings/{{listing_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: + method_name_separator: ':' + fetch_iam_policy_verb: 'POST' + parent_resource_attribute: 'listing_id' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}/listings/{{listing_id}}' + - '{{listing_id}}' +custom_code: +# Skipping the sweeper due to the non-standard base_url +exclude_sweeper: true +examples: + - name: 'bigquery_analyticshub_listing_basic' + primary_resource_id: 'listing' + primary_resource_name: 'fmt.Sprintf("tf_test_my_data_exchange%s", context["random_suffix"]), fmt.Sprintf("tf_test_my_listing%s", context["random_suffix"])' + region_override: 'US' + vars: + data_exchange_id: 'my_data_exchange' + listing_id: 'my_listing' + desc: 'example data exchange' + - name: 'bigquery_analyticshub_listing_restricted' + primary_resource_id: 'listing' + primary_resource_name: 'fmt.Sprintf("tf_test_my_data_exchange%s", context["random_suffix"]), fmt.Sprintf("tf_test_my_listing%s", context["random_suffix"])' + region_override: 'US' + vars: + data_exchange_id: 'my_data_exchange' + listing_id: 'my_listing' + desc: 'example data exchange' + - name: 'bigquery_analyticshub_listing_dcr' + primary_resource_id: 'listing' + primary_resource_name: 'fmt.Sprintf("tf_test_my_data_exchange%s", context["random_suffix"]), fmt.Sprintf("tf_test_my_listing%s", context["random_suffix"])' + region_override: 'US' + vars: + data_exchange_id: 'dcr_data_exchange' + listing_id: 'dcr_listing' + desc: 'example dcr data exchange' +parameters: +properties: + - name: 'name' + type: String + description: |- + The resource name of the listing. e.g. "projects/myproject/locations/US/dataExchanges/123/listings/456" + output: true + - name: 'data_exchange_id' + type: String + description: |- + The ID of the data exchange. Must contain only Unicode letters, numbers (0-9), underscores (_). Should not use characters that require URL-escaping, or characters outside of ASCII, spaces. + url_param_only: true + required: true + immutable: true + - name: 'listing_id' + type: String + description: |- + The ID of the listing. Must contain only Unicode letters, numbers (0-9), underscores (_). Should not use characters that require URL-escaping, or characters outside of ASCII, spaces. + url_param_only: true + required: true + immutable: true + - name: 'location' + type: String + description: | + The name of the location this data exchange listing. + url_param_only: true + required: true + immutable: true + - name: 'displayName' + type: String + description: |- + Human-readable display name of the listing. The display name must contain only Unicode letters, numbers (0-9), underscores (_), dashes (-), spaces ( ), ampersands (&) and can't start or end with spaces. + required: true + - name: 'description' + type: String + description: |- + Short description of the listing. The description must not contain Unicode non-characters and C0 and C1 control codes except tabs (HT), new lines (LF), carriage returns (CR), and page breaks (FF). + - name: 'primaryContact' + type: String + description: |- + Email or URL of the primary point of contact of the listing. + - name: 'documentation' + type: String + description: |- + Documentation describing the listing. + - name: 'icon' + type: String + description: |- + Base64 encoded image representing the listing. + - name: 'requestAccess' + type: String + description: |- + Email or URL of the request access of the listing. Subscribers can use this reference to request access. + - name: 'dataProvider' + type: NestedObject + description: Details of the data provider who owns the source data. + properties: + - name: 'name' + type: String + description: Name of the data provider. + required: true + - name: 'primaryContact' + type: String + description: Email or URL of the data provider. + - name: 'publisher' + type: NestedObject + description: + Details of the publisher who owns the listing and who can share the source + data. + properties: + - name: 'name' + type: String + description: Name of the listing publisher. + required: true + - name: 'primaryContact' + type: String + description: Email or URL of the listing publisher. + - name: 'categories' + type: Array + description: | + Categories of the listing. Up to two categories are allowed. + item_type: + type: String + - name: 'bigqueryDataset' + type: NestedObject + description: Shared dataset i.e. BigQuery dataset source. + required: true + immutable: true + properties: + - name: 'dataset' + type: String + description: + Resource name of the dataset source for this listing. e.g. + projects/myproject/datasets/123 + required: true + immutable: true + diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' + - name: 'selectedResources' + type: Array + description: Resource in this dataset that is selectively shared. This field is required for data clean room exchanges. + immutable: true + item_type: + type: NestedObject + properties: + - name: 'table' + type: String + description: | + Format: For table: projects/{projectId}/datasets/{datasetId}/tables/{tableId} Example:"projects/test_project/datasets/test_dataset/tables/test_table" + immutable: true + diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' + - name: 'restrictedExportConfig' + type: NestedObject + description: If set, restricted export configuration will be propagated and enforced on the linked dataset. + properties: + - name: 'enabled' + type: Boolean + description: + If true, enable restricted export. + - name: 'restrictDirectTableAccess' + type: Boolean + description: + If true, restrict direct table access(read api/tabledata.list) on linked table. + output: true + - name: 'restrictQueryResult' + type: Boolean + description: + If true, restrict export of query result derived from restricted linked dataset table. diff --git a/mmv1/products/bigqueryanalyticshub/go_product.yaml b/mmv1/products/bigqueryanalyticshub/go_product.yaml new file mode 100644 index 000000000000..23eefbcf4f0c --- /dev/null +++ b/mmv1/products/bigqueryanalyticshub/go_product.yaml @@ -0,0 +1,36 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +<<<<<<<< HEAD:mmv1/products/bigqueryanalyticshub/go_product.yaml +name: 'BigqueryAnalyticsHub' +display_name: 'Bigquery Analytics Hub' +versions: + - name: 'beta' + base_url: 'https://analyticshub.googleapis.com/v1/' + - name: 'ga' + base_url: 'https://analyticshub.googleapis.com/v1/' +======== +name: 'CloudRun' +display_name: 'Cloud Run' +versions: + - name: 'ga' + base_url: 'https://{{location}}-run.googleapis.com/' + cai_base_url: 'https://run.googleapis.com/v1/' + - name: 'beta' + base_url: 'https://{{location}}-run.googleapis.com/' + cai_base_url: 'https://run.googleapis.com/v1/' +>>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856:mmv1/products/cloudrun/product.yaml +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/bigqueryanalyticshub/product.yaml b/mmv1/products/bigqueryanalyticshub/product.yaml index ebbb6b142a4d..395492145de7 100644 --- a/mmv1/products/bigqueryanalyticshub/product.yaml +++ b/mmv1/products/bigqueryanalyticshub/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2022 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,20 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: BigqueryAnalyticsHub +display_name: Bigquery Analytics Hub +scopes: + - https://www.googleapis.com/auth/cloud-platform +versions: + - !ruby/object:Api::Product::Version + name: beta + base_url: https://analyticshub.googleapis.com/v1/ + - !ruby/object:Api::Product::Version + name: ga + base_url: https://analyticshub.googleapis.com/v1/ +======= --- name: 'BigqueryAnalyticsHub' display_name: 'Bigquery Analytics Hub' @@ -21,3 +39,4 @@ versions: base_url: 'https://analyticshub.googleapis.com/v1/' scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/bigqueryconnection/Connection.yaml b/mmv1/products/bigqueryconnection/Connection.yaml index ab1781551eac..c92a7cfc9594 100644 --- a/mmv1/products/bigqueryconnection/Connection.yaml +++ b/mmv1/products/bigqueryconnection/Connection.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,58 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Connection' +base_url: projects/{{project}}/locations/{{location}}/connections +self_link: projects/{{project}}/locations/{{location}}/connections/{{connection_id}} +create_url: projects/{{project}}/locations/{{location}}/connections?connectionId={{connection_id}} +update_verb: :PATCH +update_mask: true +description: | + A connection allows BigQuery connections to external data sources.. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Cloud SQL federated queries': 'https://cloud.google.com/bigquery/docs/cloud-sql-federated-queries' + api: 'https://cloud.google.com/bigquery/docs/reference/bigqueryconnection/rest/v1/projects.locations.connections/create' +iam_policy: !ruby/object:Api::Resource::IamPolicy + method_name_separator: ':' + fetch_iam_policy_verb: :POST + parent_resource_attribute: 'connection_id' + import_format: + [ + 'projects/{{project}}/locations/{{location}}/connections/{{connection_id}}', + '{{connection_id}}', + ] +id_format: 'projects/{{project}}/locations/{{location}}/connections/{{connection_id}}' +import_format: + [ + 'projects/{{project}}/locations/{{location}}/connections/{{connection_id}}', + '{{project}}/{{location}}/{{connection_id}}', + '{{location}}/{{connection_id}}', + ] +custom_code: !ruby/object:Provider::Terraform::CustomCode + post_create: templates/terraform/post_create/bigquery_connection_id.go.erb + encoder: templates/terraform/encoders/bigquery_connection.go.erb +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_connection_cloud_resource' + external_providers: ["random", "time"] + region_override: 'US' + primary_resource_id: 'connection' + primary_resource_name: "fmt.Sprintf(\"tf-test-my-connection%s\", + context[\"random_suffix\"\ + ])" + vars: + connection_id: 'my-connection' + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_connection_basic' + external_providers: ["random", "time"] + primary_resource_id: + 'connection' + # Random provider + skip_vcr: true +======= --- name: 'Connection' description: | @@ -55,11 +111,26 @@ examples: external_providers: ["random", "time"] - name: 'bigquery_connection_basic' primary_resource_id: 'connection' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: database_instance_name: 'my-database-instance' username: 'user' deletion_protection: 'true' test_vars_overrides: +<<<<<<< HEAD + deletion_protection: 'false' + oics_vars_overrides: + deletion_protection: 'false' + ignore_read_extra: + - 'cloud_sql.0.credential' # password removed + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_connection_full' + external_providers: ["random", "time"] + primary_resource_id: + 'connection' + # Random provider + skip_vcr: true +======= 'deletion_protection': 'false' oics_vars_overrides: 'deletion_protection': 'false' @@ -71,12 +142,23 @@ examples: skip_vcr: true - name: 'bigquery_connection_full' primary_resource_id: 'connection' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: database_instance_name: 'my-database-instance' username: 'user' connection_id: 'my-connection' deletion_protection: 'true' test_vars_overrides: +<<<<<<< HEAD + deletion_protection: 'false' + oics_vars_overrides: + deletion_protection: 'false' + ignore_read_extra: + - 'cloud_sql.0.credential' # password removed + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_connection_aws' + external_providers: ["random", "time"] +======= 'deletion_protection': 'false' oics_vars_overrides: 'deletion_protection': 'false' @@ -87,30 +169,61 @@ examples: # Random provider skip_vcr: true - name: 'bigquery_connection_aws' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'connection' vars: connection_id: 'my-connection' iam_role_id: 'arn:aws:iam::999999999999:role/omnirole' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_connection_azure' + external_providers: ["random", "time"] +======= external_providers: ["random", "time"] - name: 'bigquery_connection_azure' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'connection' vars: connection_id: 'my-connection' customer_tenant_id: 'customer-tenant-id' federated_application_client_id: 'b43eeeee-eeee-eeee-eeee-a480155501ce' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_connection_cloudspanner' + external_providers: ["random", "time"] +======= external_providers: ["random", "time"] - name: 'bigquery_connection_cloudspanner' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'connection' vars: connection_id: 'my-connection' database: 'projects/project/instances/instance/databases/database' database_role: 'database_role' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_connection_cloudspanner_databoost' + external_providers: ["random", "time"] +======= external_providers: ["random", "time"] - name: 'bigquery_connection_cloudspanner_databoost' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'connection' vars: connection_id: 'my-connection' database: 'projects/project/instances/instance/databases/database' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: "bigquery_connection_spark" + region_override: "US" + primary_resource_id: "connection" + vars: + connection_id: "my-connection" + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_connection_kms' + primary_resource_id: + 'bq-connection-cmek' +======= external_providers: ["random", "time"] - name: 'bigquery_connection_spark' primary_resource_id: 'connection' @@ -119,12 +232,28 @@ examples: connection_id: 'my-connection' - name: 'bigquery_connection_kms' primary_resource_id: 'bq-connection-cmek' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: database_instance_name: 'my-database-instance' username: 'user' deletion_protection: 'true' kms_key_name: 'projects/project/locations/us-central1/keyRings/us-central1/cryptoKeys/bq-key' test_vars_overrides: +<<<<<<< HEAD + deletion_protection: 'false' + kms_key_name: 'acctest.BootstrapKMSKey(t).CryptoKey.Name' + policyChanged: + "acctest.BootstrapPSARole(t, \"bq-\", \"bigquery-encryption\", + \"roles/cloudkms.cryptoKeyEncrypterDecrypter\"\ + )" + oics_vars_overrides: + deletion_protection: 'false' + ignore_read_extra: + - 'cloud_sql.0.credential' # password removed +properties: + - !ruby/object:Api::Type::String + name: name +======= 'deletion_protection': 'false' 'kms_key_name': 'acctest.BootstrapKMSKey(t).CryptoKey.Name' 'policyChanged': 'acctest.BootstrapPSARole(t, "bq-", "bigquery-encryption", "roles/cloudkms.cryptoKeyEncrypterDecrypter")' @@ -137,20 +266,35 @@ parameters: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- The resource name of the connection in the form of: "projects/{project_id}/locations/{location_id}/connections/{connectionId}" output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: connection_id +======= - name: 'connection_id' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Optional connection id that should be assigned to the created connection. required: false immutable: true default_from_api: true +<<<<<<< HEAD + custom_flatten: 'templates/terraform/custom_flatten/id_from_name.erb' + - !ruby/object:Api::Type::String + name: 'location' + required: false + immutable: true + url_param_only: true +======= custom_flatten: 'templates/terraform/custom_flatten/id_from_name.tmpl' - name: 'location' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- The geographic location where the connection should reside. Cloud SQL instance must be in the same location as the connection @@ -159,6 +303,21 @@ properties: Spanner Connections same as spanner region AWS allowed regions are aws-us-east-1 Azure allowed regions are azure-eastus2 +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'friendlyName' + description: A descriptive name for the connection + - !ruby/object:Api::Type::String + name: 'description' + description: A descriptive description for the connection + - !ruby/object:Api::Type::Boolean + name: 'hasCredential' + output: true + description: | + True if the connection has credential assigned. + - !ruby/object:Api::Type::String + name: 'kmsKeyName' +======= url_param_only: true required: false immutable: true @@ -175,10 +334,58 @@ properties: output: true - name: 'kmsKeyName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Optional. The Cloud KMS key that is used for encryption. Example: projects/[kms_project_id]/locations/[region]/keyRings/[key_region]/cryptoKeys/[key] +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'cloudSql' + description: Connection properties specific to the Cloud SQL. + exactly_one_of: + - cloud_sql + - aws + - azure + - cloud_spanner + - cloud_resource + - spark + properties: + - !ruby/object:Api::Type::String + name: 'instanceId' + description: + Cloud SQL instance ID in the form project:location:instance. + required: true + - !ruby/object:Api::Type::String + name: 'database' + description: Database name. + required: true + - !ruby/object:Api::Type::NestedObject + name: credential + description: Cloud SQL properties. + required: true + custom_flatten: 'templates/terraform/custom_flatten/bigquery_connection_flatten.go.erb' + properties: + - !ruby/object:Api::Type::String + name: username + description: Username for database. + required: true + - !ruby/object:Api::Type::String + name: password + description: Password for database. + required: true + sensitive: true + - !ruby/object:Api::Type::Enum + name: 'type' + description: Type of the Cloud SQL database. + required: true + values: + - :DATABASE_TYPE_UNSPECIFIED + - :POSTGRES + - :MYSQL + - !ruby/object:Api::Type::String + name: 'serviceAccountId' +======= - name: 'cloudSql' type: NestedObject description: Connection properties specific to the Cloud SQL. @@ -224,11 +431,29 @@ properties: - 'MYSQL' - name: 'serviceAccountId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: When the connection is used in the context of an operation in BigQuery, this service account will serve as the identity being used for connecting to the CloudSQL instance specified in this connection. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: aws + description: Connection properties specific to Amazon Web Services. + exactly_one_of: + - cloud_sql + - aws + - azure + - cloud_spanner + - cloud_resource + - spark + update_mask_fields: + - 'aws.access_role.iam_role_id' + properties: + - !ruby/object:Api::Type::NestedObject + name: accessRole +======= - name: 'aws' type: NestedObject description: Connection properties specific to Amazon Web Services. @@ -244,24 +469,80 @@ properties: properties: - name: 'accessRole' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: Authentication using Google owned service account to assume into customer's AWS IAM Role. required: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: iamRoleId +======= - name: 'iamRoleId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: The user’s AWS IAM Role that trusts the Google-owned AWS IAM user Connection. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: identity +======= - name: 'identity' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: A unique Google-owned and Google-generated identity for the Connection. This identity will be used to access the user's AWS IAM Role. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: azure + description: Container for connection properties specific to Azure. + exactly_one_of: + - cloud_sql + - aws + - azure + - cloud_spanner + - cloud_resource + - spark + update_mask_fields: + - 'azure.customer_tenant_id' + - 'azure.federated_application_client_id' + properties: + - !ruby/object:Api::Type::String + name: 'application' + description: The name of the Azure Active Directory Application. + output: true + - !ruby/object:Api::Type::String + name: 'clientId' + output: true + description: The client id of the Azure Active Directory Application. + - !ruby/object:Api::Type::String + name: 'objectId' + output: true + description: The object id of the Azure Active Directory Application. + - !ruby/object:Api::Type::String + name: 'customerTenantId' + description: The id of customer's directory that host the data. + required: true + - !ruby/object:Api::Type::String + name: 'federatedApplicationClientId' + description: + The Azure Application (client) ID where the federated credentials will + be hosted. + - !ruby/object:Api::Type::String + name: 'redirectUri' + output: true + description: + The URL user will be redirected to after granting consent during + connection setup. + - !ruby/object:Api::Type::String + name: 'identity' +======= - name: 'azure' type: NestedObject description: Container for connection properties specific to Azure. @@ -305,11 +586,36 @@ properties: output: true - name: 'identity' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: A unique Google-owned and Google-generated identity for the Connection. This identity will be used to access the user's Azure Active Directory Application. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: cloudSpanner + description: Connection properties specific to Cloud Spanner + exactly_one_of: + - cloud_sql + - aws + - azure + - cloud_spanner + - cloud_resource + - spark + properties: + - !ruby/object:Api::Type::String + name: 'database' + description: + Cloud Spanner database in the form `project/instance/database'. + required: true + - !ruby/object:Api::Type::Boolean + name: 'useParallelism' + description: + If parallelism should be used when reading from Cloud Spanner. + - !ruby/object:Api::Type::Integer + name: 'maxParallelism' +======= - name: 'cloudSpanner' type: NestedObject description: Connection properties specific to Cloud Spanner @@ -332,37 +638,79 @@ properties: If parallelism should be used when reading from Cloud Spanner. - name: 'maxParallelism' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: Allows setting max parallelism per query when executing on Spanner independent compute resources. If unspecified, default values of parallelism are chosen that are dependent on the Cloud Spanner instance configuration. `useParallelism` and `useDataBoost` must be set when setting max parallelism. required_with: +<<<<<<< HEAD + - cloudSpanner.0.useDataBoost + - cloudSpanner.0.useParallelism + - !ruby/object:Api::Type::Boolean + name: 'useDataBoost' +======= - 'cloudSpanner.0.useDataBoost' - 'cloudSpanner.0.useParallelism' - name: 'useDataBoost' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: If set, the request will be executed via Spanner independent compute resources. `use_parallelism` must be set when using data boost. required_with: +<<<<<<< HEAD + - cloudSpanner.0.useParallelism + - !ruby/object:Api::Type::String + name: 'databaseRole' +======= - 'cloudSpanner.0.useParallelism' - name: 'databaseRole' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: Cloud Spanner database role for fine-grained access control. The Cloud Spanner admin should have provisioned the database role with appropriate permissions, such as `SELECT` and `INSERT`. Other users should only use roles provided by their Cloud Spanner admins. The database role name must start with a letter, and can only contain letters, numbers, and underscores. For more details, see https://cloud.google.com/spanner/docs/fgac-about. +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + regex: '^[a-zA-Z][a-zA-Z0-9_]*$' + - !ruby/object:Api::Type::Boolean + name: 'useServerlessAnalytics' +======= validation: regex: '^[a-zA-Z][a-zA-Z0-9_]*$' - name: 'useServerlessAnalytics' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: If the serverless analytics service should be used to read data from Cloud Spanner. `useParallelism` must be set when using serverless analytics. +<<<<<<< HEAD + deprecation_message: >- + `useServerlessAnalytics` is deprecated and will be removed in a future major release. Use + `useDataBoost` instead. + - !ruby/object:Api::Type::NestedObject + name: cloudResource + description: + Container for connection properties for delegation of access to GCP + resources. + exactly_one_of: + - cloud_sql + - aws + - azure + - cloud_spanner + - cloud_resource + - spark + send_empty_value: true + properties: + - !ruby/object:Api::Type::String + name: 'serviceAccountId' +======= deprecation_message: '`useServerlessAnalytics` is deprecated and will be removed in a future major release. Use `useDataBoost` instead.' - name: 'cloudResource' type: NestedObject @@ -380,10 +728,44 @@ properties: properties: - name: 'serviceAccountId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: The account ID of the service created for the purpose of this connection. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: spark + description: Container for connection properties to execute stored procedures for Apache Spark. + resources. + exactly_one_of: + - cloud_sql + - aws + - azure + - cloud_spanner + - cloud_resource + - spark + send_empty_value: true + properties: + - !ruby/object:Api::Type::String + name: 'serviceAccountId' + description: The account ID of the service created for the purpose of this + connection. + output: true + - !ruby/object:Api::Type::NestedObject + name: metastoreServiceConfig + description: Dataproc Metastore Service configuration for the connection. + properties: + - !ruby/object:Api::Type::String + name: metastoreService + description: Resource name of an existing Dataproc Metastore service in the form of projects/[projectId]/locations/[region]/services/[serviceId]. + - !ruby/object:Api::Type::NestedObject + name: sparkHistoryServerConfig + description: Spark History Server configuration for the connection. + properties: + - !ruby/object:Api::Type::String + name: dataprocCluster +======= - name: 'spark' type: NestedObject description: Container for connection properties to execute stored procedures for Apache Spark. @@ -415,4 +797,5 @@ properties: properties: - name: 'dataprocCluster' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: Resource name of an existing Dataproc Cluster to act as a Spark History Server for the connection if the form of projects/[projectId]/regions/[region]/clusters/[cluster_name]. diff --git a/mmv1/products/bigqueryconnection/go_Connection.yaml b/mmv1/products/bigqueryconnection/go_Connection.yaml new file mode 100644 index 000000000000..446879e1c17f --- /dev/null +++ b/mmv1/products/bigqueryconnection/go_Connection.yaml @@ -0,0 +1,419 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Connection' +description: | + A connection allows BigQuery connections to external data sources.. +references: + guides: + 'Cloud SQL federated queries': 'https://cloud.google.com/bigquery/docs/cloud-sql-federated-queries' + api: 'https://cloud.google.com/bigquery/docs/reference/bigqueryconnection/rest/v1/projects.locations.connections/create' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/connections/{{connection_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/connections' +self_link: 'projects/{{project}}/locations/{{location}}/connections/{{connection_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/connections?connectionId={{connection_id}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/connections/{{connection_id}}' + - '{{project}}/{{location}}/{{connection_id}}' + - '{{location}}/{{connection_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: + method_name_separator: ':' + fetch_iam_policy_verb: 'POST' + parent_resource_attribute: 'connection_id' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/{{location}}/connections/{{connection_id}}' + - '{{connection_id}}' +custom_code: + encoder: 'templates/terraform/encoders/go/bigquery_connection.go.tmpl' + post_create: 'templates/terraform/post_create/go/bigquery_connection_id.go.tmpl' +examples: + - name: 'bigquery_connection_cloud_resource' + primary_resource_id: 'connection' + primary_resource_name: 'fmt.Sprintf("tf-test-my-connection%s", context["random_suffix"])' + region_override: 'US' + vars: + connection_id: 'my-connection' + external_providers: ["random", "time"] + - name: 'bigquery_connection_basic' + primary_resource_id: 'connection' + vars: + database_instance_name: 'my-database-instance' + username: 'user' + deletion_protection: 'true' + test_vars_overrides: + 'deletion_protection': 'false' + oics_vars_overrides: + 'deletion_protection': 'false' + ignore_read_extra: + # password removed + - 'cloud_sql.0.credential' + external_providers: ["random", "time"] + # Random provider + skip_vcr: true + - name: 'bigquery_connection_full' + primary_resource_id: 'connection' + vars: + database_instance_name: 'my-database-instance' + username: 'user' + connection_id: 'my-connection' + deletion_protection: 'true' + test_vars_overrides: + 'deletion_protection': 'false' + oics_vars_overrides: + 'deletion_protection': 'false' + ignore_read_extra: + # password removed + - 'cloud_sql.0.credential' + external_providers: ["random", "time"] + # Random provider + skip_vcr: true + - name: 'bigquery_connection_aws' + primary_resource_id: 'connection' + vars: + connection_id: 'my-connection' + iam_role_id: 'arn:aws:iam::999999999999:role/omnirole' + external_providers: ["random", "time"] + - name: 'bigquery_connection_azure' + primary_resource_id: 'connection' + vars: + connection_id: 'my-connection' + customer_tenant_id: 'customer-tenant-id' + federated_application_client_id: 'b43eeeee-eeee-eeee-eeee-a480155501ce' + external_providers: ["random", "time"] + - name: 'bigquery_connection_cloudspanner' + primary_resource_id: 'connection' + vars: + connection_id: 'my-connection' + database: 'projects/project/instances/instance/databases/database' + database_role: 'database_role' + external_providers: ["random", "time"] + - name: 'bigquery_connection_cloudspanner_databoost' + primary_resource_id: 'connection' + vars: + connection_id: 'my-connection' + database: 'projects/project/instances/instance/databases/database' + external_providers: ["random", "time"] + - name: 'bigquery_connection_spark' + primary_resource_id: 'connection' + region_override: 'US' + vars: + connection_id: 'my-connection' + - name: 'bigquery_connection_kms' + primary_resource_id: 'bq-connection-cmek' + vars: + database_instance_name: 'my-database-instance' + username: 'user' + deletion_protection: 'true' + kms_key_name: 'projects/project/locations/us-central1/keyRings/us-central1/cryptoKeys/bq-key' + test_vars_overrides: + 'deletion_protection': 'false' + 'kms_key_name': 'acctest.BootstrapKMSKey(t).CryptoKey.Name' + 'policyChanged': 'acctest.BootstrapPSARole(t, "bq-", "bigquery-encryption", "roles/cloudkms.cryptoKeyEncrypterDecrypter")' + oics_vars_overrides: + 'deletion_protection': 'false' + ignore_read_extra: + # password removed + - 'cloud_sql.0.credential' +parameters: +properties: + - name: 'name' + type: String + description: |- + The resource name of the connection in the form of: + "projects/{project_id}/locations/{location_id}/connections/{connectionId}" + output: true + - name: 'connection_id' + type: String + description: | + Optional connection id that should be assigned to the created connection. + required: false + immutable: true + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/go/id_from_name.tmpl' + - name: 'location' + type: String + description: |- + The geographic location where the connection should reside. + Cloud SQL instance must be in the same location as the connection + with following exceptions: Cloud SQL us-central1 maps to BigQuery US, Cloud SQL europe-west1 maps to BigQuery EU. + Examples: US, EU, asia-northeast1, us-central1, europe-west1. + Spanner Connections same as spanner region + AWS allowed regions are aws-us-east-1 + Azure allowed regions are azure-eastus2 + url_param_only: true + required: false + immutable: true + - name: 'friendlyName' + type: String + description: A descriptive name for the connection + - name: 'description' + type: String + description: A descriptive description for the connection + - name: 'hasCredential' + type: Boolean + description: | + True if the connection has credential assigned. + output: true + - name: 'kmsKeyName' + type: String + description: | + Optional. The Cloud KMS key that is used for encryption. + + Example: projects/[kms_project_id]/locations/[region]/keyRings/[key_region]/cryptoKeys/[key] + - name: 'cloudSql' + type: NestedObject + description: Connection properties specific to the Cloud SQL. + exactly_one_of: + - 'cloud_sql' + - 'aws' + - 'azure' + - 'cloud_spanner' + - 'cloud_resource' + - 'spark' + properties: + - name: 'instanceId' + type: String + description: + Cloud SQL instance ID in the form project:location:instance. + required: true + - name: 'database' + type: String + description: Database name. + required: true + - name: 'credential' + type: NestedObject + description: Cloud SQL properties. + required: true + custom_flatten: 'templates/terraform/custom_flatten/go/bigquery_connection_flatten.go.tmpl' + properties: + - name: 'username' + type: String + description: Username for database. + required: true + - name: 'password' + type: String + description: Password for database. + required: true + sensitive: true + - name: 'type' + type: Enum + description: Type of the Cloud SQL database. + required: true + enum_values: + - 'DATABASE_TYPE_UNSPECIFIED' + - 'POSTGRES' + - 'MYSQL' + - name: 'serviceAccountId' + type: String + description: + When the connection is used in the context of an operation in + BigQuery, this service account will serve as the identity being used + for connecting to the CloudSQL instance specified in this connection. + output: true + - name: 'aws' + type: NestedObject + description: Connection properties specific to Amazon Web Services. + update_mask_fields: + - 'aws.access_role.iam_role_id' + exactly_one_of: + - 'cloud_sql' + - 'aws' + - 'azure' + - 'cloud_spanner' + - 'cloud_resource' + - 'spark' + properties: + - name: 'accessRole' + type: NestedObject + description: + Authentication using Google owned service account to assume into + customer's AWS IAM Role. + required: true + properties: + - name: 'iamRoleId' + type: String + description: + The user’s AWS IAM Role that trusts the Google-owned AWS IAM user + Connection. + required: true + - name: 'identity' + type: String + description: + A unique Google-owned and Google-generated identity for the + Connection. This identity will be used to access the user's AWS + IAM Role. + output: true + - name: 'azure' + type: NestedObject + description: Container for connection properties specific to Azure. + update_mask_fields: + - 'azure.customer_tenant_id' + - 'azure.federated_application_client_id' + exactly_one_of: + - 'cloud_sql' + - 'aws' + - 'azure' + - 'cloud_spanner' + - 'cloud_resource' + - 'spark' + properties: + - name: 'application' + type: String + description: The name of the Azure Active Directory Application. + output: true + - name: 'clientId' + type: String + description: The client id of the Azure Active Directory Application. + output: true + - name: 'objectId' + type: String + description: The object id of the Azure Active Directory Application. + output: true + - name: 'customerTenantId' + type: String + description: The id of customer's directory that host the data. + required: true + - name: 'federatedApplicationClientId' + type: String + description: + The Azure Application (client) ID where the federated credentials will + be hosted. + - name: 'redirectUri' + type: String + description: + The URL user will be redirected to after granting consent during + connection setup. + output: true + - name: 'identity' + type: String + description: + A unique Google-owned and Google-generated identity for the + Connection. This identity will be used to access the user's Azure + Active Directory Application. + output: true + - name: 'cloudSpanner' + type: NestedObject + description: Connection properties specific to Cloud Spanner + exactly_one_of: + - 'cloud_sql' + - 'aws' + - 'azure' + - 'cloud_spanner' + - 'cloud_resource' + - 'spark' + properties: + - name: 'database' + type: String + description: + Cloud Spanner database in the form `project/instance/database'. + required: true + - name: 'useParallelism' + type: Boolean + description: + If parallelism should be used when reading from Cloud Spanner. + - name: 'maxParallelism' + type: Integer + description: + Allows setting max parallelism per query when executing on Spanner independent compute + resources. If unspecified, default values of parallelism are chosen that are dependent on + the Cloud Spanner instance configuration. `useParallelism` and `useDataBoost` must be set + when setting max parallelism. + required_with: + - 'cloudSpanner.0.useDataBoost' + - 'cloudSpanner.0.useParallelism' + - name: 'useDataBoost' + type: Boolean + description: + If set, the request will be executed via Spanner independent compute resources. + `use_parallelism` must be set when using data boost. + required_with: + - 'cloudSpanner.0.useParallelism' + - name: 'databaseRole' + type: String + description: + Cloud Spanner database role for fine-grained access control. The Cloud Spanner admin + should have provisioned the database role with appropriate permissions, such as `SELECT` + and `INSERT`. Other users should only use roles provided by their Cloud Spanner admins. + The database role name must start with a letter, and can only contain letters, numbers, + and underscores. For more details, see https://cloud.google.com/spanner/docs/fgac-about. + validation: + regex: '^[a-zA-Z][a-zA-Z0-9_]*$' + - name: 'useServerlessAnalytics' + type: Boolean + description: + If the serverless analytics service should be used to read data from + Cloud Spanner. `useParallelism` must be set when using serverless + analytics. + deprecation_message: '`useServerlessAnalytics` is deprecated and will be removed in a future major release. Use `useDataBoost` instead.' + - name: 'cloudResource' + type: NestedObject + description: + Container for connection properties for delegation of access to GCP + resources. + send_empty_value: true + exactly_one_of: + - 'cloud_sql' + - 'aws' + - 'azure' + - 'cloud_spanner' + - 'cloud_resource' + - 'spark' + properties: + - name: 'serviceAccountId' + type: String + description: + The account ID of the service created for the purpose of this + connection. + output: true + - name: 'spark' + type: NestedObject + description: Container for connection properties to execute stored procedures for Apache Spark. + resources. + send_empty_value: true + exactly_one_of: + - 'cloud_sql' + - 'aws' + - 'azure' + - 'cloud_spanner' + - 'cloud_resource' + - 'spark' + properties: + - name: 'serviceAccountId' + type: String + description: The account ID of the service created for the purpose of this + connection. + output: true + - name: 'metastoreServiceConfig' + type: NestedObject + description: Dataproc Metastore Service configuration for the connection. + properties: + - name: 'metastoreService' + type: String + description: Resource name of an existing Dataproc Metastore service in the form of projects/[projectId]/locations/[region]/services/[serviceId]. + - name: 'sparkHistoryServerConfig' + type: NestedObject + description: Spark History Server configuration for the connection. + properties: + - name: 'dataprocCluster' + type: String + description: Resource name of an existing Dataproc Cluster to act as a Spark History Server for the connection if the form of projects/[projectId]/regions/[region]/clusters/[cluster_name]. diff --git a/mmv1/products/bigqueryconnection/go_product.yaml b/mmv1/products/bigqueryconnection/go_product.yaml new file mode 100644 index 000000000000..60e682e90d8c --- /dev/null +++ b/mmv1/products/bigqueryconnection/go_product.yaml @@ -0,0 +1,23 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'BigqueryConnection' +legacy_name: 'bigquery' +display_name: 'BigQuery Connection' +versions: + - name: 'ga' + base_url: 'https://bigqueryconnection.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/bigquery' diff --git a/mmv1/products/bigqueryconnection/product.yaml b/mmv1/products/bigqueryconnection/product.yaml index a65fa285a38c..1811dda94e76 100644 --- a/mmv1/products/bigqueryconnection/product.yaml +++ b/mmv1/products/bigqueryconnection/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2020 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,18 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: BigqueryConnection +display_name: BigQuery Connection +legacy_name: bigquery +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://bigqueryconnection.googleapis.com/v1/ +scopes: + - https://www.googleapis.com/auth/bigquery +======= --- name: 'BigqueryConnection' legacy_name: 'bigquery' @@ -20,3 +36,4 @@ versions: base_url: 'https://bigqueryconnection.googleapis.com/v1/' scopes: - 'https://www.googleapis.com/auth/bigquery' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/bigquerydatapolicy/DataPolicy.yaml b/mmv1/products/bigquerydatapolicy/DataPolicy.yaml index 1de92c006217..d98a0d49bdb0 100644 --- a/mmv1/products/bigquerydatapolicy/DataPolicy.yaml +++ b/mmv1/products/bigquerydatapolicy/DataPolicy.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,50 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'DataPolicy' +base_url: projects/{{project}}/locations/{{location}}/dataPolicies +create_url: projects/{{project}}/locations/{{location}}/dataPolicies +self_link: projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}} +update_verb: :PATCH +update_mask: true +description: A BigQuery Data Policy +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/bigquery/docs/column-data-masking-intro' + api: 'https://cloud.google.com/bigquery/docs/reference/bigquerydatapolicy/rest/v1beta1/projects.locations.dataPolicies/create' +iam_policy: !ruby/object:Api::Resource::IamPolicy + method_name_separator: ':' + fetch_iam_policy_verb: :POST + parent_resource_attribute: 'data_policy_id' + import_format: + [ + 'projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}}', + '{{data_policy_id}}', + ] +id_format: projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}} +import_format: + [ + 'projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}}', + '{{project}}/{{location}}/{{data_policy_id}}', + '{{location}}/{{data_policy_id}}', + ] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_datapolicy_data_policy_basic' + primary_resource_id: 'data_policy' + primary_resource_name: + 'fmt.Sprintf("tf_test_data_policy%s", context["random_suffix"])' + vars: + data_policy_id: 'data_policy' + taxonomy: 'taxonomy' + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_datapolicy_data_policy_routine' + primary_resource_id: 'data_policy' + primary_resource_name: + 'fmt.Sprintf("tf_test_data_policy%s", context["random_suffix"])' +======= --- name: 'DataPolicy' description: A BigQuery Data Policy @@ -52,10 +100,21 @@ examples: - name: 'bigquery_datapolicy_data_policy_routine' primary_resource_id: 'data_policy' primary_resource_name: 'fmt.Sprintf("tf_test_data_policy%s", context["random_suffix"])' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: data_policy_id: 'data_policy' taxonomy: 'taxonomy' dataset_id: 'dataset_id' +<<<<<<< HEAD +properties: + - !ruby/object:Api::Type::String + name: name + description: |- + Resource name of this data policy, in the format of projects/{project_number}/locations/{locationId}/dataPolicies/{dataPolicyId}. + output: true + - !ruby/object:Api::Type::String + name: dataPolicyId +======= parameters: properties: - name: 'name' @@ -65,10 +124,22 @@ properties: output: true - name: 'dataPolicyId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- User-assigned (human readable) ID of the data policy that needs to be unique within a project. Used as {dataPolicyId} in part of the resource name. required: true immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: location + description: | + The name of the location of the data policy. + required: true + immutable: true + url_param_only: true + - !ruby/object:Api::Type::String + name: policyTag +======= - name: 'location' type: String description: | @@ -78,10 +149,50 @@ properties: immutable: true - name: 'policyTag' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Policy tag resource name, in the format of projects/{project_number}/locations/{locationId}/taxonomies/{taxonomyId}/policyTags/{policyTag_id}. required: true diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' +<<<<<<< HEAD + custom_flatten: 'templates/terraform/custom_flatten/bigquery_datapolicy_policy_tag_location_to_lower_case.go.erb' + - !ruby/object:Api::Type::Enum + name: dataPolicyType + description: | + The enrollment level of the service. + required: true + values: + - :COLUMN_LEVEL_SECURITY_POLICY + - :DATA_MASKING_POLICY + - !ruby/object:Api::Type::NestedObject + name: 'dataMaskingPolicy' + description: | + The data masking policy that specifies the data masking rule to use. + properties: + - !ruby/object:Api::Type::Enum + name: 'predefinedExpression' + exactly_one_of: + - data_masking_policy.0.predefined_expression + - data_masking_policy.0.routine + description: |- + The available masking rules. Learn more here: https://cloud.google.com/bigquery/docs/column-data-masking-intro#masking_options. + values: + - :SHA256 + - :ALWAYS_NULL + - :DEFAULT_MASKING_VALUE + - :LAST_FOUR_CHARACTERS + - :FIRST_FOUR_CHARACTERS + - :EMAIL_MASK + - :DATE_YEAR_MASK + - !ruby/object:Api::Type::String + exactly_one_of: + - data_masking_policy.0.predefined_expression + - data_masking_policy.0.routine + name: routine + diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' + description: |- + The name of the BigQuery routine that contains the custom masking routine, in the format of projects/{projectNumber}/datasets/{dataset_id}/routines/{routine_id}. +======= custom_flatten: 'templates/terraform/custom_flatten/bigquery_datapolicy_policy_tag_location_to_lower_case.go.tmpl' - name: 'dataPolicyType' type: Enum @@ -119,3 +230,4 @@ properties: - 'data_masking_policy.0.predefined_expression' - 'data_masking_policy.0.routine' diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/bigquerydatapolicy/go_DataPolicy.yaml b/mmv1/products/bigquerydatapolicy/go_DataPolicy.yaml new file mode 100644 index 000000000000..3ae28e743273 --- /dev/null +++ b/mmv1/products/bigquerydatapolicy/go_DataPolicy.yaml @@ -0,0 +1,122 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'DataPolicy' +description: A BigQuery Data Policy +references: + guides: + 'Official Documentation': 'https://cloud.google.com/bigquery/docs/column-data-masking-intro' + api: 'https://cloud.google.com/bigquery/docs/reference/bigquerydatapolicy/rest/v1beta1/projects.locations.dataPolicies/create' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/dataPolicies' +self_link: 'projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/dataPolicies' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}}' + - '{{project}}/{{location}}/{{data_policy_id}}' + - '{{location}}/{{data_policy_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: + method_name_separator: ':' + fetch_iam_policy_verb: 'POST' + parent_resource_attribute: 'data_policy_id' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}}' + - '{{data_policy_id}}' +custom_code: +examples: + - name: 'bigquery_datapolicy_data_policy_basic' + primary_resource_id: 'data_policy' + primary_resource_name: 'fmt.Sprintf("tf_test_data_policy%s", context["random_suffix"])' + vars: + data_policy_id: 'data_policy' + taxonomy: 'taxonomy' + - name: 'bigquery_datapolicy_data_policy_routine' + primary_resource_id: 'data_policy' + primary_resource_name: 'fmt.Sprintf("tf_test_data_policy%s", context["random_suffix"])' + vars: + data_policy_id: 'data_policy' + taxonomy: 'taxonomy' + dataset_id: 'dataset_id' +parameters: +properties: + - name: 'name' + type: String + description: |- + Resource name of this data policy, in the format of projects/{project_number}/locations/{locationId}/dataPolicies/{dataPolicyId}. + output: true + - name: 'dataPolicyId' + type: String + description: |- + User-assigned (human readable) ID of the data policy that needs to be unique within a project. Used as {dataPolicyId} in part of the resource name. + required: true + immutable: true + - name: 'location' + type: String + description: | + The name of the location of the data policy. + url_param_only: true + required: true + immutable: true + - name: 'policyTag' + type: String + description: |- + Policy tag resource name, in the format of projects/{project_number}/locations/{locationId}/taxonomies/{taxonomyId}/policyTags/{policyTag_id}. + required: true + diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' + custom_flatten: 'templates/terraform/custom_flatten/go/bigquery_datapolicy_policy_tag_location_to_lower_case.go.tmpl' + - name: 'dataPolicyType' + type: Enum + description: | + The enrollment level of the service. + required: true + enum_values: + - 'COLUMN_LEVEL_SECURITY_POLICY' + - 'DATA_MASKING_POLICY' + - name: 'dataMaskingPolicy' + type: NestedObject + description: | + The data masking policy that specifies the data masking rule to use. + properties: + - name: 'predefinedExpression' + type: Enum + description: |- + The available masking rules. Learn more here: https://cloud.google.com/bigquery/docs/column-data-masking-intro#masking_options. + exactly_one_of: + - 'data_masking_policy.0.predefined_expression' + - 'data_masking_policy.0.routine' + enum_values: + - 'SHA256' + - 'ALWAYS_NULL' + - 'DEFAULT_MASKING_VALUE' + - 'LAST_FOUR_CHARACTERS' + - 'FIRST_FOUR_CHARACTERS' + - 'EMAIL_MASK' + - 'DATE_YEAR_MASK' + - name: 'routine' + type: String + description: |- + The name of the BigQuery routine that contains the custom masking routine, in the format of projects/{projectNumber}/datasets/{dataset_id}/routines/{routine_id}. + exactly_one_of: + - 'data_masking_policy.0.predefined_expression' + - 'data_masking_policy.0.routine' + diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' diff --git a/mmv1/products/bigquerydatapolicy/go_product.yaml b/mmv1/products/bigquerydatapolicy/go_product.yaml new file mode 100644 index 000000000000..4ce6adf2e5b2 --- /dev/null +++ b/mmv1/products/bigquerydatapolicy/go_product.yaml @@ -0,0 +1,24 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'BigqueryDatapolicy' +display_name: 'BigQuery Data Policy' +versions: + - name: 'beta' + base_url: 'https://bigquerydatapolicy.googleapis.com/v1/' + - name: 'ga' + base_url: 'https://bigquerydatapolicy.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/bigquerydatapolicy/product.yaml b/mmv1/products/bigquerydatapolicy/product.yaml index 9404cb928d2e..8cd4748925fb 100644 --- a/mmv1/products/bigquerydatapolicy/product.yaml +++ b/mmv1/products/bigquerydatapolicy/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2022 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,20 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: BigqueryDatapolicy +display_name: BigQuery Data Policy +scopes: + - https://www.googleapis.com/auth/cloud-platform +versions: + - !ruby/object:Api::Product::Version + name: beta + base_url: https://bigquerydatapolicy.googleapis.com/v1/ + - !ruby/object:Api::Product::Version + name: ga + base_url: https://bigquerydatapolicy.googleapis.com/v1/ +======= --- name: 'BigqueryDatapolicy' display_name: 'BigQuery Data Policy' @@ -21,3 +39,4 @@ versions: base_url: 'https://bigquerydatapolicy.googleapis.com/v1/' scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/bigquerydatatransfer/Config.yaml b/mmv1/products/bigquerydatatransfer/Config.yaml index 093bc363eac7..7392b76fdf51 100644 --- a/mmv1/products/bigquerydatatransfer/Config.yaml +++ b/mmv1/products/bigquerydatatransfer/Config.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,39 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Config' +base_url: projects/{{project}}/locations/{{location}}/transferConfigs?serviceAccountName={{service_account_name}} +self_link: '{{name}}' +update_url: "{{name}}?serviceAccountName={{service_account_name}}" +update_verb: :PATCH +description: | + Represents a data transfer configuration. A transfer configuration + contains all metadata needed to perform a data transfer. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/bigquery/docs/reference/datatransfer/rest/' + api: 'https://cloud.google.com/bigquery/docs/reference/datatransfer/rest/v1/projects.locations.transferConfigs/create' +import_format: ['{{name}}'] +id_format: '{{name}}' +error_retry_predicates: ['transport_tpg.IamMemberMissing'] +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: templates/terraform/constants/bigquery_data_transfer.go.erb + decoder: templates/terraform/decoders/bigquery_data_transfer.go.erb + encoder: templates/terraform/encoders/bigquery_data_transfer.go.erb + custom_import: templates/terraform/custom_import/bigquery_data_transfer_self_link_as_name_set_location.go.erb + post_create: templates/terraform/post_create/set_computed_name.erb + pre_update: templates/terraform/pre_update/bigquerydatatransfer_config.erb +custom_diff: [ + 'sensitiveParamCustomizeDiff', + 'paramsCustomizeDiff', +] +examples: + - !ruby/object:Provider::Terraform::Examples + skip_test: true + name: 'bigquerydatatransfer_config_scheduled_query' +======= --- name: 'Config' description: | @@ -47,23 +84,53 @@ error_retry_predicates: - 'transport_tpg.IamMemberMissing' examples: - name: 'bigquerydatatransfer_config_scheduled_query' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'query_config' vars: display_name: 'my-query' dataset_id: 'my_dataset' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'bigquerydatatransfer_config_cmek' + skip_test: true +======= exclude_test: true - name: 'bigquerydatatransfer_config_cmek' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'query_config_cmek' vars: dataset_id: 'example_dataset' key_name: 'example-key' keyring_name: 'example-keyring' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + skip_test: true + name: 'bigquerydatatransfer_config_salesforce' +======= exclude_test: true - name: 'bigquerydatatransfer_config_salesforce' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'salesforce_config' vars: display_name: 'my-salesforce-config' dataset_id: 'my_dataset' +<<<<<<< HEAD + +parameters: + - !ruby/object:Api::Type::String + name: 'location' + url_param_only: true + immutable: true + default_value: US + description: | + The geographic location where the transfer config should reside. + Examples: US, EU, asia-northeast1. The default value is US. + ignore_read: true + - !ruby/object:Api::Type::String + name: 'serviceAccountName' + url_param_only: true + default_value: '' +======= exclude_test: true parameters: - name: 'location' @@ -77,10 +144,22 @@ parameters: default_value: "US" - name: 'serviceAccountName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Service account email. If this field is set, transfer config will be created with this service account credentials. It requires that requesting user calling this API has permissions to act as this service account. +<<<<<<< HEAD +properties: + - !ruby/object:Api::Type::String + name: 'displayName' + required: true + description: | + The user specified display name for the transfer config. + - !ruby/object:Api::Type::String + name: 'name' + output: true +======= url_param_only: true default_value: "" properties: @@ -91,12 +170,27 @@ properties: required: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The resource name of the transfer config. Transfer config names have the form projects/{projectId}/locations/{location}/transferConfigs/{configId} or projects/{projectId}/transferConfigs/{configId}, where configId is usually a uuid, but this is not required. The name is ignored when creating a transfer config. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'destinationDatasetId' + description: | + The BigQuery target dataset id. + - !ruby/object:Api::Type::String + name: 'dataSourceId' + immutable: true + required: true + description: | + The data source id. Cannot be changed once the transfer config is created. + - !ruby/object:Api::Type::String + name: 'schedule' +======= output: true - name: 'destinationDatasetId' type: String @@ -110,6 +204,7 @@ properties: immutable: true - name: 'schedule' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Data transfer schedule. If the data source does not support a custom schedule, this should be empty. If it is empty, the default value for @@ -120,6 +215,15 @@ properties: https://cloud.google.com/appengine/docs/flexible/python/scheduling-jobs-with-cron-yaml#the_schedule_format NOTE: The minimum interval time between recurring transfers depends on the data source; refer to the documentation for your data source. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'scheduleOptions' + description: | + Options customizing the data transfer schedule. + properties: + - !ruby/object:Api::Type::Boolean + name: 'disableAutoScheduling' +======= - name: 'scheduleOptions' type: NestedObject description: | @@ -127,6 +231,7 @@ properties: properties: - name: 'disableAutoScheduling' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If true, automatic scheduling of data transfer runs for this configuration will be disabled. The runs can be started on ad-hoc @@ -134,11 +239,19 @@ properties: scheduling is disabled, the TransferConfig.schedule field will be ignored. at_least_one_of: +<<<<<<< HEAD + - schedule_options.0.disable_auto_scheduling + - schedule_options.0.start_time + - schedule_options.0.end_time + - !ruby/object:Api::Type::Time + name: 'startTime' +======= - 'schedule_options.0.disable_auto_scheduling' - 'schedule_options.0.start_time' - 'schedule_options.0.end_time' - name: 'startTime' type: Time +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies time to start scheduling transfer runs. The first run will be scheduled at or after the start time according to a recurrence pattern @@ -146,26 +259,56 @@ properties: moment. The time when a data transfer can be triggered manually is not limited by this option. at_least_one_of: +<<<<<<< HEAD + - schedule_options.0.disable_auto_scheduling + - schedule_options.0.start_time + - schedule_options.0.end_time + - !ruby/object:Api::Type::Time + name: 'endTime' +======= - 'schedule_options.0.disable_auto_scheduling' - 'schedule_options.0.start_time' - 'schedule_options.0.end_time' - name: 'endTime' type: Time +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Defines time to stop scheduling transfer runs. A transfer run cannot be scheduled at or after the end time. The end time can be changed at any moment. The time when a data transfer can be triggered manually is not limited by this option. at_least_one_of: +<<<<<<< HEAD + - schedule_options.0.disable_auto_scheduling + - schedule_options.0.start_time + - schedule_options.0.end_time + - !ruby/object:Api::Type::NestedObject + name: 'emailPreferences' +======= - 'schedule_options.0.disable_auto_scheduling' - 'schedule_options.0.start_time' - 'schedule_options.0.end_time' - name: 'emailPreferences' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Email notifications will be sent according to these preferences to the email address of the user who owns this transfer config. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'enableFailureEmail' + required: true + description: | + If true, email notifications will be sent on transfer run failures. + - !ruby/object:Api::Type::String + name: 'notificationPubsubTopic' + description: | + Pub/Sub topic where notifications will be sent after transfer runs + associated with this transfer config finish. + - !ruby/object:Api::Type::Integer + name: 'dataRefreshWindowDays' +======= - name: 'enableFailureEmail' type: Boolean description: | @@ -178,12 +321,32 @@ properties: associated with this transfer config finish. - name: 'dataRefreshWindowDays' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The number of days to look back to automatically refresh the data. For example, if dataRefreshWindowDays = 10, then every day BigQuery reingests data for [today-10, today-1], rather than ingesting data for just [today-1]. Only valid if the data source supports the feature. Set the value to 0 to use the default value. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'encryptionConfiguration' + description: | + Represents the encryption configuration for a transfer. + properties: + - !ruby/object:Api::Type::String + name: 'kmsKeyName' + required: true + description: | + The name of the KMS key used for encrypting BigQuery data. + - !ruby/object:Api::Type::Boolean + name: 'disabled' + description: | + When set to true, no runs are scheduled for a given transfer. + - !ruby/object:Api::Type::KeyValuePairs + name: 'params' + required: true +======= - name: 'encryptionConfiguration' type: NestedObject description: | @@ -200,16 +363,24 @@ properties: When set to true, no runs are scheduled for a given transfer. - name: 'params' type: KeyValuePairs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Parameters specific to each data source. For more information see the bq tab in the 'Setting up a data transfer' section for each data source. For example the parameters for Cloud Storage transfers are listed here: https://cloud.google.com/bigquery-transfer/docs/cloud-storage-transfer#bq **NOTE** : If you are attempting to update a parameter that cannot be updated (due to api limitations) [please force recreation of the resource](https://www.terraform.io/cli/state/taint#forcing-re-creation-of-resources). +<<<<<<< HEAD + custom_flatten: templates/terraform/custom_flatten/json_to_string_map.go.erb + - !ruby/object:Api::Type::NestedObject + name: sensitiveParams + url_param_only: true +======= required: true custom_flatten: 'templates/terraform/custom_flatten/json_to_string_map.go.tmpl' - name: 'sensitiveParams' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Different parameters are configured primarily using the the `params` field on this resource. This block contains the parameters which contain secrets or passwords so that they can be marked @@ -218,6 +389,15 @@ properties: Credentials may not be specified in both locations and will cause an error. Changing from one location to a different credential configuration in the config will require an apply to update state. +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::String + name: secretAccessKey + required: true + description: | + The Secret Access Key of the AWS account transferring data from. + +======= url_param_only: true properties: - name: 'secretAccessKey' @@ -226,4 +406,5 @@ properties: The Secret Access Key of the AWS account transferring data from. required: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 sensitive: true diff --git a/mmv1/products/bigquerydatatransfer/go_Config.yaml b/mmv1/products/bigquerydatatransfer/go_Config.yaml new file mode 100644 index 000000000000..95ff8e1bbef9 --- /dev/null +++ b/mmv1/products/bigquerydatatransfer/go_Config.yaml @@ -0,0 +1,230 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Config' +description: | + Represents a data transfer configuration. A transfer configuration + contains all metadata needed to perform a data transfer. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/bigquery/docs/reference/datatransfer/rest/' + api: 'https://cloud.google.com/bigquery/docs/reference/datatransfer/rest/v1/projects.locations.transferConfigs/create' +docs: +id_format: '{{name}}' +base_url: 'projects/{{project}}/locations/{{location}}/transferConfigs?serviceAccountName={{service_account_name}}' +self_link: '{{name}}' +update_url: '{{name}}?serviceAccountName={{service_account_name}}' +update_verb: 'PATCH' +import_format: + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + constants: 'templates/terraform/constants/go/bigquery_data_transfer.go.tmpl' + encoder: 'templates/terraform/encoders/go/bigquery_data_transfer.go.tmpl' + decoder: 'templates/terraform/decoders/go/bigquery_data_transfer.go.tmpl' + post_create: 'templates/terraform/post_create/go/set_computed_name.tmpl' + pre_update: 'templates/terraform/pre_update/go/bigquerydatatransfer_config.tmpl' + custom_import: 'templates/terraform/custom_import/go/bigquery_data_transfer_self_link_as_name_set_location.go.tmpl' +custom_diff: + - 'sensitiveParamCustomizeDiff' + - 'paramsCustomizeDiff' +error_retry_predicates: + + - 'transport_tpg.IamMemberMissing' +examples: + - name: 'bigquerydatatransfer_config_scheduled_query' + primary_resource_id: 'query_config' + vars: + display_name: 'my-query' + dataset_id: 'my_dataset' + exclude_test: true + - name: 'bigquerydatatransfer_config_cmek' + primary_resource_id: 'query_config_cmek' + vars: + dataset_id: 'example_dataset' + key_name: 'example-key' + keyring_name: 'example-keyring' + exclude_test: true + - name: 'bigquerydatatransfer_config_salesforce' + primary_resource_id: 'salesforce_config' + vars: + display_name: 'my-salesforce-config' + dataset_id: 'my_dataset' + exclude_test: true +parameters: + - name: 'location' + type: String + description: | + The geographic location where the transfer config should reside. + Examples: US, EU, asia-northeast1. The default value is US. + url_param_only: true + immutable: true + ignore_read: true + default_value: "US" + - name: 'serviceAccountName' + type: String + description: | + Service account email. If this field is set, transfer config will + be created with this service account credentials. It requires that + requesting user calling this API has permissions to act as this service account. + url_param_only: true + default_value: "" +properties: + - name: 'displayName' + type: String + description: | + The user specified display name for the transfer config. + required: true + - name: 'name' + type: String + description: | + The resource name of the transfer config. Transfer config names have the + form projects/{projectId}/locations/{location}/transferConfigs/{configId} + or projects/{projectId}/transferConfigs/{configId}, + where configId is usually a uuid, but this is not required. + The name is ignored when creating a transfer config. + output: true + - name: 'destinationDatasetId' + type: String + description: | + The BigQuery target dataset id. + - name: 'dataSourceId' + type: String + description: | + The data source id. Cannot be changed once the transfer config is created. + required: true + immutable: true + - name: 'schedule' + type: String + description: | + Data transfer schedule. If the data source does not support a custom + schedule, this should be empty. If it is empty, the default value for + the data source will be used. The specified times are in UTC. Examples + of valid format: 1st,3rd monday of month 15:30, every wed,fri of jan, + jun 13:15, and first sunday of quarter 00:00. See more explanation + about the format here: + https://cloud.google.com/appengine/docs/flexible/python/scheduling-jobs-with-cron-yaml#the_schedule_format + NOTE: The minimum interval time between recurring transfers depends + on the data source; refer to the documentation for your data source. + - name: 'scheduleOptions' + type: NestedObject + description: | + Options customizing the data transfer schedule. + properties: + - name: 'disableAutoScheduling' + type: Boolean + description: | + If true, automatic scheduling of data transfer runs for this + configuration will be disabled. The runs can be started on ad-hoc + basis using transferConfigs.startManualRuns API. When automatic + scheduling is disabled, the TransferConfig.schedule field will + be ignored. + at_least_one_of: + - 'schedule_options.0.disable_auto_scheduling' + - 'schedule_options.0.start_time' + - 'schedule_options.0.end_time' + - name: 'startTime' + type: Time + description: | + Specifies time to start scheduling transfer runs. The first run will be + scheduled at or after the start time according to a recurrence pattern + defined in the schedule string. The start time can be changed at any + moment. The time when a data transfer can be triggered manually is not + limited by this option. + at_least_one_of: + - 'schedule_options.0.disable_auto_scheduling' + - 'schedule_options.0.start_time' + - 'schedule_options.0.end_time' + - name: 'endTime' + type: Time + description: | + Defines time to stop scheduling transfer runs. A transfer run cannot be + scheduled at or after the end time. The end time can be changed at any + moment. The time when a data transfer can be triggered manually is not + limited by this option. + at_least_one_of: + - 'schedule_options.0.disable_auto_scheduling' + - 'schedule_options.0.start_time' + - 'schedule_options.0.end_time' + - name: 'emailPreferences' + type: NestedObject + description: | + Email notifications will be sent according to these preferences to the + email address of the user who owns this transfer config. + properties: + - name: 'enableFailureEmail' + type: Boolean + description: | + If true, email notifications will be sent on transfer run failures. + required: true + - name: 'notificationPubsubTopic' + type: String + description: | + Pub/Sub topic where notifications will be sent after transfer runs + associated with this transfer config finish. + - name: 'dataRefreshWindowDays' + type: Integer + description: | + The number of days to look back to automatically refresh the data. + For example, if dataRefreshWindowDays = 10, then every day BigQuery + reingests data for [today-10, today-1], rather than ingesting data for + just [today-1]. Only valid if the data source supports the feature. + Set the value to 0 to use the default value. + - name: 'encryptionConfiguration' + type: NestedObject + description: | + Represents the encryption configuration for a transfer. + properties: + - name: 'kmsKeyName' + type: String + description: | + The name of the KMS key used for encrypting BigQuery data. + required: true + - name: 'disabled' + type: Boolean + description: | + When set to true, no runs are scheduled for a given transfer. + - name: 'params' + type: KeyValuePairs + description: | + Parameters specific to each data source. For more information see the bq tab in the 'Setting up a data transfer' + section for each data source. For example the parameters for Cloud Storage transfers are listed here: + https://cloud.google.com/bigquery-transfer/docs/cloud-storage-transfer#bq + + **NOTE** : If you are attempting to update a parameter that cannot be updated (due to api limitations) [please force recreation of the resource](https://www.terraform.io/cli/state/taint#forcing-re-creation-of-resources). + required: true + custom_flatten: 'templates/terraform/custom_flatten/go/json_to_string_map.go.tmpl' + - name: 'sensitiveParams' + type: NestedObject + description: | + Different parameters are configured primarily using the the `params` field on this + resource. This block contains the parameters which contain secrets or passwords so that they can be marked + sensitive and hidden from plan output. The name of the field, eg: secret_access_key, will be the key + in the `params` map in the api request. + + Credentials may not be specified in both locations and will cause an error. Changing from one location + to a different credential configuration in the config will require an apply to update state. + url_param_only: true + properties: + - name: 'secretAccessKey' + type: String + description: | + The Secret Access Key of the AWS account transferring data from. + + required: true + sensitive: true diff --git a/mmv1/products/bigquerydatatransfer/go_product.yaml b/mmv1/products/bigquerydatatransfer/go_product.yaml new file mode 100644 index 000000000000..da6899681aa6 --- /dev/null +++ b/mmv1/products/bigquerydatatransfer/go_product.yaml @@ -0,0 +1,22 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'BigqueryDataTransfer' +display_name: 'BigQuery Data Transfer' +versions: + - name: 'ga' + base_url: 'https://bigquerydatatransfer.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/bigquery' diff --git a/mmv1/products/bigquerydatatransfer/product.yaml b/mmv1/products/bigquerydatatransfer/product.yaml index b1acc0683c06..26289b794a7e 100644 --- a/mmv1/products/bigquerydatatransfer/product.yaml +++ b/mmv1/products/bigquerydatatransfer/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2019 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,17 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: BigqueryDataTransfer +display_name: BigQuery Data Transfer +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://bigquerydatatransfer.googleapis.com/v1/ +scopes: + - https://www.googleapis.com/auth/bigquery +======= --- name: 'BigqueryDataTransfer' display_name: 'BigQuery Data Transfer' @@ -19,3 +34,4 @@ versions: base_url: 'https://bigquerydatatransfer.googleapis.com/v1/' scopes: - 'https://www.googleapis.com/auth/bigquery' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/bigqueryreservation/BiReservation.yaml b/mmv1/products/bigqueryreservation/BiReservation.yaml index fbc551c53549..fbad8643e54f 100644 --- a/mmv1/products/bigqueryreservation/BiReservation.yaml +++ b/mmv1/products/bigqueryreservation/BiReservation.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,58 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'BiReservation' +base_url: 'projects/{{project}}/locations/{{location}}/biReservation' +self_link: 'projects/{{project}}/locations/{{location}}/biReservation' +create_verb: :PATCH +update_verb: :PATCH +update_mask: true +description: | + Represents a BI Reservation. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Introduction to Reservations': 'https://cloud.google.com/bigquery/docs/reservations-intro' + api: 'https://cloud.google.com/bigquery/docs/reference/reservations/rest/v1/BiReservation' +import_format: + [ + 'projects/{{project}}/locations/{{location}}/biReservation', + ] +custom_code: !ruby/object:Provider::Terraform::CustomCode + pre_create: templates/terraform/update_mask.erb + custom_delete: templates/terraform/custom_delete/clear_bigquery_bi_reservation.go.erb + test_check_destroy: templates/terraform/custom_check_destroy/bigquery_bi_reservation.go.erb +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_reservation_bi_reservation_basic' + external_providers: ["random", "time"] + primary_resource_id: 'reservation' + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_reservation_bi_reservation_full' + external_providers: ["random", "time"] + skip_docs: true + primary_resource_id: 'reservation' + test_env_vars: + project: :PROJECT_NAME +parameters: + - !ruby/object:Api::Type::String + name: 'location' + required: true + immutable: true + url_param_only: true + description: | + LOCATION_DESCRIPTION +properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + The resource name of the singleton BI reservation. Reservation names have the form `projects/{projectId}/locations/{locationId}/biReservation`. + - !ruby/object:Api::Type::Time + name: 'updateTime' + output: true +======= --- name: 'BiReservation' description: | @@ -61,10 +117,33 @@ properties: output: true - name: 'updateTime' type: Time +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The last update timestamp of a reservation. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'size' + description: | + Size of a reservation, in bytes. + - !ruby/object:Api::Type::Array + name: 'preferredTables' + description: | + Preferred tables to use BI capacity for. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'projectId' + description: | + The assigned project ID of the project. + - !ruby/object:Api::Type::String + name: 'datasetId' + description: | + The ID of the dataset in the above project. + - !ruby/object:Api::Type::String + name: 'tableId' +======= output: true - name: 'size' type: Integer @@ -87,5 +166,6 @@ properties: The ID of the dataset in the above project. - name: 'tableId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The ID of the table in the above dataset. diff --git a/mmv1/products/bigqueryreservation/CapacityCommitment.yaml b/mmv1/products/bigqueryreservation/CapacityCommitment.yaml index 805bb9cb87e7..732a045b22cb 100644 --- a/mmv1/products/bigqueryreservation/CapacityCommitment.yaml +++ b/mmv1/products/bigqueryreservation/CapacityCommitment.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,12 +15,55 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'CapacityCommitment' +base_url: projects/{{project}}/locations/{{location}}/capacityCommitments +create_url: projects/{{project}}/locations/{{location}}/capacityCommitments?capacityCommitmentId={{capacity_commitment_id}} +self_link: '{{name}}' +update_verb: :PATCH +update_mask: true +======= --- name: 'CapacityCommitment' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Capacity commitment is a way to purchase compute capacity for BigQuery jobs (in the form of slots) with some committed period of usage. Annual commitments renew by default. Commitments can be removed after their commitment end time passes. In order to remove annual commitment, its plan needs to be changed to monthly or flex first. +<<<<<<< HEAD +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Introduction to Reservations': 'https://cloud.google.com/bigquery/docs/reservations-intro' + api: 'https://cloud.google.com/bigquery/docs/reference/reservations/rest/v1/projects.locations.capacityCommitments' +id_format: '{{name}}' +import_format: + [ + 'projects/{{project}}/locations/{{location}}/capacityCommitments/{{capacity_commitment_id}}', + ] +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: templates/terraform/constants/bigquery_reservation_capacity_commitment.go.erb + custom_import: templates/terraform/custom_import/bigquery_reservation_capacity_commitment_set_id.go.erb +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_reservation_capacity_commitment_basic' + external_providers: ["random", "time"] + skip_docs: true + primary_resource_id: 'commitment' + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_reservation_capacity_commitment_no_id' + external_providers: ["random", "time"] + skip_docs: true + primary_resource_id: 'commitment' + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_reservation_capacity_commitment_docs' + skip_test: true +parameters: + - !ruby/object:Api::Type::String + name: 'capacityCommitmentId' + url_param_only: true + immutable: true +======= references: guides: 'Introduction to Reservations': 'https://cloud.google.com/bigquery/docs/reservations-intro' @@ -51,11 +98,70 @@ examples: parameters: - name: 'capacityCommitmentId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The optional capacity commitment ID. Capacity commitment name will be generated automatically if this field is empty. This field must only contain lower case alphanumeric characters or dashes. The first and last character cannot be a dash. Max length is 64 characters. NOTE: this ID won't be kept if the capacity commitment is split or merged. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'location' + url_param_only: true + immutable: true + default_value: US + description: | + The geographic location where the transfer config should reside. + Examples: US, EU, asia-northeast1. The default value is US. + - !ruby/object:Api::Type::String + name: 'enforceSingleAdminProjectPerOrg' + url_param_only: true + immutable: true + description: | + If true, fail the request if another project in the organization has a capacity commitment. +properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + The resource name of the capacity commitment, e.g., projects/myproject/locations/US/capacityCommitments/123 + - !ruby/object:Api::Type::Integer + name: 'slotCount' + required: true + immutable: true + description: | + Number of slots in this commitment. + - !ruby/object:Api::Type::String + name: 'plan' + required: true + description: | + Capacity commitment plan. Valid values are at https://cloud.google.com/bigquery/docs/reference/reservations/rpc/google.cloud.bigquery.reservation.v1#commitmentplan + diff_suppress_func: bigqueryReservationCapacityCommitmentPlanDiffSuppressFunc + - !ruby/object:Api::Type::String + name: 'state' + output: true + description: | + State of the commitment + - !ruby/object:Api::Type::Time + name: 'commitmentStartTime' + output: true + description: | + The start of the current commitment period. It is applicable only for ACTIVE capacity commitments. + - !ruby/object:Api::Type::Time + name: 'commitmentEndTime' + output: true + description: | + The start of the current commitment period. It is applicable only for ACTIVE capacity commitments. + - !ruby/object:Api::Type::String + name: 'renewalPlan' + description: | + The plan this capacity commitment is converted to after commitmentEndTime passes. Once the plan is changed, committed period is extended according to commitment plan. Only applicable for some commitment plans. + - !ruby/object:Api::Type::String + name: 'edition' + immutable: true + description: | + The edition type. Valid values are STANDARD, ENTERPRISE, ENTERPRISE_PLUS +======= url_param_only: true immutable: true - name: 'location' @@ -114,3 +220,4 @@ properties: description: | The edition type. Valid values are STANDARD, ENTERPRISE, ENTERPRISE_PLUS immutable: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/bigqueryreservation/Reservation.yaml b/mmv1/products/bigqueryreservation/Reservation.yaml index 6c9cadacc2c0..4bb12f6f9b9e 100644 --- a/mmv1/products/bigqueryreservation/Reservation.yaml +++ b/mmv1/products/bigqueryreservation/Reservation.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,24 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Reservation' +base_url: projects/{{project}}/locations/{{location}}/reservations +create_url: projects/{{project}}/locations/{{location}}/reservations?reservationId={{name}} +update_verb: :PATCH +update_mask: true +description: | + A reservation is a mechanism used to guarantee BigQuery slots to users. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Introduction to Reservations': 'https://cloud.google.com/bigquery/docs/reservations-intro' + api: 'https://cloud.google.com/bigquery/docs/reference/reservations/rest/v1/projects.locations.reservations/create' +skip_sweeper: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_reservation_basic' +======= --- name: 'Reservation' description: | @@ -32,10 +54,38 @@ custom_code: exclude_sweeper: true examples: - name: 'bigquery_reservation_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'reservation' vars: name: 'my-reservation' parameters: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'location' + url_param_only: true + immutable: true + default_value: US + description: | + The geographic location where the transfer config should reside. + Examples: US, EU, asia-northeast1. The default value is US. + - !ruby/object:Api::Type::String + name: 'name' + url_param_only: true + immutable: true + required: true + description: | + The name of the reservation. This field must only contain alphanumeric characters or dash. +properties: + - !ruby/object:Api::Type::Integer + name: 'slotCapacity' + required: true + description: | + Minimum slots available to this reservation. A slot is a unit of computational power in BigQuery, and serves as the + unit of parallelism. Queries using this reservation might use more slots during runtime if ignoreIdleSlots is set to false. + - !ruby/object:Api::Type::Boolean + name: 'ignoreIdleSlots' + default_value: false +======= - name: 'location' type: String description: | @@ -60,10 +110,36 @@ properties: required: true - name: 'ignoreIdleSlots' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If false, any query using this reservation will use idle slots from other reservations within the same admin project. If true, a query using this reservation will execute with the slot capacity specified above at most. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'concurrency' + default_value: 0 + description: | + Maximum number of queries that are allowed to run concurrently in this reservation. This is a soft limit due to asynchronous nature of the system and various optimizations for small queries. Default value is 0 which means that concurrency will be automatically set based on the reservation size. + - !ruby/object:Api::Type::String + name: 'edition' + immutable: true + default_from_api: true + description: | + The edition type. Valid values are STANDARD, ENTERPRISE, ENTERPRISE_PLUS + - !ruby/object:Api::Type::NestedObject + name: 'autoscale' + description: | + The configuration parameters for the auto scaling feature. + properties: + - !ruby/object:Api::Type::Integer + name: currentSlots + output: true + description: | + The slot capacity added to this reservation when autoscale happens. Will be between [0, max_slots]. + - !ruby/object:Api::Type::Integer + name: maxSlots +======= default_value: false - name: 'concurrency' type: Integer @@ -88,5 +164,6 @@ properties: output: true - name: 'maxSlots' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Number of slots to be scaled when needed. diff --git a/mmv1/products/bigqueryreservation/ReservationAssignment.yaml b/mmv1/products/bigqueryreservation/ReservationAssignment.yaml index 3675940666f3..12e03f6d37cd 100644 --- a/mmv1/products/bigqueryreservation/ReservationAssignment.yaml +++ b/mmv1/products/bigqueryreservation/ReservationAssignment.yaml @@ -1,5 +1,9 @@ # Copyright 2024 Google Inc. +<<<<<<< HEAD +# Licensed under the Apache License, Version 2.0 (the License); +======= # Licensed under the Apache License, Version 2.0 (the "License"); +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # @@ -11,6 +15,51 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: ReservationAssignment +base_url: 'projects/{{project}}/locations/{{location}}/reservations/{{reservation}}/assignments' +create_url: 'projects/{{project}}/locations/{{location}}/reservations/{{reservation}}/assignments' +self_link: 'projects/{{project}}/locations/{{location}}/reservations/{{reservation}}/assignments' +delete_url: 'projects/{{project}}/locations/{{location}}/reservations/{{reservation}}/assignments/{{name}}' +id_format: 'projects/{{project}}/locations/{{location}}/reservations/{{reservation}}/assignments/{{name}}' +import_format: + [ + 'projects/{{project}}/locations/{{location}}/reservations/{{reservation}}/assignments/{{name}}', + ] +nested_query: !ruby/object:Api::Resource::NestedQuery + keys: + - assignments +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Work with reservation assignments': 'https://cloud.google.com/bigquery/docs/reservations-assignments' + api: 'https://cloud.google.com/bigquery/docs/reference/reservations/rest/v1/projects.locations.reservations.assignments' +legacy_long_form_project: true +description: | + The BigqueryReservation Assignment resource. +immutable: true +custom_code: !ruby/object:Provider::Terraform::CustomCode + pre_create: templates/terraform/pre_create/bigquery_reservation_assignment.go.erb +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_reservation_assignment_basic' + primary_resource_id: 'assignment' + vars: + reservation_name: "example-reservation" + test_env_vars: + project: :PROJECT_NAME + - !ruby/object:Provider::Terraform::Examples + name: 'bigquery_reservation_assignment_full' + primary_resource_id: 'assignment' + skip_docs: true + vars: + reservation_name: "example-reservation" + test_env_vars: + project: :PROJECT_NAME +parameters: + - !ruby/object:Api::Type::String + name: location +======= --- name: 'ReservationAssignment' description: | @@ -57,16 +106,44 @@ examples: parameters: - name: 'location' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: The location for the resource url_param_only: true immutable: true default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: reservation + resource: reservation + imports: name +======= - name: 'reservation' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: The reservation for the resource url_param_only: true required: true immutable: true +<<<<<<< HEAD +properties: + - !ruby/object:Api::Type::String + name: name + description: Output only. The resource name of the assignment. + output: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + - !ruby/object:Api::Type::String + name: assignee + description: The resource which will use the reservation. E.g. projects/myproject, folders/123, organizations/456. + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - !ruby/object:Api::Type::String + name: jobType + description: | + Types of job, which could be specified when using the reservation. Possible values: JOB_TYPE_UNSPECIFIED, PIPELINE, QUERY + required: true + - !ruby/object:Api::Type::String + name: state +======= resource: 'reservation' imports: 'name' properties: @@ -87,6 +164,7 @@ properties: required: true - name: 'state' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Assignment will remain in PENDING state if no active capacity commitment is present. It will become ACTIVE when some capacity commitment becomes active. Possible values: STATE_UNSPECIFIED, PENDING, ACTIVE diff --git a/mmv1/products/bigqueryreservation/go_BiReservation.yaml b/mmv1/products/bigqueryreservation/go_BiReservation.yaml new file mode 100644 index 000000000000..be794901a8d8 --- /dev/null +++ b/mmv1/products/bigqueryreservation/go_BiReservation.yaml @@ -0,0 +1,92 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'BiReservation' +description: | + Represents a BI Reservation. +references: + guides: + 'Introduction to Reservations': 'https://cloud.google.com/bigquery/docs/reservations-intro' + api: 'https://cloud.google.com/bigquery/docs/reference/reservations/rest/v1/BiReservation' +docs: +base_url: 'projects/{{project}}/locations/{{location}}/biReservation' +self_link: 'projects/{{project}}/locations/{{location}}/biReservation' +create_verb: 'PATCH' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/biReservation' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + pre_create: 'templates/terraform/update_mask.go.tmpl' + custom_delete: 'templates/terraform/custom_delete/go/clear_bigquery_bi_reservation.go.tmpl' + test_check_destroy: 'templates/terraform/custom_check_destroy/go/bigquery_bi_reservation.go.tmpl' +examples: + - name: 'bigquery_reservation_bi_reservation_basic' + primary_resource_id: 'reservation' + external_providers: ["random", "time"] + - name: 'bigquery_reservation_bi_reservation_full' + primary_resource_id: 'reservation' + test_env_vars: + project: 'PROJECT_NAME' + external_providers: ["random", "time"] + exclude_docs: true +parameters: + - name: 'location' + type: String + description: | + LOCATION_DESCRIPTION + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: | + The resource name of the singleton BI reservation. Reservation names have the form `projects/{projectId}/locations/{locationId}/biReservation`. + output: true + - name: 'updateTime' + type: Time + description: | + The last update timestamp of a reservation. + + A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + output: true + - name: 'size' + type: Integer + description: | + Size of a reservation, in bytes. + - name: 'preferredTables' + type: Array + description: | + Preferred tables to use BI capacity for. + item_type: + type: NestedObject + properties: + - name: 'projectId' + type: String + description: | + The assigned project ID of the project. + - name: 'datasetId' + type: String + description: | + The ID of the dataset in the above project. + - name: 'tableId' + type: String + description: | + The ID of the table in the above dataset. diff --git a/mmv1/products/bigqueryreservation/go_CapacityCommitment.yaml b/mmv1/products/bigqueryreservation/go_CapacityCommitment.yaml new file mode 100644 index 000000000000..d07e5e926c9d --- /dev/null +++ b/mmv1/products/bigqueryreservation/go_CapacityCommitment.yaml @@ -0,0 +1,117 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'CapacityCommitment' +description: | + Capacity commitment is a way to purchase compute capacity for BigQuery jobs (in the form of slots) with some committed period of usage. Annual commitments renew by default. Commitments can be removed after their commitment end time passes. + + In order to remove annual commitment, its plan needs to be changed to monthly or flex first. +references: + guides: + 'Introduction to Reservations': 'https://cloud.google.com/bigquery/docs/reservations-intro' + api: 'https://cloud.google.com/bigquery/docs/reference/reservations/rest/v1/projects.locations.capacityCommitments' +docs: +id_format: '{{name}}' +base_url: 'projects/{{project}}/locations/{{location}}/capacityCommitments' +self_link: '{{name}}' +create_url: 'projects/{{project}}/locations/{{location}}/capacityCommitments?capacityCommitmentId={{capacity_commitment_id}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/capacityCommitments/{{capacity_commitment_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + constants: 'templates/terraform/constants/go/bigquery_reservation_capacity_commitment.go.tmpl' + custom_import: 'templates/terraform/custom_import/go/bigquery_reservation_capacity_commitment_set_id.go.tmpl' +examples: + - name: 'bigquery_reservation_capacity_commitment_basic' + primary_resource_id: 'commitment' + external_providers: ["random", "time"] + exclude_docs: true + - name: 'bigquery_reservation_capacity_commitment_no_id' + primary_resource_id: 'commitment' + external_providers: ["random", "time"] + exclude_docs: true + - name: 'bigquery_reservation_capacity_commitment_docs' + exclude_test: true +parameters: + - name: 'capacityCommitmentId' + type: String + description: | + The optional capacity commitment ID. Capacity commitment name will be generated automatically if this field is + empty. This field must only contain lower case alphanumeric characters or dashes. The first and last character + cannot be a dash. Max length is 64 characters. NOTE: this ID won't be kept if the capacity commitment is split + or merged. + url_param_only: true + immutable: true + - name: 'location' + type: String + description: | + The geographic location where the transfer config should reside. + Examples: US, EU, asia-northeast1. The default value is US. + url_param_only: true + immutable: true + default_value: "US" + - name: 'enforceSingleAdminProjectPerOrg' + type: String + description: | + If true, fail the request if another project in the organization has a capacity commitment. + url_param_only: true + immutable: true +properties: + - name: 'name' + type: String + description: | + The resource name of the capacity commitment, e.g., projects/myproject/locations/US/capacityCommitments/123 + output: true + - name: 'slotCount' + type: Integer + description: | + Number of slots in this commitment. + required: true + immutable: true + - name: 'plan' + type: String + description: | + Capacity commitment plan. Valid values are at https://cloud.google.com/bigquery/docs/reference/reservations/rpc/google.cloud.bigquery.reservation.v1#commitmentplan + required: true + diff_suppress_func: 'bigqueryReservationCapacityCommitmentPlanDiffSuppressFunc' + - name: 'state' + type: String + description: | + State of the commitment + output: true + - name: 'commitmentStartTime' + type: Time + description: | + The start of the current commitment period. It is applicable only for ACTIVE capacity commitments. + output: true + - name: 'commitmentEndTime' + type: Time + description: | + The start of the current commitment period. It is applicable only for ACTIVE capacity commitments. + output: true + - name: 'renewalPlan' + type: String + description: | + The plan this capacity commitment is converted to after commitmentEndTime passes. Once the plan is changed, committed period is extended according to commitment plan. Only applicable for some commitment plans. + - name: 'edition' + type: String + description: | + The edition type. Valid values are STANDARD, ENTERPRISE, ENTERPRISE_PLUS + immutable: true diff --git a/mmv1/products/bigqueryreservation/go_Reservation.yaml b/mmv1/products/bigqueryreservation/go_Reservation.yaml new file mode 100644 index 000000000000..152d81c3200f --- /dev/null +++ b/mmv1/products/bigqueryreservation/go_Reservation.yaml @@ -0,0 +1,93 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Reservation' +description: | + A reservation is a mechanism used to guarantee BigQuery slots to users. +references: + guides: + 'Introduction to Reservations': 'https://cloud.google.com/bigquery/docs/reservations-intro' + api: 'https://cloud.google.com/bigquery/docs/reference/reservations/rest/v1/projects.locations.reservations/create' +docs: +base_url: 'projects/{{project}}/locations/{{location}}/reservations' +create_url: 'projects/{{project}}/locations/{{location}}/reservations?reservationId={{name}}' +update_verb: 'PATCH' +update_mask: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: +exclude_sweeper: true +examples: + - name: 'bigquery_reservation_basic' + primary_resource_id: 'reservation' + vars: + name: 'my-reservation' +parameters: + - name: 'location' + type: String + description: | + The geographic location where the transfer config should reside. + Examples: US, EU, asia-northeast1. The default value is US. + url_param_only: true + immutable: true + default_value: "US" + - name: 'name' + type: String + description: | + The name of the reservation. This field must only contain alphanumeric characters or dash. + url_param_only: true + required: true + immutable: true +properties: + - name: 'slotCapacity' + type: Integer + description: | + Minimum slots available to this reservation. A slot is a unit of computational power in BigQuery, and serves as the + unit of parallelism. Queries using this reservation might use more slots during runtime if ignoreIdleSlots is set to false. + required: true + - name: 'ignoreIdleSlots' + type: Boolean + description: | + If false, any query using this reservation will use idle slots from other reservations within + the same admin project. If true, a query using this reservation will execute with the slot + capacity specified above at most. + default_value: false + - name: 'concurrency' + type: Integer + description: | + Maximum number of queries that are allowed to run concurrently in this reservation. This is a soft limit due to asynchronous nature of the system and various optimizations for small queries. Default value is 0 which means that concurrency will be automatically set based on the reservation size. + default_value: 0 + - name: 'edition' + type: String + description: | + The edition type. Valid values are STANDARD, ENTERPRISE, ENTERPRISE_PLUS + immutable: true + default_from_api: true + - name: 'autoscale' + type: NestedObject + description: | + The configuration parameters for the auto scaling feature. + properties: + - name: 'currentSlots' + type: Integer + description: | + The slot capacity added to this reservation when autoscale happens. Will be between [0, max_slots]. + output: true + - name: 'maxSlots' + type: Integer + description: | + Number of slots to be scaled when needed. diff --git a/mmv1/products/bigqueryreservation/go_ReservationAssignment.yaml b/mmv1/products/bigqueryreservation/go_ReservationAssignment.yaml new file mode 100644 index 000000000000..075348b6d819 --- /dev/null +++ b/mmv1/products/bigqueryreservation/go_ReservationAssignment.yaml @@ -0,0 +1,94 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'ReservationAssignment' +description: | + The BigqueryReservation Assignment resource. +references: + guides: + 'Work with reservation assignments': 'https://cloud.google.com/bigquery/docs/reservations-assignments' + api: 'https://cloud.google.com/bigquery/docs/reference/reservations/rest/v1/projects.locations.reservations.assignments' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/reservations/{{reservation}}/assignments/{{name}}' +base_url: 'projects/{{project}}/locations/{{location}}/reservations/{{reservation}}/assignments' +self_link: 'projects/{{project}}/locations/{{location}}/reservations/{{reservation}}/assignments' +create_url: 'projects/{{project}}/locations/{{location}}/reservations/{{reservation}}/assignments' +delete_url: 'projects/{{project}}/locations/{{location}}/reservations/{{reservation}}/assignments/{{name}}' +immutable: true +import_format: + - 'projects/{{project}}/locations/{{location}}/reservations/{{reservation}}/assignments/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +nested_query: + keys: + - assignments + is_list_of_ids: false + modify_by_patch: false +custom_code: + pre_create: 'templates/terraform/pre_create/go/bigquery_reservation_assignment.go.tmpl' +legacy_long_form_project: true +examples: + - name: 'bigquery_reservation_assignment_basic' + primary_resource_id: 'assignment' + vars: + reservation_name: 'example-reservation' + test_env_vars: + project: 'PROJECT_NAME' + - name: 'bigquery_reservation_assignment_full' + primary_resource_id: 'assignment' + vars: + reservation_name: 'example-reservation' + test_env_vars: + project: 'PROJECT_NAME' + exclude_docs: true +parameters: + - name: 'location' + type: String + description: The location for the resource + url_param_only: true + immutable: true + default_from_api: true + - name: 'reservation' + type: ResourceRef + description: The reservation for the resource + url_param_only: true + required: true + immutable: true + resource: 'reservation' + imports: 'name' +properties: + - name: 'name' + type: String + description: Output only. The resource name of the assignment. + output: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + - name: 'assignee' + type: String + description: The resource which will use the reservation. E.g. projects/myproject, folders/123, organizations/456. + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - name: 'jobType' + type: String + description: | + Types of job, which could be specified when using the reservation. Possible values: JOB_TYPE_UNSPECIFIED, PIPELINE, QUERY + required: true + - name: 'state' + type: String + description: | + Assignment will remain in PENDING state if no active capacity commitment is present. It will become ACTIVE when some capacity commitment becomes active. + Possible values: STATE_UNSPECIFIED, PENDING, ACTIVE + output: true diff --git a/mmv1/products/bigqueryreservation/go_product.yaml b/mmv1/products/bigqueryreservation/go_product.yaml new file mode 100644 index 000000000000..ca19493e7edc --- /dev/null +++ b/mmv1/products/bigqueryreservation/go_product.yaml @@ -0,0 +1,47 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +<<<<<<<< HEAD:mmv1/products/bigqueryreservation/go_product.yaml +name: 'BigqueryReservation' +legacy_name: 'bigquery' +display_name: 'BigQuery Reservation' +versions: + - name: 'beta' + base_url: 'https://bigqueryreservation.googleapis.com/v1/' + - name: 'ga' + base_url: 'https://bigqueryreservation.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/bigquery' +======== +name: 'TPU' +display_name: 'Cloud TPU' +versions: + - name: 'ga' + base_url: 'https://tpu.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' +async: + type: "OpAsync" + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +>>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856:mmv1/products/tpu/product.yaml diff --git a/mmv1/products/bigqueryreservation/product.yaml b/mmv1/products/bigqueryreservation/product.yaml index a9553d41fd18..0cb5a25d2889 100644 --- a/mmv1/products/bigqueryreservation/product.yaml +++ b/mmv1/products/bigqueryreservation/product.yaml @@ -1,3 +1,17 @@ +<<<<<<< HEAD +<<<<<<<< HEAD:mmv1/products/bigqueryreservation/product.yaml +# Copyright 2020 Google Inc. +======== +# Copyright 2022 Google LLC. All Rights Reserved. +# +>>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856:tpgtools/api/clouddeploy/samples/canary_service_networking_delivery_pipeline.yaml +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +======= # Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -5,11 +19,46 @@ # # http://www.apache.org/licenses/LICENSE-2.0 # +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +name: canary_service_networking_delivery_pipeline +description: Creates a basic Cloud Deploy delivery pipeline +type: delivery_pipeline +versions: +- beta +resource: samples/basic.delivery_pipeline.json +updates: +- resource: samples/updatecanaryservicenetworking.delivery_pipeline.json +variables: +- name: project + type: project +- name: region + type: region +- name: pipeline + type: resource_name + +<<<<<<<< HEAD:mmv1/products/bigqueryreservation/product.yaml +--- !ruby/object:Api::Product +name: BigqueryReservation +display_name: BigQuery Reservation +legacy_name: bigquery +versions: + - !ruby/object:Api::Product::Version + name: beta + base_url: https://bigqueryreservation.googleapis.com/v1/ + - !ruby/object:Api::Product::Version + name: ga + base_url: https://bigqueryreservation.googleapis.com/v1/ +scopes: + - https://www.googleapis.com/auth/bigquery +======== +>>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856:tpgtools/api/clouddeploy/samples/canary_service_networking_delivery_pipeline.yaml +======= --- name: 'BigqueryReservation' @@ -22,3 +71,4 @@ versions: base_url: 'https://bigqueryreservation.googleapis.com/v1/' scopes: - 'https://www.googleapis.com/auth/bigquery' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/bigtable/AppProfile.yaml b/mmv1/products/bigtable/AppProfile.yaml index 61a71571806c..49c4511cde1b 100644 --- a/mmv1/products/bigtable/AppProfile.yaml +++ b/mmv1/products/bigtable/AppProfile.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,29 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'AppProfile' +kind: 'bigtable#appProfile' +base_url: projects/{{project}}/instances/{{instance}}/appProfiles?appProfileId={{app_profile_id}} +create_url: projects/{{project}}/instances/{{instance}}/appProfiles?appProfileId={{app_profile_id}}&ignoreWarnings={{ignore_warnings}} +delete_url: projects/{{project}}/instances/{{instance}}/appProfiles/{{app_profile_id}}?ignoreWarnings={{ignore_warnings}} +update_url: projects/{{project}}/instances/{{instance}}/appProfiles/{{app_profile_id}}?ignoreWarnings={{ignore_warnings}} +update_verb: :PATCH +update_mask: true +self_link: 'projects/{{project}}/instances/{{instance}}/appProfiles/{{app_profile_id}}' +description: | + App profile is a configuration object describing how Cloud Bigtable should treat traffic from a particular end user application. +references: !ruby/object:Api::Resource::ReferenceLinks + api: 'https://cloud.google.com/bigtable/docs/reference/admin/rest/v2/projects.instances.appProfiles' +id_format: 'projects/{{project}}/instances/{{instance}}/appProfiles/{{app_profile_id}}' +import_format: + ['projects/{{project}}/instances/{{instance}}/appProfiles/{{app_profile_id}}'] +skip_sweeper: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'bigtable_app_profile_anycluster' +======= --- name: 'AppProfile' kind: 'bigtable#appProfile' @@ -41,61 +68,132 @@ custom_code: exclude_sweeper: true examples: - name: 'bigtable_app_profile_anycluster' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'ap' vars: instance_name: 'bt-instance' app_profile_name: 'bt-profile' deletion_protection: 'true' test_vars_overrides: +<<<<<<< HEAD + deletion_protection: 'false' + oics_vars_overrides: + deletion_protection: 'false' +======= 'deletion_protection': 'false' oics_vars_overrides: 'deletion_protection': 'false' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 ignore_read_extra: - 'ignore_warnings' # bigtable instance does not use the shared HTTP client, this test creates an instance skip_vcr: true +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'bigtable_app_profile_singlecluster' +======= - name: 'bigtable_app_profile_singlecluster' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'ap' vars: instance_name: 'bt-instance' app_profile_name: 'bt-profile' deletion_protection: 'true' test_vars_overrides: +<<<<<<< HEAD + deletion_protection: 'false' + oics_vars_overrides: + deletion_protection: 'false' +======= 'deletion_protection': 'false' oics_vars_overrides: 'deletion_protection': 'false' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 ignore_read_extra: - 'ignore_warnings' # bigtable instance does not use the shared HTTP client, this test creates an instance skip_vcr: true +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'bigtable_app_profile_multicluster' +======= - name: 'bigtable_app_profile_multicluster' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'ap' vars: instance_name: 'bt-instance' app_profile_name: 'bt-profile' deletion_protection: 'true' test_vars_overrides: +<<<<<<< HEAD + deletion_protection: 'false' + oics_vars_overrides: + deletion_protection: 'false' +======= 'deletion_protection': 'false' oics_vars_overrides: 'deletion_protection': 'false' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 ignore_read_extra: - 'ignore_warnings' # bigtable instance does not use the shared HTTP client, this test creates an instance skip_vcr: true +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'bigtable_app_profile_priority' +======= - name: 'bigtable_app_profile_priority' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'ap' vars: instance_name: 'bt-instance' app_profile_name: 'bt-profile' deletion_protection: 'true' test_vars_overrides: +<<<<<<< HEAD + deletion_protection: 'false' + oics_vars_overrides: + deletion_protection: 'false' +======= 'deletion_protection': 'false' oics_vars_overrides: 'deletion_protection': 'false' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 ignore_read_extra: - 'ignore_warnings' # bigtable instance does not use the shared HTTP client, this test creates an instance skip_vcr: true +<<<<<<< HEAD +custom_code: !ruby/object:Provider::Terraform::CustomCode + encoder: templates/terraform/encoders/bigtable_app_profile.go.erb + extra_schema_entry: templates/terraform/extra_schema_entry/bigtable_app_profile.go.erb + pre_update: templates/terraform/pre_update/bigtable_app_profile.go.erb + +parameters: + - !ruby/object:Api::Type::String + name: 'appProfileId' + description: + 'The unique name of the app profile in the form + `[_a-zA-Z0-9][-_.a-zA-Z0-9]*`.' + required: true + immutable: true + url_param_only: true + - !ruby/object:Api::Type::String + name: 'instance' + description: 'The name of the instance to create the app profile within.' + immutable: true + url_param_only: true + diff_suppress_func: tpgresource.CompareResourceNames + - !ruby/object:Api::Type::Boolean + name: 'ignoreWarnings' + description: + 'If true, ignore safety checks when deleting/updating the app profile.' + default_value: false + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'name' +======= parameters: - name: 'appProfileId' type: String @@ -120,20 +218,74 @@ parameters: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: 'The unique name of the requested app profile. Values are of the form `projects//instances//appProfiles/`.' output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'description' + description: | + Long form description of the use case for this app profile. + - !ruby/object:Api::Type::Boolean + name: 'multiClusterRoutingUseAny' + exactly_one_of: + - single_cluster_routing + - multi_cluster_routing_use_any +======= - name: 'description' type: String description: | Long form description of the use case for this app profile. - name: 'multiClusterRoutingUseAny' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If true, read/write requests are routed to the nearest cluster in the instance, and will fail over to the nearest cluster that is available in the event of transient errors or delays. Clusters in a region are considered equidistant. Choosing this option sacrifices read-your-writes consistency to improve availability. +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/bigtable_app_profile_routing.erb' + custom_flatten: 'templates/terraform/custom_flatten/bigtable_app_profile_routing.erb' + - !ruby/object:Api::Type::NestedObject + name: 'singleClusterRouting' + exactly_one_of: + - single_cluster_routing + - multi_cluster_routing_use_any + description: | + Use a single-cluster routing policy. + properties: + - !ruby/object:Api::Type::String + name: 'clusterId' + required: true + description: | + The cluster to which read/write requests should be routed. + - !ruby/object:Api::Type::Boolean + name: 'allowTransactionalWrites' + description: | + If true, CheckAndMutateRow and ReadModifyWriteRow requests are allowed by this app profile. + It is unsafe to send these requests to the same table/row/column in multiple clusters. + - !ruby/object:Api::Type::NestedObject + name: 'standardIsolation' + default_from_api: true + description: | + The standard options used for isolating this app profile's traffic from other use cases. + conflicts: + - data_boost_isolation_read_only + properties: + - !ruby/object:Api::Type::Enum + name: 'priority' + required: true + description: | + The priority of requests sent using this app profile. + values: + - :PRIORITY_LOW + - :PRIORITY_MEDIUM + - :PRIORITY_HIGH + - !ruby/object:Api::Type::NestedObject + name: 'dataBoostIsolationReadOnly' +======= exactly_one_of: - 'single_cluster_routing' - 'multi_cluster_routing_use_any' @@ -176,11 +328,21 @@ properties: - 'PRIORITY_HIGH' - name: 'dataBoostIsolationReadOnly' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies that this app profile is intended for read-only usage via the Data Boost feature. conflicts: - standard_isolation properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'computeBillingOwner' + required: true + description: | + The Compute Billing Owner for this Data Boost App Profile. + values: + - :HOST_PAYS +======= - name: 'computeBillingOwner' type: Enum description: | @@ -188,3 +350,4 @@ properties: required: true enum_values: - 'HOST_PAYS' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/bigtable/go_AppProfile.yaml b/mmv1/products/bigtable/go_AppProfile.yaml new file mode 100644 index 000000000000..9b1eb6507a6f --- /dev/null +++ b/mmv1/products/bigtable/go_AppProfile.yaml @@ -0,0 +1,191 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'AppProfile' +kind: 'bigtable#appProfile' +description: | + App profile is a configuration object describing how Cloud Bigtable should treat traffic from a particular end user application. +references: + guides: + api: 'https://cloud.google.com/bigtable/docs/reference/admin/rest/v2/projects.instances.appProfiles' +docs: +id_format: 'projects/{{project}}/instances/{{instance}}/appProfiles/{{app_profile_id}}' +base_url: 'projects/{{project}}/instances/{{instance}}/appProfiles?appProfileId={{app_profile_id}}' +self_link: 'projects/{{project}}/instances/{{instance}}/appProfiles/{{app_profile_id}}' +create_url: 'projects/{{project}}/instances/{{instance}}/appProfiles?appProfileId={{app_profile_id}}&ignoreWarnings={{ignore_warnings}}' +update_url: 'projects/{{project}}/instances/{{instance}}/appProfiles/{{app_profile_id}}?ignoreWarnings={{ignore_warnings}}' +update_verb: 'PATCH' +update_mask: true +delete_url: 'projects/{{project}}/instances/{{instance}}/appProfiles/{{app_profile_id}}?ignoreWarnings={{ignore_warnings}}' +import_format: + - 'projects/{{project}}/instances/{{instance}}/appProfiles/{{app_profile_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + extra_schema_entry: 'templates/terraform/extra_schema_entry/go/bigtable_app_profile.go.tmpl' + encoder: 'templates/terraform/encoders/go/bigtable_app_profile.go.tmpl' + pre_update: 'templates/terraform/pre_update/go/bigtable_app_profile.go.tmpl' +exclude_sweeper: true +examples: + - name: 'bigtable_app_profile_anycluster' + primary_resource_id: 'ap' + vars: + instance_name: 'bt-instance' + app_profile_name: 'bt-profile' + deletion_protection: 'true' + test_vars_overrides: + 'deletion_protection': 'false' + oics_vars_overrides: + 'deletion_protection': 'false' + ignore_read_extra: + - 'ignore_warnings' + # bigtable instance does not use the shared HTTP client, this test creates an instance + skip_vcr: true + - name: 'bigtable_app_profile_singlecluster' + primary_resource_id: 'ap' + vars: + instance_name: 'bt-instance' + app_profile_name: 'bt-profile' + deletion_protection: 'true' + test_vars_overrides: + 'deletion_protection': 'false' + oics_vars_overrides: + 'deletion_protection': 'false' + ignore_read_extra: + - 'ignore_warnings' + # bigtable instance does not use the shared HTTP client, this test creates an instance + skip_vcr: true + - name: 'bigtable_app_profile_multicluster' + primary_resource_id: 'ap' + vars: + instance_name: 'bt-instance' + app_profile_name: 'bt-profile' + deletion_protection: 'true' + test_vars_overrides: + 'deletion_protection': 'false' + oics_vars_overrides: + 'deletion_protection': 'false' + ignore_read_extra: + - 'ignore_warnings' + # bigtable instance does not use the shared HTTP client, this test creates an instance + skip_vcr: true + - name: 'bigtable_app_profile_priority' + primary_resource_id: 'ap' + vars: + instance_name: 'bt-instance' + app_profile_name: 'bt-profile' + deletion_protection: 'true' + test_vars_overrides: + 'deletion_protection': 'false' + oics_vars_overrides: + 'deletion_protection': 'false' + ignore_read_extra: + - 'ignore_warnings' + # bigtable instance does not use the shared HTTP client, this test creates an instance + skip_vcr: true +parameters: + - name: 'appProfileId' + type: String + description: + 'The unique name of the app profile in the form + `[_a-zA-Z0-9][-_.a-zA-Z0-9]*`.' + url_param_only: true + required: true + immutable: true + - name: 'instance' + type: String + description: 'The name of the instance to create the app profile within.' + url_param_only: true + immutable: true + diff_suppress_func: 'tpgresource.CompareResourceNames' + - name: 'ignoreWarnings' + type: Boolean + description: + 'If true, ignore safety checks when deleting/updating the app profile.' + url_param_only: true + default_value: false +properties: + - name: 'name' + type: String + description: + 'The unique name of the requested app profile. Values are of the form + `projects//instances//appProfiles/`.' + output: true + - name: 'description' + type: String + description: | + Long form description of the use case for this app profile. + - name: 'multiClusterRoutingUseAny' + type: Boolean + description: | + If true, read/write requests are routed to the nearest cluster in the instance, and will fail over to the nearest cluster that is available + in the event of transient errors or delays. Clusters in a region are considered equidistant. Choosing this option sacrifices read-your-writes + consistency to improve availability. + exactly_one_of: + - 'single_cluster_routing' + - 'multi_cluster_routing_use_any' + custom_flatten: 'templates/terraform/custom_flatten/go/bigtable_app_profile_routing.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/bigtable_app_profile_routing.tmpl' + - name: 'singleClusterRouting' + type: NestedObject + description: | + Use a single-cluster routing policy. + exactly_one_of: + - 'single_cluster_routing' + - 'multi_cluster_routing_use_any' + properties: + - name: 'clusterId' + type: String + description: | + The cluster to which read/write requests should be routed. + required: true + - name: 'allowTransactionalWrites' + type: Boolean + description: | + If true, CheckAndMutateRow and ReadModifyWriteRow requests are allowed by this app profile. + It is unsafe to send these requests to the same table/row/column in multiple clusters. + - name: 'standardIsolation' + type: NestedObject + description: | + The standard options used for isolating this app profile's traffic from other use cases. + default_from_api: true + conflicts: + - data_boost_isolation_read_only + properties: + - name: 'priority' + type: Enum + description: | + The priority of requests sent using this app profile. + required: true + enum_values: + - 'PRIORITY_LOW' + - 'PRIORITY_MEDIUM' + - 'PRIORITY_HIGH' + - name: 'dataBoostIsolationReadOnly' + type: NestedObject + description: | + Specifies that this app profile is intended for read-only usage via the Data Boost feature. + conflicts: + - standard_isolation + properties: + - name: 'computeBillingOwner' + type: Enum + description: | + The Compute Billing Owner for this Data Boost App Profile. + required: true + enum_values: + - 'HOST_PAYS' diff --git a/mmv1/products/bigtable/go_product.yaml b/mmv1/products/bigtable/go_product.yaml new file mode 100644 index 000000000000..60e5015db2c0 --- /dev/null +++ b/mmv1/products/bigtable/go_product.yaml @@ -0,0 +1,22 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Bigtable' +display_name: 'Cloud Bigtable' +versions: + - name: 'ga' + base_url: 'https://bigtableadmin.googleapis.com/v2/' +scopes: + - 'https://www.googleapis.com/auth/bigtable' diff --git a/mmv1/products/bigtable/product.yaml b/mmv1/products/bigtable/product.yaml index fad51306e1b8..76d6fede5d4f 100644 --- a/mmv1/products/bigtable/product.yaml +++ b/mmv1/products/bigtable/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2017 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,17 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: Bigtable +display_name: Cloud Bigtable +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://bigtableadmin.googleapis.com/v2/ +scopes: + - https://www.googleapis.com/auth/bigtable +======= --- name: 'Bigtable' display_name: 'Cloud Bigtable' @@ -19,3 +34,4 @@ versions: base_url: 'https://bigtableadmin.googleapis.com/v2/' scopes: - 'https://www.googleapis.com/auth/bigtable' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/billing/ProjectInfo.yaml b/mmv1/products/billing/ProjectInfo.yaml index b33a18ec292a..2a28f6fd2ee1 100644 --- a/mmv1/products/billing/ProjectInfo.yaml +++ b/mmv1/products/billing/ProjectInfo.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,37 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: ProjectInfo +base_url: 'projects/{{project}}/billingInfo' +create_verb: :PUT +delete_verb: :PUT +description: | + Billing information for a project. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Enable, disable, or change billing for a project': 'https://cloud.google.com/billing/docs/how-to/modify-project' + api: 'https://cloud.google.com/billing/docs/reference/rest/v1/projects' +id_format: 'projects/{{project}}' +custom_code: !ruby/object:Provider::Terraform::CustomCode + decoder: templates/terraform/decoders/billing_project_info.go.erb + encoder: templates/terraform/encoders/billing_project_info.go.erb + test_check_destroy: templates/terraform/custom_check_destroy/billing_project_info.go.erb +import_format: + ['projects/{{%project}}', '{{%project}}'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'billing_project_info_basic' + primary_resource_id: 'default' + skip_import_test: true + test_env_vars: + billing_account: :BILLING_ACCT + org_id: :ORG_ID +properties: + - !ruby/object:Api::Type::String + name: billing_account +======= --- name: 'ProjectInfo' description: | @@ -46,6 +81,7 @@ parameters: properties: - name: 'billing_account' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The ID of the billing account associated with the project, if any. Set to empty string to disable billing for the project. diff --git a/mmv1/products/billing/go_ProjectInfo.yaml b/mmv1/products/billing/go_ProjectInfo.yaml new file mode 100644 index 000000000000..744577ddd753 --- /dev/null +++ b/mmv1/products/billing/go_ProjectInfo.yaml @@ -0,0 +1,54 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'ProjectInfo' +description: | + Billing information for a project. +references: + guides: + 'Enable, disable, or change billing for a project': 'https://cloud.google.com/billing/docs/how-to/modify-project' + api: 'https://cloud.google.com/billing/docs/reference/rest/v1/projects' +docs: +id_format: 'projects/{{project}}' +base_url: 'projects/{{project}}/billingInfo' +create_verb: 'PUT' +delete_verb: 'PUT' +import_format: + - 'projects/{{%project}}' + - '{{%project}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + encoder: 'templates/terraform/encoders/go/billing_project_info.go.tmpl' + decoder: 'templates/terraform/decoders/go/billing_project_info.go.tmpl' + test_check_destroy: 'templates/terraform/custom_check_destroy/go/billing_project_info.go.tmpl' +examples: + - name: 'billing_project_info_basic' + primary_resource_id: 'default' + test_env_vars: + billing_account: 'BILLING_ACCT' + org_id: 'ORG_ID' + exclude_import_test: true +parameters: +properties: + - name: 'billing_account' + type: String + description: | + The ID of the billing account associated with the project, if + any. Set to empty string to disable billing for the project. + For example, `"012345-567890-ABCDEF"` or `""`. + required: true diff --git a/mmv1/products/billing/go_product.yaml b/mmv1/products/billing/go_product.yaml new file mode 100644 index 000000000000..73fc53ab3204 --- /dev/null +++ b/mmv1/products/billing/go_product.yaml @@ -0,0 +1,23 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'CoreBilling' +legacy_name: 'billing' +display_name: 'Cloud Billing' +versions: + - name: 'ga' + base_url: 'https://cloudbilling.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/billing/product.yaml b/mmv1/products/billing/product.yaml index 3691bfe22f5a..85ded6d3c875 100644 --- a/mmv1/products/billing/product.yaml +++ b/mmv1/products/billing/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,21 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +# "Billing" is already used by the Billing Budgets product, so we're +# forced to use a fake name and to specify `legacy_name` to have all +# resources in the `billing` namespace +name: CoreBilling +display_name: Cloud Billing +legacy_name: billing +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://cloudbilling.googleapis.com/v1/ +scopes: + - https://www.googleapis.com/auth/cloud-platform +======= --- name: 'CoreBilling' legacy_name: 'billing' @@ -20,3 +39,4 @@ versions: base_url: 'https://cloudbilling.googleapis.com/v1/' scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/billingbudget/Budget.yaml b/mmv1/products/billingbudget/Budget.yaml index 54551074a0f0..d7312a8d2137 100644 --- a/mmv1/products/billingbudget/Budget.yaml +++ b/mmv1/products/billingbudget/Budget.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,23 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: Budget +base_url: billingAccounts/{{billing_account}}/budgets +self_link: 'billingAccounts/{{billing_account}}/budgets/{{name}}' +update_verb: :PATCH +update_mask: true +description: | + Budget configuration for a billing account. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Creating a budget': 'https://cloud.google.com/billing/docs/how-to/budgets' + api: 'https://cloud.google.com/billing/docs/reference/budget/rest/v1/billingAccounts.budgets' +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: templates/terraform/constants/billing_budget.erb +docs: !ruby/object:Provider::Terraform::Docs +======= --- name: 'Budget' description: | @@ -20,6 +41,7 @@ references: 'Creating a budget': 'https://cloud.google.com/billing/docs/how-to/budgets' api: 'https://cloud.google.com/billing/docs/reference/budget/rest/v1/billingAccounts.budgets' docs: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 warning: | If you are using User ADCs (Application Default Credentials) with this resource, you must specify a `billing_project` and set `user_project_override` to true @@ -27,6 +49,15 @@ docs: Your account must have the `serviceusage.services.use` permission on the `billing_project` you defined. id_format: 'billingAccounts/{{billing_account}}/budgets/{{name}}' +<<<<<<< HEAD +import_format: + ['billingAccounts/{{billing_account}}/budgets/{{name}}', '{{name}}'] +schema_version: 1 +state_upgraders: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'billing_budget_basic' +======= base_url: 'billingAccounts/{{billing_account}}/budgets' self_link: 'billingAccounts/{{billing_account}}/budgets/{{name}}' update_verb: 'PATCH' @@ -44,49 +75,103 @@ schema_version: 1 state_upgraders: true examples: - name: 'billing_budget_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'budget' vars: display_name: 'Example Billing Budget' test_env_vars: +<<<<<<< HEAD + billing_acct: :MASTER_BILLING_ACCT + - !ruby/object:Provider::Terraform::Examples + name: 'billing_budget_lastperiod' +======= billing_acct: 'MASTER_BILLING_ACCT' - name: 'billing_budget_lastperiod' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'budget' vars: display_name: 'Example Billing Budget' test_env_vars: +<<<<<<< HEAD + billing_acct: :MASTER_BILLING_ACCT + - !ruby/object:Provider::Terraform::Examples + name: 'billing_budget_filter' +======= billing_acct: 'MASTER_BILLING_ACCT' - name: 'billing_budget_filter' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'budget' vars: display_name: 'Example Billing Budget' test_env_vars: +<<<<<<< HEAD + billing_acct: :MASTER_BILLING_ACCT + org_id: :ORG_ID + - !ruby/object:Provider::Terraform::Examples + name: 'billing_budget_notify' +======= billing_acct: 'MASTER_BILLING_ACCT' org_id: 'ORG_ID' - name: 'billing_budget_notify' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'budget' vars: budget_name: 'Example Billing Budget' channel_name: 'Example Notification Channel' test_env_vars: +<<<<<<< HEAD + billing_acct: :MASTER_BILLING_ACCT + - !ruby/object:Provider::Terraform::Examples + name: 'billing_budget_notify_project_recipient' +======= billing_acct: 'MASTER_BILLING_ACCT' - name: 'billing_budget_notify_project_recipient' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'budget' vars: budget_name: 'Example Billing Budget' test_env_vars: +<<<<<<< HEAD + billing_acct: :MASTER_BILLING_ACCT + - !ruby/object:Provider::Terraform::Examples + name: 'billing_budget_customperiod' +======= billing_acct: 'MASTER_BILLING_ACCT' - name: 'billing_budget_customperiod' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'budget' vars: display_name: 'Example Billing Budget' test_env_vars: +<<<<<<< HEAD + billing_acct: :MASTER_BILLING_ACCT + - !ruby/object:Provider::Terraform::Examples + name: 'billing_budget_optional' + primary_resource_id: 'budget' + skip_docs: true +======= billing_acct: 'MASTER_BILLING_ACCT' - name: 'billing_budget_optional' primary_resource_id: 'budget' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: display_name: 'Example Billing Budget' topic_name: 'example-topic' test_env_vars: +<<<<<<< HEAD + billing_acct: :MASTER_BILLING_ACCT +parameters: + - !ruby/object:Api::Type::String + name: billingAccount + description: | + ID of the billing account to set a budget on. + required: true + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: name +======= billing_acct: 'MASTER_BILLING_ACCT' exclude_docs: true parameters: @@ -100,11 +185,21 @@ parameters: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Resource name of the budget. The resource name implies the scope of a budget. Values are of the form billingAccounts/{billingAccountId}/budgets/{budgetId}. output: true +<<<<<<< HEAD + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + - !ruby/object:Api::Type::String + name: displayName + description: | + User data for display name in UI. Must be <= 60 chars. + - !ruby/object:Api::Type::NestedObject + name: budgetFilter +======= custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' - name: 'displayName' type: String @@ -112,6 +207,7 @@ properties: User data for display name in UI. Must be <= 60 chars. - name: 'budgetFilter' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Filters that define which resources are used to compute the actual spend against the budget. @@ -127,8 +223,22 @@ properties: - 'budgetFilter.creditTypes' - 'budgetFilter.subaccounts' properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: projects + at_least_one_of: + - budget_filter.0.projects + - budget_filter.0.resource_ancestors + - budget_filter.0.credit_types_treatment + - budget_filter.0.services + - budget_filter.0.subaccounts + - budget_filter.0.labels + - budget_filter.0.calendarPeriod + - budget_filter.0.customPeriod +======= - name: 'projects' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A set of projects of the form projects/{project_number}, specifying that usage from only this set of projects should be @@ -136,6 +246,20 @@ properties: all usage for the billing account, regardless of which project the usage occurred on. is_set: true +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: resourceAncestors + at_least_one_of: + - budget_filter.0.projects + - budget_filter.0.resource_ancestors + - budget_filter.0.credit_types_treatment + - budget_filter.0.services + - budget_filter.0.subaccounts + - budget_filter.0.labels + - budget_filter.0.calendarPeriod + - budget_filter.0.customPeriod +======= at_least_one_of: - 'budget_filter.0.projects' - 'budget_filter.0.resource_ancestors' @@ -149,12 +273,37 @@ properties: type: String - name: 'resourceAncestors' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A set of folder and organization names of the form folders/{folderId} or organizations/{organizationId}, specifying that usage from only this set of folders and organizations should be included in the budget. If omitted, the budget includes all usage that the billing account pays for. If the folder or organization contains projects that are paid for by a different Cloud Billing account, the budget doesn't apply to those projects. is_set: true +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Enum + name: creditTypesTreatment + description: | + Specifies how credits should be treated when determining spend + for threshold calculations. + default_value: :INCLUDE_ALL_CREDITS + values: + - :INCLUDE_ALL_CREDITS + - :EXCLUDE_ALL_CREDITS + - :INCLUDE_SPECIFIED_CREDITS + at_least_one_of: + - budget_filter.0.projects + - budget_filter.0.resource_ancestors + - budget_filter.0.credit_types_treatment + - budget_filter.0.services + - budget_filter.0.subaccounts + - budget_filter.0.labels + - budget_filter.0.calendarPeriod + - budget_filter.0.customPeriod + - !ruby/object:Api::Type::Array + name: services +======= at_least_one_of: - 'budget_filter.0.projects' - 'budget_filter.0.resource_ancestors' @@ -187,6 +336,7 @@ properties: - 'INCLUDE_SPECIFIED_CREDITS' - name: 'services' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A set of services of the form services/{service_id}, specifying that usage from only this set of services should be @@ -194,6 +344,21 @@ properties: usage for all the services. The service names are available through the Catalog API: https://cloud.google.com/billing/v1/how-tos/catalog-api. +<<<<<<< HEAD + at_least_one_of: + - budget_filter.0.projects + - budget_filter.0.resource_ancestors + - budget_filter.0.credit_types_treatment + - budget_filter.0.services + - budget_filter.0.subaccounts + - budget_filter.0.labels + - budget_filter.0.calendarPeriod + - budget_filter.0.customPeriod + default_from_api: true + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: creditTypes +======= default_from_api: true at_least_one_of: - 'budget_filter.0.projects' @@ -208,12 +373,28 @@ properties: type: String - name: 'creditTypes' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Optional. If creditTypesTreatment is INCLUDE_SPECIFIED_CREDITS, this is a list of credit types to be subtracted from gross cost to determine the spend for threshold calculations. See a list of acceptable credit type values. If creditTypesTreatment is not INCLUDE_SPECIFIED_CREDITS, this field must be empty. **Note:** If the field has a value in the config and needs to be removed, the field has to be an emtpy array in the config. +<<<<<<< HEAD + at_least_one_of: + - budget_filter.0.projects + - budget_filter.0.resource_ancestors + - budget_filter.0.credit_types_treatment + - budget_filter.0.services + - budget_filter.0.subaccounts + - budget_filter.0.labels + - budget_filter.0.calendarPeriod + - budget_filter.0.customPeriod + default_from_api: true + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: subaccounts +======= default_from_api: true at_least_one_of: - 'budget_filter.0.projects' @@ -228,6 +409,7 @@ properties: type: String - name: 'subaccounts' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A set of subaccounts of the form billingAccounts/{account_id}, specifying that usage from only this set of subaccounts should @@ -237,6 +419,47 @@ properties: account and all subaccounts, if they exist. **Note:** If the field has a value in the config and needs to be removed, the field has to be an emtpy array in the config. +<<<<<<< HEAD + at_least_one_of: + - budget_filter.0.projects + - budget_filter.0.resource_ancestors + - budget_filter.0.credit_types_treatment + - budget_filter.0.services + - budget_filter.0.subaccounts + - budget_filter.0.labels + - budget_filter.0.calendarPeriod + - budget_filter.0.customPeriod + default_from_api: true + item_type: Api::Type::String + - !ruby/object:Api::Type::KeyValuePairs + name: 'labels' + description: | + A single label and value pair specifying that usage from only + this set of labeled resources should be included in the budget. + at_least_one_of: + - budget_filter.0.projects + - budget_filter.0.resource_ancestors + - budget_filter.0.credit_types_treatment + - budget_filter.0.services + - budget_filter.0.subaccounts + - budget_filter.0.labels + - budget_filter.0.calendarPeriod + - budget_filter.0.customPeriod + default_from_api: true + custom_expand: 'templates/terraform/custom_expand/billing_budget_budget_filter_labels.erb' + custom_flatten: 'templates/terraform/custom_flatten/billing_budget_budget_filter_labels.erb' + - !ruby/object:Api::Type::Enum + name: calendarPeriod + at_least_one_of: + - budget_filter.0.projects + - budget_filter.0.resource_ancestors + - budget_filter.0.credit_types_treatment + - budget_filter.0.services + - budget_filter.0.subaccounts + - budget_filter.0.labels + - budget_filter.0.calendarPeriod + - budget_filter.0.customPeriod +======= default_from_api: true at_least_one_of: - 'budget_filter.0.projects' @@ -268,12 +491,34 @@ properties: custom_expand: 'templates/terraform/custom_expand/billing_budget_budget_filter_labels.tmpl' - name: 'calendarPeriod' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A CalendarPeriod represents the abstract concept of a recurring time period that has a canonical start. Grammatically, "the start of the current CalendarPeriod". All calendar times begin at 12 AM US and Canadian Pacific Time (UTC-8). Exactly one of `calendar_period`, `custom_period` must be provided. +<<<<<<< HEAD + values: + - :MONTH + - :QUARTER + - :YEAR + - :CALENDAR_PERIOD_UNSPECIFIED + diff_suppress_func: + 'checkValAndDefaultStringSuppress("MONTH", + "budget_filter.0.custom_period.0.start_date")' + - !ruby/object:Api::Type::NestedObject + name: customPeriod + at_least_one_of: + - budget_filter.0.projects + - budget_filter.0.resource_ancestors + - budget_filter.0.credit_types_treatment + - budget_filter.0.services + - budget_filter.0.subaccounts + - budget_filter.0.labels + - budget_filter.0.calendarPeriod + - budget_filter.0.customPeriod +======= at_least_one_of: - 'budget_filter.0.projects' - 'budget_filter.0.resource_ancestors' @@ -291,11 +536,44 @@ properties: - 'CALENDAR_PERIOD_UNSPECIFIED' - name: 'customPeriod' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies to track usage from any start date (required) to any end date (optional). This time period is static, it does not recur. Exactly one of `calendar_period`, `custom_period` must be provided. +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::NestedObject + name: startDate + required: true + description: | + A start date is required. The start date must be after January 1, 2017. + properties: + - !ruby/object:Api::Type::Integer + name: year + required: true + description: | + Year of the date. Must be from 1 to 9999. + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.IntBetween(1,9999)' + - !ruby/object:Api::Type::Integer + name: month + required: true + description: | + Month of a year. Must be from 1 to 12. + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.IntBetween(1,12)' + - !ruby/object:Api::Type::Integer + name: day + required: true + description: | + Day of a month. Must be from 1 to 31 and valid for the year and month. + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.IntBetween(1,31)' + - !ruby/object:Api::Type::NestedObject + name: endDate +======= at_least_one_of: - 'budget_filter.0.projects' - 'budget_filter.0.resource_ancestors' @@ -335,10 +613,39 @@ properties: function: 'validation.IntBetween(1,31)' - name: 'endDate' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Optional. The end date of the time period. Budgets with elapsed end date won't be processed. If unset, specifies to track all usage incurred since the startDate. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: year + required: true + description: | + Year of the date. Must be from 1 to 9999. + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.IntBetween(1,9999)' + - !ruby/object:Api::Type::Integer + name: month + required: true + description: | + Month of a year. Must be from 1 to 12. + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.IntBetween(1,12)' + - !ruby/object:Api::Type::Integer + name: day + required: true + description: | + Day of a month. Must be from 1 to 31 and valid for the year and month. + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.IntBetween(1,31)' + - !ruby/object:Api::Type::NestedObject + name: amount + required: true + description: | + The budgeted amount for each usage period. +======= - name: 'year' type: Integer description: | @@ -365,17 +672,41 @@ properties: description: | The budgeted amount for each usage period. required: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 update_mask_fields: - 'amount.specifiedAmount.currencyCode' - 'amount.specifiedAmount.units' - 'amount.specifiedAmount.nanos' properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: specifiedAmount + exactly_one_of: + - amount.0.specified_amount + - amount.0.last_period_amount +======= - name: 'specifiedAmount' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A specified amount to use as the budget. currencyCode is optional. If specified, it must match the currency of the billing account. The currencyCode is provided on output. +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::String + name: currencyCode + description: | + The 3-letter currency code defined in ISO 4217. + default_from_api: true + - !ruby/object:Api::Type::String + name: units + description: | + The whole units of the amount. For example if currencyCode + is "USD", then 1 unit is one US dollar. + - !ruby/object:Api::Type::Integer + name: nanos +======= exactly_one_of: - 'amount.0.specified_amount' - 'amount.0.last_period_amount' @@ -392,6 +723,7 @@ properties: is "USD", then 1 unit is one US dollar. - name: 'nanos' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Number of nano (10^-9) units of the amount. The value must be between -999,999,999 and +999,999,999 @@ -400,13 +732,27 @@ properties: negative. If units is negative, nanos must be negative or zero. For example $-1.75 is represented as units=-1 and nanos=-750,000,000. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'lastPeriodAmount' + exactly_one_of: + - amount.0.specified_amount + - amount.0.last_period_amount +======= - name: 'lastPeriodAmount' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Configures a budget amount that is automatically set to 100% of last period's spend. Boolean. Set value to true to use. Do not set to false, instead use the `specified_amount` block. +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/bool_to_object.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/object_to_bool.go.erb' + - !ruby/object:Api::Type::Array + name: thresholdRules +======= exactly_one_of: - 'amount.0.specified_amount' - 'amount.0.last_period_amount' @@ -414,10 +760,34 @@ properties: custom_expand: 'templates/terraform/custom_expand/bool_to_object.go.tmpl' - name: 'thresholdRules' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Rules that trigger alerts (notifications of thresholds being crossed) when spend exceeds the specified percentages of the budget. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Double + name: thresholdPercent + required: true + description: | + Send an alert when this threshold is exceeded. This is a + 1.0-based percentage, so 0.5 = 50%. Must be >= 0. + send_empty_value: true + - !ruby/object:Api::Type::Enum + name: spendBasis + description: | + The type of basis used to determine if spend has passed + the threshold. + default_value: :CURRENT_SPEND + values: + - :CURRENT_SPEND + - :FORECASTED_SPEND + - !ruby/object:Api::Type::NestedObject + name: allUpdatesRule + api_name: notificationsRule +======= item_type: type: NestedObject properties: @@ -439,11 +809,15 @@ properties: - 'FORECASTED_SPEND' - name: 'allUpdatesRule' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Defines notifications that are sent on every update to the billing account's spend, regardless of the thresholds defined using threshold rules. +<<<<<<< HEAD +======= api_name: notificationsRule +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 update_mask_fields: - 'notificationsRule.pubsubTopic' - 'notificationsRule.schemaVersion' @@ -451,31 +825,61 @@ properties: - 'notificationsRule.disableDefaultIamRecipients' - 'notificationsRule.enableProjectLevelRecipients' properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: pubsubTopic + at_least_one_of: + - all_updates_rule.0.pubsub_topic + - all_updates_rule.0.monitoring_notification_channels +======= - name: 'pubsubTopic' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the Cloud Pub/Sub topic where budget related messages will be published, in the form projects/{project_id}/topics/{topic_id}. Updates are sent at regular intervals to the topic. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: schemaVersion + default_value: '1.0' +======= at_least_one_of: - 'all_updates_rule.0.pubsub_topic' - 'all_updates_rule.0.monitoring_notification_channels' - name: 'schemaVersion' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The schema version of the notification. Only "1.0" is accepted. It represents the JSON schema as defined in https://cloud.google.com/billing/docs/how-to/budgets#notification_format. +<<<<<<< HEAD + custom_flatten: templates/terraform/custom_flatten/default_if_empty.erb + - !ruby/object:Api::Type::Array + name: monitoringNotificationChannels + max_size: 5 + at_least_one_of: + - all_updates_rule.0.pubsub_topic + - all_updates_rule.0.monitoring_notification_channels +======= custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' default_value: "1.0" - name: 'monitoringNotificationChannels' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The full resource name of a monitoring notification channel in the form projects/{project_id}/notificationChannels/{channel_id}. A maximum of 5 channels are allowed. +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Boolean + name: disableDefaultIamRecipients + default_value: false +======= at_least_one_of: - 'all_updates_rule.0.pubsub_topic' - 'all_updates_rule.0.monitoring_notification_channels' @@ -484,20 +888,38 @@ properties: max_size: 5 - name: 'disableDefaultIamRecipients' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Boolean. When set to true, disables default notifications sent when a threshold is exceeded. Default recipients are those with Billing Account Administrators and Billing Account Users IAM roles for the target account. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: enableProjectLevelRecipients + default_value: false +======= default_value: false - name: 'enableProjectLevelRecipients' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | When set to true, and when the budget has a single project configured, notifications will be sent to project level recipients of that project. This field will be ignored if the budget has multiple or no project configured. Currently, project level recipients are the users with Owner role on a cloud project. +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: ownershipScope + description: | + The ownership scope of the budget. The ownership scope and users' + IAM permissions determine who has full access to the budget's data. + values: + - :OWNERSHIP_SCOPE_UNSPECIFIED + - :ALL_USERS + - :BILLING_ACCOUNT +======= default_value: false - name: 'ownershipScope' type: Enum @@ -508,3 +930,4 @@ properties: - 'OWNERSHIP_SCOPE_UNSPECIFIED' - 'ALL_USERS' - 'BILLING_ACCOUNT' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/billingbudget/go_Budget.yaml b/mmv1/products/billingbudget/go_Budget.yaml new file mode 100644 index 000000000000..c443f80a9704 --- /dev/null +++ b/mmv1/products/billingbudget/go_Budget.yaml @@ -0,0 +1,511 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Budget' +description: | + Budget configuration for a billing account. +references: + guides: + 'Creating a budget': 'https://cloud.google.com/billing/docs/how-to/budgets' + api: 'https://cloud.google.com/billing/docs/reference/budget/rest/v1/billingAccounts.budgets' +docs: + warning: | + If you are using User ADCs (Application Default Credentials) with this resource, + you must specify a `billing_project` and set `user_project_override` to true + in the provider configuration. Otherwise the Billing Budgets API will return a 403 error. + Your account must have the `serviceusage.services.use` permission on the + `billing_project` you defined. +id_format: 'billingAccounts/{{billing_account}}/budgets/{{name}}' +base_url: 'billingAccounts/{{billing_account}}/budgets' +self_link: 'billingAccounts/{{billing_account}}/budgets/{{name}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'billingAccounts/{{billing_account}}/budgets/{{name}}' + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + constants: 'templates/terraform/constants/go/billing_budget.tmpl' +schema_version: 1 +state_upgraders: true +examples: + - name: 'billing_budget_basic' + primary_resource_id: 'budget' + vars: + display_name: 'Example Billing Budget' + test_env_vars: + billing_acct: 'MASTER_BILLING_ACCT' + - name: 'billing_budget_lastperiod' + primary_resource_id: 'budget' + vars: + display_name: 'Example Billing Budget' + test_env_vars: + billing_acct: 'MASTER_BILLING_ACCT' + - name: 'billing_budget_filter' + primary_resource_id: 'budget' + vars: + display_name: 'Example Billing Budget' + test_env_vars: + billing_acct: 'MASTER_BILLING_ACCT' + org_id: 'ORG_ID' + - name: 'billing_budget_notify' + primary_resource_id: 'budget' + vars: + budget_name: 'Example Billing Budget' + channel_name: 'Example Notification Channel' + test_env_vars: + billing_acct: 'MASTER_BILLING_ACCT' + - name: 'billing_budget_notify_project_recipient' + primary_resource_id: 'budget' + vars: + budget_name: 'Example Billing Budget' + test_env_vars: + billing_acct: 'MASTER_BILLING_ACCT' + - name: 'billing_budget_customperiod' + primary_resource_id: 'budget' + vars: + display_name: 'Example Billing Budget' + test_env_vars: + billing_acct: 'MASTER_BILLING_ACCT' + - name: 'billing_budget_optional' + primary_resource_id: 'budget' + vars: + display_name: 'Example Billing Budget' + topic_name: 'example-topic' + test_env_vars: + billing_acct: 'MASTER_BILLING_ACCT' + exclude_docs: true +parameters: + - name: 'billingAccount' + type: String + description: | + ID of the billing account to set a budget on. + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: | + Resource name of the budget. The resource name + implies the scope of a budget. Values are of the form + billingAccounts/{billingAccountId}/budgets/{budgetId}. + output: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + - name: 'displayName' + type: String + description: | + User data for display name in UI. Must be <= 60 chars. + - name: 'budgetFilter' + type: NestedObject + description: | + Filters that define which resources are used to compute the actual + spend against the budget. + default_from_api: true + update_mask_fields: + - 'budgetFilter.projects' + - 'budgetFilter.resourceAncestors' + - 'budgetFilter.labels' + - 'budgetFilter.calendarPeriod' + - 'budgetFilter.customPeriod' + - 'budgetFilter.services' + - 'budgetFilter.creditTypesTreatment' + - 'budgetFilter.creditTypes' + - 'budgetFilter.subaccounts' + properties: + - name: 'projects' + type: Array + description: | + A set of projects of the form projects/{project_number}, + specifying that usage from only this set of projects should be + included in the budget. If omitted, the report will include + all usage for the billing account, regardless of which project + the usage occurred on. + is_set: true + at_least_one_of: + - 'budget_filter.0.projects' + - 'budget_filter.0.resource_ancestors' + - 'budget_filter.0.credit_types_treatment' + - 'budget_filter.0.services' + - 'budget_filter.0.subaccounts' + - 'budget_filter.0.labels' + - 'budget_filter.0.calendarPeriod' + - 'budget_filter.0.customPeriod' + item_type: + type: String + - name: 'resourceAncestors' + type: Array + description: | + A set of folder and organization names of the form folders/{folderId} or organizations/{organizationId}, + specifying that usage from only this set of folders and organizations should be included in the budget. + If omitted, the budget includes all usage that the billing account pays for. If the folder or organization + contains projects that are paid for by a different Cloud Billing account, the budget doesn't apply to those projects. + is_set: true + at_least_one_of: + - 'budget_filter.0.projects' + - 'budget_filter.0.resource_ancestors' + - 'budget_filter.0.credit_types_treatment' + - 'budget_filter.0.services' + - 'budget_filter.0.subaccounts' + - 'budget_filter.0.labels' + - 'budget_filter.0.calendarPeriod' + - 'budget_filter.0.customPeriod' + item_type: + type: String + - name: 'creditTypesTreatment' + type: Enum + description: | + Specifies how credits should be treated when determining spend + for threshold calculations. + at_least_one_of: + - 'budget_filter.0.projects' + - 'budget_filter.0.resource_ancestors' + - 'budget_filter.0.credit_types_treatment' + - 'budget_filter.0.services' + - 'budget_filter.0.subaccounts' + - 'budget_filter.0.labels' + - 'budget_filter.0.calendarPeriod' + - 'budget_filter.0.customPeriod' + default_value: "INCLUDE_ALL_CREDITS" + enum_values: + - 'INCLUDE_ALL_CREDITS' + - 'EXCLUDE_ALL_CREDITS' + - 'INCLUDE_SPECIFIED_CREDITS' + - name: 'services' + type: Array + description: | + A set of services of the form services/{service_id}, + specifying that usage from only this set of services should be + included in the budget. If omitted, the report will include + usage for all the services. The service names are available + through the Catalog API: + https://cloud.google.com/billing/v1/how-tos/catalog-api. + default_from_api: true + at_least_one_of: + - 'budget_filter.0.projects' + - 'budget_filter.0.resource_ancestors' + - 'budget_filter.0.credit_types_treatment' + - 'budget_filter.0.services' + - 'budget_filter.0.subaccounts' + - 'budget_filter.0.labels' + - 'budget_filter.0.calendarPeriod' + - 'budget_filter.0.customPeriod' + item_type: + type: String + - name: 'creditTypes' + type: Array + description: | + Optional. If creditTypesTreatment is INCLUDE_SPECIFIED_CREDITS, + this is a list of credit types to be subtracted from gross cost to determine the spend for threshold calculations. See a list of acceptable credit type values. + If creditTypesTreatment is not INCLUDE_SPECIFIED_CREDITS, this field must be empty. + + **Note:** If the field has a value in the config and needs to be removed, the field has to be an emtpy array in the config. + default_from_api: true + at_least_one_of: + - 'budget_filter.0.projects' + - 'budget_filter.0.resource_ancestors' + - 'budget_filter.0.credit_types_treatment' + - 'budget_filter.0.services' + - 'budget_filter.0.subaccounts' + - 'budget_filter.0.labels' + - 'budget_filter.0.calendarPeriod' + - 'budget_filter.0.customPeriod' + item_type: + type: String + - name: 'subaccounts' + type: Array + description: | + A set of subaccounts of the form billingAccounts/{account_id}, + specifying that usage from only this set of subaccounts should + be included in the budget. If a subaccount is set to the name of + the parent account, usage from the parent account will be included. + If the field is omitted, the report will include usage from the parent + account and all subaccounts, if they exist. + + **Note:** If the field has a value in the config and needs to be removed, the field has to be an emtpy array in the config. + default_from_api: true + at_least_one_of: + - 'budget_filter.0.projects' + - 'budget_filter.0.resource_ancestors' + - 'budget_filter.0.credit_types_treatment' + - 'budget_filter.0.services' + - 'budget_filter.0.subaccounts' + - 'budget_filter.0.labels' + - 'budget_filter.0.calendarPeriod' + - 'budget_filter.0.customPeriod' + item_type: + type: String + - name: 'labels' + type: KeyValuePairs + description: | + A single label and value pair specifying that usage from only + this set of labeled resources should be included in the budget. + default_from_api: true + at_least_one_of: + - 'budget_filter.0.projects' + - 'budget_filter.0.resource_ancestors' + - 'budget_filter.0.credit_types_treatment' + - 'budget_filter.0.services' + - 'budget_filter.0.subaccounts' + - 'budget_filter.0.labels' + - 'budget_filter.0.calendarPeriod' + - 'budget_filter.0.customPeriod' + custom_flatten: 'templates/terraform/custom_flatten/go/billing_budget_budget_filter_labels.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/billing_budget_budget_filter_labels.tmpl' + - name: 'calendarPeriod' + type: Enum + description: | + A CalendarPeriod represents the abstract concept of a recurring time period that has a + canonical start. Grammatically, "the start of the current CalendarPeriod". + All calendar times begin at 12 AM US and Canadian Pacific Time (UTC-8). + + Exactly one of `calendar_period`, `custom_period` must be provided. + at_least_one_of: + - 'budget_filter.0.projects' + - 'budget_filter.0.resource_ancestors' + - 'budget_filter.0.credit_types_treatment' + - 'budget_filter.0.services' + - 'budget_filter.0.subaccounts' + - 'budget_filter.0.labels' + - 'budget_filter.0.calendarPeriod' + - 'budget_filter.0.customPeriod' + diff_suppress_func: 'checkValAndDefaultStringSuppress("MONTH", "budget_filter.0.custom_period.0.start_date")' + enum_values: + - 'MONTH' + - 'QUARTER' + - 'YEAR' + - 'CALENDAR_PERIOD_UNSPECIFIED' + - name: 'customPeriod' + type: NestedObject + description: | + Specifies to track usage from any start date (required) to any end date (optional). + This time period is static, it does not recur. + + Exactly one of `calendar_period`, `custom_period` must be provided. + at_least_one_of: + - 'budget_filter.0.projects' + - 'budget_filter.0.resource_ancestors' + - 'budget_filter.0.credit_types_treatment' + - 'budget_filter.0.services' + - 'budget_filter.0.subaccounts' + - 'budget_filter.0.labels' + - 'budget_filter.0.calendarPeriod' + - 'budget_filter.0.customPeriod' + properties: + - name: 'startDate' + type: NestedObject + description: | + A start date is required. The start date must be after January 1, 2017. + required: true + properties: + - name: 'year' + type: Integer + description: | + Year of the date. Must be from 1 to 9999. + required: true + validation: + function: 'validation.IntBetween(1,9999)' + - name: 'month' + type: Integer + description: | + Month of a year. Must be from 1 to 12. + required: true + validation: + function: 'validation.IntBetween(1,12)' + - name: 'day' + type: Integer + description: | + Day of a month. Must be from 1 to 31 and valid for the year and month. + required: true + validation: + function: 'validation.IntBetween(1,31)' + - name: 'endDate' + type: NestedObject + description: | + Optional. The end date of the time period. Budgets with elapsed end date won't be processed. + If unset, specifies to track all usage incurred since the startDate. + properties: + - name: 'year' + type: Integer + description: | + Year of the date. Must be from 1 to 9999. + required: true + validation: + function: 'validation.IntBetween(1,9999)' + - name: 'month' + type: Integer + description: | + Month of a year. Must be from 1 to 12. + required: true + validation: + function: 'validation.IntBetween(1,12)' + - name: 'day' + type: Integer + description: | + Day of a month. Must be from 1 to 31 and valid for the year and month. + required: true + validation: + function: 'validation.IntBetween(1,31)' + - name: 'amount' + type: NestedObject + description: | + The budgeted amount for each usage period. + required: true + update_mask_fields: + - 'amount.specifiedAmount.currencyCode' + - 'amount.specifiedAmount.units' + - 'amount.specifiedAmount.nanos' + properties: + - name: 'specifiedAmount' + type: NestedObject + description: | + A specified amount to use as the budget. currencyCode is + optional. If specified, it must match the currency of the + billing account. The currencyCode is provided on output. + exactly_one_of: + - 'amount.0.specified_amount' + - 'amount.0.last_period_amount' + properties: + - name: 'currencyCode' + type: String + description: | + The 3-letter currency code defined in ISO 4217. + default_from_api: true + - name: 'units' + type: String + description: | + The whole units of the amount. For example if currencyCode + is "USD", then 1 unit is one US dollar. + - name: 'nanos' + type: Integer + description: | + Number of nano (10^-9) units of the amount. + The value must be between -999,999,999 and +999,999,999 + inclusive. If units is positive, nanos must be positive or + zero. If units is zero, nanos can be positive, zero, or + negative. If units is negative, nanos must be negative or + zero. For example $-1.75 is represented as units=-1 and + nanos=-750,000,000. + - name: 'lastPeriodAmount' + type: Boolean + description: | + Configures a budget amount that is automatically set to 100% of + last period's spend. + Boolean. Set value to true to use. Do not set to false, instead + use the `specified_amount` block. + exactly_one_of: + - 'amount.0.specified_amount' + - 'amount.0.last_period_amount' + custom_flatten: 'templates/terraform/custom_flatten/go/object_to_bool.go.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/bool_to_object.go.tmpl' + - name: 'thresholdRules' + type: Array + description: | + Rules that trigger alerts (notifications of thresholds being + crossed) when spend exceeds the specified percentages of the + budget. + item_type: + type: NestedObject + properties: + - name: 'thresholdPercent' + type: Double + description: | + Send an alert when this threshold is exceeded. This is a + 1.0-based percentage, so 0.5 = 50%. Must be >= 0. + required: true + send_empty_value: true + - name: 'spendBasis' + type: Enum + description: | + The type of basis used to determine if spend has passed + the threshold. + default_value: "CURRENT_SPEND" + enum_values: + - 'CURRENT_SPEND' + - 'FORECASTED_SPEND' + - name: 'allUpdatesRule' + type: NestedObject + description: | + Defines notifications that are sent on every update to the + billing account's spend, regardless of the thresholds defined + using threshold rules. + api_name: notificationsRule + update_mask_fields: + - 'notificationsRule.pubsubTopic' + - 'notificationsRule.schemaVersion' + - 'notificationsRule.monitoringNotificationChannels' + - 'notificationsRule.disableDefaultIamRecipients' + - 'notificationsRule.enableProjectLevelRecipients' + properties: + - name: 'pubsubTopic' + type: String + description: | + The name of the Cloud Pub/Sub topic where budget related + messages will be published, in the form + projects/{project_id}/topics/{topic_id}. Updates are sent + at regular intervals to the topic. + at_least_one_of: + - 'all_updates_rule.0.pubsub_topic' + - 'all_updates_rule.0.monitoring_notification_channels' + - name: 'schemaVersion' + type: String + description: | + The schema version of the notification. Only "1.0" is + accepted. It represents the JSON schema as defined in + https://cloud.google.com/billing/docs/how-to/budgets#notification_format. + custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' + default_value: "1.0" + - name: 'monitoringNotificationChannels' + type: Array + description: | + The full resource name of a monitoring notification + channel in the form + projects/{project_id}/notificationChannels/{channel_id}. + A maximum of 5 channels are allowed. + at_least_one_of: + - 'all_updates_rule.0.pubsub_topic' + - 'all_updates_rule.0.monitoring_notification_channels' + item_type: + type: String + max_size: 5 + - name: 'disableDefaultIamRecipients' + type: Boolean + description: | + Boolean. When set to true, disables default notifications sent + when a threshold is exceeded. Default recipients are + those with Billing Account Administrators and Billing + Account Users IAM roles for the target account. + default_value: false + - name: 'enableProjectLevelRecipients' + type: Boolean + description: | + When set to true, and when the budget has a single project configured, + notifications will be sent to project level recipients of that project. + This field will be ignored if the budget has multiple or no project configured. + + Currently, project level recipients are the users with Owner role on a cloud project. + default_value: false + - name: 'ownershipScope' + type: Enum + description: | + The ownership scope of the budget. The ownership scope and users' + IAM permissions determine who has full access to the budget's data. + enum_values: + - 'OWNERSHIP_SCOPE_UNSPECIFIED' + - 'ALL_USERS' + - 'BILLING_ACCOUNT' diff --git a/mmv1/products/billingbudget/go_product.yaml b/mmv1/products/billingbudget/go_product.yaml new file mode 100644 index 000000000000..903ca8f5a90a --- /dev/null +++ b/mmv1/products/billingbudget/go_product.yaml @@ -0,0 +1,32 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +<<<<<<<< HEAD:mmv1/products/billingbudget/go_product.yaml +name: 'Billing' +display_name: 'Cloud Billing' +versions: + - name: 'ga' + base_url: 'https://billingbudgets.googleapis.com/v1/' +======== +name: 'Clouddeploy' +display_name: 'Cloud Deploy' +versions: + - name: 'ga' + base_url: 'https://clouddeploy.googleapis.com/v1/' + - name: 'beta' + base_url: 'https://clouddeploy.googleapis.com/v1/' +>>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856:mmv1/products/clouddeploy/product.yaml +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/billingbudget/product.yaml b/mmv1/products/billingbudget/product.yaml index cc25e6f5ac4f..159b1f749c54 100644 --- a/mmv1/products/billingbudget/product.yaml +++ b/mmv1/products/billingbudget/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2019 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,18 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: Billing +# Strictly speaking it should be Billing Budget but setting it to Cloud Billing will put in the same doc section as billing accounts. +display_name: Cloud Billing +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://billingbudgets.googleapis.com/v1/ +scopes: + - https://www.googleapis.com/auth/cloud-platform +======= --- name: 'Billing' display_name: 'Cloud Billing' @@ -19,3 +35,4 @@ versions: base_url: 'https://billingbudgets.googleapis.com/v1/' scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/binaryauthorization/Attestor.yaml b/mmv1/products/binaryauthorization/Attestor.yaml index b5bc05f30bdb..27c8cd6e3a4c 100644 --- a/mmv1/products/binaryauthorization/Attestor.yaml +++ b/mmv1/products/binaryauthorization/Attestor.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,38 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Attestor' +base_url: projects/{{project}}/attestors?attestorId={{name}} +self_link: projects/{{project}}/attestors/{{name}} +description: | + An attestor that attests to container image artifacts. +iam_policy: !ruby/object:Api::Resource::IamPolicy + parent_resource_attribute: 'attestor' + method_name_separator: ':' +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/binary-authorization/' + api: 'https://cloud.google.com/binary-authorization/docs/reference/rest/' +import_format: ['projects/{{project}}/attestors/{{name}}'] +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: 'templates/terraform/constants/binaryauthorization_attestor.go.erb' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'binary_authorization_attestor_basic' + primary_resource_id: 'attestor' + primary_resource_name: "fmt.Sprintf(\"tf-test-test-attestor%s\", + context[\"random_suffix\"\ + ])" + vars: + attestor_name: 'test-attestor' + note_name: 'test-attestor-note' + - !ruby/object:Provider::Terraform::Examples + name: 'binary_authorization_attestor_kms' + primary_resource_id: 'attestor' + skip_test: true +======= --- name: 'Attestor' description: | @@ -43,20 +79,45 @@ examples: note_name: 'test-attestor-note' - name: 'binary_authorization_attestor_kms' primary_resource_id: 'attestor' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: attestor_name: 'test-attestor' note_name: 'test-attestor-note' key_name: 'test-attestor-key' keyring_name: 'test-attestor-key-ring' +<<<<<<< HEAD +properties: + - !ruby/object:Api::Type::String + name: name +======= exclude_test: true parameters: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The resource name. required: true immutable: true +<<<<<<< HEAD + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + custom_expand: 'templates/terraform/custom_expand/shortname_to_url.go.erb' + - !ruby/object:Api::Type::String + name: description + description: | + A descriptive comment. This field may be updated. The field may be + displayed in chooser dialogs. + - !ruby/object:Api::Type::NestedObject + name: attestationAuthorityNote + api_name: userOwnedGrafeasNote + description: | + A Container Analysis ATTESTATION_AUTHORITY Note, created by the user. + required: true + properties: + - !ruby/object:Api::Type::String + name: noteReference +======= custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' custom_expand: 'templates/terraform/custom_expand/shortname_to_url.go.tmpl' - name: 'description' @@ -73,6 +134,7 @@ properties: properties: - name: 'noteReference' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The resource name of a ATTESTATION_AUTHORITY Note, created by the user. If the Note is in a different project from the Attestor, it @@ -83,10 +145,17 @@ properties: and that links to this Note. required: true immutable: true +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/container_analysis_note.erb' + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - !ruby/object:Api::Type::Array + name: publicKeys +======= diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' custom_expand: 'templates/terraform/custom_expand/container_analysis_note.tmpl' - name: 'publicKeys' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Public keys that verify attestations signed by this attestor. This field may be updated. @@ -95,6 +164,16 @@ properties: image specified in the admission request. If this field is empty, this attestor always returns that no valid attestations exist. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: comment + description: | + A descriptive comment. This field may be updated. + - !ruby/object:Api::Type::String + name: id +======= item_type: type: NestedObject properties: @@ -104,6 +183,7 @@ properties: A descriptive comment. This field may be updated. - name: 'id' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The ID of this public key. Signatures verified by BinAuthz must include the ID of the public key that can be used to @@ -112,8 +192,13 @@ properties: be imposed based on which public key type is encapsulated. See the documentation on publicKey cases below for details. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: asciiArmoredPgpPublicKey +======= - name: 'asciiArmoredPgpPublicKey' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # TODO (mbang): Exactly one of asciiArmoredPgpPublicKey or pkixPublicKey must be set description: | ASCII-armored representation of a PGP public key, as the @@ -125,8 +210,13 @@ properties: as the OpenPGP RFC4880 V4 fingerprint, represented as upper-case hex. If id is provided by the caller, it will be overwritten by the API-calculated ID. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: pkixPublicKey +======= - name: 'pkixPublicKey' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # TODO (mbang): Exactly one of asciiArmoredPgpPublicKey or pkixPublicKey must be set description: | A raw PKIX SubjectPublicKeyInfo format public key. @@ -136,6 +226,15 @@ properties: blank, a default one will be computed based on the digest of the DER encoding of the public key. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: publicKeyPem + description: | + A PEM-encoded public key, as described in + `https://tools.ietf.org/html/rfc7468#section-13` + - !ruby/object:Api::Type::String + name: signatureAlgorithm +======= - name: 'publicKeyPem' type: String description: | @@ -143,6 +242,7 @@ properties: `https://tools.ietf.org/html/rfc7468#section-13` - name: 'signatureAlgorithm' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The signature algorithm used to verify a message against a signature using this key. These signature algorithm must @@ -150,8 +250,13 @@ properties: publicKeyPem (i.e. this algorithm must match that of the public key). diff_suppress_func: 'CompareSignatureAlgorithm' +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: delegationServiceAccountEmail +======= - name: 'delegationServiceAccountEmail' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This field will contain the service account email address that this Attestor will use as the principal when querying Container diff --git a/mmv1/products/binaryauthorization/Policy.yaml b/mmv1/products/binaryauthorization/Policy.yaml index 592dd3fcdafe..ce60b7f7e380 100644 --- a/mmv1/products/binaryauthorization/Policy.yaml +++ b/mmv1/products/binaryauthorization/Policy.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,46 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Policy' +base_url: projects/{{project}}/policy +self_link: projects/{{project}}/policy +description: | + A policy for container image binary authorization. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/binary-authorization/' + api: 'https://cloud.google.com/binary-authorization/docs/reference/rest/' +create_verb: :PUT +delete_verb: :PUT +id_format: 'projects/{{project}}' +import_format: ['projects/{{project}}'] +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: 'templates/terraform/constants/binaryauthorization_policy.erb' + pre_delete: 'templates/terraform/pre_delete/restore_default_binaryauthorization_policy.erb' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'binary_authorization_policy_basic' + primary_resource_id: 'policy' + skip_test: true + vars: + attestor_name: 'test-attestor' + note_name: 'test-attestor-note' + - !ruby/object:Provider::Terraform::Examples + name: 'binary_authorization_policy_global_evaluation' + primary_resource_id: 'policy' + skip_test: true + vars: + attestor_name: 'test-attestor' + note_name: 'test-attestor-note' +properties: + - !ruby/object:Api::Type::String + name: description + description: A descriptive comment. + - !ruby/object:Api::Type::Enum + name: globalPolicyEvaluationMode +======= --- name: 'Policy' description: | @@ -54,33 +98,56 @@ properties: description: A descriptive comment. - name: 'globalPolicyEvaluationMode' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Controls the evaluation of a Google-maintained global admission policy for common system-level images. Images not covered by the global policy will be subject to the project admission policy. +<<<<<<< HEAD + values: + - :ENABLE + - :DISABLE + default_from_api: true + - !ruby/object:Api::Type::Array + name: admissionWhitelistPatterns +======= default_from_api: true enum_values: - 'ENABLE' - 'DISABLE' - name: 'admissionWhitelistPatterns' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A whitelist of image patterns to exclude from admission rules. If an image's name matches a whitelist pattern, the image's admission requests will always be permitted regardless of your admission rules. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: namePattern + required: true +======= item_type: type: NestedObject properties: - name: 'namePattern' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An image name pattern to whitelist, in the form `registry/path/to/image`. This supports a trailing * as a wildcard, but this is allowed only in text after the registry/ part. +<<<<<<< HEAD + - !ruby/object:Api::Type::Map + name: clusterAdmissionRules +======= required: true - name: 'clusterAdmissionRules' type: Map +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Per-cluster admission rules. An admission rule specifies either that all container images used in a pod creation request must be attested @@ -92,6 +159,10 @@ properties: Identifier format: `{{location}}.{{clusterId}}`. A location is either a compute zone (e.g. `us-central1-a`) or a region (e.g. `us-central1`). +<<<<<<< HEAD + key_name: cluster +======= +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 is_set: true set_hash_func: |- func(v interface{}) int { @@ -117,6 +188,21 @@ properties: schema.SerializeResourceForHash(&buf, copy, ResourceBinaryAuthorizationPolicy().Schema["cluster_admission_rules"].Elem.(*schema.Resource)) return tpgresource.Hashcode(buf.String()) } +<<<<<<< HEAD + value_type: !ruby/object:Api::Type::NestedObject + name: clusterAdmissionRule + properties: + - !ruby/object:Api::Type::Enum + name: evaluationMode + required: true + description: How this admission rule will be evaluated. + values: + - :ALWAYS_ALLOW + - :REQUIRE_ATTESTATION + - :ALWAYS_DENY + - !ruby/object:Api::Type::Array + name: requireAttestationsBy +======= key_name: 'cluster' value_type: name: clusterAdmissionRule @@ -132,6 +218,7 @@ properties: - 'ALWAYS_DENY' - name: 'requireAttestationsBy' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The resource names of the attestors that must attest to a container image. If the attestor is in a different project from the @@ -143,6 +230,22 @@ properties: Note: this field must be non-empty when the evaluation_mode field specifies REQUIRE_ATTESTATION, otherwise it must be empty. is_set: true +<<<<<<< HEAD + set_hash_func: tpgresource.SelfLinkNameHash + custom_expand: 'templates/terraform/custom_expand/binaryauthorization_attestors.erb' + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + item_type: Api::Type::String + - !ruby/object:Api::Type::Enum + name: enforcementMode + required: true + description: | + The action when a pod creation is denied by the admission rule. + values: + - :ENFORCED_BLOCK_AND_AUDIT_LOG + - :DRYRUN_AUDIT_LOG_ONLY + - !ruby/object:Api::Type::NestedObject + name: defaultAdmissionRule +======= diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' set_hash_func: tpgresource.SelfLinkNameHash custom_expand: 'templates/terraform/custom_expand/binaryauthorization_attestors.tmpl' @@ -158,11 +261,24 @@ properties: - 'DRYRUN_AUDIT_LOG_ONLY' - name: 'defaultAdmissionRule' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Default admission rule for a cluster without a per-cluster admission rule. required: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: evaluationMode + description: How this admission rule will be evaluated. + required: true + values: + - :ALWAYS_ALLOW + - :REQUIRE_ATTESTATION + - :ALWAYS_DENY + - !ruby/object:Api::Type::Array + name: requireAttestationsBy +======= - name: 'evaluationMode' type: Enum description: How this admission rule will be evaluated. @@ -173,6 +289,7 @@ properties: - 'ALWAYS_DENY' - name: 'requireAttestationsBy' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The resource names of the attestors that must attest to a container image. If the attestor is in a different project from the @@ -184,6 +301,20 @@ properties: Note: this field must be non-empty when the evaluation_mode field specifies REQUIRE_ATTESTATION, otherwise it must be empty. is_set: true +<<<<<<< HEAD + set_hash_func: tpgresource.SelfLinkNameHash + custom_expand: 'templates/terraform/custom_expand/binaryauthorization_attestors.erb' + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + item_type: Api::Type::String + - !ruby/object:Api::Type::Enum + name: enforcementMode + required: true + description: | + The action when a pod creation is denied by the admission rule. + values: + - :ENFORCED_BLOCK_AND_AUDIT_LOG + - :DRYRUN_AUDIT_LOG_ONLY +======= diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' set_hash_func: tpgresource.SelfLinkNameHash custom_expand: 'templates/terraform/custom_expand/binaryauthorization_attestors.tmpl' @@ -197,3 +328,4 @@ properties: enum_values: - 'ENFORCED_BLOCK_AND_AUDIT_LOG' - 'DRYRUN_AUDIT_LOG_ONLY' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/binaryauthorization/go_Attestor.yaml b/mmv1/products/binaryauthorization/go_Attestor.yaml new file mode 100644 index 000000000000..83d27fcaea1a --- /dev/null +++ b/mmv1/products/binaryauthorization/go_Attestor.yaml @@ -0,0 +1,166 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Attestor' +description: | + An attestor that attests to container image artifacts. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/binary-authorization/' + api: 'https://cloud.google.com/binary-authorization/docs/reference/rest/' +docs: +base_url: 'projects/{{project}}/attestors?attestorId={{name}}' +self_link: 'projects/{{project}}/attestors/{{name}}' +import_format: + - 'projects/{{project}}/attestors/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: + method_name_separator: ':' + parent_resource_attribute: 'attestor' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' +custom_code: + constants: 'templates/terraform/constants/go/binaryauthorization_attestor.go.tmpl' +examples: + - name: 'binary_authorization_attestor_basic' + primary_resource_id: 'attestor' + primary_resource_name: 'fmt.Sprintf("tf-test-test-attestor%s", context["random_suffix"])' + vars: + attestor_name: 'test-attestor' + note_name: 'test-attestor-note' + - name: 'binary_authorization_attestor_kms' + primary_resource_id: 'attestor' + vars: + attestor_name: 'test-attestor' + note_name: 'test-attestor-note' + key_name: 'test-attestor-key' + keyring_name: 'test-attestor-key-ring' + exclude_test: true +parameters: +properties: + - name: 'name' + type: String + description: | + The resource name. + required: true + immutable: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/shortname_to_url.go.tmpl' + - name: 'description' + type: String + description: | + A descriptive comment. This field may be updated. The field may be + displayed in chooser dialogs. + - name: 'attestationAuthorityNote' + type: NestedObject + description: | + A Container Analysis ATTESTATION_AUTHORITY Note, created by the user. + api_name: userOwnedGrafeasNote + required: true + properties: + - name: 'noteReference' + type: String + description: | + The resource name of a ATTESTATION_AUTHORITY Note, created by the + user. If the Note is in a different project from the Attestor, it + should be specified in the format `projects/*/notes/*` (or the legacy + `providers/*/notes/*`). This field may not be updated. + An attestation by this attestor is stored as a Container Analysis + ATTESTATION_AUTHORITY Occurrence that names a container image + and that links to this Note. + required: true + immutable: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + custom_expand: 'templates/terraform/custom_expand/go/container_analysis_note.tmpl' + - name: 'publicKeys' + type: Array + description: | + Public keys that verify attestations signed by this attestor. This + field may be updated. + If this field is non-empty, one of the specified public keys must + verify that an attestation was signed by this attestor for the + image specified in the admission request. + If this field is empty, this attestor always returns that no valid + attestations exist. + item_type: + type: NestedObject + properties: + - name: 'comment' + type: String + description: | + A descriptive comment. This field may be updated. + - name: 'id' + type: String + description: | + The ID of this public key. Signatures verified by BinAuthz + must include the ID of the public key that can be used to + verify them, and that ID must match the contents of this + field exactly. Additional restrictions on this field can + be imposed based on which public key type is encapsulated. + See the documentation on publicKey cases below for details. + default_from_api: true + - name: 'asciiArmoredPgpPublicKey' + type: String + # TODO (mbang): Exactly one of asciiArmoredPgpPublicKey or pkixPublicKey must be set + description: | + ASCII-armored representation of a PGP public key, as the + entire output by the command + `gpg --export --armor foo@example.com` (either LF or CRLF + line endings). When using this field, id should be left + blank. The BinAuthz API handlers will calculate the ID + and fill it in automatically. BinAuthz computes this ID + as the OpenPGP RFC4880 V4 fingerprint, represented as + upper-case hex. If id is provided by the caller, it will + be overwritten by the API-calculated ID. + - name: 'pkixPublicKey' + type: NestedObject + # TODO (mbang): Exactly one of asciiArmoredPgpPublicKey or pkixPublicKey must be set + description: | + A raw PKIX SubjectPublicKeyInfo format public key. + + NOTE: id may be explicitly provided by the caller when using this + type of public key, but it MUST be a valid RFC3986 URI. If id is left + blank, a default one will be computed based on the digest of the DER + encoding of the public key. + properties: + - name: 'publicKeyPem' + type: String + description: | + A PEM-encoded public key, as described in + `https://tools.ietf.org/html/rfc7468#section-13` + - name: 'signatureAlgorithm' + type: String + description: | + The signature algorithm used to verify a message against + a signature using this key. These signature algorithm must + match the structure and any object identifiers encoded in + publicKeyPem (i.e. this algorithm must match that of the + public key). + diff_suppress_func: 'CompareSignatureAlgorithm' + - name: 'delegationServiceAccountEmail' + type: String + description: | + This field will contain the service account email address that + this Attestor will use as the principal when querying Container + Analysis. Attestor administrators must grant this service account + the IAM role needed to read attestations from the noteReference in + Container Analysis (containeranalysis.notes.occurrences.viewer). + This email address is fixed for the lifetime of the Attestor, but + callers should not make any other assumptions about the service + account email; future versions may use an email based on a + different naming pattern. + output: true diff --git a/mmv1/products/binaryauthorization/go_Policy.yaml b/mmv1/products/binaryauthorization/go_Policy.yaml new file mode 100644 index 000000000000..2979f035517c --- /dev/null +++ b/mmv1/products/binaryauthorization/go_Policy.yaml @@ -0,0 +1,200 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Policy' +description: | + A policy for container image binary authorization. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/binary-authorization/' + api: 'https://cloud.google.com/binary-authorization/docs/reference/rest/' +docs: +id_format: 'projects/{{project}}' +base_url: 'projects/{{project}}/policy' +self_link: 'projects/{{project}}/policy' +create_verb: 'PUT' +delete_verb: 'PUT' +import_format: + - 'projects/{{project}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + constants: 'templates/terraform/constants/go/binaryauthorization_policy.tmpl' + pre_delete: 'templates/terraform/pre_delete/go/restore_default_binaryauthorization_policy.tmpl' +examples: + - name: 'binary_authorization_policy_basic' + primary_resource_id: 'policy' + vars: + attestor_name: 'test-attestor' + note_name: 'test-attestor-note' + exclude_test: true + - name: 'binary_authorization_policy_global_evaluation' + primary_resource_id: 'policy' + vars: + attestor_name: 'test-attestor' + note_name: 'test-attestor-note' + exclude_test: true +parameters: +properties: + - name: 'description' + type: String + description: A descriptive comment. + - name: 'globalPolicyEvaluationMode' + type: Enum + description: | + Controls the evaluation of a Google-maintained global admission policy + for common system-level images. Images not covered by the global + policy will be subject to the project admission policy. + default_from_api: true + enum_values: + - 'ENABLE' + - 'DISABLE' + - name: 'admissionWhitelistPatterns' + type: Array + description: | + A whitelist of image patterns to exclude from admission rules. If an + image's name matches a whitelist pattern, the image's admission + requests will always be permitted regardless of your admission rules. + item_type: + type: NestedObject + properties: + - name: 'namePattern' + type: String + description: | + An image name pattern to whitelist, in the form + `registry/path/to/image`. This supports a trailing * as a + wildcard, but this is allowed only in text after the registry/ + part. + required: true + - name: 'clusterAdmissionRules' + type: Map + description: | + Per-cluster admission rules. An admission rule specifies either that + all container images used in a pod creation request must be attested + to by one or more attestors, that all pod creations will be allowed, + or that all pod creations will be denied. There can be at most one + admission rule per cluster spec. + + + Identifier format: `{{location}}.{{clusterId}}`. + A location is either a compute zone (e.g. `us-central1-a`) or a region + (e.g. `us-central1`). + is_set: true + set_hash_func: |- + func(v interface{}) int { + // require_attestations_by is a set of strings that can have the format + // projects/{project}/attestors/{attestor} or {attestor}. We diffsuppress + // and hash that set on the name, but now we need to make sure that the + // overall hash here respects that so changing the attestor format doesn't + // change the hash code of cluster_admission_rules. + raw := v.(map[string]interface{}) + + // modifying raw actually modifies the values passed to the provider. + // Use a copy to avoid that. + copy := make((map[string]interface{})) + for key, value := range raw { + copy[key] = value + } + at := copy["require_attestations_by"].(*schema.Set) + if at != nil { + t := tpgresource.ConvertAndMapStringArr(at.List(), tpgresource.GetResourceNameFromSelfLink) + copy["require_attestations_by"] = schema.NewSet(tpgresource.SelfLinkNameHash, tpgresource.ConvertStringArrToInterface(t)) + } + var buf bytes.Buffer + schema.SerializeResourceForHash(&buf, copy, ResourceBinaryAuthorizationPolicy().Schema["cluster_admission_rules"].Elem.(*schema.Resource)) + return tpgresource.Hashcode(buf.String()) + } + key_name: 'cluster' + value_type: + name: clusterAdmissionRule + type: NestedObject + properties: + - name: 'evaluationMode' + type: Enum + description: How this admission rule will be evaluated. + required: true + enum_values: + - 'ALWAYS_ALLOW' + - 'REQUIRE_ATTESTATION' + - 'ALWAYS_DENY' + - name: 'requireAttestationsBy' + type: Array + description: | + The resource names of the attestors that must attest to a + container image. If the attestor is in a different project from the + policy, it should be specified in the format `projects/*/attestors/*`. + Each attestor must exist before a policy can reference it. To add an + attestor to a policy the principal issuing the policy change + request must be able to read the attestor resource. + + Note: this field must be non-empty when the evaluation_mode field + specifies REQUIRE_ATTESTATION, otherwise it must be empty. + is_set: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + set_hash_func: tpgresource.SelfLinkNameHash + custom_expand: 'templates/terraform/custom_expand/go/binaryauthorization_attestors.tmpl' + item_type: + type: String + - name: 'enforcementMode' + type: Enum + description: | + The action when a pod creation is denied by the admission rule. + required: true + enum_values: + - 'ENFORCED_BLOCK_AND_AUDIT_LOG' + - 'DRYRUN_AUDIT_LOG_ONLY' + - name: 'defaultAdmissionRule' + type: NestedObject + description: | + Default admission rule for a cluster without a per-cluster admission + rule. + required: true + properties: + - name: 'evaluationMode' + type: Enum + description: How this admission rule will be evaluated. + required: true + enum_values: + - 'ALWAYS_ALLOW' + - 'REQUIRE_ATTESTATION' + - 'ALWAYS_DENY' + - name: 'requireAttestationsBy' + type: Array + description: | + The resource names of the attestors that must attest to a + container image. If the attestor is in a different project from the + policy, it should be specified in the format `projects/*/attestors/*`. + Each attestor must exist before a policy can reference it. To add an + attestor to a policy the principal issuing the policy change + request must be able to read the attestor resource. + + Note: this field must be non-empty when the evaluation_mode field + specifies REQUIRE_ATTESTATION, otherwise it must be empty. + is_set: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + set_hash_func: tpgresource.SelfLinkNameHash + custom_expand: 'templates/terraform/custom_expand/go/binaryauthorization_attestors.tmpl' + item_type: + type: String + - name: 'enforcementMode' + type: Enum + description: | + The action when a pod creation is denied by the admission rule. + required: true + enum_values: + - 'ENFORCED_BLOCK_AND_AUDIT_LOG' + - 'DRYRUN_AUDIT_LOG_ONLY' diff --git a/mmv1/products/binaryauthorization/go_product.yaml b/mmv1/products/binaryauthorization/go_product.yaml new file mode 100644 index 000000000000..42b186f46051 --- /dev/null +++ b/mmv1/products/binaryauthorization/go_product.yaml @@ -0,0 +1,22 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'BinaryAuthorization' +display_name: 'Binary Authorization' +versions: + - name: 'ga' + base_url: 'https://binaryauthorization.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/binaryauthorization/product.yaml b/mmv1/products/binaryauthorization/product.yaml index 39944b0f8be9..8abc093db870 100644 --- a/mmv1/products/binaryauthorization/product.yaml +++ b/mmv1/products/binaryauthorization/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2018 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,17 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: BinaryAuthorization +display_name: Binary Authorization +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://binaryauthorization.googleapis.com/v1/ +scopes: + - https://www.googleapis.com/auth/cloud-platform +======= --- name: 'BinaryAuthorization' display_name: 'Binary Authorization' @@ -19,3 +34,4 @@ versions: base_url: 'https://binaryauthorization.googleapis.com/v1/' scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/blockchainnodeengine/BlockchainNodes.yaml b/mmv1/products/blockchainnodeengine/BlockchainNodes.yaml index 02692648783f..fe75cfcae458 100644 --- a/mmv1/products/blockchainnodeengine/BlockchainNodes.yaml +++ b/mmv1/products/blockchainnodeengine/BlockchainNodes.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,51 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'BlockchainNodes' +base_url: projects/{{project}}/locations/{{location}}/blockchainNodes +self_link: 'projects/{{project}}/locations/{{location}}/blockchainNodes/{{blockchain_node_id}}' +import_format: ['projects/{{project}}/locations/{{location}}/blockchainNodes/{{blockchain_node_id}}'] +create_url: projects/{{project}}/locations/{{location}}/blockchainNodes?blockchain_node_id={{blockchain_node_id}} +description: | + A representation of a blockchain node. +timeouts: !ruby/object:Api::Timeouts + insert_minutes: 45 + delete_minutes: 35 + +autogen_async: true +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' + +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/blockchain-node-engine' + api: 'https://cloud.google.com/blockchain-node-engine/docs/reference/rest/v1/projects.locations.blockchainNodes' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'blockchain_nodes_basic' + primary_resource_id: 'default_node' + vars: + blockchain_node_id: 'blockchain_basic_node' + - !ruby/object:Provider::Terraform::Examples + name: 'blockchain_nodes_geth_details' +======= --- name: 'BlockchainNodes' description: | @@ -50,10 +99,174 @@ examples: vars: blockchain_node_id: 'blockchain_basic_node' - name: 'blockchain_nodes_geth_details' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default_node_geth' vars: blockchain_node_id: 'blockchain_geth_node' parameters: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: location + description: | + Location of Blockchain Node being created. + immutable: true + required: true + url_param_only: true + - !ruby/object:Api::Type::String + name: blockchainNodeId + url_param_only: true + required: true + description: | + ID of the requesting object. +properties: + - !ruby/object:Api::Type::String + name: name + output: true + description: | + The fully qualified name of the blockchain node. e.g. projects/my-project/locations/us-central1/blockchainNodes/my-node. + - !ruby/object:Api::Type::String + name: createTime + output: true + description: | + The timestamp at which the blockchain node was first created. + - !ruby/object:Api::Type::String + name: updateTime + output: true + description: | + The timestamp at which the blockchain node was last updated. + - !ruby/object:Api::Type::KeyValueLabels + name: labels + description: | + User-provided key-value pairs + - !ruby/object:Api::Type::NestedObject + name: connectionInfo + output: true + description: | + The connection information through which to interact with a blockchain node. + properties: + - !ruby/object:Api::Type::String + name: serviceAttachment + output: true + description: | + A service attachment that exposes a node, and has the following format: projects/{project}/regions/{region}/serviceAttachments/{service_attachment_name} + - !ruby/object:Api::Type::NestedObject + name: endpointInfo + output: true + description: | + The endpoint information through which to interact with a blockchain node. + properties: + - !ruby/object:Api::Type::String + name: jsonRpcApiEndpoint + output: true + description: | + The assigned URL for the node JSON-RPC API endpoint. + - !ruby/object:Api::Type::String + name: websocketsApiEndpoint + output: true + description: | + The assigned URL for the node WebSockets API endpoint. + - !ruby/object:Api::Type::NestedObject + name: ethereumDetails + description: | + User-provided key-value pairs + properties: + - !ruby/object:Api::Type::NestedObject + name: validatorConfig + description: | + Configuration for validator-related parameters on the beacon client, and for any managed validator client. + properties: + - !ruby/object:Api::Type::Array + name: mevRelayUrls + item_type: Api::Type::String + description: | + URLs for MEV-relay services to use for block building. When set, a managed MEV-boost service is configured on the beacon client. + - !ruby/object:Api::Type::NestedObject + name: gethDetails + description: | + User-provided key-value pairs + properties: + - !ruby/object:Api::Type::Enum + name: garbageCollectionMode + immutable: true + values: + - :FULL + - :ARCHIVE + description: | + Blockchain garbage collection modes. Only applicable when NodeType is FULL or ARCHIVE. + - !ruby/object:Api::Type::NestedObject + name: additionalEndpoints + output: true + description: | + User-provided key-value pairs + properties: + - !ruby/object:Api::Type::String + name: beaconApiEndpoint + output: true + description: | + The assigned URL for the node's Beacon API endpoint. + - !ruby/object:Api::Type::String + name: beaconPrometheusMetricsApiEndpoint + output: true + description: | + The assigned URL for the node's Beacon Prometheus metrics endpoint. + - !ruby/object:Api::Type::String + name: executionClientPrometheusMetricsApiEndpoint + output: true + description: | + The assigned URL for the node's execution client's Prometheus metrics endpoint. + - !ruby/object:Api::Type::Enum + name: network + immutable: true + values: + - :MAINNET + - :TESTNET_GOERLI_PRATER + - :TESTNET_SEPOLIA + description: | + The Ethereum environment being accessed. + - !ruby/object:Api::Type::Enum + name: nodeType + immutable: true + values: + - :LIGHT + - :FULL + - :ARCHIVE + description: | + The type of Ethereum node. + - !ruby/object:Api::Type::Enum + name: executionClient + immutable: true + values: + - :EXECUTION_CLIENT_UNSPECIFIED + - :GETH + - :ERIGON + description: | + The execution client + - !ruby/object:Api::Type::Enum + name: consensusClient + immutable: true + values: + - :CONSENSUS_CLIENT_UNSPECIFIED + - :LIGHTHOUSE + description: | + The consensus client + - !ruby/object:Api::Type::Boolean + name: apiEnableAdmin + immutable: true + description: | + Enables JSON-RPC access to functions in the admin namespace. Defaults to false. + - !ruby/object:Api::Type::Boolean + name: apiEnableDebug + immutable: true + description: | + Enables JSON-RPC access to functions in the debug namespace. Defaults to false. + - !ruby/object:Api::Type::Enum + name: blockchainType + immutable: true + values: + - :ETHEREUM + description: | + User-provided key-value pairs +======= - name: 'location' type: String description: | @@ -216,3 +429,4 @@ properties: immutable: true enum_values: - 'ETHEREUM' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/blockchainnodeengine/go_BlockchainNodes.yaml b/mmv1/products/blockchainnodeengine/go_BlockchainNodes.yaml new file mode 100644 index 000000000000..52a335f99759 --- /dev/null +++ b/mmv1/products/blockchainnodeengine/go_BlockchainNodes.yaml @@ -0,0 +1,219 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'BlockchainNodes' +description: | + A representation of a blockchain node. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/blockchain-node-engine' + api: 'https://cloud.google.com/blockchain-node-engine/docs/reference/rest/v1/projects.locations.blockchainNodes' +docs: +base_url: 'projects/{{project}}/locations/{{location}}/blockchainNodes' +self_link: 'projects/{{project}}/locations/{{location}}/blockchainNodes/{{blockchain_node_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/blockchainNodes?blockchain_node_id={{blockchain_node_id}}' +import_format: + - 'projects/{{project}}/locations/{{location}}/blockchainNodes/{{blockchain_node_id}}' +timeouts: + insert_minutes: 45 + update_minutes: 20 + delete_minutes: 35 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: +examples: + - name: 'blockchain_nodes_basic' + primary_resource_id: 'default_node' + vars: + blockchain_node_id: 'blockchain_basic_node' + - name: 'blockchain_nodes_geth_details' + primary_resource_id: 'default_node_geth' + vars: + blockchain_node_id: 'blockchain_geth_node' +parameters: + - name: 'location' + type: String + description: | + Location of Blockchain Node being created. + url_param_only: true + required: true + immutable: true + - name: 'blockchainNodeId' + type: String + description: | + ID of the requesting object. + url_param_only: true + required: true +properties: + - name: 'name' + type: String + description: | + The fully qualified name of the blockchain node. e.g. projects/my-project/locations/us-central1/blockchainNodes/my-node. + output: true + - name: 'createTime' + type: String + description: | + The timestamp at which the blockchain node was first created. + output: true + - name: 'updateTime' + type: String + description: | + The timestamp at which the blockchain node was last updated. + output: true + - name: 'labels' + type: KeyValueLabels + description: | + User-provided key-value pairs + - name: 'connectionInfo' + type: NestedObject + description: | + The connection information through which to interact with a blockchain node. + output: true + properties: + - name: 'serviceAttachment' + type: String + description: | + A service attachment that exposes a node, and has the following format: projects/{project}/regions/{region}/serviceAttachments/{service_attachment_name} + output: true + - name: 'endpointInfo' + type: NestedObject + description: | + The endpoint information through which to interact with a blockchain node. + output: true + properties: + - name: 'jsonRpcApiEndpoint' + type: String + description: | + The assigned URL for the node JSON-RPC API endpoint. + output: true + - name: 'websocketsApiEndpoint' + type: String + description: | + The assigned URL for the node WebSockets API endpoint. + output: true + - name: 'ethereumDetails' + type: NestedObject + description: | + User-provided key-value pairs + properties: + - name: 'validatorConfig' + type: NestedObject + description: | + Configuration for validator-related parameters on the beacon client, and for any managed validator client. + properties: + - name: 'mevRelayUrls' + type: Array + description: | + URLs for MEV-relay services to use for block building. When set, a managed MEV-boost service is configured on the beacon client. + item_type: + type: String + - name: 'gethDetails' + type: NestedObject + description: | + User-provided key-value pairs + properties: + - name: 'garbageCollectionMode' + type: Enum + description: | + Blockchain garbage collection modes. Only applicable when NodeType is FULL or ARCHIVE. + immutable: true + enum_values: + - 'FULL' + - 'ARCHIVE' + - name: 'additionalEndpoints' + type: NestedObject + description: | + User-provided key-value pairs + output: true + properties: + - name: 'beaconApiEndpoint' + type: String + description: | + The assigned URL for the node's Beacon API endpoint. + output: true + - name: 'beaconPrometheusMetricsApiEndpoint' + type: String + description: | + The assigned URL for the node's Beacon Prometheus metrics endpoint. + output: true + - name: 'executionClientPrometheusMetricsApiEndpoint' + type: String + description: | + The assigned URL for the node's execution client's Prometheus metrics endpoint. + output: true + - name: 'network' + type: Enum + description: | + The Ethereum environment being accessed. + immutable: true + enum_values: + - 'MAINNET' + - 'TESTNET_GOERLI_PRATER' + - 'TESTNET_SEPOLIA' + - name: 'nodeType' + type: Enum + description: | + The type of Ethereum node. + immutable: true + enum_values: + - 'LIGHT' + - 'FULL' + - 'ARCHIVE' + - name: 'executionClient' + type: Enum + description: | + The execution client + immutable: true + enum_values: + - 'EXECUTION_CLIENT_UNSPECIFIED' + - 'GETH' + - 'ERIGON' + - name: 'consensusClient' + type: Enum + description: | + The consensus client + immutable: true + enum_values: + - 'CONSENSUS_CLIENT_UNSPECIFIED' + - 'LIGHTHOUSE' + - name: 'apiEnableAdmin' + type: Boolean + description: | + Enables JSON-RPC access to functions in the admin namespace. Defaults to false. + immutable: true + - name: 'apiEnableDebug' + type: Boolean + description: | + Enables JSON-RPC access to functions in the debug namespace. Defaults to false. + immutable: true + - name: 'blockchainType' + type: Enum + description: | + User-provided key-value pairs + immutable: true + enum_values: + - 'ETHEREUM' diff --git a/mmv1/products/blockchainnodeengine/go_product.yaml b/mmv1/products/blockchainnodeengine/go_product.yaml new file mode 100644 index 000000000000..58a091264f55 --- /dev/null +++ b/mmv1/products/blockchainnodeengine/go_product.yaml @@ -0,0 +1,22 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'BlockchainNodeEngine' +display_name: 'Blockchain node engine' +versions: + - name: 'ga' + base_url: 'https://blockchainnodeengine.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/blockchainnodeengine/product.yaml b/mmv1/products/blockchainnodeengine/product.yaml index da48df9a20cd..97775c0a6349 100644 --- a/mmv1/products/blockchainnodeengine/product.yaml +++ b/mmv1/products/blockchainnodeengine/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2019 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,16 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: BlockchainNodeEngine +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://blockchainnodeengine.googleapis.com/v1/ +scopes: + - https://www.googleapis.com/auth/cloud-platform +======= --- name: 'BlockchainNodeEngine' display_name: 'Blockchain node engine' @@ -19,3 +33,4 @@ versions: base_url: 'https://blockchainnodeengine.googleapis.com/v1/' scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/certificatemanager/Certificate.yaml b/mmv1/products/certificatemanager/Certificate.yaml index 9f78e181c7aa..1affec9c3fba 100644 --- a/mmv1/products/certificatemanager/Certificate.yaml +++ b/mmv1/products/certificatemanager/Certificate.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,43 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Certificate' +base_url: 'projects/{{project}}/locations/{{location}}/certificates' +create_url: 'projects/{{project}}/locations/{{location}}/certificates?certificateId={{name}}' +self_link: 'projects/{{project}}/locations/{{location}}/certificates/{{name}}' +update_verb: :PATCH +update_mask: true +description: | + Certificate represents a HTTP-reachable backend for a Certificate. +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +docs: !ruby/object:Provider::Terraform::Docs +autogen_async: true +import_format: + ['projects/{{project}}/locations/{{location}}/certificates/{{name}}'] +id_format: 'projects/{{project}}/locations/{{location}}/certificates/{{name}}' +schema_version: 1 +state_upgraders: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'certificate_manager_google_managed_certificate_dns' +======= --- name: 'Certificate' description: | @@ -48,6 +89,7 @@ schema_version: 1 state_upgraders: true examples: - name: 'certificate_manager_google_managed_certificate_dns' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: dns_auth_name: 'dns-auth' @@ -55,13 +97,32 @@ examples: dns_auth_name2: 'dns-auth2' dns_auth_subdomain2: 'subdomain2' cert_name: 'dns-cert' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'certificate_manager_google_managed_certificate_issuance_config' +======= - name: 'certificate_manager_google_managed_certificate_issuance_config' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: cert_name: 'issuance-config-cert' ca_name: 'ca-authority' pool_name: 'ca-pool' issuance_config_name: 'issuance-config' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'certificate_manager_self_managed_certificate' + primary_resource_id: 'default' + vars: + cert_name: 'self-managed-cert' + - !ruby/object:Provider::Terraform::Examples + name: 'certificate_manager_self_managed_certificate_regional' + primary_resource_id: 'default' + vars: + cert_name: 'self-managed-cert' + - !ruby/object:Provider::Terraform::Examples + name: 'certificate_manager_google_managed_certificate_issuance_config_all_regions' +======= - name: 'certificate_manager_self_managed_certificate' primary_resource_id: 'default' vars: @@ -71,13 +132,19 @@ examples: vars: cert_name: 'self-managed-cert' - name: 'certificate_manager_google_managed_certificate_issuance_config_all_regions' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: cert_name: 'issuance-config-cert' ca_name: 'ca-authority' pool_name: 'ca-pool' issuance_config_name: 'issuance-config' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'certificate_manager_google_managed_certificate_dns_all_regions' +======= - name: 'certificate_manager_google_managed_certificate_dns_all_regions' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: dns_auth_name: 'dns-auth' @@ -85,19 +152,55 @@ examples: dns_auth_name2: 'dns-auth2' dns_auth_subdomain2: 'subdomain2' cert_name: 'dns-cert' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'certificate_manager_google_managed_regional_certificate_dns_auth' +======= - name: 'certificate_manager_google_managed_regional_certificate_dns_auth' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: dns_auth_name: 'dns-auth' dns_auth_subdomain: 'subdomain' cert_name: 'dns-cert' +<<<<<<< HEAD +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: templates/terraform/constants/cert_manager.erb +parameters: + - !ruby/object:Api::Type::String + name: 'name' + required: true + immutable: true + url_param_only: true +======= parameters: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A user-defined name of the certificate. Certificate names must be unique The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'location' + description: | + The Certificate Manager location. If not specified, "global" is used. + default_value: global + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'description' + description: | + A human-readable description of the resource. + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: 'Set of label tags associated with the Certificate resource.' + - !ruby/object:Api::Type::String + name: scope + immutable: true +======= url_param_only: true required: true immutable: true @@ -118,6 +221,7 @@ properties: description: 'Set of label tags associated with the Certificate resource.' - name: 'scope' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The scope of the certificate. @@ -129,6 +233,22 @@ properties: ALL_REGIONS: Certificates with ALL_REGIONS scope are served from all GCP regions (You can only use ALL_REGIONS with global certs). See https://cloud.google.com/compute/docs/regions-zones +<<<<<<< HEAD + default_value: DEFAULT + diff_suppress_func: 'certManagerDefaultScopeDiffSuppress' + - !ruby/object:Api::Type::Array + name: sanDnsnames + output: true + description: | + The list of Subject Alternative Names of dnsName type defined in the certificate (see RFC 5280 4.2.1.6) + item_type: Api::Type::String + - !ruby/object:Api::Type::NestedObject + name: selfManaged + immutable: true + exactly_one_of: + - self_managed + - managed +======= immutable: true diff_suppress_func: 'certManagerDefaultScopeDiffSuppress' default_value: "DEFAULT" @@ -141,10 +261,64 @@ properties: type: String - name: 'selfManaged' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Certificate data for a SelfManaged Certificate. SelfManaged Certificates are uploaded by the user. Updating such certificates before they expire remains the user's responsibility. +<<<<<<< HEAD + ignore_read: true + properties: + - !ruby/object:Api::Type::String + name: certificatePem + immutable: true + exactly_one_of: + - self_managed.0.certificate_pem + - self_managed.0.pem_certificate + deprecation_message: >- + `certificate_pem` is deprecated and will be removed in a future major release. Use `pem_certificate` instead. + description: | + The certificate chain in PEM-encoded form. + + Leaf certificate comes first, followed by intermediate ones if any. + sensitive: true + - !ruby/object:Api::Type::String + name: privateKeyPem + immutable: true + exactly_one_of: + - self_managed.0.private_key_pem + - self_managed.0.pem_private_key + deprecation_message: >- + `private_key_pem` is deprecated and will be removed in a future major release. Use `pem_private_key` instead. + description: | + The private key of the leaf certificate in PEM-encoded form. + sensitive: true + - !ruby/object:Api::Type::String + name: pemCertificate + immutable: true + exactly_one_of: + - self_managed.0.certificate_pem + - self_managed.0.pem_certificate + description: | + The certificate chain in PEM-encoded form. + + Leaf certificate comes first, followed by intermediate ones if any. + - !ruby/object:Api::Type::String + name: pemPrivateKey + immutable: true + exactly_one_of: + - self_managed.0.private_key_pem + - self_managed.0.pem_private_key + description: | + The private key of the leaf certificate in PEM-encoded form. + sensitive: true + - !ruby/object:Api::Type::NestedObject + name: managed + immutable: true + exactly_one_of: + - self_managed + - managed +======= immutable: true ignore_read: true exactly_one_of: @@ -194,10 +368,31 @@ properties: - 'self_managed.0.pem_private_key' - name: 'managed' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Configuration and state of a Managed Certificate. Certificate Manager provisions and renews Managed Certificates automatically, for as long as it's authorized to do so. +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::Array + name: domains + immutable: true + description: | + The domains for which a managed SSL certificate will be generated. + Wildcard domains are only supported with DNS challenge resolution + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: dnsAuthorizations + immutable: true + description: | + Authorizations that will be used for performing domain authorization. Either issuanceConfig or dnsAuthorizations should be specificed, but not both. + diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' + item_type: Api::Type::String + - !ruby/object:Api::Type::String + name: issuanceConfig + immutable: true +======= immutable: true exactly_one_of: - 'self_managed' @@ -221,16 +416,41 @@ properties: type: String - name: 'issuanceConfig' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format projects/*/locations/*/certificateIssuanceConfigs/*. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa. Either issuanceConfig or dnsAuthorizations should be specificed, but not both. +<<<<<<< HEAD +======= immutable: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # when the certificate is created with issuanceConfig in the format "projects/{{project_id}}/locations/global/certificateIssuanceConfigs/{{CICName}}", the # format changes in the response message to "projects/{{project_number}}/locations/global/certificateIssuanceConfigs/{{CICName}}". That causes the tests to fail # that's why "tpgresource.CompareResourceNames" is needed. diff_suppress_func: 'tpgresource.CompareResourceNames' +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'state' + output: true + description: | + A state of this Managed Certificate. + - !ruby/object:Api::Type::NestedObject + name: 'provisioningIssue' + output: true + description: | + Information about issues with provisioning this Managed Certificate. + properties: + - !ruby/object:Api::Type::String + name: 'reason' + output: true + description: | + Reason for provisioning failures. + - !ruby/object:Api::Type::String + name: details + output: true +======= - name: 'state' type: String description: | @@ -249,10 +469,39 @@ properties: output: true - name: 'details' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Human readable explanation about the issue. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use `reason` field. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'authorizationAttemptInfo' + output: true + description: | + Detailed state of the latest authorization attempt for each domain + specified for this Managed Certificate. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: domain + output: true + description: | + Domain name of the authorization attempt. + - !ruby/object:Api::Type::String + name: 'state' + output: true + description: | + State of the domain for managed certificate issuance. + - !ruby/object:Api::Type::String + name: 'failureReason' + output: true + description: | + Reason for failure of the authorization attempt for the domain. + - !ruby/object:Api::Type::String + name: details + output: true +======= output: true - name: 'authorizationAttemptInfo' type: Array @@ -280,8 +529,12 @@ properties: output: true - name: 'details' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Human readable explanation for reaching the state. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use `failure_reason` field. +<<<<<<< HEAD +======= output: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/certificatemanager/CertificateIssuanceConfig.yaml b/mmv1/products/certificatemanager/CertificateIssuanceConfig.yaml index 31c8f35909c9..7d3df8b6684a 100644 --- a/mmv1/products/certificatemanager/CertificateIssuanceConfig.yaml +++ b/mmv1/products/certificatemanager/CertificateIssuanceConfig.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,46 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'CertificateIssuanceConfig' +base_url: 'projects/{{project}}/locations/{{location}}/certificateIssuanceConfigs' +create_url: 'projects/{{project}}/locations/{{location}}/certificateIssuanceConfigs?certificateIssuanceConfigId={{name}}' +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Manage certificate issuance configs': 'https://cloud.google.com/certificate-manager/docs/issuance-configs' + api: 'https://cloud.google.com/certificate-manager/docs/reference/certificate-manager/rest/v1/projects.locations.certificateIssuanceConfigs' +immutable: true +schema_version: 1 +state_upgraders: true +description: | + Certificate represents a HTTP-reachable backend for a Certificate. +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +docs: !ruby/object:Provider::Terraform::Docs +autogen_async: true +import_format: + [ + 'projects/{{project}}/locations/{{location}}/certificateIssuanceConfigs/{{name}}', + ] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'certificate_manager_certificate_issuance_config' +======= --- name: 'CertificateIssuanceConfig' description: | @@ -48,18 +92,43 @@ schema_version: 1 state_upgraders: true examples: - name: 'certificate_manager_certificate_issuance_config' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: ca_name: 'ca-authority' pool_name: 'ca-pool' issuance_config_name: 'issuance-config' +<<<<<<< HEAD + +parameters: + - !ruby/object:Api::Type::String + name: 'name' + required: true +======= parameters: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A user-defined name of the certificate issuance config. CertificateIssuanceConfig names must be unique globally. url_param_only: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'location' + description: | + The Certificate Manager location. If not specified, "global" is used. + default_value: global + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'description' + description: | + One or more paragraphs of text description of a CertificateIssuanceConfig. + - !ruby/object:Api::Type::Integer + name: 'rotationWindowPercentage' +======= required: true - name: 'location' type: String @@ -75,12 +144,25 @@ properties: One or more paragraphs of text description of a CertificateIssuanceConfig. - name: 'rotationWindowPercentage' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | It specifies the percentage of elapsed time of the certificate lifetime to wait before renewing the certificate. Must be a number between 1-99, inclusive. You must set the rotation window percentage in relation to the certificate lifetime so that certificate renewal occurs at least 7 days after the certificate has been issued and at least 7 days before it expires. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: keyAlgorithm + description: | + Key algorithm to use when generating the private key. + values: + - :RSA_2048 + - :ECDSA_P256 + required: true + - !ruby/object:Api::Type::String + name: 'lifetime' +======= - name: 'keyAlgorithm' type: Enum description: | @@ -91,24 +173,44 @@ properties: - 'ECDSA_P256' - name: 'lifetime' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Lifetime of issued certificates. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "1814400s". Valid values are from 21 days (1814400s) to 30 days (2592000s) required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'createTime' +======= - name: 'createTime' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The creation timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Time + name: 'updateTime' +======= - name: 'updateTime' type: Time +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The last update timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: | + 'Set of label tags associated with the CertificateIssuanceConfig resource. + An object containing a list of "key": value pairs. Example: { "name": "wrench", "count": "3" }. + - !ruby/object:Api::Type::NestedObject + name: 'certificateAuthorityConfig' +======= - name: 'labels' type: KeyValueLabels description: | @@ -116,19 +218,33 @@ properties: An object containing a list of "key": value pairs. Example: { "name": "wrench", "count": "3" }. - name: 'certificateAuthorityConfig' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc. required: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'certificateAuthorityServiceConfig' + description: Defines a CertificateAuthorityServiceConfig. + properties: + - !ruby/object:Api::Type::String + name: 'caPool' + required: true +======= - name: 'certificateAuthorityServiceConfig' type: NestedObject description: Defines a CertificateAuthorityServiceConfig. properties: - name: 'caPool' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A CA pool resource used to issue a certificate. The CA pool string has a relative resource path following the form "projects/{project}/locations/{location}/caPools/{caPool}". +<<<<<<< HEAD +======= required: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff_suppress_func: 'tpgresource.CompareResourceNames' diff --git a/mmv1/products/certificatemanager/CertificateMap.yaml b/mmv1/products/certificatemanager/CertificateMap.yaml index 05b8281082f3..acc0a08872f6 100644 --- a/mmv1/products/certificatemanager/CertificateMap.yaml +++ b/mmv1/products/certificatemanager/CertificateMap.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,41 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'CertificateMap' +base_url: 'projects/{{project}}/locations/global/certificateMaps' +create_url: 'projects/{{project}}/locations/global/certificateMaps?certificateMapId={{name}}' +self_link: 'projects/{{project}}/locations/global/certificateMaps/{{name}}' +update_verb: :PATCH +update_mask: true +description: | + CertificateMap defines a collection of certificate configurations, + which are usable by any associated target proxies +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +docs: !ruby/object:Provider::Terraform::Docs +autogen_async: true +import_format: + ['projects/{{project}}/locations/global/certificateMaps/{{name}}'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'certificate_manager_certificate_map_basic' +======= --- name: 'CertificateMap' description: | @@ -45,10 +84,29 @@ async: custom_code: examples: - name: 'certificate_manager_certificate_map_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: cert_map_name: 'cert-map' parameters: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'name' + required: true + immutable: true + url_param_only: true + description: | + A user-defined name of the Certificate Map. Certificate Map names must be unique + globally and match the pattern `projects/*/locations/*/certificateMaps/*`. +properties: + - !ruby/object:Api::Type::String + name: 'description' + description: | + A human-readable description of the resource. + - !ruby/object:Api::Type::String + name: 'createTime' + output: true +======= - name: 'name' type: String description: | @@ -64,18 +122,54 @@ properties: A human-readable description of the resource. - name: 'createTime' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Creation timestamp of a Certificate Map. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". +<<<<<<< HEAD + - !ruby/object:Api::Type::Time + name: 'updateTime' +======= output: true - name: 'updateTime' type: Time +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Update timestamp of a Certificate Map. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: | + Set of labels associated with a Certificate Map resource. + - !ruby/object:Api::Type::Array + name: 'gclbTargets' + description: | + A list of target proxies that use this Certificate Map + output: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Array + name: 'ipConfigs' + description: | + An IP configuration where this Certificate Map is serving + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'ipAddress' + description: | + An external IP address + - !ruby/object:Api::Type::Array + name: 'ports' + description: | + A list of ports + item_type: Api::Type::Integer + - !ruby/object:Api::Type::String + name: 'targetHttpsProxy' +======= - name: 'labels' type: KeyValueLabels description: | @@ -107,12 +201,18 @@ properties: type: Integer - name: 'targetHttpsProxy' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Proxy name must be in the format projects/*/locations/*/targetHttpsProxies/*. This field is part of a union field `target_proxy`: Only one of `targetHttpsProxy` or `targetSslProxy` may be set. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'targetSslProxy' +======= - name: 'targetSslProxy' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Proxy name must be in the format projects/*/locations/*/targetSslProxies/*. This field is part of a union field `target_proxy`: Only one of `targetHttpsProxy` or diff --git a/mmv1/products/certificatemanager/CertificateMapEntry.yaml b/mmv1/products/certificatemanager/CertificateMapEntry.yaml index aaa6e9f12a96..31768e46fcc8 100644 --- a/mmv1/products/certificatemanager/CertificateMapEntry.yaml +++ b/mmv1/products/certificatemanager/CertificateMapEntry.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,39 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'CertificateMapEntry' +base_url: 'projects/{{project}}/locations/global/certificateMaps/{{map}}/certificateMapEntries' +create_url: 'projects/{{project}}/locations/global/certificateMaps/{{map}}/certificateMapEntries?certificateMapEntryId={{name}}' +self_link: 'projects/{{project}}/locations/global/certificateMaps/{{map}}/certificateMapEntries/{{name}}' +update_verb: :PATCH +update_mask: true +description: | + CertificateMapEntry is a list of certificate configurations, + that have been issued for a particular hostname +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + status: !ruby/object:Api::OpAsync::Status + path: 'state' + complete: 'ACTIVE' + allowed: + - 'PENDING' + - 'ACTIVE' + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +docs: !ruby/object:Provider::Terraform::Docs +autogen_async: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'certificate_manager_certificate_map_entry_full' +======= --- name: 'CertificateMapEntry' description: | @@ -43,6 +80,7 @@ async: custom_code: examples: - name: 'certificate_manager_certificate_map_entry_full' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: dns_auth_name: 'dns-auth' @@ -51,13 +89,44 @@ examples: dns_auth_subdomain2: 'subdomain2' cert_map_entry_name: 'cert-map-entry' parameters: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'name' + required: true + immutable: + true +======= - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # url_param_only: true description: | A user-defined name of the Certificate Map Entry. Certificate Map Entry names must be unique globally and match pattern 'projects/*/locations/*/certificateMaps/*/certificateMapEntries/*' +<<<<<<< HEAD + custom_expand: templates/terraform/custom_expand/resource_from_self_link.go.erb + custom_flatten: templates/terraform/custom_flatten/name_from_self_link.erb + - !ruby/object:Api::Type::ResourceRef + name: 'map' + required: true + immutable: true + url_param_only: true + imports: 'name' + resource: 'CertificateMap' + description: | + A map entry that is inputted into the cetrificate map + custom_expand: templates/terraform/custom_expand/resource_from_self_link.go.erb + custom_flatten: templates/terraform/custom_flatten/name_from_self_link.erb +properties: + - !ruby/object:Api::Type::String + name: 'description' + description: | + A human-readable description of the resource. + - !ruby/object:Api::Type::String + name: 'createTime' + output: true +======= required: true immutable: true custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' @@ -80,30 +149,59 @@ properties: A human-readable description of the resource. - name: 'createTime' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Creation timestamp of a Certificate Map Entry. Timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". +<<<<<<< HEAD + - !ruby/object:Api::Type::Time + name: 'updateTime' +======= output: true - name: 'updateTime' type: Time +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Update timestamp of a Certificate Map Entry. Timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' +======= - name: 'labels' type: KeyValueLabels +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Set of labels associated with a Certificate Map Entry. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'certificates' + required: true +======= - name: 'certificates' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A set of Certificates defines for the given hostname. There can be defined up to fifteen certificates in each Certificate Map Entry. Each certificate must match pattern projects/*/locations/*/certificates/*. +<<<<<<< HEAD + diff_suppress_func: tpgresource.ProjectNumberDiffSuppress + item_type: Api::Type::String + - !ruby/object:Api::Type::String + name: 'state' + output: true + description: | + A serving state of this Certificate Map Entry. + - !ruby/object:Api::Type::String + name: 'hostname' + immutable: true +======= required: true diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' item_type: @@ -115,10 +213,24 @@ properties: output: true - name: 'hostname' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A Hostname (FQDN, e.g. example.com) or a wildcard hostname expression (*.example.com) for a set of hostnames with common suffix. Used as Server Name Indication (SNI) for selecting a proper certificate. +<<<<<<< HEAD + exactly_one_of: + - hostname + - matcher + - !ruby/object:Api::Type::String + name: 'matcher' + immutable: true + exactly_one_of: + - hostname + - matcher + description: | + A predefined matcher for particular cases, other than SNI selection +======= immutable: true exactly_one_of: - 'hostname' @@ -131,3 +243,4 @@ properties: exactly_one_of: - 'hostname' - 'matcher' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/certificatemanager/DnsAuthorization.yaml b/mmv1/products/certificatemanager/DnsAuthorization.yaml index 5c0cd5a83485..1103311f93e0 100644 --- a/mmv1/products/certificatemanager/DnsAuthorization.yaml +++ b/mmv1/products/certificatemanager/DnsAuthorization.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,42 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'DnsAuthorization' +base_url: 'projects/{{project}}/locations/{{location}}/dnsAuthorizations' +create_url: 'projects/{{project}}/locations/{{location}}/dnsAuthorizations?dnsAuthorizationId={{name}}' +self_link: 'projects/{{project}}/locations/{{location}}/dnsAuthorizations/{{name}}' +update_verb: :PATCH +update_mask: true +description: | + DnsAuthorization represents a HTTP-reachable backend for a DnsAuthorization. +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +docs: !ruby/object:Provider::Terraform::Docs +autogen_async: true +import_format: + ['projects/{{project}}/locations/{{location}}/dnsAuthorizations/{{name}}'] +schema_version: 1 +state_upgraders: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'certificate_manager_dns_authorization_basic' +======= --- name: 'DnsAuthorization' description: | @@ -46,24 +86,60 @@ schema_version: 1 state_upgraders: true examples: - name: 'certificate_manager_dns_authorization_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: dns_auth_name: 'dns-auth' zone_name: 'my-zone' subdomain: 'subdomain' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'certificate_manager_dns_authorization_regional' +======= - name: 'certificate_manager_dns_authorization_regional' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: dns_auth_name: 'dns-auth' zone_name: 'my-zone' subdomain: 'subdomain' parameters: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'name' + required: true + immutable: true + url_param_only: true +======= - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource; provided by the client when the resource is created. The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'location' + description: | + The Certificate Manager location. If not specified, "global" is used. + default_value: global + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'description' + description: | + A human-readable description of the resource. + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: + 'Set of label tags associated with the DNS Authorization resource.' + - !ruby/object:Api::Type::String + name: 'domain' + immutable: true + required: true +======= url_param_only: true required: true immutable: true @@ -85,14 +161,20 @@ properties: 'Set of label tags associated with the DNS Authorization resource.' - name: 'domain' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A domain which is being authorized. A DnsAuthorization resource covers a single domain and its wildcard, e.g. authorization for "example.com" can be used to issue certificates for "example.com" and "*.example.com". +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: type +======= required: true immutable: true - name: 'type' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | type of DNS authorization. If unset during the resource creation, FIXED_RECORD will be used for global resources, and PER_PROJECT_RECORD will be used for other locations. @@ -103,16 +185,45 @@ properties: of Google-managed certificates with DNS authorization across multiple projects. immutable: true +<<<<<<< HEAD + values: + - :FIXED_RECORD + - :PER_PROJECT_RECORD + default_from_api: true + - !ruby/object:Api::Type::NestedObject + name: 'dnsResourceRecord' + output: true +======= default_from_api: true enum_values: - 'FIXED_RECORD' - 'PER_PROJECT_RECORD' - name: 'dnsResourceRecord' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The structure describing the DNS Resource Record that needs to be added to DNS configuration for the authorization to be usable by certificate. +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + Fully qualified name of the DNS Resource Record. + E.g. `_acme-challenge.example.com`. + - !ruby/object:Api::Type::String + name: 'type' + output: true + description: | + Type of the DNS Resource Record. + - !ruby/object:Api::Type::String + name: 'data' + output: true + description: | + Data of the DNS Resource Record. +======= output: true properties: - name: 'name' @@ -131,3 +242,4 @@ properties: description: | Data of the DNS Resource Record. output: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/certificatemanager/TrustConfig.yaml b/mmv1/products/certificatemanager/TrustConfig.yaml index de5776b10f4e..3172b873e40a 100644 --- a/mmv1/products/certificatemanager/TrustConfig.yaml +++ b/mmv1/products/certificatemanager/TrustConfig.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,49 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'TrustConfig' +base_url: 'projects/{{project}}/locations/{{location}}/trustConfigs' +create_url: 'projects/{{project}}/locations/{{location}}/trustConfigs?trustConfigId={{name}}' +self_link: 'projects/{{project}}/locations/{{location}}/trustConfigs/{{name}}' +update_verb: :PATCH +description: | + TrustConfig represents a resource that represents your Public Key Infrastructure (PKI) configuration in Certificate Manager for use in mutual TLS authentication scenarios. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/certificate-manager/docs' + api: 'https://cloud.google.com/certificate-manager/docs/reference/certificate-manager/rest/v1/projects.locations.trustConfigs/create' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +docs: !ruby/object:Provider::Terraform::Docs +autogen_async: true +import_format: + ['projects/{{project}}/locations/{{location}}/trustConfigs/{{name}}'] +id_format: 'projects/{{project}}/locations/{{location}}/trustConfigs/{{name}}' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'certificate_manager_trust_config' + primary_resource_id: 'default' + vars: + trust_config_name: 'trust-config' + - !ruby/object:Provider::Terraform::Examples + name: 'certificate_manager_trust_config_allowlisted_certificates' +======= --- name: 'TrustConfig' description: | @@ -52,10 +99,30 @@ examples: vars: trust_config_name: 'trust-config' - name: 'certificate_manager_trust_config_allowlisted_certificates' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: trust_config_name: 'trust-config' parameters: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'name' + required: true + immutable: true + url_param_only: true + description: | + A user-defined name of the trust config. Trust config names must be unique globally. + - !ruby/object:Api::Type::String + name: 'location' + required: true + description: | + The trust config location. + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::Time + name: 'createTime' +======= - name: 'name' type: String description: | @@ -73,20 +140,50 @@ parameters: properties: - name: 'createTime' type: Time +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The creation timestamp of a TrustConfig. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Time + name: 'updateTime' +======= - name: 'updateTime' type: Time +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The last update timestamp of a TrustConfig. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: 'Set of label tags associated with the trust config.' + - !ruby/object:Api::Type::String + name: 'description' + description: | + One or more paragraphs of text description of a trust config. + - !ruby/object:Api::Type::Array + name: trustStores + description: | + Set of trust stores to perform validation against. + This field is supported when TrustConfig is configured with Load Balancers, currently not supported for SPIFFE certificate validation. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Array + name: trustAnchors + description: | + List of Trust Anchors to be used while performing validation against a given TrustStore. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'pemCertificate' +======= - name: 'labels' type: KeyValueLabels description: 'Set of label tags associated with the trust config.' @@ -111,10 +208,22 @@ properties: properties: - name: 'pemCertificate' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | PEM root certificate of the PKI used for validation. Each certificate provided in PEM format may occupy up to 5kB. sensitive: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: intermediateCas + description: | + Set of intermediate CA certificates used for the path building phase of chain validation. + The field is currently not supported if trust config is used for the workload certificate feature. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'pemCertificate' +======= - name: 'intermediateCas' type: Array description: | @@ -125,10 +234,22 @@ properties: properties: - name: 'pemCertificate' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | PEM intermediate certificate used for building up paths for validation. Each certificate provided in PEM format may occupy up to 5kB. sensitive: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: allowlistedCertificates + description: | + Allowlisted PEM-encoded certificates. A certificate matching an allowlisted certificate is always considered valid as long as + the certificate is parseable, proof of private key possession is established, and constraints on the certificate's SAN field are met. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'pemCertificate' +======= - name: 'allowlistedCertificates' type: Array description: | @@ -139,6 +260,7 @@ properties: properties: - name: 'pemCertificate' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | PEM certificate that is allowlisted. The certificate can be up to 5k bytes, and must be a parseable X.509 certificate. required: true diff --git a/mmv1/products/certificatemanager/go_Certificate.yaml b/mmv1/products/certificatemanager/go_Certificate.yaml new file mode 100644 index 000000000000..e2632d05433b --- /dev/null +++ b/mmv1/products/certificatemanager/go_Certificate.yaml @@ -0,0 +1,288 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Certificate' +description: | + Certificate represents a HTTP-reachable backend for a Certificate. +docs: +id_format: 'projects/{{project}}/locations/{{location}}/certificates/{{name}}' +base_url: 'projects/{{project}}/locations/{{location}}/certificates' +self_link: 'projects/{{project}}/locations/{{location}}/certificates/{{name}}' +create_url: 'projects/{{project}}/locations/{{location}}/certificates?certificateId={{name}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/certificates/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: false + error: + path: 'error' + message: 'message' +custom_code: + constants: 'templates/terraform/constants/go/cert_manager.tmpl' +schema_version: 1 +state_upgraders: true +examples: + - name: 'certificate_manager_google_managed_certificate_dns' + primary_resource_id: 'default' + vars: + dns_auth_name: 'dns-auth' + dns_auth_subdomain: 'subdomain' + dns_auth_name2: 'dns-auth2' + dns_auth_subdomain2: 'subdomain2' + cert_name: 'dns-cert' + - name: 'certificate_manager_google_managed_certificate_issuance_config' + primary_resource_id: 'default' + vars: + cert_name: 'issuance-config-cert' + ca_name: 'ca-authority' + pool_name: 'ca-pool' + issuance_config_name: 'issuance-config' + - name: 'certificate_manager_self_managed_certificate' + primary_resource_id: 'default' + vars: + cert_name: 'self-managed-cert' + - name: 'certificate_manager_self_managed_certificate_regional' + primary_resource_id: 'default' + vars: + cert_name: 'self-managed-cert' + - name: 'certificate_manager_google_managed_certificate_issuance_config_all_regions' + primary_resource_id: 'default' + vars: + cert_name: 'issuance-config-cert' + ca_name: 'ca-authority' + pool_name: 'ca-pool' + issuance_config_name: 'issuance-config' + - name: 'certificate_manager_google_managed_certificate_dns_all_regions' + primary_resource_id: 'default' + vars: + dns_auth_name: 'dns-auth' + dns_auth_subdomain: 'subdomain' + dns_auth_name2: 'dns-auth2' + dns_auth_subdomain2: 'subdomain2' + cert_name: 'dns-cert' + - name: 'certificate_manager_google_managed_regional_certificate_dns_auth' + primary_resource_id: 'default' + vars: + dns_auth_name: 'dns-auth' + dns_auth_subdomain: 'subdomain' + cert_name: 'dns-cert' +parameters: + - name: 'name' + type: String + description: | + A user-defined name of the certificate. Certificate names must be unique + The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter, + and all following characters must be a dash, underscore, letter or digit. + url_param_only: true + required: true + immutable: true + - name: 'location' + type: String + description: | + The Certificate Manager location. If not specified, "global" is used. + url_param_only: true + immutable: true + default_value: "global" +properties: + - name: 'description' + type: String + description: | + A human-readable description of the resource. + - name: 'labels' + type: KeyValueLabels + description: 'Set of label tags associated with the Certificate resource.' + - name: 'scope' + type: String + description: | + The scope of the certificate. + + DEFAULT: Certificates with default scope are served from core Google data centers. + If unsure, choose this option. + + EDGE_CACHE: Certificates with scope EDGE_CACHE are special-purposed certificates, served from Edge Points of Presence. + See https://cloud.google.com/vpc/docs/edge-locations. + + ALL_REGIONS: Certificates with ALL_REGIONS scope are served from all GCP regions (You can only use ALL_REGIONS with global certs). + See https://cloud.google.com/compute/docs/regions-zones + immutable: true + diff_suppress_func: 'certManagerDefaultScopeDiffSuppress' + default_value: "DEFAULT" + - name: 'sanDnsnames' + type: Array + description: | + The list of Subject Alternative Names of dnsName type defined in the certificate (see RFC 5280 4.2.1.6) + output: true + item_type: + type: String + - name: 'selfManaged' + type: NestedObject + description: | + Certificate data for a SelfManaged Certificate. + SelfManaged Certificates are uploaded by the user. Updating such + certificates before they expire remains the user's responsibility. + immutable: true + ignore_read: true + exactly_one_of: + - 'self_managed' + - 'managed' + properties: + - name: 'certificatePem' + type: String + description: | + The certificate chain in PEM-encoded form. + + Leaf certificate comes first, followed by intermediate ones if any. + immutable: true + sensitive: true + exactly_one_of: + - 'self_managed.0.certificate_pem' + - 'self_managed.0.pem_certificate' + deprecation_message: '`certificate_pem` is deprecated and will be removed in a future major release. Use `pem_certificate` instead.' + - name: 'privateKeyPem' + type: String + description: | + The private key of the leaf certificate in PEM-encoded form. + immutable: true + sensitive: true + exactly_one_of: + - 'self_managed.0.private_key_pem' + - 'self_managed.0.pem_private_key' + deprecation_message: '`private_key_pem` is deprecated and will be removed in a future major release. Use `pem_private_key` instead.' + - name: 'pemCertificate' + type: String + description: | + The certificate chain in PEM-encoded form. + + Leaf certificate comes first, followed by intermediate ones if any. + immutable: true + exactly_one_of: + - 'self_managed.0.certificate_pem' + - 'self_managed.0.pem_certificate' + - name: 'pemPrivateKey' + type: String + description: | + The private key of the leaf certificate in PEM-encoded form. + immutable: true + sensitive: true + exactly_one_of: + - 'self_managed.0.private_key_pem' + - 'self_managed.0.pem_private_key' + - name: 'managed' + type: NestedObject + description: | + Configuration and state of a Managed Certificate. + Certificate Manager provisions and renews Managed Certificates + automatically, for as long as it's authorized to do so. + immutable: true + exactly_one_of: + - 'self_managed' + - 'managed' + properties: + - name: 'domains' + type: Array + description: | + The domains for which a managed SSL certificate will be generated. + Wildcard domains are only supported with DNS challenge resolution + immutable: true + item_type: + type: String + - name: 'dnsAuthorizations' + type: Array + description: | + Authorizations that will be used for performing domain authorization. Either issuanceConfig or dnsAuthorizations should be specificed, but not both. + immutable: true + diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' + item_type: + type: String + - name: 'issuanceConfig' + type: String + description: | + The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format projects/*/locations/*/certificateIssuanceConfigs/*. + If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa. + Either issuanceConfig or dnsAuthorizations should be specificed, but not both. + + immutable: true + # when the certificate is created with issuanceConfig in the format "projects/{{project_id}}/locations/global/certificateIssuanceConfigs/{{CICName}}", the + # format changes in the response message to "projects/{{project_number}}/locations/global/certificateIssuanceConfigs/{{CICName}}". That causes the tests to fail + # that's why "tpgresource.CompareResourceNames" is needed. + diff_suppress_func: 'tpgresource.CompareResourceNames' + - name: 'state' + type: String + description: | + A state of this Managed Certificate. + output: true + - name: 'provisioningIssue' + type: NestedObject + description: | + Information about issues with provisioning this Managed Certificate. + output: true + properties: + - name: 'reason' + type: String + description: | + Reason for provisioning failures. + output: true + - name: 'details' + type: String + description: | + Human readable explanation about the issue. Provided to help address + the configuration issues. + Not guaranteed to be stable. For programmatic access use `reason` field. + output: true + - name: 'authorizationAttemptInfo' + type: Array + description: | + Detailed state of the latest authorization attempt for each domain + specified for this Managed Certificate. + output: true + item_type: + type: NestedObject + properties: + - name: 'domain' + type: String + description: | + Domain name of the authorization attempt. + output: true + - name: 'state' + type: String + description: | + State of the domain for managed certificate issuance. + output: true + - name: 'failureReason' + type: String + description: | + Reason for failure of the authorization attempt for the domain. + output: true + - name: 'details' + type: String + description: | + Human readable explanation for reaching the state. Provided to help + address the configuration issues. + Not guaranteed to be stable. For programmatic access use `failure_reason` field. + output: true diff --git a/mmv1/products/certificatemanager/go_CertificateIssuanceConfig.yaml b/mmv1/products/certificatemanager/go_CertificateIssuanceConfig.yaml new file mode 100644 index 000000000000..db1ec306dab8 --- /dev/null +++ b/mmv1/products/certificatemanager/go_CertificateIssuanceConfig.yaml @@ -0,0 +1,135 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'CertificateIssuanceConfig' +description: | + Certificate represents a HTTP-reachable backend for a Certificate. +references: + guides: + 'Manage certificate issuance configs': 'https://cloud.google.com/certificate-manager/docs/issuance-configs' + api: 'https://cloud.google.com/certificate-manager/docs/reference/certificate-manager/rest/v1/projects.locations.certificateIssuanceConfigs' +docs: +base_url: 'projects/{{project}}/locations/{{location}}/certificateIssuanceConfigs' +create_url: 'projects/{{project}}/locations/{{location}}/certificateIssuanceConfigs?certificateIssuanceConfigId={{name}}' +immutable: true +import_format: + - 'projects/{{project}}/locations/{{location}}/certificateIssuanceConfigs/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: false + error: + path: 'error' + message: 'message' +custom_code: +schema_version: 1 +state_upgraders: true +examples: + - name: 'certificate_manager_certificate_issuance_config' + primary_resource_id: 'default' + vars: + ca_name: 'ca-authority' + pool_name: 'ca-pool' + issuance_config_name: 'issuance-config' +parameters: + - name: 'name' + type: String + description: | + A user-defined name of the certificate issuance config. + CertificateIssuanceConfig names must be unique globally. + url_param_only: true + required: true + - name: 'location' + type: String + description: | + The Certificate Manager location. If not specified, "global" is used. + url_param_only: true + immutable: true + default_value: "global" +properties: + - name: 'description' + type: String + description: | + One or more paragraphs of text description of a CertificateIssuanceConfig. + - name: 'rotationWindowPercentage' + type: Integer + description: | + It specifies the percentage of elapsed time of the certificate lifetime to wait before renewing the certificate. + Must be a number between 1-99, inclusive. + You must set the rotation window percentage in relation to the certificate lifetime so that certificate renewal occurs at least 7 days after + the certificate has been issued and at least 7 days before it expires. + required: true + - name: 'keyAlgorithm' + type: Enum + description: | + Key algorithm to use when generating the private key. + required: true + enum_values: + - 'RSA_2048' + - 'ECDSA_P256' + - name: 'lifetime' + type: String + description: | + Lifetime of issued certificates. A duration in seconds with up to nine fractional digits, ending with 's'. + Example: "1814400s". Valid values are from 21 days (1814400s) to 30 days (2592000s) + required: true + - name: 'createTime' + type: String + description: | + The creation timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, + accurate to nanoseconds with up to nine fractional digits. + Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + output: true + - name: 'updateTime' + type: Time + description: | + The last update timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, + accurate to nanoseconds with up to nine fractional digits. + Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + output: true + - name: 'labels' + type: KeyValueLabels + description: | + 'Set of label tags associated with the CertificateIssuanceConfig resource. + An object containing a list of "key": value pairs. Example: { "name": "wrench", "count": "3" }. + - name: 'certificateAuthorityConfig' + type: NestedObject + description: | + The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc. + required: true + properties: + - name: 'certificateAuthorityServiceConfig' + type: NestedObject + description: Defines a CertificateAuthorityServiceConfig. + properties: + - name: 'caPool' + type: String + description: | + A CA pool resource used to issue a certificate. + The CA pool string has a relative resource path following the form + "projects/{project}/locations/{location}/caPools/{caPool}". + required: true + diff_suppress_func: 'tpgresource.CompareResourceNames' diff --git a/mmv1/products/certificatemanager/go_CertificateMap.yaml b/mmv1/products/certificatemanager/go_CertificateMap.yaml new file mode 100644 index 000000000000..48d4ac7d859b --- /dev/null +++ b/mmv1/products/certificatemanager/go_CertificateMap.yaml @@ -0,0 +1,120 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'CertificateMap' +description: | + CertificateMap defines a collection of certificate configurations, + which are usable by any associated target proxies +docs: +base_url: 'projects/{{project}}/locations/global/certificateMaps' +self_link: 'projects/{{project}}/locations/global/certificateMaps/{{name}}' +create_url: 'projects/{{project}}/locations/global/certificateMaps?certificateMapId={{name}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/global/certificateMaps/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: false + error: + path: 'error' + message: 'message' +custom_code: +examples: + - name: 'certificate_manager_certificate_map_basic' + primary_resource_id: 'default' + vars: + cert_map_name: 'cert-map' +parameters: + - name: 'name' + type: String + description: | + A user-defined name of the Certificate Map. Certificate Map names must be unique + globally and match the pattern `projects/*/locations/*/certificateMaps/*`. + url_param_only: true + required: true + immutable: true +properties: + - name: 'description' + type: String + description: | + A human-readable description of the resource. + - name: 'createTime' + type: String + description: | + Creation timestamp of a Certificate Map. Timestamp is in RFC3339 UTC "Zulu" format, + accurate to nanoseconds with up to nine fractional digits. + Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + output: true + - name: 'updateTime' + type: Time + description: | + Update timestamp of a Certificate Map. Timestamp is in RFC3339 UTC "Zulu" format, + accurate to nanoseconds with up to nine fractional digits. + Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + output: true + - name: 'labels' + type: KeyValueLabels + description: | + Set of labels associated with a Certificate Map resource. + - name: 'gclbTargets' + type: Array + description: | + A list of target proxies that use this Certificate Map + output: true + item_type: + type: NestedObject + properties: + - name: 'ipConfigs' + type: Array + description: | + An IP configuration where this Certificate Map is serving + item_type: + type: NestedObject + properties: + - name: 'ipAddress' + type: String + description: | + An external IP address + - name: 'ports' + type: Array + description: | + A list of ports + item_type: + type: Integer + - name: 'targetHttpsProxy' + type: String + description: | + Proxy name must be in the format projects/*/locations/*/targetHttpsProxies/*. + This field is part of a union field `target_proxy`: Only one of `targetHttpsProxy` or + `targetSslProxy` may be set. + - name: 'targetSslProxy' + type: String + description: | + Proxy name must be in the format projects/*/locations/*/targetSslProxies/*. + This field is part of a union field `target_proxy`: Only one of `targetHttpsProxy` or + `targetSslProxy` may be set. diff --git a/mmv1/products/certificatemanager/go_CertificateMapEntry.yaml b/mmv1/products/certificatemanager/go_CertificateMapEntry.yaml new file mode 100644 index 000000000000..dc9f20b31689 --- /dev/null +++ b/mmv1/products/certificatemanager/go_CertificateMapEntry.yaml @@ -0,0 +1,134 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'CertificateMapEntry' +description: | + CertificateMapEntry is a list of certificate configurations, + that have been issued for a particular hostname +docs: +base_url: 'projects/{{project}}/locations/global/certificateMaps/{{map}}/certificateMapEntries' +self_link: 'projects/{{project}}/locations/global/certificateMaps/{{map}}/certificateMapEntries/{{name}}' +create_url: 'projects/{{project}}/locations/global/certificateMaps/{{map}}/certificateMapEntries?certificateMapEntryId={{name}}' +update_verb: 'PATCH' +update_mask: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: false + error: + path: 'error' + message: 'message' +custom_code: +examples: + - name: 'certificate_manager_certificate_map_entry_full' + primary_resource_id: 'default' + vars: + dns_auth_name: 'dns-auth' + dns_auth_subdomain: 'subdomain' + dns_auth_name2: 'dns-auth2' + dns_auth_subdomain2: 'subdomain2' + cert_map_entry_name: 'cert-map-entry' +parameters: + - name: 'name' + type: String + # url_param_only: true + description: | + A user-defined name of the Certificate Map Entry. Certificate Map Entry + names must be unique globally and match pattern + 'projects/*/locations/*/certificateMaps/*/certificateMapEntries/*' + required: true + immutable: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/resource_from_self_link.go.tmpl' + - name: 'map' + type: ResourceRef + description: | + A map entry that is inputted into the cetrificate map + url_param_only: true + required: true + immutable: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/resource_from_self_link.go.tmpl' + resource: 'CertificateMap' + imports: 'name' +properties: + - name: 'description' + type: String + description: | + A human-readable description of the resource. + - name: 'createTime' + type: String + description: | + Creation timestamp of a Certificate Map Entry. Timestamp in RFC3339 UTC "Zulu" format, + with nanosecond resolution and up to nine fractional digits. + Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + output: true + - name: 'updateTime' + type: Time + description: | + Update timestamp of a Certificate Map Entry. Timestamp in RFC3339 UTC "Zulu" format, + with nanosecond resolution and up to nine fractional digits. + Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + output: true + - name: 'labels' + type: KeyValueLabels + description: | + Set of labels associated with a Certificate Map Entry. + An object containing a list of "key": value pairs. + Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. + - name: 'certificates' + type: Array + description: | + A set of Certificates defines for the given hostname. + There can be defined up to fifteen certificates in each Certificate Map Entry. + Each certificate must match pattern projects/*/locations/*/certificates/*. + required: true + diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' + item_type: + type: String + - name: 'state' + type: String + description: | + A serving state of this Certificate Map Entry. + output: true + - name: 'hostname' + type: String + description: | + A Hostname (FQDN, e.g. example.com) or a wildcard hostname expression (*.example.com) + for a set of hostnames with common suffix. Used as Server Name Indication (SNI) for + selecting a proper certificate. + immutable: true + exactly_one_of: + - 'hostname' + - 'matcher' + - name: 'matcher' + type: String + description: | + A predefined matcher for particular cases, other than SNI selection + immutable: true + exactly_one_of: + - 'hostname' + - 'matcher' diff --git a/mmv1/products/certificatemanager/go_DnsAuthorization.yaml b/mmv1/products/certificatemanager/go_DnsAuthorization.yaml new file mode 100644 index 000000000000..8923a5e2ed55 --- /dev/null +++ b/mmv1/products/certificatemanager/go_DnsAuthorization.yaml @@ -0,0 +1,134 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'DnsAuthorization' +description: | + DnsAuthorization represents a HTTP-reachable backend for a DnsAuthorization. +docs: +base_url: 'projects/{{project}}/locations/{{location}}/dnsAuthorizations' +self_link: 'projects/{{project}}/locations/{{location}}/dnsAuthorizations/{{name}}' +create_url: 'projects/{{project}}/locations/{{location}}/dnsAuthorizations?dnsAuthorizationId={{name}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/dnsAuthorizations/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: false + error: + path: 'error' + message: 'message' +custom_code: +schema_version: 1 +state_upgraders: true +examples: + - name: 'certificate_manager_dns_authorization_basic' + primary_resource_id: 'default' + vars: + dns_auth_name: 'dns-auth' + zone_name: 'my-zone' + subdomain: 'subdomain' + - name: 'certificate_manager_dns_authorization_regional' + primary_resource_id: 'default' + vars: + dns_auth_name: 'dns-auth' + zone_name: 'my-zone' + subdomain: 'subdomain' +parameters: + - name: 'name' + type: String + description: | + Name of the resource; provided by the client when the resource is created. + The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter, + and all following characters must be a dash, underscore, letter or digit. + url_param_only: true + required: true + immutable: true + - name: 'location' + type: String + description: | + The Certificate Manager location. If not specified, "global" is used. + url_param_only: true + immutable: true + default_value: "global" +properties: + - name: 'description' + type: String + description: | + A human-readable description of the resource. + - name: 'labels' + type: KeyValueLabels + description: + 'Set of label tags associated with the DNS Authorization resource.' + - name: 'domain' + type: String + description: | + A domain which is being authorized. A DnsAuthorization resource covers a + single domain and its wildcard, e.g. authorization for "example.com" can + be used to issue certificates for "example.com" and "*.example.com". + required: true + immutable: true + - name: 'type' + type: Enum + description: | + type of DNS authorization. If unset during the resource creation, FIXED_RECORD will + be used for global resources, and PER_PROJECT_RECORD will be used for other locations. + + FIXED_RECORD DNS authorization uses DNS-01 validation method + + PER_PROJECT_RECORD DNS authorization allows for independent management + of Google-managed certificates with DNS authorization across multiple + projects. + immutable: true + default_from_api: true + enum_values: + - 'FIXED_RECORD' + - 'PER_PROJECT_RECORD' + - name: 'dnsResourceRecord' + type: NestedObject + description: | + The structure describing the DNS Resource Record that needs to be added + to DNS configuration for the authorization to be usable by + certificate. + output: true + properties: + - name: 'name' + type: String + description: | + Fully qualified name of the DNS Resource Record. + E.g. `_acme-challenge.example.com`. + output: true + - name: 'type' + type: String + description: | + Type of the DNS Resource Record. + output: true + - name: 'data' + type: String + description: | + Data of the DNS Resource Record. + output: true diff --git a/mmv1/products/certificatemanager/go_TrustConfig.yaml b/mmv1/products/certificatemanager/go_TrustConfig.yaml new file mode 100644 index 000000000000..f811963ba005 --- /dev/null +++ b/mmv1/products/certificatemanager/go_TrustConfig.yaml @@ -0,0 +1,145 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'TrustConfig' +description: | + TrustConfig represents a resource that represents your Public Key Infrastructure (PKI) configuration in Certificate Manager for use in mutual TLS authentication scenarios. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/certificate-manager/docs' + api: 'https://cloud.google.com/certificate-manager/docs/reference/certificate-manager/rest/v1/projects.locations.trustConfigs/create' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/trustConfigs/{{name}}' +base_url: 'projects/{{project}}/locations/{{location}}/trustConfigs' +self_link: 'projects/{{project}}/locations/{{location}}/trustConfigs/{{name}}' +create_url: 'projects/{{project}}/locations/{{location}}/trustConfigs?trustConfigId={{name}}' +update_verb: 'PATCH' +import_format: + - 'projects/{{project}}/locations/{{location}}/trustConfigs/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: false + error: + path: 'error' + message: 'message' +custom_code: +examples: + - name: 'certificate_manager_trust_config' + primary_resource_id: 'default' + vars: + trust_config_name: 'trust-config' + - name: 'certificate_manager_trust_config_allowlisted_certificates' + primary_resource_id: 'default' + vars: + trust_config_name: 'trust-config' +parameters: + - name: 'name' + type: String + description: | + A user-defined name of the trust config. Trust config names must be unique globally. + url_param_only: true + required: true + immutable: true + - name: 'location' + type: String + description: | + The trust config location. + url_param_only: true + required: true + immutable: true +properties: + - name: 'createTime' + type: Time + description: | + The creation timestamp of a TrustConfig. + + A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. + Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + output: true + - name: 'updateTime' + type: Time + description: | + The last update timestamp of a TrustConfig. + + A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. + Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + output: true + - name: 'labels' + type: KeyValueLabels + description: 'Set of label tags associated with the trust config.' + - name: 'description' + type: String + description: | + One or more paragraphs of text description of a trust config. + - name: 'trustStores' + type: Array + description: | + Set of trust stores to perform validation against. + This field is supported when TrustConfig is configured with Load Balancers, currently not supported for SPIFFE certificate validation. + item_type: + type: NestedObject + properties: + - name: 'trustAnchors' + type: Array + description: | + List of Trust Anchors to be used while performing validation against a given TrustStore. + item_type: + type: NestedObject + properties: + - name: 'pemCertificate' + type: String + description: | + PEM root certificate of the PKI used for validation. + Each certificate provided in PEM format may occupy up to 5kB. + sensitive: true + - name: 'intermediateCas' + type: Array + description: | + Set of intermediate CA certificates used for the path building phase of chain validation. + The field is currently not supported if trust config is used for the workload certificate feature. + item_type: + type: NestedObject + properties: + - name: 'pemCertificate' + type: String + description: | + PEM intermediate certificate used for building up paths for validation. + Each certificate provided in PEM format may occupy up to 5kB. + sensitive: true + - name: 'allowlistedCertificates' + type: Array + description: | + Allowlisted PEM-encoded certificates. A certificate matching an allowlisted certificate is always considered valid as long as + the certificate is parseable, proof of private key possession is established, and constraints on the certificate's SAN field are met. + item_type: + type: NestedObject + properties: + - name: 'pemCertificate' + type: String + description: | + PEM certificate that is allowlisted. The certificate can be up to 5k bytes, and must be a parseable X.509 certificate. + required: true diff --git a/mmv1/products/certificatemanager/go_product.yaml b/mmv1/products/certificatemanager/go_product.yaml new file mode 100644 index 000000000000..0644d2acd76a --- /dev/null +++ b/mmv1/products/certificatemanager/go_product.yaml @@ -0,0 +1,24 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'CertificateManager' +display_name: 'Certificate manager' +versions: + - name: 'beta' + base_url: 'https://certificatemanager.googleapis.com/v1/' + - name: 'ga' + base_url: 'https://certificatemanager.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-identity' diff --git a/mmv1/products/certificatemanager/product.yaml b/mmv1/products/certificatemanager/product.yaml index 2c0d7838a7bd..50ac3d92c2c8 100644 --- a/mmv1/products/certificatemanager/product.yaml +++ b/mmv1/products/certificatemanager/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2021 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,19 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: CertificateManager +versions: + - !ruby/object:Api::Product::Version + name: beta + base_url: https://certificatemanager.googleapis.com/v1/ + - !ruby/object:Api::Product::Version + name: ga + base_url: https://certificatemanager.googleapis.com/v1/ +scopes: + - https://www.googleapis.com/auth/cloud-identity +======= --- name: 'CertificateManager' display_name: 'Certificate manager' @@ -21,3 +38,4 @@ versions: base_url: 'https://certificatemanager.googleapis.com/v1/' scopes: - 'https://www.googleapis.com/auth/cloud-identity' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/cloudasset/FolderFeed.yaml b/mmv1/products/cloudasset/FolderFeed.yaml index 6e544f09493e..74d2934eb9c7 100644 --- a/mmv1/products/cloudasset/FolderFeed.yaml +++ b/mmv1/products/cloudasset/FolderFeed.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,31 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: FolderFeed +base_url: folders/{{folder_id}}/feeds +create_url: folders/{{folder_id}}/feeds?feedId={{feed_id}} +self_link: '{{name}}' +update_verb: :PATCH +update_mask: true +collection_url_key: 'feeds' +description: | + Describes a Cloud Asset Inventory feed used to to listen to asset updates. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/asset-inventory/docs' + api: 'https://cloud.google.com/asset-inventory/docs/reference/rest/' +supports_indirect_user_project_override: true +custom_code: !ruby/object:Provider::Terraform::CustomCode + pre_create: templates/terraform/pre_create/cloud_asset_feed.go.erb + post_create: templates/terraform/post_create/cloud_asset_feed.go.erb + custom_import: templates/terraform/custom_import/cloud_asset_feed.go.erb + encoder: templates/terraform/encoders/cloud_asset_feed.go.erb +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'cloud_asset_folder_feed' +======= --- name: 'FolderFeed' description: | @@ -38,11 +67,30 @@ custom_code: supports_indirect_user_project_override: true examples: - name: 'cloud_asset_folder_feed' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'folder_feed' vars: feed_id: 'network-updates' folder_name: 'Networking' test_env_vars: +<<<<<<< HEAD + project: :PROJECT_NAME + org_id: :ORG_ID +parameters: + - !ruby/object:Api::Type::String + name: folder + required: true + immutable: true + url_param_only: true + description: | + The folder this feed should be created in. +properties: + - !ruby/object:Api::Type::String + name: billing_project + required: true + immutable: true + url_param_only: true +======= project: 'PROJECT_NAME' org_id: 'ORG_ID' parameters: @@ -56,10 +104,34 @@ parameters: properties: - name: 'billing_project' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The project whose identity will be used when sending messages to the destination pubsub topic. It also specifies the project for API enablement check, quota, and billing. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: folder_id + output: true + description: | + The ID of the folder where this feed has been created. Both [FOLDER_NUMBER] + and folders/[FOLDER_NUMBER] are accepted. + - !ruby/object:Api::Type::String + name: name + output: true + description: | + The format will be folders/{folder_number}/feeds/{client-assigned_feed_identifier}. + - !ruby/object:Api::Type::String + name: feedId + description: | + This is the client-assigned asset feed identifier and it needs to be unique under a specific parent. + required: true + immutable: true + url_param_only: true + - !ruby/object:Api::Type::Array + name: assetNames + item_type: Api::Type::String +======= url_param_only: true required: true immutable: true @@ -83,21 +155,60 @@ properties: immutable: true - name: 'assetNames' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of the full names of the assets to receive updates. You must specify either or both of assetNames and assetTypes. Only asset updates matching specified assetNames and assetTypes are exported to the feed. For example: //compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1. See https://cloud.google.com/apis/design/resourceNames#fullResourceName for more info. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: assetTypes + item_type: Api::Type::String +======= item_type: type: String - name: 'assetTypes' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of types of the assets to receive updates. You must specify either or both of assetNames and assetTypes. Only asset updates matching specified assetNames and assetTypes are exported to the feed. For example: "compute.googleapis.com/Disk" See https://cloud.google.com/asset-inventory/docs/supported-asset-types for a list of all supported asset types. +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: contentType + description: | + Asset content type. If not specified, no content but the asset name and type will be returned. + values: + - :CONTENT_TYPE_UNSPECIFIED + - :RESOURCE + - :IAM_POLICY + - :ORG_POLICY + - :OS_INVENTORY + - :ACCESS_POLICY + - !ruby/object:Api::Type::NestedObject + name: feedOutputConfig + required: true + description: | + Output configuration for asset feed destination. + properties: + - !ruby/object:Api::Type::NestedObject + name: pubsubDestination + required: true + description: | + Destination on Cloud Pubsub. + properties: + - !ruby/object:Api::Type::String + name: topic + required: true + description: | + Destination on Cloud Pubsub topic. + - !ruby/object:Api::Type::NestedObject + name: condition +======= item_type: type: String - name: 'contentType' @@ -130,6 +241,7 @@ properties: required: true - name: 'condition' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A condition which determines whether an asset update should be published. If specified, an asset will be returned only when the expression evaluates to true. When set, expression field @@ -137,6 +249,25 @@ properties: expression "temporal_asset.deleted == true" will only publish Asset deletions. Other fields of condition are optional. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: expression + required: true + description: | + Textual representation of an expression in Common Expression Language syntax. + - !ruby/object:Api::Type::String + name: title + description: | + Title for the expression, i.e. a short string describing its purpose. + This can be used e.g. in UIs which allow to enter the expression. + - !ruby/object:Api::Type::String + name: description + description: | + Description of the expression. This is a longer text which describes the expression, + e.g. when hovered over it in a UI. + - !ruby/object:Api::Type::String + name: location +======= - name: 'expression' type: String description: | @@ -154,6 +285,7 @@ properties: e.g. when hovered over it in a UI. - name: 'location' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | String indicating the location of the expression for error reporting, e.g. a file name and a position in the file. diff --git a/mmv1/products/cloudasset/OrganizationFeed.yaml b/mmv1/products/cloudasset/OrganizationFeed.yaml index 611b22c4287e..51314b96c8f6 100644 --- a/mmv1/products/cloudasset/OrganizationFeed.yaml +++ b/mmv1/products/cloudasset/OrganizationFeed.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,31 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: OrganizationFeed +base_url: 'organizations/{{org_id}}/feeds' +create_url: 'organizations/{{org_id}}/feeds?feedId={{feed_id}}' +self_link: '{{name}}' +update_verb: :PATCH +update_mask: true +collection_url_key: 'feeds' +description: | + Describes a Cloud Asset Inventory feed used to to listen to asset updates. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/asset-inventory/docs' + api: 'https://cloud.google.com/asset-inventory/docs/reference/rest/' +supports_indirect_user_project_override: true +custom_code: !ruby/object:Provider::Terraform::CustomCode + pre_create: templates/terraform/pre_create/cloud_asset_feed.go.erb + post_create: templates/terraform/post_create/cloud_asset_feed.go.erb + custom_import: templates/terraform/custom_import/cloud_asset_feed.go.erb + encoder: templates/terraform/encoders/cloud_asset_feed.go.erb +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'cloud_asset_organization_feed' +======= --- name: 'OrganizationFeed' description: | @@ -38,10 +67,29 @@ custom_code: supports_indirect_user_project_override: true examples: - name: 'cloud_asset_organization_feed' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'organization_feed' vars: feed_id: 'network-updates' test_env_vars: +<<<<<<< HEAD + project: :PROJECT_NAME + org_id: :ORG_ID +parameters: + - !ruby/object:Api::Type::String + name: org_id + required: true + immutable: true + url_param_only: true + description: | + The organization this feed should be created in. +properties: + - !ruby/object:Api::Type::String + name: billing_project + required: true + immutable: true + url_param_only: true +======= project: 'PROJECT_NAME' org_id: 'ORG_ID' parameters: @@ -55,10 +103,28 @@ parameters: properties: - name: 'billing_project' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The project whose identity will be used when sending messages to the destination pubsub topic. It also specifies the project for API enablement check, quota, and billing. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: name + output: true + description: | + The format will be organizations/{organization_number}/feeds/{client-assigned_feed_identifier}. + - !ruby/object:Api::Type::String + name: feedId + description: | + This is the client-assigned asset feed identifier and it needs to be unique under a specific parent. + required: true + immutable: true + url_param_only: true + - !ruby/object:Api::Type::Array + name: assetNames + item_type: Api::Type::String +======= url_param_only: true required: true immutable: true @@ -76,21 +142,60 @@ properties: immutable: true - name: 'assetNames' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of the full names of the assets to receive updates. You must specify either or both of assetNames and assetTypes. Only asset updates matching specified assetNames and assetTypes are exported to the feed. For example: //compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1. See https://cloud.google.com/apis/design/resourceNames#fullResourceName for more info. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: assetTypes + item_type: Api::Type::String +======= item_type: type: String - name: 'assetTypes' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of types of the assets to receive updates. You must specify either or both of assetNames and assetTypes. Only asset updates matching specified assetNames and assetTypes are exported to the feed. For example: "compute.googleapis.com/Disk" See https://cloud.google.com/asset-inventory/docs/supported-asset-types for a list of all supported asset types. +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: contentType + description: | + Asset content type. If not specified, no content but the asset name and type will be returned. + values: + - :CONTENT_TYPE_UNSPECIFIED + - :RESOURCE + - :IAM_POLICY + - :ORG_POLICY + - :OS_INVENTORY + - :ACCESS_POLICY + - !ruby/object:Api::Type::NestedObject + name: feedOutputConfig + required: true + description: | + Output configuration for asset feed destination. + properties: + - !ruby/object:Api::Type::NestedObject + name: pubsubDestination + required: true + description: | + Destination on Cloud Pubsub. + properties: + - !ruby/object:Api::Type::String + name: topic + required: true + description: | + Destination on Cloud Pubsub topic. + - !ruby/object:Api::Type::NestedObject + name: condition +======= item_type: type: String - name: 'contentType' @@ -123,6 +228,7 @@ properties: required: true - name: 'condition' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A condition which determines whether an asset update should be published. If specified, an asset will be returned only when the expression evaluates to true. When set, expression field @@ -130,6 +236,25 @@ properties: expression "temporal_asset.deleted == true" will only publish Asset deletions. Other fields of condition are optional. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: expression + required: true + description: | + Textual representation of an expression in Common Expression Language syntax. + - !ruby/object:Api::Type::String + name: title + description: | + Title for the expression, i.e. a short string describing its purpose. + This can be used e.g. in UIs which allow to enter the expression. + - !ruby/object:Api::Type::String + name: description + description: | + Description of the expression. This is a longer text which describes the expression, + e.g. when hovered over it in a UI. + - !ruby/object:Api::Type::String + name: location +======= - name: 'expression' type: String description: | @@ -147,6 +272,7 @@ properties: e.g. when hovered over it in a UI. - name: 'location' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | String indicating the location of the expression for error reporting, e.g. a file name and a position in the file. diff --git a/mmv1/products/cloudasset/ProjectFeed.yaml b/mmv1/products/cloudasset/ProjectFeed.yaml index 33c1362a14d1..f252f7456232 100644 --- a/mmv1/products/cloudasset/ProjectFeed.yaml +++ b/mmv1/products/cloudasset/ProjectFeed.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,30 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: ProjectFeed +base_url: projects/{{project}}/feeds +create_url: projects/{{project}}/feeds?feedId={{feed_id}} +self_link: '{{name}}' +update_verb: :PATCH +update_mask: true +collection_url_key: 'feeds' +description: | + Describes a Cloud Asset Inventory feed used to to listen to asset updates. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/asset-inventory/docs' + api: 'https://cloud.google.com/asset-inventory/docs/reference/rest/' +custom_code: !ruby/object:Provider::Terraform::CustomCode + pre_create: templates/terraform/pre_create/cloud_asset_feed.go.erb + post_create: templates/terraform/post_create/cloud_asset_feed.go.erb + custom_import: templates/terraform/custom_import/cloud_asset_feed.go.erb + encoder: templates/terraform/encoders/cloud_asset_feed.go.erb +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'cloud_asset_project_feed' +======= --- name: 'ProjectFeed' description: | @@ -37,20 +65,47 @@ custom_code: custom_import: 'templates/terraform/custom_import/cloud_asset_feed.go.tmpl' examples: - name: 'cloud_asset_project_feed' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'project_feed' vars: feed_id: 'network-updates' test_env_vars: +<<<<<<< HEAD + project: :PROJECT_NAME +properties: + - !ruby/object:Api::Type::String + name: billing_project + url_param_only: true + immutable: true +======= project: 'PROJECT_NAME' parameters: properties: - name: 'billing_project' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The project whose identity will be used when sending messages to the destination pubsub topic. It also specifies the project for API enablement check, quota, and billing. If not specified, the resource's project will be used. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: name + output: true + description: | + The format will be projects/{projectNumber}/feeds/{client-assigned_feed_identifier}. + - !ruby/object:Api::Type::String + name: feedId + description: | + This is the client-assigned asset feed identifier and it needs to be unique under a specific parent. + required: true + immutable: true + url_param_only: true + - !ruby/object:Api::Type::Array + name: assetNames + item_type: Api::Type::String +======= url_param_only: true immutable: true - name: 'name' @@ -67,21 +122,60 @@ properties: immutable: true - name: 'assetNames' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of the full names of the assets to receive updates. You must specify either or both of assetNames and assetTypes. Only asset updates matching specified assetNames and assetTypes are exported to the feed. For example: //compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1. See https://cloud.google.com/apis/design/resourceNames#fullResourceName for more info. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: assetTypes + item_type: Api::Type::String +======= item_type: type: String - name: 'assetTypes' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of types of the assets to receive updates. You must specify either or both of assetNames and assetTypes. Only asset updates matching specified assetNames and assetTypes are exported to the feed. For example: "compute.googleapis.com/Disk" See https://cloud.google.com/asset-inventory/docs/supported-asset-types for a list of all supported asset types. +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: contentType + description: | + Asset content type. If not specified, no content but the asset name and type will be returned. + values: + - :CONTENT_TYPE_UNSPECIFIED + - :RESOURCE + - :IAM_POLICY + - :ORG_POLICY + - :OS_INVENTORY + - :ACCESS_POLICY + - !ruby/object:Api::Type::NestedObject + name: feedOutputConfig + required: true + description: | + Output configuration for asset feed destination. + properties: + - !ruby/object:Api::Type::NestedObject + name: pubsubDestination + required: true + description: | + Destination on Cloud Pubsub. + properties: + - !ruby/object:Api::Type::String + name: topic + required: true + description: | + Destination on Cloud Pubsub topic. + - !ruby/object:Api::Type::NestedObject + name: condition +======= item_type: type: String - name: 'contentType' @@ -114,6 +208,7 @@ properties: required: true - name: 'condition' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A condition which determines whether an asset update should be published. If specified, an asset will be returned only when the expression evaluates to true. When set, expression field @@ -121,6 +216,25 @@ properties: expression "temporal_asset.deleted == true" will only publish Asset deletions. Other fields of condition are optional. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: expression + required: true + description: | + Textual representation of an expression in Common Expression Language syntax. + - !ruby/object:Api::Type::String + name: title + description: | + Title for the expression, i.e. a short string describing its purpose. + This can be used e.g. in UIs which allow to enter the expression. + - !ruby/object:Api::Type::String + name: description + description: | + Description of the expression. This is a longer text which describes the expression, + e.g. when hovered over it in a UI. + - !ruby/object:Api::Type::String + name: location +======= - name: 'expression' type: String description: | @@ -138,6 +252,7 @@ properties: e.g. when hovered over it in a UI. - name: 'location' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | String indicating the location of the expression for error reporting, e.g. a file name and a position in the file. diff --git a/mmv1/products/cloudasset/go_FolderFeed.yaml b/mmv1/products/cloudasset/go_FolderFeed.yaml new file mode 100644 index 000000000000..e5d6b0af1240 --- /dev/null +++ b/mmv1/products/cloudasset/go_FolderFeed.yaml @@ -0,0 +1,160 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'FolderFeed' +description: | + Describes a Cloud Asset Inventory feed used to to listen to asset updates. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/asset-inventory/docs' + api: 'https://cloud.google.com/asset-inventory/docs/reference/rest/' +docs: +base_url: 'folders/{{folder_id}}/feeds' +self_link: '{{name}}' +create_url: 'folders/{{folder_id}}/feeds?feedId={{feed_id}}' +update_verb: 'PATCH' +update_mask: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +collection_url_key: 'feeds' +custom_code: + encoder: 'templates/terraform/encoders/go/cloud_asset_feed.go.tmpl' + pre_create: 'templates/terraform/pre_create/go/cloud_asset_feed.go.tmpl' + post_create: 'templates/terraform/post_create/go/cloud_asset_feed.go.tmpl' + custom_import: 'templates/terraform/custom_import/go/cloud_asset_feed.go.tmpl' +supports_indirect_user_project_override: true +examples: + - name: 'cloud_asset_folder_feed' + primary_resource_id: 'folder_feed' + vars: + feed_id: 'network-updates' + folder_name: 'Networking' + test_env_vars: + project: 'PROJECT_NAME' + org_id: 'ORG_ID' +parameters: + - name: 'folder' + type: String + description: | + The folder this feed should be created in. + url_param_only: true + required: true + immutable: true +properties: + - name: 'billing_project' + type: String + description: | + The project whose identity will be used when sending messages to the + destination pubsub topic. It also specifies the project for API + enablement check, quota, and billing. + url_param_only: true + required: true + immutable: true + - name: 'folder_id' + type: String + description: | + The ID of the folder where this feed has been created. Both [FOLDER_NUMBER] + and folders/[FOLDER_NUMBER] are accepted. + output: true + - name: 'name' + type: String + description: | + The format will be folders/{folder_number}/feeds/{client-assigned_feed_identifier}. + output: true + - name: 'feedId' + type: String + description: | + This is the client-assigned asset feed identifier and it needs to be unique under a specific parent. + url_param_only: true + required: true + immutable: true + - name: 'assetNames' + type: Array + description: | + A list of the full names of the assets to receive updates. You must specify either or both of + assetNames and assetTypes. Only asset updates matching specified assetNames and assetTypes are + exported to the feed. For example: //compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1. + See https://cloud.google.com/apis/design/resourceNames#fullResourceName for more info. + item_type: + type: String + - name: 'assetTypes' + type: Array + description: | + A list of types of the assets to receive updates. You must specify either or both of assetNames + and assetTypes. Only asset updates matching specified assetNames and assetTypes are exported to + the feed. For example: "compute.googleapis.com/Disk" + See https://cloud.google.com/asset-inventory/docs/supported-asset-types for a list of all + supported asset types. + item_type: + type: String + - name: 'contentType' + type: Enum + description: | + Asset content type. If not specified, no content but the asset name and type will be returned. + enum_values: + - 'CONTENT_TYPE_UNSPECIFIED' + - 'RESOURCE' + - 'IAM_POLICY' + - 'ORG_POLICY' + - 'OS_INVENTORY' + - 'ACCESS_POLICY' + - name: 'feedOutputConfig' + type: NestedObject + description: | + Output configuration for asset feed destination. + required: true + properties: + - name: 'pubsubDestination' + type: NestedObject + description: | + Destination on Cloud Pubsub. + required: true + properties: + - name: 'topic' + type: String + description: | + Destination on Cloud Pubsub topic. + required: true + - name: 'condition' + type: NestedObject + description: | + A condition which determines whether an asset update should be published. If specified, an asset + will be returned only when the expression evaluates to true. When set, expression field + must be a valid CEL expression on a TemporalAsset with name temporal_asset. Example: a Feed with + expression "temporal_asset.deleted == true" will only publish Asset deletions. Other fields of + condition are optional. + properties: + - name: 'expression' + type: String + description: | + Textual representation of an expression in Common Expression Language syntax. + required: true + - name: 'title' + type: String + description: | + Title for the expression, i.e. a short string describing its purpose. + This can be used e.g. in UIs which allow to enter the expression. + - name: 'description' + type: String + description: | + Description of the expression. This is a longer text which describes the expression, + e.g. when hovered over it in a UI. + - name: 'location' + type: String + description: | + String indicating the location of the expression for error reporting, e.g. a file + name and a position in the file. diff --git a/mmv1/products/cloudasset/go_OrganizationFeed.yaml b/mmv1/products/cloudasset/go_OrganizationFeed.yaml new file mode 100644 index 000000000000..0fa98ea528ab --- /dev/null +++ b/mmv1/products/cloudasset/go_OrganizationFeed.yaml @@ -0,0 +1,153 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'OrganizationFeed' +description: | + Describes a Cloud Asset Inventory feed used to to listen to asset updates. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/asset-inventory/docs' + api: 'https://cloud.google.com/asset-inventory/docs/reference/rest/' +docs: +base_url: 'organizations/{{org_id}}/feeds' +self_link: '{{name}}' +create_url: 'organizations/{{org_id}}/feeds?feedId={{feed_id}}' +update_verb: 'PATCH' +update_mask: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +collection_url_key: 'feeds' +custom_code: + encoder: 'templates/terraform/encoders/go/cloud_asset_feed.go.tmpl' + pre_create: 'templates/terraform/pre_create/go/cloud_asset_feed.go.tmpl' + post_create: 'templates/terraform/post_create/go/cloud_asset_feed.go.tmpl' + custom_import: 'templates/terraform/custom_import/go/cloud_asset_feed.go.tmpl' +supports_indirect_user_project_override: true +examples: + - name: 'cloud_asset_organization_feed' + primary_resource_id: 'organization_feed' + vars: + feed_id: 'network-updates' + test_env_vars: + project: 'PROJECT_NAME' + org_id: 'ORG_ID' +parameters: + - name: 'org_id' + type: String + description: | + The organization this feed should be created in. + url_param_only: true + required: true + immutable: true +properties: + - name: 'billing_project' + type: String + description: | + The project whose identity will be used when sending messages to the + destination pubsub topic. It also specifies the project for API + enablement check, quota, and billing. + url_param_only: true + required: true + immutable: true + - name: 'name' + type: String + description: | + The format will be organizations/{organization_number}/feeds/{client-assigned_feed_identifier}. + output: true + - name: 'feedId' + type: String + description: | + This is the client-assigned asset feed identifier and it needs to be unique under a specific parent. + url_param_only: true + required: true + immutable: true + - name: 'assetNames' + type: Array + description: | + A list of the full names of the assets to receive updates. You must specify either or both of + assetNames and assetTypes. Only asset updates matching specified assetNames and assetTypes are + exported to the feed. For example: //compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1. + See https://cloud.google.com/apis/design/resourceNames#fullResourceName for more info. + item_type: + type: String + - name: 'assetTypes' + type: Array + description: | + A list of types of the assets to receive updates. You must specify either or both of assetNames + and assetTypes. Only asset updates matching specified assetNames and assetTypes are exported to + the feed. For example: "compute.googleapis.com/Disk" + See https://cloud.google.com/asset-inventory/docs/supported-asset-types for a list of all + supported asset types. + item_type: + type: String + - name: 'contentType' + type: Enum + description: | + Asset content type. If not specified, no content but the asset name and type will be returned. + enum_values: + - 'CONTENT_TYPE_UNSPECIFIED' + - 'RESOURCE' + - 'IAM_POLICY' + - 'ORG_POLICY' + - 'OS_INVENTORY' + - 'ACCESS_POLICY' + - name: 'feedOutputConfig' + type: NestedObject + description: | + Output configuration for asset feed destination. + required: true + properties: + - name: 'pubsubDestination' + type: NestedObject + description: | + Destination on Cloud Pubsub. + required: true + properties: + - name: 'topic' + type: String + description: | + Destination on Cloud Pubsub topic. + required: true + - name: 'condition' + type: NestedObject + description: | + A condition which determines whether an asset update should be published. If specified, an asset + will be returned only when the expression evaluates to true. When set, expression field + must be a valid CEL expression on a TemporalAsset with name temporal_asset. Example: a Feed with + expression "temporal_asset.deleted == true" will only publish Asset deletions. Other fields of + condition are optional. + properties: + - name: 'expression' + type: String + description: | + Textual representation of an expression in Common Expression Language syntax. + required: true + - name: 'title' + type: String + description: | + Title for the expression, i.e. a short string describing its purpose. + This can be used e.g. in UIs which allow to enter the expression. + - name: 'description' + type: String + description: | + Description of the expression. This is a longer text which describes the expression, + e.g. when hovered over it in a UI. + - name: 'location' + type: String + description: | + String indicating the location of the expression for error reporting, e.g. a file + name and a position in the file. diff --git a/mmv1/products/cloudasset/go_ProjectFeed.yaml b/mmv1/products/cloudasset/go_ProjectFeed.yaml new file mode 100644 index 000000000000..8880b642a71e --- /dev/null +++ b/mmv1/products/cloudasset/go_ProjectFeed.yaml @@ -0,0 +1,144 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'ProjectFeed' +description: | + Describes a Cloud Asset Inventory feed used to to listen to asset updates. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/asset-inventory/docs' + api: 'https://cloud.google.com/asset-inventory/docs/reference/rest/' +docs: +base_url: 'projects/{{project}}/feeds' +self_link: '{{name}}' +create_url: 'projects/{{project}}/feeds?feedId={{feed_id}}' +update_verb: 'PATCH' +update_mask: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +collection_url_key: 'feeds' +custom_code: + encoder: 'templates/terraform/encoders/go/cloud_asset_feed.go.tmpl' + pre_create: 'templates/terraform/pre_create/go/cloud_asset_feed.go.tmpl' + post_create: 'templates/terraform/post_create/go/cloud_asset_feed.go.tmpl' + custom_import: 'templates/terraform/custom_import/go/cloud_asset_feed.go.tmpl' +examples: + - name: 'cloud_asset_project_feed' + primary_resource_id: 'project_feed' + vars: + feed_id: 'network-updates' + test_env_vars: + project: 'PROJECT_NAME' +parameters: +properties: + - name: 'billing_project' + type: String + description: | + The project whose identity will be used when sending messages to the + destination pubsub topic. It also specifies the project for API + enablement check, quota, and billing. If not specified, the resource's + project will be used. + url_param_only: true + immutable: true + - name: 'name' + type: String + description: | + The format will be projects/{projectNumber}/feeds/{client-assigned_feed_identifier}. + output: true + - name: 'feedId' + type: String + description: | + This is the client-assigned asset feed identifier and it needs to be unique under a specific parent. + url_param_only: true + required: true + immutable: true + - name: 'assetNames' + type: Array + description: | + A list of the full names of the assets to receive updates. You must specify either or both of + assetNames and assetTypes. Only asset updates matching specified assetNames and assetTypes are + exported to the feed. For example: //compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1. + See https://cloud.google.com/apis/design/resourceNames#fullResourceName for more info. + item_type: + type: String + - name: 'assetTypes' + type: Array + description: | + A list of types of the assets to receive updates. You must specify either or both of assetNames + and assetTypes. Only asset updates matching specified assetNames and assetTypes are exported to + the feed. For example: "compute.googleapis.com/Disk" + See https://cloud.google.com/asset-inventory/docs/supported-asset-types for a list of all + supported asset types. + item_type: + type: String + - name: 'contentType' + type: Enum + description: | + Asset content type. If not specified, no content but the asset name and type will be returned. + enum_values: + - 'CONTENT_TYPE_UNSPECIFIED' + - 'RESOURCE' + - 'IAM_POLICY' + - 'ORG_POLICY' + - 'OS_INVENTORY' + - 'ACCESS_POLICY' + - name: 'feedOutputConfig' + type: NestedObject + description: | + Output configuration for asset feed destination. + required: true + properties: + - name: 'pubsubDestination' + type: NestedObject + description: | + Destination on Cloud Pubsub. + required: true + properties: + - name: 'topic' + type: String + description: | + Destination on Cloud Pubsub topic. + required: true + - name: 'condition' + type: NestedObject + description: | + A condition which determines whether an asset update should be published. If specified, an asset + will be returned only when the expression evaluates to true. When set, expression field + must be a valid CEL expression on a TemporalAsset with name temporal_asset. Example: a Feed with + expression "temporal_asset.deleted == true" will only publish Asset deletions. Other fields of + condition are optional. + properties: + - name: 'expression' + type: String + description: | + Textual representation of an expression in Common Expression Language syntax. + required: true + - name: 'title' + type: String + description: | + Title for the expression, i.e. a short string describing its purpose. + This can be used e.g. in UIs which allow to enter the expression. + - name: 'description' + type: String + description: | + Description of the expression. This is a longer text which describes the expression, + e.g. when hovered over it in a UI. + - name: 'location' + type: String + description: | + String indicating the location of the expression for error reporting, e.g. a file + name and a position in the file. diff --git a/mmv1/products/cloudasset/go_product.yaml b/mmv1/products/cloudasset/go_product.yaml new file mode 100644 index 000000000000..881677daefb0 --- /dev/null +++ b/mmv1/products/cloudasset/go_product.yaml @@ -0,0 +1,22 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'CloudAsset' +display_name: 'Cloud Asset Inventory' +versions: + - name: 'ga' + base_url: 'https://cloudasset.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/cloudasset/product.yaml b/mmv1/products/cloudasset/product.yaml index 1c38a02751dc..0f040d99930d 100644 --- a/mmv1/products/cloudasset/product.yaml +++ b/mmv1/products/cloudasset/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2020 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -10,6 +14,17 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: CloudAsset +display_name: Cloud Asset Inventory +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://cloudasset.googleapis.com/v1/ +scopes: + - https://www.googleapis.com/auth/cloud-platform +======= --- name: 'CloudAsset' @@ -19,3 +34,4 @@ versions: base_url: 'https://cloudasset.googleapis.com/v1/' scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/cloudbuild/BitbucketServerConfig.yaml b/mmv1/products/cloudbuild/BitbucketServerConfig.yaml index 7dc1b77f1d52..1808c6491e2f 100644 --- a/mmv1/products/cloudbuild/BitbucketServerConfig.yaml +++ b/mmv1/products/cloudbuild/BitbucketServerConfig.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,56 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'BitbucketServerConfig' +base_url: projects/{{project}}/locations/{{location}}/bitbucketServerConfigs +self_link: projects/{{project}}/locations/{{location}}/bitbucketServerConfigs/{{config_id}} +create_url: projects/{{project}}/locations/{{location}}/bitbucketServerConfigs?bitbucketServerConfigId={{config_id}} +update_verb: :PATCH +update_mask: true +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Connect to a Bitbucket Server host': 'https://cloud.google.com/build/docs/automating-builds/bitbucket/connect-host-bitbucket-server' + api: 'https://cloud.google.com/build/docs/api/reference/rest/v1/projects.locations.bitbucketServerConfigs' +description: | + BitbucketServerConfig represents the configuration for a Bitbucket Server. +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +autogen_async: true +import_format: + - 'projects/{{project}}/locations/{{location}}/bitbucketServerConfigs/{{config_id}}' +id_format: 'projects/{{project}}/locations/{{location}}/bitbucketServerConfigs/{{config_id}}' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'cloudbuild_bitbucket_server_config' + primary_resource_id: 'bbs-config' + vars: + config_id: 'bbs-config' + - !ruby/object:Provider::Terraform::Examples + name: 'cloudbuild_bitbucket_server_config_repositories' + primary_resource_id: 'bbs-config-with-repos' + vars: + config_id: 'bbs-config' + skip_test: true + - !ruby/object:Provider::Terraform::Examples + name: 'cloudbuild_bitbucket_server_config_peered_network' +======= --- name: 'BitbucketServerConfig' description: | @@ -62,11 +116,105 @@ examples: config_id: 'bbs-config' exclude_test: true - name: 'cloudbuild_bitbucket_server_config_peered_network' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'bbs-config-with-peered-network' vars: config_id: 'bbs-config' network_name: 'vpc-network' global_address_name: 'private-ip-alloc' +<<<<<<< HEAD +custom_code: !ruby/object:Provider::Terraform::CustomCode + encoder: templates/terraform/encoders/cloudbuild_bitbucketserver_config.go.erb + post_create: templates/terraform/post_create/cloudbuild_bitbucketserver_config.go.erb + pre_update: templates/terraform/pre_update/cloudbuild_bitbucketserver_config.go.erb + post_update: templates/terraform/post_update/cloudbuild_bitbucketserver_config.go.erb +parameters: + - !ruby/object:Api::Type::String + name: 'config_id' + required: true + url_param_only: true + immutable: true + description: | + The ID to use for the BitbucketServerConfig, which will become the final component of the BitbucketServerConfig's resource name. + - !ruby/object:Api::Type::String + name: 'location' + url_param_only: true + immutable: true + required: true + description: | + The location of this bitbucket server config. +properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + The resource name for the config. + - !ruby/object:Api::Type::String + name: 'hostUri' + required: true + description: | + Immutable. The URI of the Bitbucket Server host. Once this field has been set, it cannot be changed. + If you need to change it, please create another BitbucketServerConfig. + - !ruby/object:Api::Type::NestedObject + name: 'secrets' + required: true + description: | + Secret Manager secrets needed by the config. + properties: + - !ruby/object:Api::Type::String + name: 'adminAccessTokenVersionName' + required: true + description: | + The resource name for the admin access token's secret version. + - !ruby/object:Api::Type::String + name: 'readAccessTokenVersionName' + required: true + description: | + The resource name for the read access token's secret version. + - !ruby/object:Api::Type::String + name: 'webhookSecretVersionName' + required: true + immutable: true + description: | + Immutable. The resource name for the webhook secret's secret version. Once this field has been set, it cannot be changed. + Changing this field will result in deleting/ recreating the resource. + - !ruby/object:Api::Type::String + name: 'username' + required: true + description: | + Username of the account Cloud Build will use on Bitbucket Server. + - !ruby/object:Api::Type::String + name: 'webhookKey' + output: true + description: | + Output only. UUID included in webhook requests. The UUID is used to look up the corresponding config. + - !ruby/object:Api::Type::String + name: 'apiKey' + required: true + immutable: true + description: | + Immutable. API Key that will be attached to webhook. Once this field has been set, it cannot be changed. + Changing this field will result in deleting/ recreating the resource. + - !ruby/object:Api::Type::Array + name: 'connectedRepositories' + description: | + Connected Bitbucket Server repositories for this config. + is_set: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'projectKey' + required: true + description: | + Identifier for the project storing the repository. + - !ruby/object:Api::Type::String + name: 'repoSlug' + required: true + description: | + Identifier for the repository. + - !ruby/object:Api::Type::String + name: 'peeredNetwork' +======= parameters: - name: 'config_id' type: String @@ -154,12 +302,18 @@ properties: required: true - name: 'peeredNetwork' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The network to be used when reaching out to the Bitbucket Server instance. The VPC network must be enabled for private service connection. This should be set if the Bitbucket Server instance is hosted on-premises and not reachable by public internet. If this field is left empty, no network peering will occur and calls to the Bitbucket Server instance will be made over the public internet. Must be in the format projects/{project}/global/networks/{network}, where {project} is a project number or id and {network} is the name of a VPC network in the project. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'sslCa' +======= - name: 'sslCa' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | SSL certificate to use for requests to Bitbucket Server. The format should be PEM format but the extension can be one of .pem, .cer, or .crt. diff --git a/mmv1/products/cloudbuild/Trigger.yaml b/mmv1/products/cloudbuild/Trigger.yaml index 9297f0831d34..949d64bdc60d 100644 --- a/mmv1/products/cloudbuild/Trigger.yaml +++ b/mmv1/products/cloudbuild/Trigger.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,22 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Trigger' +base_url: projects/{{project}}/locations/{{location}}/triggers +self_link: 'projects/{{project}}/locations/{{location}}/triggers/{{trigger_id}}' +update_verb: :PATCH +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Automating builds using build triggers': 'https://cloud.google.com/cloud-build/docs/running-builds/automate-builds' + api: 'https://cloud.google.com/cloud-build/docs/api/reference/rest/v1/projects.triggers' +description: | + Configuration for an automated build in response to source repository changes. +docs: !ruby/object:Provider::Terraform::Docs + note: | + You can retrieve the email of the Cloud Build Service Account used in jobs by using the `google_project_service_identity` resource. +======= --- name: 'Trigger' description: | @@ -27,10 +47,37 @@ id_format: 'projects/{{project}}/locations/{{location}}/triggers/{{trigger_id}}' base_url: 'projects/{{project}}/locations/{{location}}/triggers' self_link: 'projects/{{project}}/locations/{{location}}/triggers/{{trigger_id}}' update_verb: 'PATCH' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # import by default only works with old-style self links ending in a name import_format: - 'projects/{{project}}/triggers/{{trigger_id}}' - 'projects/{{project}}/locations/{{location}}/triggers/{{trigger_id}}' +<<<<<<< HEAD +# For global triggers, the id format is changed to projects/{{project}}/triggers/{{trigger_id}} via code overrides. +id_format: 'projects/{{project}}/locations/{{location}}/triggers/{{trigger_id}}' +schema_version: 2 +state_upgraders: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'cloudbuild_trigger_filename' + primary_resource_id: 'filename-trigger' + - !ruby/object:Provider::Terraform::Examples + name: 'cloudbuild_trigger_build' + primary_resource_id: 'build-trigger' + vars: + cloudbuild_trigger_name: 'my-trigger' + - !ruby/object:Provider::Terraform::Examples + name: 'cloudbuild_trigger_service_account' + primary_resource_id: 'service-account-trigger' + vars: + sa_name: 'cloud-sa' + - !ruby/object:Provider::Terraform::Examples + name: 'cloudbuild_trigger_include_build_logs' + primary_resource_id: 'include-build-logs-trigger' + skip_test: true + - !ruby/object:Provider::Terraform::Examples + name: 'cloudbuild_trigger_pubsub_config' +======= timeouts: insert_minutes: 20 update_minutes: 20 @@ -60,10 +107,33 @@ examples: primary_resource_id: 'include-build-logs-trigger' exclude_test: true - name: 'cloudbuild_trigger_pubsub_config' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'pubsub-config-trigger' vars: pubsub_topic_name: 'my-topic' cloudbuild_trigger_name: 'pubsub-trigger' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'cloudbuild_trigger_webhook_config' + primary_resource_id: 'webhook-config-trigger' + vars: + cloudbuild_trigger_name: 'webhook-trigger' + secret_id: "webhook-trigger-secret-key" + - !ruby/object:Provider::Terraform::Examples + name: 'cloudbuild_trigger_manual' + primary_resource_id: 'manual-trigger' + vars: + cloudbuild_trigger_name: 'manual-trigger' + - !ruby/object:Provider::Terraform::Examples + name: 'cloudbuild_trigger_manual_github_enterprise' + primary_resource_id: 'manual-ghe-trigger' + skip_test: true + - !ruby/object:Provider::Terraform::Examples + name: 'cloudbuild_trigger_manual_bitbucket_server' + primary_resource_id: 'manual-bitbucket-trigger' + - !ruby/object:Provider::Terraform::Examples + name: 'cloudbuild_trigger_repo' +======= - name: 'cloudbuild_trigger_webhook_config' primary_resource_id: 'webhook-config-trigger' vars: @@ -79,11 +149,116 @@ examples: - name: 'cloudbuild_trigger_manual_bitbucket_server' primary_resource_id: 'manual-bitbucket-trigger' - name: 'cloudbuild_trigger_repo' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'repo-trigger' vars: installation_id: '123123' pat_secret: 'projects/my-project/secrets/github-pat-secret/versions/latest' repo_uri: 'https://github.com/myuser/my-repo.git' +<<<<<<< HEAD + cloudbuildv2_connection_name: "my-connection" + cloudbuildv2_repo_name: "my-repo" + test_vars_overrides: + installation_id: 31300675 + pat_secret: '"projects/gcb-terraform-creds/secrets/github-pat/versions/latest"' + repo_uri: '"https://github.com/gcb-repos-robot/tf-demo.git"' + - !ruby/object:Provider::Terraform::Examples + name: 'cloudbuild_trigger_bitbucket_server_push' + primary_resource_id: 'bbs-push-trigger' + vars: + cloudbuild_trigger_name: 'bbs-push-trigger' + - !ruby/object:Provider::Terraform::Examples + name: 'cloudbuild_trigger_bitbucket_server_pull_request' + primary_resource_id: 'bbs-pull-request-trigger' + vars: + cloudbuild_trigger_name: 'ghe-trigger' + - !ruby/object:Provider::Terraform::Examples + name: 'cloudbuild_trigger_github_enterprise' + primary_resource_id: 'ghe-trigger' + vars: + cloudbuild_trigger_name: 'ghe-trigger' + skip_test: true + - !ruby/object:Provider::Terraform::Examples + name: 'cloudbuild_trigger_allow_failure' + primary_resource_id: 'allow-failure-trigger' + vars: + cloudbuild_trigger_name: 'my-trigger' + - !ruby/object:Provider::Terraform::Examples + name: 'cloudbuild_trigger_allow_exit_codes' + primary_resource_id: 'allow-exit-codes-trigger' + vars: + cloudbuild_trigger_name: 'my-trigger' + - !ruby/object:Provider::Terraform::Examples + name: "cloudbuild_trigger_pubsub_with_repo" + primary_resource_id: "pubsub-with-repo-trigger" + vars: + installation_id: "123123" + pat_secret: "projects/my-project/secrets/github-pat-secret/versions/latest" + repo_uri: "https://github.com/myuser/my-repo.git" + cloudbuildv2_connection_name: "my-connection" + cloudbuildv2_repo_name: "my-repo" + pubsub_topic_name: "my-topic" + cloudbuild_trigger_name: "pubsub-with-repo-trigger" + test_vars_overrides: + installation_id: 31300675 + pat_secret: '"projects/gcb-terraform-creds/secrets/github-pat/versions/latest"' + repo_uri: '"https://github.com/gcb-repos-robot/tf-demo.git"' + +custom_code: !ruby/object:Provider::Terraform::CustomCode + pre_read: templates/terraform/pre_read/cloudbuild_trigger.go.erb + post_create: templates/terraform/post_create/cloudbuild_trigger_id.go.erb + post_import: templates/terraform/post_import/cloudbuild_trigger.go.erb + pre_update: templates/terraform/pre_update/cloudbuild_trigger.go.erb + constants: templates/terraform/constants/cloudbuild_trigger.erb +custom_diff: [ + 'stepTimeoutCustomizeDiff', +] +parameters: + - !ruby/object:Api::Type::String + name: 'location' + description: | + The [Cloud Build location](https://cloud.google.com/build/docs/locations) for the trigger. + If not specified, "global" is used. + default_value: global + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'trigger_id' + api_name: 'id' + description: | + The unique identifier for the trigger. + output: true + - !ruby/object:Api::Type::String + name: 'name' + description: | + Name of the trigger. Must be unique within the project. + default_from_api: true + - !ruby/object:Api::Type::String + name: 'description' + description: | + Human-readable description of the trigger. + - !ruby/object:Api::Type::Array + name: 'tags' + item_type: Api::Type::String + description: | + Tags for annotation of a BuildTrigger + - !ruby/object:Api::Type::Boolean + name: 'disabled' + description: | + Whether the trigger is disabled or not. If true, the trigger will never result in a build. + - !ruby/object:Api::Type::Time + name: 'createTime' + output: true + description: | + Time when the trigger was created. + - !ruby/object:Api::Type::KeyValuePairs + name: 'substitutions' + description: | + Substitutions data for Build resource. + - !ruby/object:Api::Type::String + name: 'serviceAccount' +======= cloudbuildv2_connection_name: 'my-connection' cloudbuildv2_repo_name: 'my-repo' test_vars_overrides: @@ -171,6 +346,7 @@ properties: Substitutions data for Build resource. - name: 'serviceAccount' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The service account used for all user-controlled operations including triggers.patch, triggers.run, builds.create, and builds.cancel. @@ -179,21 +355,81 @@ properties: ([PROJECT_NUM]@system.gserviceaccount.com) will be used instead. Format: projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT_ID_OR_EMAIL} +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'includeBuildLogs' + values: + - :INCLUDE_BUILD_LOGS_UNSPECIFIED + - :INCLUDE_BUILD_LOGS_WITH_STATUS +======= - name: 'includeBuildLogs' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Build logs will be sent back to GitHub as part of the checkrun result. Values can be INCLUDE_BUILD_LOGS_UNSPECIFIED or INCLUDE_BUILD_LOGS_WITH_STATUS +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'filename' + exactly_one_of: + - filename + - build + - git_file_source +======= enum_values: - 'INCLUDE_BUILD_LOGS_UNSPECIFIED' - 'INCLUDE_BUILD_LOGS_WITH_STATUS' - name: 'filename' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Path, from the source root, to a file whose contents is used for the template. Either a filename or build template must be provided. Set this only when using trigger_template or github. When using Pub/Sub, Webhook or Manual set the file name using git_file_source instead. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'filter' + description: | + A Common Expression Language string. Used only with Pub/Sub and Webhook. + - !ruby/object:Api::Type::NestedObject + name: 'gitFileSource' + exactly_one_of: + - filename + - git_file_source + - build + description: | + The file source describing the local or remote Build template. + properties: + - !ruby/object:Api::Type::String + name: 'path' + required: true + description: | + The path of the file, with the repo root as the root of the path. + - !ruby/object:Api::Type::String + name: 'uri' + description: | + The URI of the repo (optional). If unspecified, the repo from which the trigger + invocation originated is assumed to be the repo from which to read the specified path. + - !ruby/object:Api::Type::String + name: 'repository' + description: | + The fully qualified resource name of the Repo API repository. The fully qualified resource name of the Repo API repository. + If unspecified, the repo from which the trigger invocation originated is assumed to be the repo from which to read the specified path. + - !ruby/object:Api::Type::Enum + name: 'repoType' + required: true + description: | + The type of the repo, since it may not be explicit from the repo field (e.g from a URL). + Values can be UNKNOWN, CLOUD_SOURCE_REPOSITORIES, GITHUB, BITBUCKET_SERVER + values: + - :UNKNOWN + - :CLOUD_SOURCE_REPOSITORIES + - :GITHUB + - :BITBUCKET_SERVER + - !ruby/object:Api::Type::String + name: 'revision' +======= exactly_one_of: - 'filename' - 'build' @@ -239,10 +475,50 @@ properties: - 'BITBUCKET_SERVER' - name: 'revision' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The branch, tag, arbitrary ref, or SHA version of the repo to use when resolving the filename (optional). This field respects the same syntax/resolution as described here: https://git-scm.com/docs/gitrevisions If unspecified, the revision from which the trigger invocation originated is assumed to be the revision from which to read the specified path. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'githubEnterpriseConfig' + description: | + The full resource name of the github enterprise config. + Format: projects/{project}/locations/{location}/githubEnterpriseConfigs/{id}. projects/{project}/githubEnterpriseConfigs/{id}. + - !ruby/object:Api::Type::String + name: 'bitbucketServerConfig' + description: | + The full resource name of the bitbucket server config. + Format: projects/{project}/locations/{location}/bitbucketServerConfigs/{id}. + - !ruby/object:Api::Type::NestedObject + name: 'repositoryEventConfig' + description: | + The configuration of a trigger that creates a build whenever an event from Repo API is received. + at_least_one_of: + - trigger_template + - github + - bitbucket_server_trigger_config + - pubsub_config + - webhook_config + - source_to_build + - repository_event_config + properties: + - !ruby/object:Api::Type::String + name: 'repository' + description: | + The resource name of the Repo API resource. + - !ruby/object:Api::Type::NestedObject + name: 'pullRequest' + description: | + Contains filter properties for matching Pull Requests. + exactly_one_of: + - pull_request + - push + properties: + - !ruby/object:Api::Type::String + name: 'branch' +======= - name: 'githubEnterpriseConfig' type: String description: | @@ -280,12 +556,38 @@ properties: properties: - name: 'branch' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Regex of branches to match. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax exactly_one_of: +<<<<<<< HEAD + - branch + - !ruby/object:Api::Type::Boolean + name: 'invertRegex' + description: | + If true, branches that do NOT match the git_ref will trigger a build. + - !ruby/object:Api::Type::Enum + name: 'commentControl' + description: | + Configure builds to run whether a repository owner or collaborator need to comment `/gcbrun`. + values: + - :COMMENTS_DISABLED + - :COMMENTS_ENABLED + - :COMMENTS_ENABLED_FOR_EXTERNAL_CONTRIBUTORS_ONLY + - !ruby/object:Api::Type::NestedObject + name: 'push' + description: | + Contains filter properties for matching git pushes. + exactly_one_of: + - pull_request + - push + properties: + - !ruby/object:Api::Type::String + name: 'branch' +======= - 'branch' - name: 'invertRegex' type: Boolean @@ -309,22 +611,40 @@ properties: properties: - name: 'branch' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Regex of branches to match. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax exactly_one_of: +<<<<<<< HEAD + - branch + - tag + - !ruby/object:Api::Type::String + name: 'tag' +======= - 'branch' - 'tag' - name: 'tag' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Regex of tags to match. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax exactly_one_of: +<<<<<<< HEAD + - branch + - tag + - !ruby/object:Api::Type::Boolean + name: 'invertRegex' + description: | + If true, only trigger a build if the revision regex does NOT match the git_ref regex. + - !ruby/object:Api::Type::NestedObject + name: 'sourceToBuild' +======= - 'branch' - 'tag' - name: 'invertRegex' @@ -333,6 +653,7 @@ properties: If true, only trigger a build if the revision regex does NOT match the git_ref regex. - name: 'sourceToBuild' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The repo and ref of the repository from which to build. This field is used only for those triggers that do not respond to SCM events. @@ -341,6 +662,54 @@ properties: One of `trigger_template`, `github`, `pubsub_config` `webhook_config` or `source_to_build` must be provided. at_least_one_of: +<<<<<<< HEAD + - trigger_template + - github + - bitbucket_server_trigger_config + - pubsub_config + - webhook_config + - source_to_build + - repository_event_config + properties: + - !ruby/object:Api::Type::String + name: 'uri' + description: | + The URI of the repo. + - !ruby/object:Api::Type::String + name: 'repository' + description: | + The qualified resource name of the Repo API repository. + Either uri or repository can be specified and is required. + - !ruby/object:Api::Type::String + name: 'ref' + required: true + description: | + The branch or tag to use. Must start with "refs/" (required). + - !ruby/object:Api::Type::Enum + name: 'repoType' + required: true + description: | + The type of the repo, since it may not be explicit from the repo field (e.g from a URL). + Values can be UNKNOWN, CLOUD_SOURCE_REPOSITORIES, GITHUB, BITBUCKET_SERVER + values: + - :UNKNOWN + - :CLOUD_SOURCE_REPOSITORIES + - :GITHUB + - :BITBUCKET_SERVER + - !ruby/object:Api::Type::String + name: 'githubEnterpriseConfig' + description: | + The full resource name of the github enterprise config. + Format: projects/{project}/locations/{location}/githubEnterpriseConfigs/{id}. projects/{project}/githubEnterpriseConfigs/{id}. + - !ruby/object:Api::Type::String + name: 'bitbucketServerConfig' + description: | + The full resource name of the bitbucket server config. + Format: projects/{project}/locations/{location}/bitbucketServerConfigs/{id}. + - !ruby/object:Api::Type::Array + name: 'ignoredFiles' + item_type: Api::Type::String +======= - 'trigger_template' - 'github' - 'bitbucket_server_trigger_config' @@ -386,6 +755,7 @@ properties: Format: projects/{project}/locations/{location}/bitbucketServerConfigs/{id}. - name: 'ignoredFiles' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | ignoredFiles and includedFiles are file glob matches using https://golang.org/pkg/path/filepath/#Match extended with support for `**`. @@ -396,10 +766,16 @@ properties: If ignoredFiles is not empty, then we ignore any files that match any of the ignored_file globs. If the change has no files that are outside of the ignoredFiles globs, then we do not trigger a build. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'includedFiles' + item_type: Api::Type::String +======= item_type: type: String - name: 'includedFiles' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | ignoredFiles and includedFiles are file glob matches using https://golang.org/pkg/path/filepath/#Match extended with support for `**`. @@ -412,10 +788,15 @@ properties: and includedFiles is not empty, then we make sure that at least one of those files matches a includedFiles glob. If not, then we do not trigger a build. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'triggerTemplate' +======= item_type: type: String - name: 'triggerTemplate' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Template describing the types of source changes to trigger a build. @@ -425,6 +806,18 @@ properties: One of `trigger_template`, `github`, `pubsub_config`, `webhook_config` or `source_to_build` must be provided. at_least_one_of: +<<<<<<< HEAD + - trigger_template + - github + - bitbucket_server_trigger_config + - pubsub_config + - webhook_config + - source_to_build + - repository_event_config + properties: + - !ruby/object:Api::Type::String + name: 'projectId' +======= - 'trigger_template' - 'github' - 'bitbucket_server_trigger_config' @@ -435,10 +828,20 @@ properties: properties: - name: 'projectId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | ID of the project that owns the Cloud Source Repository. If omitted, the project ID requesting the build is assumed. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'repoName' + default_value: 'default' + description: | + Name of the Cloud Source Repository. If omitted, the name "default" is assumed. + - !ruby/object:Api::Type::String + name: 'dir' +======= - name: 'repoName' type: String description: | @@ -446,6 +849,7 @@ properties: default_value: "default" - name: 'dir' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Directory, relative to the source root, in which to run the build. @@ -453,25 +857,57 @@ properties: is an absolute path, this value is ignored for that step's execution. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'invertRegex' + description: | + Only trigger a build if the revision regex does NOT match the revision regex. + - !ruby/object:Api::Type::String + name: 'branchName' +======= - name: 'invertRegex' type: Boolean description: | Only trigger a build if the revision regex does NOT match the revision regex. - name: 'branchName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the branch to build. Exactly one a of branch name, tag, or commit SHA must be provided. This field is a regular expression. exactly_one_of: +<<<<<<< HEAD + - trigger_template.0.branch_name + - trigger_template.0.tag_name + - trigger_template.0.commit_sha + - !ruby/object:Api::Type::String + name: 'tagName' +======= - 'trigger_template.0.branch_name' - 'trigger_template.0.tag_name' - 'trigger_template.0.commit_sha' - name: 'tagName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the tag to build. Exactly one of a branch name, tag, or commit SHA must be provided. This field is a regular expression. exactly_one_of: +<<<<<<< HEAD + - trigger_template.0.branch_name + - trigger_template.0.tag_name + - trigger_template.0.commit_sha + - !ruby/object:Api::Type::String + name: 'commitSha' + description: | + Explicit commit SHA to build. Exactly one of a branch name, tag, or commit SHA must be provided. + exactly_one_of: + - trigger_template.0.branch_name + - trigger_template.0.tag_name + - trigger_template.0.commit_sha + - !ruby/object:Api::Type::NestedObject + name: 'github' +======= - 'trigger_template.0.branch_name' - 'trigger_template.0.tag_name' - 'trigger_template.0.commit_sha' @@ -485,11 +921,171 @@ properties: - 'trigger_template.0.commit_sha' - name: 'github' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Describes the configuration of a trigger that creates a build whenever a GitHub event is received. One of `trigger_template`, `github`, `pubsub_config` or `webhook_config` must be provided. at_least_one_of: +<<<<<<< HEAD + - trigger_template + - github + - bitbucket_server_trigger_config + - pubsub_config + - webhook_config + - source_to_build + - repository_event_config + properties: + - !ruby/object:Api::Type::String + name: 'owner' + description: | + Owner of the repository. For example: The owner for + https://github.com/googlecloudplatform/cloud-builders is "googlecloudplatform". + - !ruby/object:Api::Type::String + name: 'name' + description: | + Name of the repository. For example: The name for + https://github.com/googlecloudplatform/cloud-builders is "cloud-builders". + - !ruby/object:Api::Type::NestedObject + name: 'pullRequest' + description: | + filter to match changes in pull requests. Specify only one of `pull_request` or `push`. + exactly_one_of: + - github.0.pull_request + - github.0.push + properties: + - !ruby/object:Api::Type::String + name: 'branch' + required: true + description: | + Regex of branches to match. + - !ruby/object:Api::Type::Enum + name: 'commentControl' + description: | + Whether to block builds on a "/gcbrun" comment from a repository owner or collaborator. + values: + - :COMMENTS_DISABLED + - :COMMENTS_ENABLED + - :COMMENTS_ENABLED_FOR_EXTERNAL_CONTRIBUTORS_ONLY + - !ruby/object:Api::Type::Boolean + name: 'invertRegex' + description: | + If true, branches that do NOT match the git_ref will trigger a build. + - !ruby/object:Api::Type::NestedObject + name: 'push' + description: | + filter to match changes in refs, like branches or tags. Specify only one of `pull_request` or `push`. + exactly_one_of: + - github.0.pull_request + - github.0.push + properties: + - !ruby/object:Api::Type::Boolean + name: 'invertRegex' + description: | + When true, only trigger a build if the revision regex does NOT match the git_ref regex. + - !ruby/object:Api::Type::String + name: 'branch' + description: | + Regex of branches to match. Specify only one of branch or tag. + exactly_one_of: + - github.0.push.0.branch + - github.0.push.0.tag + - !ruby/object:Api::Type::String + name: 'tag' + description: | + Regex of tags to match. Specify only one of branch or tag. + exactly_one_of: + - github.0.push.0.branch + - github.0.push.0.tag + - !ruby/object:Api::Type::String + name: 'enterpriseConfigResourceName' + description: | + The resource name of the github enterprise config that should be applied to this installation. + For example: "projects/{$projectId}/locations/{$locationId}/githubEnterpriseConfigs/{$configId}" + - !ruby/object:Api::Type::NestedObject + name: 'bitbucketServerTriggerConfig' + description: | + BitbucketServerTriggerConfig describes the configuration of a trigger that creates a build whenever a Bitbucket Server event is received. + at_least_one_of: + - trigger_template + - github + - bitbucket_server_trigger_config + - pubsub_config + - webhook_config + - source_to_build + - repository_event_config + properties: + - !ruby/object:Api::Type::String + name: 'repoSlug' + required: true + description: | + Slug of the repository. A repository slug is a URL-friendly version of a repository name, automatically generated by Bitbucket for use in the URL. + For example, if the repository name is 'test repo', in the URL it would become 'test-repo' as in https://mybitbucket.server/projects/TEST/repos/test-repo. + - !ruby/object:Api::Type::String + name: 'projectKey' + required: true + description: | + Key of the project that the repo is in. For example: The key for https://mybitbucket.server/projects/TEST/repos/test-repo is "TEST". + - !ruby/object:Api::Type::String + name: 'bitbucketServerConfigResource' + required: true + description: | + The Bitbucket server config resource that this trigger config maps to. + - !ruby/object:Api::Type::NestedObject + name: 'pullRequest' + description: | + Filter to match changes in pull requests. + exactly_one_of: + - bitbucket_server_trigger_config.0.pull_request + - bitbucket_server_trigger_config.0.push + properties: + - !ruby/object:Api::Type::String + name: 'branch' + required: true + description: | + Regex of branches to match. + The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax + - !ruby/object:Api::Type::Enum + name: 'commentControl' + description: | + Configure builds to run whether a repository owner or collaborator need to comment /gcbrun. + values: + - :COMMENTS_DISABLED + - :COMMENTS_ENABLED + - :COMMENTS_ENABLED_FOR_EXTERNAL_CONTRIBUTORS_ONLY + - !ruby/object:Api::Type::Boolean + name: 'invertRegex' + description: | + If true, branches that do NOT match the git_ref will trigger a build. + - !ruby/object:Api::Type::NestedObject + name: 'push' + description: | + Filter to match changes in refs like branches, tags. + exactly_one_of: + - bitbucket_server_trigger_config.0.pull_request + - bitbucket_server_trigger_config.0.push + properties: + - !ruby/object:Api::Type::Boolean + name: 'invertRegex' + description: | + When true, only trigger a build if the revision regex does NOT match the gitRef regex. + - !ruby/object:Api::Type::String + name: 'branch' + description: | + Regex of branches to match. Specify only one of branch or tag. + exactly_one_of: + - bitbucket_server_trigger_config.0.push.0.branch + - bitbucket_server_trigger_config.0.push.0.tag + - !ruby/object:Api::Type::String + name: 'tag' + description: | + Regex of tags to match. Specify only one of branch or tag. + exactly_one_of: + - bitbucket_server_trigger_config.0.push.0.branch + - bitbucket_server_trigger_config.0.push.0.tag + - !ruby/object:Api::Type::NestedObject + name: 'pubsubConfig' +======= - 'trigger_template' - 'github' - 'bitbucket_server_trigger_config' @@ -647,12 +1243,45 @@ properties: - 'bitbucket_server_trigger_config.0.push.0.tag' - name: 'pubsubConfig' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | PubsubConfig describes the configuration of a trigger that creates a build whenever a Pub/Sub message is published. One of `trigger_template`, `github`, `pubsub_config` `webhook_config` or `source_to_build` must be provided. at_least_one_of: +<<<<<<< HEAD + - trigger_template + - github + - bitbucket_server_trigger_config + - pubsub_config + - webhook_config + - source_to_build + - repository_event_config + properties: + - !ruby/object:Api::Type::String + name: 'subscription' + description: | + Output only. Name of the subscription. + output: true + - !ruby/object:Api::Type::String + name: 'topic' + required: true + description: | + The name of the topic from which this subscription is receiving messages. + - !ruby/object:Api::Type::String + name: 'service_account_email' + description: | + Service account that will make the push request. + - !ruby/object:Api::Type::String + name: 'state' + output: true + description: | + Potential issues with the underlying Pub/Sub subscription configuration. + Only populated on get requests. + - !ruby/object:Api::Type::NestedObject + name: 'webhookConfig' +======= - 'trigger_template' - 'github' - 'bitbucket_server_trigger_config' @@ -683,12 +1312,36 @@ properties: output: true - name: 'webhookConfig' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | WebhookConfig describes the configuration of a trigger that creates a build whenever a webhook is sent to a trigger's webhook URL. One of `trigger_template`, `github`, `pubsub_config` `webhook_config` or `source_to_build` must be provided. at_least_one_of: +<<<<<<< HEAD + - trigger_template + - github + - bitbucket_server_trigger_config + - pubsub_config + - webhook_config + - source_to_build + - repository_event_config + properties: + - !ruby/object:Api::Type::String + name: 'secret' + required: true + description: | + Resource name for the secret required as a URL parameter. + - !ruby/object:Api::Type::String + name: 'state' + output: true + description: | + Potential issues with the underlying Pub/Sub subscription configuration. + Only populated on get requests. + - !ruby/object:Api::Type::NestedObject + name: 'approvalConfig' +======= - 'trigger_template' - 'github' - 'bitbucket_server_trigger_config' @@ -710,11 +1363,33 @@ properties: output: true - name: 'approvalConfig' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Configuration for manual approval to start a build invocation of this BuildTrigger. Builds created by this trigger will require approval before they execute. Any user with a Cloud Build Approver role for the project can approve a build. default_from_api: true +<<<<<<< HEAD + custom_flatten: templates/terraform/custom_flatten/cloudbuild_approval_required.go.erb + properties: + - !ruby/object:Api::Type::Boolean + name: 'approvalRequired' + default_value: false + description: | + Whether or not approval is needed. If this is set on a build, it will become pending when run, + and will need to be explicitly approved to start. + - !ruby/object:Api::Type::NestedObject + name: 'build' + exactly_one_of: + - filename + - build + - git_file_source + description: | + Contents of the build template. Either a filename or build template must be provided. + properties: + - !ruby/object:Api::Type::NestedObject + name: 'source' +======= custom_flatten: 'templates/terraform/custom_flatten/cloudbuild_approval_required.go.tmpl' properties: - name: 'approvalRequired' @@ -734,11 +1409,52 @@ properties: properties: - name: 'source' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The location of the source files to build. One of `storageSource` or `repoSource` must be provided. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'storageSource' + description: | + Location of the source in an archive file in Google Cloud Storage. + properties: + - !ruby/object:Api::Type::String + name: 'bucket' + required: true + description: | + Google Cloud Storage bucket containing the source. + - !ruby/object:Api::Type::String + name: 'object' + required: true + description: | + Google Cloud Storage object containing the source. + This object must be a gzipped archive file (.tar.gz) containing source to build. + - !ruby/object:Api::Type::String + name: 'generation' + description: | + Google Cloud Storage generation for the object. + If the generation is omitted, the latest generation will be used + - !ruby/object:Api::Type::NestedObject + name: 'repoSource' + description: | + Location of the source in a Google Cloud Source Repository. + properties: + - !ruby/object:Api::Type::String + name: 'projectId' + description: | + ID of the project that owns the Cloud Source Repository. + If omitted, the project ID requesting the build is assumed. + - !ruby/object:Api::Type::String + name: 'repoName' + required: true + description: | + Name of the Cloud Source Repository. + - !ruby/object:Api::Type::String + name: 'dir' +======= - name: 'storageSource' type: NestedObject description: | @@ -777,10 +1493,23 @@ properties: required: true - name: 'dir' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Directory, relative to the source root, in which to run the build. This must be a relative path. If a step's dir is specified and is an absolute path, this value is ignored for that step's execution. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'invertRegex' + description: | + Only trigger a build if the revision regex does NOT match the revision regex. + - !ruby/object:Api::Type::KeyValuePairs + name: 'substitutions' + description: | + Substitutions to use in a triggered build. Should only be used with triggers.run + - !ruby/object:Api::Type::String + name: 'branchName' +======= - name: 'invertRegex' type: Boolean description: | @@ -791,21 +1520,51 @@ properties: Substitutions to use in a triggered build. Should only be used with triggers.run - name: 'branchName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Regex matching branches to build. Exactly one a of branch name, tag, or commit SHA must be provided. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax exactly_one_of: +<<<<<<< HEAD + - build.0.source.0.repo_source.0.branch_name + - build.0.source.0.repo_source.0.commit_sha + - build.0.source.0.repo_source.0.tag_name + - !ruby/object:Api::Type::String + name: 'tagName' +======= - 'build.0.source.0.repo_source.0.branch_name' - 'build.0.source.0.repo_source.0.commit_sha' - 'build.0.source.0.repo_source.0.tag_name' - name: 'tagName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Regex matching tags to build. Exactly one a of branch name, tag, or commit SHA must be provided. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax exactly_one_of: +<<<<<<< HEAD + - build.0.source.0.repo_source.0.branch_name + - build.0.source.0.repo_source.0.commit_sha + - build.0.source.0.repo_source.0.tag_name + - !ruby/object:Api::Type::String + name: 'commitSha' + description: | + Explicit commit SHA to build. Exactly one a of branch name, tag, or commit SHA must be provided. + exactly_one_of: + - build.0.source.0.repo_source.0.branch_name + - build.0.source.0.repo_source.0.commit_sha + - build.0.source.0.repo_source.0.tag_name + - !ruby/object:Api::Type::Array + name: 'tags' + item_type: Api::Type::String + description: | + Tags for annotation of a Build. These are not docker tags. + - !ruby/object:Api::Type::Array + name: 'images' + item_type: Api::Type::String +======= - 'build.0.source.0.repo_source.0.branch_name' - 'build.0.source.0.repo_source.0.commit_sha' - 'build.0.source.0.repo_source.0.tag_name' @@ -825,11 +1584,20 @@ properties: type: String - name: 'images' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of images to be pushed upon the successful completion of all build steps. The images are pushed using the builder service account's credentials. The digests of the pushed images will be stored in the Build resource's results field. If any of the images fail to be pushed, the build status is marked FAILURE. +<<<<<<< HEAD + - !ruby/object:Api::Type::KeyValuePairs + name: 'substitutions' + description: | + Substitutions data for Build resource. + - !ruby/object:Api::Type::String + name: 'queueTtl' +======= item_type: type: String - name: 'substitutions' @@ -838,11 +1606,21 @@ properties: Substitutions data for Build resource. - name: 'queueTtl' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | TTL in queue for this build. If provided and the build is enqueued longer than this value, the build will expire and the build status will be EXPIRED. The TTL starts ticking from createTime. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'logsBucket' + description: | + Google Cloud Storage bucket where logs should be written. + Logs file names will be of the format ${logsBucket}/log-${build_id}.txt. + - !ruby/object:Api::Type::String + name: 'timeout' +======= - name: 'logsBucket' type: String description: | @@ -850,12 +1628,30 @@ properties: Logs file names will be of the format ${logsBucket}/log-${build_id}.txt. - name: 'timeout' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Amount of time that this build should be allowed to run, to second granularity. If this amount of time elapses, work on the build will cease and the build status will be TIMEOUT. This timeout must be equal to or greater than the sum of the timeouts for build steps within the build. The expected format is the number of seconds followed by s. Default time is ten minutes (600s). +<<<<<<< HEAD + default_value: '600s' + - !ruby/object:Api::Type::Array + name: 'secret' + api_name: 'secrets' + description: | + Secrets to decrypt using Cloud Key Management Service. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'kmsKeyName' + required: true + description: | + Cloud KMS key name to use to decrypt these envs. + - !ruby/object:Api::Type::KeyValuePairs + name: 'secretEnv' +======= default_value: "600s" - name: 'secret' type: Array @@ -872,11 +1668,34 @@ properties: required: true - name: 'secretEnv' type: KeyValuePairs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Map of environment variable name to its encrypted value. Secret environment variables must be unique across all of a build's secrets, and must be used by at least one build step. Values can be at most 64 KB in size. There can be at most 100 secret values across all of a build's secrets. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'availableSecrets' + description: | + Secrets and secret environment variables. + properties: + - !ruby/object:Api::Type::Array + name: 'secretManager' + required: true + description: | + Pairs a secret environment variable with a SecretVersion in Secret Manager. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'versionName' + required: true + description: | + Resource name of the SecretVersion. In format: projects/*/secrets/*/versions/* + - !ruby/object:Api::Type::String + name: 'env' + required: true +======= - name: 'availableSecrets' type: NestedObject description: | @@ -897,10 +1716,24 @@ properties: required: true - name: 'env' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Environment variable name to associate with the secret. Secret environment variables must be unique across all of a build's secrets, and must be used by at least one build step. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'step' + api_name: 'steps' + required: true + description: | + The operations to be performed on the workspace. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + required: true +======= required: true - name: 'step' type: Array @@ -913,6 +1746,7 @@ properties: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the container image that will run this particular build step. @@ -930,9 +1764,15 @@ properties: If you built an image in a previous build step, it will be stored in the host's Docker daemon's cache and is available to use as the name for a later build step. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'args' + item_type: Api::Type::String +======= required: true - name: 'args' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of arguments that will be presented to the step when it is started. @@ -940,16 +1780,31 @@ properties: are used as arguments to that entrypoint. If the image does not define an entrypoint, the first element in args is used as the entrypoint, and the remainder will be used as arguments. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'env' + item_type: Api::Type::String +======= item_type: type: String - name: 'env' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of environment variable definitions to be used when running a step. The elements are of the form "KEY=VALUE" for the environment variable "KEY" being given the value "VALUE". +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'id' + description: | + Unique identifier for this build step, used in `wait_for` to + reference this build step as a dependency. + - !ruby/object:Api::Type::String + name: 'entrypoint' +======= item_type: type: String - name: 'id' @@ -959,12 +1814,18 @@ properties: reference this build step as a dependency. - name: 'entrypoint' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Entrypoint to be used instead of the build step image's default entrypoint. If unset, the image's default entrypoint is used +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'dir' +======= - name: 'dir' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Working directory to use when running this step's container. @@ -977,22 +1838,43 @@ properties: `dir`, which specifies an absolute path, the `RepoSource` `dir` is ignored for the step's execution. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'secretEnv' +======= - name: 'secretEnv' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of environment variables which are encrypted using a Cloud Key Management Service crypto key. These values must be specified in the build's `Secret`. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'timeout' +======= item_type: type: String - name: 'timeout' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Time limit for executing this build step. If not defined, the step has no time limit and will be allowed to continue to run until either it completes or the build itself times out. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'timing' + immutable: false + description: | + Output only. Stores timing information for executing this + build step. + - !ruby/object:Api::Type::Array + name: 'volumes' +======= - name: 'timing' type: String description: | @@ -1001,6 +1883,7 @@ properties: immutable: false - name: 'volumes' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | List of volumes to mount into the build step. @@ -1010,27 +1893,47 @@ properties: Using a named volume in only one step is not valid as it is indicative of a build request with an incorrect configuration. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + required: true +======= item_type: type: NestedObject properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the volume to mount. Volume names must be unique per build step and must be valid names for Docker volumes. Each named volume must be used by at least two build steps. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'path' + required: true +======= required: true - name: 'path' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Path at which to mount the volume. Paths must be absolute and cannot conflict with other volume paths on the same build step or with certain reserved volume paths. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'waitFor' + item_type: Api::Type::String +======= required: true - name: 'waitFor' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The ID(s) of the step(s) that this build step depends on. @@ -1038,6 +1941,15 @@ properties: have completed successfully. If `wait_for` is empty, this build step will start when all previous build steps in the `Build.Steps` list have completed successfully. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'script' + description: | + A shell script to be executed in the step. + When script is provided, the user cannot specify the entrypoint or args. + - !ruby/object:Api::Type::Boolean + name: 'allowFailure' +======= item_type: type: String - name: 'script' @@ -1047,6 +1959,7 @@ properties: When script is provided, the user cannot specify the entrypoint or args. - name: 'allowFailure' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Allow this build step to fail without failing the entire build. If false, the entire build will fail if this step fails. Otherwise, the @@ -1054,13 +1967,29 @@ properties: Error information will be reported in the `failureDetail` field. `allowExitCodes` takes precedence over this field. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'allowExitCodes' + item_type: Api::Type::Integer +======= - name: 'allowExitCodes' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Allow this build step to fail without failing the entire build if and only if the exit code is one of the specified codes. If `allowFailure` is also specified, this field will take precedence. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'artifacts' + description: | + Artifacts produced by the build that should be uploaded upon successful completion of all build steps. + properties: + - !ruby/object:Api::Type::Array + name: 'images' + item_type: Api::Type::String +======= item_type: type: Integer - name: 'artifacts' @@ -1070,6 +1999,7 @@ properties: properties: - name: 'images' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of images to be pushed upon the successful completion of all build steps. @@ -1078,10 +2008,15 @@ properties: The digests of the pushed images will be stored in the Build resource's results field. If any of the images fail to be pushed, the build is marked FAILURE. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'objects' +======= item_type: type: String - name: 'objects' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of objects to be uploaded to Cloud Storage upon successful completion of all build steps. @@ -1092,13 +2027,27 @@ properties: If any objects fail to be pushed, the build is marked FAILURE. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'location' +======= - name: 'location' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Cloud Storage bucket and optional object path, in the form "gs://bucket/path/to/somewhere/". Files in the workspace matching any path pattern will be uploaded to Cloud Storage with this location as a prefix. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'paths' + item_type: Api::Type::String + description: | + Path globs used to match files in the build's workspace. + - !ruby/object:Api::Type::NestedObject + name: 'timing' +======= - name: 'paths' type: Array description: | @@ -1107,41 +2056,84 @@ properties: type: String - name: 'timing' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Output only. Stores timing information for pushing all artifact objects. output: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'startTime' +======= - name: 'startTime' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Start of time span. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'endTime' +======= - name: 'endTime' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | End of time span. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'mavenArtifacts' +======= - name: 'mavenArtifacts' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A Maven artifact to upload to Artifact Registry upon successful completion of all build steps. The location and generation of the uploaded objects will be stored in the Build resource's results field. If any objects fail to be pushed, the build is marked FAILURE. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'repository' +======= item_type: type: NestedObject properties: - name: 'repository' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Artifact Registry repository, in the form "https://$REGION-maven.pkg.dev/$PROJECT/$REPOSITORY" Artifact in the workspace specified by path will be uploaded to Artifact Registry with this location as a prefix. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'path' + description: | + Path to an artifact in the build's workspace to be uploaded to Artifact Registry. This can be either an absolute path, e.g. /workspace/my-app/target/my-app-1.0.SNAPSHOT.jar or a relative path from /workspace, e.g. my-app/target/my-app-1.0.SNAPSHOT.jar. + - !ruby/object:Api::Type::String + name: 'artifactId' + description: | + Maven artifactId value used when uploading the artifact to Artifact Registry. + - !ruby/object:Api::Type::String + name: 'groupId' + description: | + Maven groupId value used when uploading the artifact to Artifact Registry. + - !ruby/object:Api::Type::String + name: 'version' + description: | + Maven version value used when uploading the artifact to Artifact Registry. + - !ruby/object:Api::Type::Array + name: 'pythonPackages' +======= - name: 'path' type: String description: | @@ -1160,21 +2152,38 @@ properties: Maven version value used when uploading the artifact to Artifact Registry. - name: 'pythonPackages' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Python package to upload to Artifact Registry upon successful completion of all build steps. A package can encapsulate multiple objects to be uploaded to a single repository. The location and generation of the uploaded objects will be stored in the Build resource's results field. If any objects fail to be pushed, the build is marked FAILURE. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'repository' +======= item_type: type: NestedObject properties: - name: 'repository' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Artifact Registry repository, in the form "https://$REGION-python.pkg.dev/$PROJECT/$REPOSITORY" Files in the workspace matching any path pattern will be uploaded to Artifact Registry with this location as a prefix. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'paths' + item_type: Api::Type::String + description: | + Path globs used to match files in the build's workspace. For Python/ Twine, this is usually dist/*, and sometimes additionally an .asc file. + - !ruby/object:Api::Type::Array + name: 'npmPackages' +======= - name: 'paths' type: Array description: | @@ -1183,21 +2192,65 @@ properties: type: String - name: 'npmPackages' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Npm package to upload to Artifact Registry upon successful completion of all build steps. The location and generation of the uploaded objects will be stored in the Build resource's results field. If any objects fail to be pushed, the build is marked FAILURE. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'repository' +======= item_type: type: NestedObject properties: - name: 'repository' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Artifact Registry repository, in the form "https://$REGION-npm.pkg.dev/$PROJECT/$REPOSITORY" Npm package in the workspace specified by path will be zipped and uploaded to Artifact Registry with this location as a prefix. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'packagePath' + description: | + Path to the package.json. e.g. workspace/path/to/package + - !ruby/object:Api::Type::NestedObject + name: 'options' + description: | + Special options for this build. + properties: + - !ruby/object:Api::Type::Array + name: 'sourceProvenanceHash' + description: | + Requested hash for SourceProvenance. + item_type: !ruby/object:Api::Type::Enum + name: 'hashType' + description: | + Specifies the hash algorithm, if any. + values: + - :NONE + - :SHA256 + - :MD5 + - !ruby/object:Api::Type::Enum + name: 'requestedVerifyOption' + description: | + Requested verifiability options. + values: + - :NOT_VERIFIED + - :VERIFIED + - !ruby/object:Api::Type::String + name: 'machineType' + description: | + Compute Engine machine type on which to run the build. + - !ruby/object:Api::Type::Integer + name: 'diskSizeGb' +======= - name: 'packagePath' type: String description: | @@ -1232,28 +2285,55 @@ properties: Compute Engine machine type on which to run the build. - name: 'diskSizeGb' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Requested disk size for the VM that runs the build. Note that this is NOT "disk free"; some of the space will be used by the operating system and build utilities. Also note that this is the minimum disk size that will be allocated for the build -- the build may run with a larger disk than requested. At present, the maximum disk size is 1000GB; builds that request more than the maximum are rejected with an error. +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'substitutionOption' +======= - name: 'substitutionOption' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Option to specify behavior when there is an error in the substitution checks. NOTE this is always set to ALLOW_LOOSE for triggered builds and cannot be overridden in the build configuration file. +<<<<<<< HEAD + values: + - :MUST_MATCH + - :ALLOW_LOOSE + - !ruby/object:Api::Type::Boolean + name: 'dynamicSubstitutions' + send_empty_value: true +======= enum_values: - 'MUST_MATCH' - 'ALLOW_LOOSE' - name: 'dynamicSubstitutions' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Option to specify whether or not to apply bash style string operations to the substitutions. NOTE this is always enabled for triggered builds and cannot be overridden in the build configuration file. +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'logStreamingOption' + description: | + Option to define build log streaming behavior to Google Cloud Storage. + values: + - :STREAM_DEFAULT + - :STREAM_ON + - :STREAM_OFF + - !ruby/object:Api::Type::String + name: 'workerPool' +======= send_empty_value: true - name: 'logStreamingOption' type: Enum @@ -1265,10 +2345,27 @@ properties: - 'STREAM_OFF' - name: 'workerPool' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Option to specify a WorkerPool for the build. Format projects/{project}/workerPools/{workerPool} This field is experimental. +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'logging' + description: | + Option to specify the logging mode, which determines if and where build logs are stored. + values: + - :LOGGING_UNSPECIFIED + - :LEGACY + - :GCS_ONLY + - :STACKDRIVER_ONLY + - :CLOUD_LOGGING_ONLY + - :NONE + - !ruby/object:Api::Type::Array + name: 'env' + item_type: Api::Type::String +======= - name: 'logging' type: Enum description: | @@ -1282,24 +2379,36 @@ properties: - 'NONE' - name: 'env' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of global environment variable definitions that will exist for all build steps in this build. If a variable is defined in both globally and in a build step, the variable will use the build step value. The elements are of the form "KEY=VALUE" for the environment variable "KEY" being given the value "VALUE". +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'secretEnv' + item_type: Api::Type::String +======= item_type: type: String - name: 'secretEnv' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of global environment variables, which are encrypted using a Cloud Key Management Service crypto key. These values must be specified in the build's Secret. These variables will be available to all build steps in this build. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'volumes' +======= item_type: type: String - name: 'volumes' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Global list of volumes to mount for ALL build steps @@ -1309,18 +2418,30 @@ properties: Using a global volume in a build with only one step is not valid as it is indicative of a build request with an incorrect configuration. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' +======= item_type: type: NestedObject properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the volume to mount. Volume names must be unique per build step and must be valid names for Docker volumes. Each named volume must be used by at least two build steps. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'path' +======= - name: 'path' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Path at which to mount the volume. diff --git a/mmv1/products/cloudbuild/go_BitbucketServerConfig.yaml b/mmv1/products/cloudbuild/go_BitbucketServerConfig.yaml new file mode 100644 index 000000000000..92313abf8765 --- /dev/null +++ b/mmv1/products/cloudbuild/go_BitbucketServerConfig.yaml @@ -0,0 +1,166 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'BitbucketServerConfig' +description: | + BitbucketServerConfig represents the configuration for a Bitbucket Server. +references: + guides: + 'Connect to a Bitbucket Server host': 'https://cloud.google.com/build/docs/automating-builds/bitbucket/connect-host-bitbucket-server' + api: 'https://cloud.google.com/build/docs/api/reference/rest/v1/projects.locations.bitbucketServerConfigs' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/bitbucketServerConfigs/{{config_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/bitbucketServerConfigs' +self_link: 'projects/{{project}}/locations/{{location}}/bitbucketServerConfigs/{{config_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/bitbucketServerConfigs?bitbucketServerConfigId={{config_id}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/bitbucketServerConfigs/{{config_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: + encoder: 'templates/terraform/encoders/go/cloudbuild_bitbucketserver_config.go.tmpl' + post_create: 'templates/terraform/post_create/go/cloudbuild_bitbucketserver_config.go.tmpl' + pre_update: 'templates/terraform/pre_update/go/cloudbuild_bitbucketserver_config.go.tmpl' + post_update: 'templates/terraform/post_update/go/cloudbuild_bitbucketserver_config.go.tmpl' +examples: + - name: 'cloudbuild_bitbucket_server_config' + primary_resource_id: 'bbs-config' + vars: + config_id: 'bbs-config' + - name: 'cloudbuild_bitbucket_server_config_repositories' + primary_resource_id: 'bbs-config-with-repos' + vars: + config_id: 'bbs-config' + exclude_test: true + - name: 'cloudbuild_bitbucket_server_config_peered_network' + primary_resource_id: 'bbs-config-with-peered-network' + vars: + config_id: 'bbs-config' + network_name: 'vpc-network' + global_address_name: 'private-ip-alloc' +parameters: + - name: 'config_id' + type: String + description: | + The ID to use for the BitbucketServerConfig, which will become the final component of the BitbucketServerConfig's resource name. + url_param_only: true + required: true + immutable: true + - name: 'location' + type: String + description: | + The location of this bitbucket server config. + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: | + The resource name for the config. + output: true + - name: 'hostUri' + type: String + description: | + Immutable. The URI of the Bitbucket Server host. Once this field has been set, it cannot be changed. + If you need to change it, please create another BitbucketServerConfig. + required: true + - name: 'secrets' + type: NestedObject + description: | + Secret Manager secrets needed by the config. + required: true + properties: + - name: 'adminAccessTokenVersionName' + type: String + description: | + The resource name for the admin access token's secret version. + required: true + - name: 'readAccessTokenVersionName' + type: String + description: | + The resource name for the read access token's secret version. + required: true + - name: 'webhookSecretVersionName' + type: String + description: | + Immutable. The resource name for the webhook secret's secret version. Once this field has been set, it cannot be changed. + Changing this field will result in deleting/ recreating the resource. + required: true + immutable: true + - name: 'username' + type: String + description: | + Username of the account Cloud Build will use on Bitbucket Server. + required: true + - name: 'webhookKey' + type: String + description: | + Output only. UUID included in webhook requests. The UUID is used to look up the corresponding config. + output: true + - name: 'apiKey' + type: String + description: | + Immutable. API Key that will be attached to webhook. Once this field has been set, it cannot be changed. + Changing this field will result in deleting/ recreating the resource. + required: true + immutable: true + - name: 'connectedRepositories' + type: Array + description: | + Connected Bitbucket Server repositories for this config. + is_set: true + item_type: + type: NestedObject + properties: + - name: 'projectKey' + type: String + description: | + Identifier for the project storing the repository. + required: true + - name: 'repoSlug' + type: String + description: | + Identifier for the repository. + required: true + - name: 'peeredNetwork' + type: String + description: | + The network to be used when reaching out to the Bitbucket Server instance. The VPC network must be enabled for private service connection. + This should be set if the Bitbucket Server instance is hosted on-premises and not reachable by public internet. If this field is left empty, + no network peering will occur and calls to the Bitbucket Server instance will be made over the public internet. Must be in the format + projects/{project}/global/networks/{network}, where {project} is a project number or id and {network} is the name of a VPC network in the project. + - name: 'sslCa' + type: String + description: | + SSL certificate to use for requests to Bitbucket Server. The format should be PEM format but the extension can be one of .pem, .cer, or .crt. diff --git a/mmv1/products/cloudbuild/go_Trigger.yaml b/mmv1/products/cloudbuild/go_Trigger.yaml new file mode 100644 index 000000000000..b142f4a5f337 --- /dev/null +++ b/mmv1/products/cloudbuild/go_Trigger.yaml @@ -0,0 +1,1329 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Trigger' +description: | + Configuration for an automated build in response to source repository changes. +references: + guides: + 'Automating builds using build triggers': 'https://cloud.google.com/cloud-build/docs/running-builds/automate-builds' + api: 'https://cloud.google.com/cloud-build/docs/api/reference/rest/v1/projects.triggers' +docs: + note: | + You can retrieve the email of the Cloud Build Service Account used in jobs by using the `google_project_service_identity` resource. +# For global triggers, the id format is changed to projects/{{project}}/triggers/{{trigger_id}} via code overrides. +id_format: 'projects/{{project}}/locations/{{location}}/triggers/{{trigger_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/triggers' +self_link: 'projects/{{project}}/locations/{{location}}/triggers/{{trigger_id}}' +update_verb: 'PATCH' + # import by default only works with old-style self links ending in a name +import_format: + - 'projects/{{project}}/triggers/{{trigger_id}}' + - 'projects/{{project}}/locations/{{location}}/triggers/{{trigger_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + constants: 'templates/terraform/constants/go/cloudbuild_trigger.tmpl' + post_create: 'templates/terraform/post_create/go/cloudbuild_trigger_id.go.tmpl' + pre_read: 'templates/terraform/pre_read/go/cloudbuild_trigger.go.tmpl' + pre_update: 'templates/terraform/pre_update/go/cloudbuild_trigger.go.tmpl' + post_import: 'templates/terraform/post_import/go/cloudbuild_trigger.go.tmpl' +custom_diff: + - 'stepTimeoutCustomizeDiff' +schema_version: 2 +state_upgraders: true +examples: + - name: 'cloudbuild_trigger_filename' + primary_resource_id: 'filename-trigger' + - name: 'cloudbuild_trigger_build' + primary_resource_id: 'build-trigger' + vars: + cloudbuild_trigger_name: 'my-trigger' + - name: 'cloudbuild_trigger_service_account' + primary_resource_id: 'service-account-trigger' + vars: + sa_name: 'cloud-sa' + - name: 'cloudbuild_trigger_include_build_logs' + primary_resource_id: 'include-build-logs-trigger' + exclude_test: true + - name: 'cloudbuild_trigger_pubsub_config' + primary_resource_id: 'pubsub-config-trigger' + vars: + pubsub_topic_name: 'my-topic' + cloudbuild_trigger_name: 'pubsub-trigger' + - name: 'cloudbuild_trigger_webhook_config' + primary_resource_id: 'webhook-config-trigger' + vars: + cloudbuild_trigger_name: 'webhook-trigger' + secret_id: 'webhook-trigger-secret-key' + - name: 'cloudbuild_trigger_manual' + primary_resource_id: 'manual-trigger' + vars: + cloudbuild_trigger_name: 'manual-trigger' + - name: 'cloudbuild_trigger_manual_github_enterprise' + primary_resource_id: 'manual-ghe-trigger' + exclude_test: true + - name: 'cloudbuild_trigger_manual_bitbucket_server' + primary_resource_id: 'manual-bitbucket-trigger' + - name: 'cloudbuild_trigger_repo' + primary_resource_id: 'repo-trigger' + vars: + installation_id: '123123' + pat_secret: 'projects/my-project/secrets/github-pat-secret/versions/latest' + repo_uri: 'https://github.com/myuser/my-repo.git' + cloudbuildv2_connection_name: 'my-connection' + cloudbuildv2_repo_name: 'my-repo' + test_vars_overrides: + 'installation_id': '31300675' + 'pat_secret': '"projects/gcb-terraform-creds/secrets/github-pat/versions/latest"' + 'repo_uri': '"https://github.com/gcb-repos-robot/tf-demo.git"' + - name: 'cloudbuild_trigger_bitbucket_server_push' + primary_resource_id: 'bbs-push-trigger' + vars: + cloudbuild_trigger_name: 'bbs-push-trigger' + - name: 'cloudbuild_trigger_bitbucket_server_pull_request' + primary_resource_id: 'bbs-pull-request-trigger' + vars: + cloudbuild_trigger_name: 'ghe-trigger' + - name: 'cloudbuild_trigger_github_enterprise' + primary_resource_id: 'ghe-trigger' + vars: + cloudbuild_trigger_name: 'ghe-trigger' + exclude_test: true + - name: 'cloudbuild_trigger_allow_failure' + primary_resource_id: 'allow-failure-trigger' + vars: + cloudbuild_trigger_name: 'my-trigger' + - name: 'cloudbuild_trigger_allow_exit_codes' + primary_resource_id: 'allow-exit-codes-trigger' + vars: + cloudbuild_trigger_name: 'my-trigger' + - name: 'cloudbuild_trigger_pubsub_with_repo' + primary_resource_id: 'pubsub-with-repo-trigger' + vars: + installation_id: '123123' + pat_secret: 'projects/my-project/secrets/github-pat-secret/versions/latest' + repo_uri: 'https://github.com/myuser/my-repo.git' + cloudbuildv2_connection_name: 'my-connection' + cloudbuildv2_repo_name: 'my-repo' + pubsub_topic_name: 'my-topic' + cloudbuild_trigger_name: 'pubsub-with-repo-trigger' + test_vars_overrides: + 'installation_id': '31300675' + 'pat_secret': '"projects/gcb-terraform-creds/secrets/github-pat/versions/latest"' + 'repo_uri': '"https://github.com/gcb-repos-robot/tf-demo.git"' +parameters: + - name: 'location' + type: String + description: | + The [Cloud Build location](https://cloud.google.com/build/docs/locations) for the trigger. + If not specified, "global" is used. + url_param_only: true + immutable: true + default_value: "global" +properties: + - name: 'trigger_id' + type: String + description: | + The unique identifier for the trigger. + api_name: id + output: true + - name: 'name' + type: String + description: | + Name of the trigger. Must be unique within the project. + default_from_api: true + - name: 'description' + type: String + description: | + Human-readable description of the trigger. + - name: 'tags' + type: Array + description: | + Tags for annotation of a BuildTrigger + item_type: + type: String + - name: 'disabled' + type: Boolean + description: | + Whether the trigger is disabled or not. If true, the trigger will never result in a build. + - name: 'createTime' + type: Time + description: | + Time when the trigger was created. + output: true + - name: 'substitutions' + type: KeyValuePairs + description: | + Substitutions data for Build resource. + - name: 'serviceAccount' + type: String + description: | + The service account used for all user-controlled operations including + triggers.patch, triggers.run, builds.create, and builds.cancel. + + If no service account is set, then the standard Cloud Build service account + ([PROJECT_NUM]@system.gserviceaccount.com) will be used instead. + + Format: projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT_ID_OR_EMAIL} + - name: 'includeBuildLogs' + type: Enum + description: | + Build logs will be sent back to GitHub as part of the checkrun + result. Values can be INCLUDE_BUILD_LOGS_UNSPECIFIED or + INCLUDE_BUILD_LOGS_WITH_STATUS + enum_values: + - 'INCLUDE_BUILD_LOGS_UNSPECIFIED' + - 'INCLUDE_BUILD_LOGS_WITH_STATUS' + - name: 'filename' + type: String + description: | + Path, from the source root, to a file whose contents is used for the template. + Either a filename or build template must be provided. Set this only when using trigger_template or github. + When using Pub/Sub, Webhook or Manual set the file name using git_file_source instead. + exactly_one_of: + - 'filename' + - 'build' + - 'git_file_source' + - name: 'filter' + type: String + description: | + A Common Expression Language string. Used only with Pub/Sub and Webhook. + - name: 'gitFileSource' + type: NestedObject + description: | + The file source describing the local or remote Build template. + exactly_one_of: + - 'filename' + - 'git_file_source' + - 'build' + properties: + - name: 'path' + type: String + description: | + The path of the file, with the repo root as the root of the path. + required: true + - name: 'uri' + type: String + description: | + The URI of the repo (optional). If unspecified, the repo from which the trigger + invocation originated is assumed to be the repo from which to read the specified path. + - name: 'repository' + type: String + description: | + The fully qualified resource name of the Repo API repository. The fully qualified resource name of the Repo API repository. + If unspecified, the repo from which the trigger invocation originated is assumed to be the repo from which to read the specified path. + - name: 'repoType' + type: Enum + description: | + The type of the repo, since it may not be explicit from the repo field (e.g from a URL). + Values can be UNKNOWN, CLOUD_SOURCE_REPOSITORIES, GITHUB, BITBUCKET_SERVER + required: true + enum_values: + - 'UNKNOWN' + - 'CLOUD_SOURCE_REPOSITORIES' + - 'GITHUB' + - 'BITBUCKET_SERVER' + - name: 'revision' + type: String + description: | + The branch, tag, arbitrary ref, or SHA version of the repo to use when resolving the + filename (optional). This field respects the same syntax/resolution as described here: https://git-scm.com/docs/gitrevisions + If unspecified, the revision from which the trigger invocation originated is assumed to be the revision from which to read the specified path. + - name: 'githubEnterpriseConfig' + type: String + description: | + The full resource name of the github enterprise config. + Format: projects/{project}/locations/{location}/githubEnterpriseConfigs/{id}. projects/{project}/githubEnterpriseConfigs/{id}. + - name: 'bitbucketServerConfig' + type: String + description: | + The full resource name of the bitbucket server config. + Format: projects/{project}/locations/{location}/bitbucketServerConfigs/{id}. + - name: 'repositoryEventConfig' + type: NestedObject + description: | + The configuration of a trigger that creates a build whenever an event from Repo API is received. + at_least_one_of: + - 'trigger_template' + - 'github' + - 'bitbucket_server_trigger_config' + - 'pubsub_config' + - 'webhook_config' + - 'source_to_build' + - 'repository_event_config' + properties: + - name: 'repository' + type: String + description: | + The resource name of the Repo API resource. + - name: 'pullRequest' + type: NestedObject + description: | + Contains filter properties for matching Pull Requests. + exactly_one_of: + - 'pull_request' + - 'push' + properties: + - name: 'branch' + type: String + description: | + Regex of branches to match. + + The syntax of the regular expressions accepted is the syntax accepted by + RE2 and described at https://github.com/google/re2/wiki/Syntax + exactly_one_of: + - 'branch' + - name: 'invertRegex' + type: Boolean + description: | + If true, branches that do NOT match the git_ref will trigger a build. + - name: 'commentControl' + type: Enum + description: | + Configure builds to run whether a repository owner or collaborator need to comment `/gcbrun`. + enum_values: + - 'COMMENTS_DISABLED' + - 'COMMENTS_ENABLED' + - 'COMMENTS_ENABLED_FOR_EXTERNAL_CONTRIBUTORS_ONLY' + - name: 'push' + type: NestedObject + description: | + Contains filter properties for matching git pushes. + exactly_one_of: + - 'pull_request' + - 'push' + properties: + - name: 'branch' + type: String + description: | + Regex of branches to match. + + The syntax of the regular expressions accepted is the syntax accepted by + RE2 and described at https://github.com/google/re2/wiki/Syntax + exactly_one_of: + - 'branch' + - 'tag' + - name: 'tag' + type: String + description: | + Regex of tags to match. + + The syntax of the regular expressions accepted is the syntax accepted by + RE2 and described at https://github.com/google/re2/wiki/Syntax + exactly_one_of: + - 'branch' + - 'tag' + - name: 'invertRegex' + type: Boolean + description: | + If true, only trigger a build if the revision regex does NOT match the git_ref regex. + - name: 'sourceToBuild' + type: NestedObject + description: | + The repo and ref of the repository from which to build. + This field is used only for those triggers that do not respond to SCM events. + Triggers that respond to such events build source at whatever commit caused the event. + This field is currently only used by Webhook, Pub/Sub, Manual, and Cron triggers. + + One of `trigger_template`, `github`, `pubsub_config` `webhook_config` or `source_to_build` must be provided. + at_least_one_of: + - 'trigger_template' + - 'github' + - 'bitbucket_server_trigger_config' + - 'pubsub_config' + - 'webhook_config' + - 'source_to_build' + - 'repository_event_config' + properties: + - name: 'uri' + type: String + description: | + The URI of the repo. + - name: 'repository' + type: String + description: | + The qualified resource name of the Repo API repository. + Either uri or repository can be specified and is required. + - name: 'ref' + type: String + description: | + The branch or tag to use. Must start with "refs/" (required). + required: true + - name: 'repoType' + type: Enum + description: | + The type of the repo, since it may not be explicit from the repo field (e.g from a URL). + Values can be UNKNOWN, CLOUD_SOURCE_REPOSITORIES, GITHUB, BITBUCKET_SERVER + required: true + enum_values: + - 'UNKNOWN' + - 'CLOUD_SOURCE_REPOSITORIES' + - 'GITHUB' + - 'BITBUCKET_SERVER' + - name: 'githubEnterpriseConfig' + type: String + description: | + The full resource name of the github enterprise config. + Format: projects/{project}/locations/{location}/githubEnterpriseConfigs/{id}. projects/{project}/githubEnterpriseConfigs/{id}. + - name: 'bitbucketServerConfig' + type: String + description: | + The full resource name of the bitbucket server config. + Format: projects/{project}/locations/{location}/bitbucketServerConfigs/{id}. + - name: 'ignoredFiles' + type: Array + description: | + ignoredFiles and includedFiles are file glob matches using https://golang.org/pkg/path/filepath/#Match + extended with support for `**`. + + If ignoredFiles and changed files are both empty, then they are not + used to determine whether or not to trigger a build. + + If ignoredFiles is not empty, then we ignore any files that match any + of the ignored_file globs. If the change has no files that are outside + of the ignoredFiles globs, then we do not trigger a build. + item_type: + type: String + - name: 'includedFiles' + type: Array + description: | + ignoredFiles and includedFiles are file glob matches using https://golang.org/pkg/path/filepath/#Match + extended with support for `**`. + + If any of the files altered in the commit pass the ignoredFiles filter + and includedFiles is empty, then as far as this filter is concerned, we + should trigger the build. + + If any of the files altered in the commit pass the ignoredFiles filter + and includedFiles is not empty, then we make sure that at least one of + those files matches a includedFiles glob. If not, then we do not trigger + a build. + item_type: + type: String + - name: 'triggerTemplate' + type: NestedObject + description: | + Template describing the types of source changes to trigger a build. + + Branch and tag names in trigger templates are interpreted as regular + expressions. Any branch or tag change that matches that regular + expression will trigger a build. + + One of `trigger_template`, `github`, `pubsub_config`, `webhook_config` or `source_to_build` must be provided. + at_least_one_of: + - 'trigger_template' + - 'github' + - 'bitbucket_server_trigger_config' + - 'pubsub_config' + - 'webhook_config' + - 'source_to_build' + - 'repository_event_config' + properties: + - name: 'projectId' + type: String + description: | + ID of the project that owns the Cloud Source Repository. If + omitted, the project ID requesting the build is assumed. + default_from_api: true + - name: 'repoName' + type: String + description: | + Name of the Cloud Source Repository. If omitted, the name "default" is assumed. + default_value: "default" + - name: 'dir' + type: String + description: | + Directory, relative to the source root, in which to run the build. + + This must be a relative path. If a step's dir is specified and + is an absolute path, this value is ignored for that step's + execution. + + - name: 'invertRegex' + type: Boolean + description: | + Only trigger a build if the revision regex does NOT match the revision regex. + - name: 'branchName' + type: String + description: | + Name of the branch to build. Exactly one a of branch name, tag, or commit SHA must be provided. + This field is a regular expression. + exactly_one_of: + - 'trigger_template.0.branch_name' + - 'trigger_template.0.tag_name' + - 'trigger_template.0.commit_sha' + - name: 'tagName' + type: String + description: | + Name of the tag to build. Exactly one of a branch name, tag, or commit SHA must be provided. + This field is a regular expression. + exactly_one_of: + - 'trigger_template.0.branch_name' + - 'trigger_template.0.tag_name' + - 'trigger_template.0.commit_sha' + - name: 'commitSha' + type: String + description: | + Explicit commit SHA to build. Exactly one of a branch name, tag, or commit SHA must be provided. + exactly_one_of: + - 'trigger_template.0.branch_name' + - 'trigger_template.0.tag_name' + - 'trigger_template.0.commit_sha' + - name: 'github' + type: NestedObject + description: | + Describes the configuration of a trigger that creates a build whenever a GitHub event is received. + + One of `trigger_template`, `github`, `pubsub_config` or `webhook_config` must be provided. + at_least_one_of: + - 'trigger_template' + - 'github' + - 'bitbucket_server_trigger_config' + - 'pubsub_config' + - 'webhook_config' + - 'source_to_build' + - 'repository_event_config' + properties: + - name: 'owner' + type: String + description: | + Owner of the repository. For example: The owner for + https://github.com/googlecloudplatform/cloud-builders is "googlecloudplatform". + - name: 'name' + type: String + description: | + Name of the repository. For example: The name for + https://github.com/googlecloudplatform/cloud-builders is "cloud-builders". + - name: 'pullRequest' + type: NestedObject + description: | + filter to match changes in pull requests. Specify only one of `pull_request` or `push`. + exactly_one_of: + - 'github.0.pull_request' + - 'github.0.push' + properties: + - name: 'branch' + type: String + description: | + Regex of branches to match. + required: true + - name: 'commentControl' + type: Enum + description: | + Whether to block builds on a "/gcbrun" comment from a repository owner or collaborator. + enum_values: + - 'COMMENTS_DISABLED' + - 'COMMENTS_ENABLED' + - 'COMMENTS_ENABLED_FOR_EXTERNAL_CONTRIBUTORS_ONLY' + - name: 'invertRegex' + type: Boolean + description: | + If true, branches that do NOT match the git_ref will trigger a build. + - name: 'push' + type: NestedObject + description: | + filter to match changes in refs, like branches or tags. Specify only one of `pull_request` or `push`. + exactly_one_of: + - 'github.0.pull_request' + - 'github.0.push' + properties: + - name: 'invertRegex' + type: Boolean + description: | + When true, only trigger a build if the revision regex does NOT match the git_ref regex. + - name: 'branch' + type: String + description: | + Regex of branches to match. Specify only one of branch or tag. + exactly_one_of: + - 'github.0.push.0.branch' + - 'github.0.push.0.tag' + - name: 'tag' + type: String + description: | + Regex of tags to match. Specify only one of branch or tag. + exactly_one_of: + - 'github.0.push.0.branch' + - 'github.0.push.0.tag' + - name: 'enterpriseConfigResourceName' + type: String + description: | + The resource name of the github enterprise config that should be applied to this installation. + For example: "projects/{$projectId}/locations/{$locationId}/githubEnterpriseConfigs/{$configId}" + - name: 'bitbucketServerTriggerConfig' + type: NestedObject + description: | + BitbucketServerTriggerConfig describes the configuration of a trigger that creates a build whenever a Bitbucket Server event is received. + at_least_one_of: + - 'trigger_template' + - 'github' + - 'bitbucket_server_trigger_config' + - 'pubsub_config' + - 'webhook_config' + - 'source_to_build' + - 'repository_event_config' + properties: + - name: 'repoSlug' + type: String + description: | + Slug of the repository. A repository slug is a URL-friendly version of a repository name, automatically generated by Bitbucket for use in the URL. + For example, if the repository name is 'test repo', in the URL it would become 'test-repo' as in https://mybitbucket.server/projects/TEST/repos/test-repo. + required: true + - name: 'projectKey' + type: String + description: | + Key of the project that the repo is in. For example: The key for https://mybitbucket.server/projects/TEST/repos/test-repo is "TEST". + required: true + - name: 'bitbucketServerConfigResource' + type: String + description: | + The Bitbucket server config resource that this trigger config maps to. + required: true + - name: 'pullRequest' + type: NestedObject + description: | + Filter to match changes in pull requests. + exactly_one_of: + - 'bitbucket_server_trigger_config.0.pull_request' + - 'bitbucket_server_trigger_config.0.push' + properties: + - name: 'branch' + type: String + description: | + Regex of branches to match. + The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax + required: true + - name: 'commentControl' + type: Enum + description: | + Configure builds to run whether a repository owner or collaborator need to comment /gcbrun. + enum_values: + - 'COMMENTS_DISABLED' + - 'COMMENTS_ENABLED' + - 'COMMENTS_ENABLED_FOR_EXTERNAL_CONTRIBUTORS_ONLY' + - name: 'invertRegex' + type: Boolean + description: | + If true, branches that do NOT match the git_ref will trigger a build. + - name: 'push' + type: NestedObject + description: | + Filter to match changes in refs like branches, tags. + exactly_one_of: + - 'bitbucket_server_trigger_config.0.pull_request' + - 'bitbucket_server_trigger_config.0.push' + properties: + - name: 'invertRegex' + type: Boolean + description: | + When true, only trigger a build if the revision regex does NOT match the gitRef regex. + - name: 'branch' + type: String + description: | + Regex of branches to match. Specify only one of branch or tag. + exactly_one_of: + - 'bitbucket_server_trigger_config.0.push.0.branch' + - 'bitbucket_server_trigger_config.0.push.0.tag' + - name: 'tag' + type: String + description: | + Regex of tags to match. Specify only one of branch or tag. + exactly_one_of: + - 'bitbucket_server_trigger_config.0.push.0.branch' + - 'bitbucket_server_trigger_config.0.push.0.tag' + - name: 'pubsubConfig' + type: NestedObject + description: | + PubsubConfig describes the configuration of a trigger that creates + a build whenever a Pub/Sub message is published. + + One of `trigger_template`, `github`, `pubsub_config` `webhook_config` or `source_to_build` must be provided. + at_least_one_of: + - 'trigger_template' + - 'github' + - 'bitbucket_server_trigger_config' + - 'pubsub_config' + - 'webhook_config' + - 'source_to_build' + - 'repository_event_config' + properties: + - name: 'subscription' + type: String + description: | + Output only. Name of the subscription. + output: true + - name: 'topic' + type: String + description: | + The name of the topic from which this subscription is receiving messages. + required: true + - name: 'service_account_email' + type: String + description: | + Service account that will make the push request. + - name: 'state' + type: String + description: | + Potential issues with the underlying Pub/Sub subscription configuration. + Only populated on get requests. + output: true + - name: 'webhookConfig' + type: NestedObject + description: | + WebhookConfig describes the configuration of a trigger that creates + a build whenever a webhook is sent to a trigger's webhook URL. + + One of `trigger_template`, `github`, `pubsub_config` `webhook_config` or `source_to_build` must be provided. + at_least_one_of: + - 'trigger_template' + - 'github' + - 'bitbucket_server_trigger_config' + - 'pubsub_config' + - 'webhook_config' + - 'source_to_build' + - 'repository_event_config' + properties: + - name: 'secret' + type: String + description: | + Resource name for the secret required as a URL parameter. + required: true + - name: 'state' + type: String + description: | + Potential issues with the underlying Pub/Sub subscription configuration. + Only populated on get requests. + output: true + - name: 'approvalConfig' + type: NestedObject + description: | + Configuration for manual approval to start a build invocation of this BuildTrigger. + Builds created by this trigger will require approval before they execute. + Any user with a Cloud Build Approver role for the project can approve a build. + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/go/cloudbuild_approval_required.go.tmpl' + properties: + - name: 'approvalRequired' + type: Boolean + description: | + Whether or not approval is needed. If this is set on a build, it will become pending when run, + and will need to be explicitly approved to start. + default_value: false + - name: 'build' + type: NestedObject + description: | + Contents of the build template. Either a filename or build template must be provided. + exactly_one_of: + - 'filename' + - 'build' + - 'git_file_source' + properties: + - name: 'source' + type: NestedObject + description: | + The location of the source files to build. + + One of `storageSource` or `repoSource` must be provided. + properties: + - name: 'storageSource' + type: NestedObject + description: | + Location of the source in an archive file in Google Cloud Storage. + properties: + - name: 'bucket' + type: String + description: | + Google Cloud Storage bucket containing the source. + required: true + - name: 'object' + type: String + description: | + Google Cloud Storage object containing the source. + This object must be a gzipped archive file (.tar.gz) containing source to build. + required: true + - name: 'generation' + type: String + description: | + Google Cloud Storage generation for the object. + If the generation is omitted, the latest generation will be used + - name: 'repoSource' + type: NestedObject + description: | + Location of the source in a Google Cloud Source Repository. + properties: + - name: 'projectId' + type: String + description: | + ID of the project that owns the Cloud Source Repository. + If omitted, the project ID requesting the build is assumed. + - name: 'repoName' + type: String + description: | + Name of the Cloud Source Repository. + required: true + - name: 'dir' + type: String + description: | + Directory, relative to the source root, in which to run the build. + This must be a relative path. If a step's dir is specified and is an absolute path, + this value is ignored for that step's execution. + - name: 'invertRegex' + type: Boolean + description: | + Only trigger a build if the revision regex does NOT match the revision regex. + - name: 'substitutions' + type: KeyValuePairs + description: | + Substitutions to use in a triggered build. Should only be used with triggers.run + - name: 'branchName' + type: String + description: | + Regex matching branches to build. Exactly one a of branch name, tag, or commit SHA must be provided. + The syntax of the regular expressions accepted is the syntax accepted by RE2 and + described at https://github.com/google/re2/wiki/Syntax + exactly_one_of: + - 'build.0.source.0.repo_source.0.branch_name' + - 'build.0.source.0.repo_source.0.commit_sha' + - 'build.0.source.0.repo_source.0.tag_name' + - name: 'tagName' + type: String + description: | + Regex matching tags to build. Exactly one a of branch name, tag, or commit SHA must be provided. + The syntax of the regular expressions accepted is the syntax accepted by RE2 and + described at https://github.com/google/re2/wiki/Syntax + exactly_one_of: + - 'build.0.source.0.repo_source.0.branch_name' + - 'build.0.source.0.repo_source.0.commit_sha' + - 'build.0.source.0.repo_source.0.tag_name' + - name: 'commitSha' + type: String + description: | + Explicit commit SHA to build. Exactly one a of branch name, tag, or commit SHA must be provided. + exactly_one_of: + - 'build.0.source.0.repo_source.0.branch_name' + - 'build.0.source.0.repo_source.0.commit_sha' + - 'build.0.source.0.repo_source.0.tag_name' + - name: 'tags' + type: Array + description: | + Tags for annotation of a Build. These are not docker tags. + item_type: + type: String + - name: 'images' + type: Array + description: | + A list of images to be pushed upon the successful completion of all build steps. + The images are pushed using the builder service account's credentials. + The digests of the pushed images will be stored in the Build resource's results field. + If any of the images fail to be pushed, the build status is marked FAILURE. + item_type: + type: String + - name: 'substitutions' + type: KeyValuePairs + description: | + Substitutions data for Build resource. + - name: 'queueTtl' + type: String + description: | + TTL in queue for this build. If provided and the build is enqueued longer than this value, + the build will expire and the build status will be EXPIRED. + The TTL starts ticking from createTime. + A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". + - name: 'logsBucket' + type: String + description: | + Google Cloud Storage bucket where logs should be written. + Logs file names will be of the format ${logsBucket}/log-${build_id}.txt. + - name: 'timeout' + type: String + description: | + Amount of time that this build should be allowed to run, to second granularity. + If this amount of time elapses, work on the build will cease and the build status will be TIMEOUT. + This timeout must be equal to or greater than the sum of the timeouts for build steps within the build. + The expected format is the number of seconds followed by s. + Default time is ten minutes (600s). + default_value: "600s" + - name: 'secret' + type: Array + description: | + Secrets to decrypt using Cloud Key Management Service. + api_name: secrets + item_type: + type: NestedObject + properties: + - name: 'kmsKeyName' + type: String + description: | + Cloud KMS key name to use to decrypt these envs. + required: true + - name: 'secretEnv' + type: KeyValuePairs + description: | + Map of environment variable name to its encrypted value. + Secret environment variables must be unique across all of a build's secrets, + and must be used by at least one build step. Values can be at most 64 KB in size. + There can be at most 100 secret values across all of a build's secrets. + - name: 'availableSecrets' + type: NestedObject + description: | + Secrets and secret environment variables. + properties: + - name: 'secretManager' + type: Array + description: | + Pairs a secret environment variable with a SecretVersion in Secret Manager. + required: true + item_type: + type: NestedObject + properties: + - name: 'versionName' + type: String + description: | + Resource name of the SecretVersion. In format: projects/*/secrets/*/versions/* + required: true + - name: 'env' + type: String + description: | + Environment variable name to associate with the secret. Secret environment + variables must be unique across all of a build's secrets, and must be used + by at least one build step. + required: true + - name: 'step' + type: Array + description: | + The operations to be performed on the workspace. + api_name: steps + required: true + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + The name of the container image that will run this particular build step. + + If the image is available in the host's Docker daemon's cache, it will be + run directly. If not, the host will attempt to pull the image first, using + the builder service account's credentials if necessary. + + The Docker daemon's cache will already have the latest versions of all of + the officially supported build steps (see https://github.com/GoogleCloudPlatform/cloud-builders + for images and examples). + The Docker daemon will also have cached many of the layers for some popular + images, like "ubuntu", "debian", but they will be refreshed at the time + you attempt to use them. + + If you built an image in a previous build step, it will be stored in the + host's Docker daemon's cache and is available to use as the name for a + later build step. + required: true + - name: 'args' + type: Array + description: | + A list of arguments that will be presented to the step when it is started. + + If the image used to run the step's container has an entrypoint, the args + are used as arguments to that entrypoint. If the image does not define an + entrypoint, the first element in args is used as the entrypoint, and the + remainder will be used as arguments. + item_type: + type: String + - name: 'env' + type: Array + description: | + A list of environment variable definitions to be used when + running a step. + + The elements are of the form "KEY=VALUE" for the environment variable + "KEY" being given the value "VALUE". + item_type: + type: String + - name: 'id' + type: String + description: | + Unique identifier for this build step, used in `wait_for` to + reference this build step as a dependency. + - name: 'entrypoint' + type: String + description: | + Entrypoint to be used instead of the build step image's + default entrypoint. + If unset, the image's default entrypoint is used + - name: 'dir' + type: String + description: | + Working directory to use when running this step's container. + + If this value is a relative path, it is relative to the build's working + directory. If this value is absolute, it may be outside the build's working + directory, in which case the contents of the path may not be persisted + across build step executions, unless a `volume` for that path is specified. + + If the build specifies a `RepoSource` with `dir` and a step with a + `dir`, + which specifies an absolute path, the `RepoSource` `dir` is ignored + for the step's execution. + - name: 'secretEnv' + type: Array + description: | + A list of environment variables which are encrypted using + a Cloud Key + Management Service crypto key. These values must be specified in + the build's `Secret`. + item_type: + type: String + - name: 'timeout' + type: String + description: | + Time limit for executing this build step. If not defined, + the step has no + time limit and will be allowed to continue to run until either it + completes or the build itself times out. + - name: 'timing' + type: String + description: | + Output only. Stores timing information for executing this + build step. + immutable: false + - name: 'volumes' + type: Array + description: | + List of volumes to mount into the build step. + + Each volume is created as an empty volume prior to execution of the + build step. Upon completion of the build, volumes and their contents + are discarded. + + Using a named volume in only one step is not valid as it is + indicative of a build request with an incorrect configuration. + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + Name of the volume to mount. + + Volume names must be unique per build step and must be valid names for + Docker volumes. Each named volume must be used by at least two build steps. + required: true + - name: 'path' + type: String + description: | + Path at which to mount the volume. + + Paths must be absolute and cannot conflict with other volume paths on + the same build step or with certain reserved volume paths. + required: true + - name: 'waitFor' + type: Array + description: | + The ID(s) of the step(s) that this build step depends on. + + This build step will not start until all the build steps in `wait_for` + have completed successfully. If `wait_for` is empty, this build step + will start when all previous build steps in the `Build.Steps` list + have completed successfully. + item_type: + type: String + - name: 'script' + type: String + description: | + A shell script to be executed in the step. + When script is provided, the user cannot specify the entrypoint or args. + - name: 'allowFailure' + type: Boolean + description: | + Allow this build step to fail without failing the entire build. + If false, the entire build will fail if this step fails. Otherwise, the + build will succeed, but this step will still have a failure status. + Error information will be reported in the `failureDetail` field. + + `allowExitCodes` takes precedence over this field. + - name: 'allowExitCodes' + type: Array + description: | + Allow this build step to fail without failing the entire build if and + only if the exit code is one of the specified codes. + + If `allowFailure` is also specified, this field will take precedence. + item_type: + type: Integer + - name: 'artifacts' + type: NestedObject + description: | + Artifacts produced by the build that should be uploaded upon successful completion of all build steps. + properties: + - name: 'images' + type: Array + description: | + A list of images to be pushed upon the successful completion of all build steps. + + The images will be pushed using the builder service account's credentials. + + The digests of the pushed images will be stored in the Build resource's results field. + + If any of the images fail to be pushed, the build is marked FAILURE. + item_type: + type: String + - name: 'objects' + type: NestedObject + description: | + A list of objects to be uploaded to Cloud Storage upon successful completion of all build steps. + + Files in the workspace matching specified paths globs will be uploaded to the + Cloud Storage location using the builder service account's credentials. + + The location and generation of the uploaded objects will be stored in the Build resource's results field. + + If any objects fail to be pushed, the build is marked FAILURE. + properties: + - name: 'location' + type: String + description: | + Cloud Storage bucket and optional object path, in the form "gs://bucket/path/to/somewhere/". + + Files in the workspace matching any path pattern will be uploaded to Cloud Storage with + this location as a prefix. + - name: 'paths' + type: Array + description: | + Path globs used to match files in the build's workspace. + item_type: + type: String + - name: 'timing' + type: NestedObject + description: | + Output only. Stores timing information for pushing all artifact objects. + output: true + properties: + - name: 'startTime' + type: String + description: | + Start of time span. + + A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to + nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + - name: 'endTime' + type: String + description: | + End of time span. + + A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to + nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + - name: 'mavenArtifacts' + type: Array + description: | + A Maven artifact to upload to Artifact Registry upon successful completion of all build steps. + + The location and generation of the uploaded objects will be stored in the Build resource's results field. + + If any objects fail to be pushed, the build is marked FAILURE. + item_type: + type: NestedObject + properties: + - name: 'repository' + type: String + description: | + Artifact Registry repository, in the form "https://$REGION-maven.pkg.dev/$PROJECT/$REPOSITORY" + + Artifact in the workspace specified by path will be uploaded to Artifact Registry with this location as a prefix. + - name: 'path' + type: String + description: | + Path to an artifact in the build's workspace to be uploaded to Artifact Registry. This can be either an absolute path, e.g. /workspace/my-app/target/my-app-1.0.SNAPSHOT.jar or a relative path from /workspace, e.g. my-app/target/my-app-1.0.SNAPSHOT.jar. + - name: 'artifactId' + type: String + description: | + Maven artifactId value used when uploading the artifact to Artifact Registry. + - name: 'groupId' + type: String + description: | + Maven groupId value used when uploading the artifact to Artifact Registry. + - name: 'version' + type: String + description: | + Maven version value used when uploading the artifact to Artifact Registry. + - name: 'pythonPackages' + type: Array + description: | + Python package to upload to Artifact Registry upon successful completion of all build steps. A package can encapsulate multiple objects to be uploaded to a single repository. + + The location and generation of the uploaded objects will be stored in the Build resource's results field. + + If any objects fail to be pushed, the build is marked FAILURE. + item_type: + type: NestedObject + properties: + - name: 'repository' + type: String + description: | + Artifact Registry repository, in the form "https://$REGION-python.pkg.dev/$PROJECT/$REPOSITORY" + + Files in the workspace matching any path pattern will be uploaded to Artifact Registry with this location as a prefix. + - name: 'paths' + type: Array + description: | + Path globs used to match files in the build's workspace. For Python/ Twine, this is usually dist/*, and sometimes additionally an .asc file. + item_type: + type: String + - name: 'npmPackages' + type: Array + description: | + Npm package to upload to Artifact Registry upon successful completion of all build steps. + + The location and generation of the uploaded objects will be stored in the Build resource's results field. + + If any objects fail to be pushed, the build is marked FAILURE. + item_type: + type: NestedObject + properties: + - name: 'repository' + type: String + description: | + Artifact Registry repository, in the form "https://$REGION-npm.pkg.dev/$PROJECT/$REPOSITORY" + + Npm package in the workspace specified by path will be zipped and uploaded to Artifact Registry with this location as a prefix. + - name: 'packagePath' + type: String + description: | + Path to the package.json. e.g. workspace/path/to/package + - name: 'options' + type: NestedObject + description: | + Special options for this build. + properties: + - name: 'sourceProvenanceHash' + type: Array + description: | + Requested hash for SourceProvenance. + item_type: + type: Enum + description: | + Specifies the hash algorithm, if any. + enum_values: + - 'NONE' + - 'SHA256' + - 'MD5' + - name: 'requestedVerifyOption' + type: Enum + description: | + Requested verifiability options. + enum_values: + - 'NOT_VERIFIED' + - 'VERIFIED' + - name: 'machineType' + type: String + description: | + Compute Engine machine type on which to run the build. + - name: 'diskSizeGb' + type: Integer + description: | + Requested disk size for the VM that runs the build. Note that this is NOT "disk free"; + some of the space will be used by the operating system and build utilities. + Also note that this is the minimum disk size that will be allocated for the build -- + the build may run with a larger disk than requested. At present, the maximum disk size + is 1000GB; builds that request more than the maximum are rejected with an error. + - name: 'substitutionOption' + type: Enum + description: | + Option to specify behavior when there is an error in the substitution checks. + + NOTE this is always set to ALLOW_LOOSE for triggered builds and cannot be overridden + in the build configuration file. + enum_values: + - 'MUST_MATCH' + - 'ALLOW_LOOSE' + - name: 'dynamicSubstitutions' + type: Boolean + description: | + Option to specify whether or not to apply bash style string operations to the substitutions. + + NOTE this is always enabled for triggered builds and cannot be overridden in the build configuration file. + send_empty_value: true + - name: 'logStreamingOption' + type: Enum + description: | + Option to define build log streaming behavior to Google Cloud Storage. + enum_values: + - 'STREAM_DEFAULT' + - 'STREAM_ON' + - 'STREAM_OFF' + - name: 'workerPool' + type: String + description: | + Option to specify a WorkerPool for the build. Format projects/{project}/workerPools/{workerPool} + + This field is experimental. + - name: 'logging' + type: Enum + description: | + Option to specify the logging mode, which determines if and where build logs are stored. + enum_values: + - 'LOGGING_UNSPECIFIED' + - 'LEGACY' + - 'GCS_ONLY' + - 'STACKDRIVER_ONLY' + - 'CLOUD_LOGGING_ONLY' + - 'NONE' + - name: 'env' + type: Array + description: | + A list of global environment variable definitions that will exist for all build steps + in this build. If a variable is defined in both globally and in a build step, + the variable will use the build step value. + + The elements are of the form "KEY=VALUE" for the environment variable "KEY" being given the value "VALUE". + item_type: + type: String + - name: 'secretEnv' + type: Array + description: | + A list of global environment variables, which are encrypted using a Cloud Key Management + Service crypto key. These values must be specified in the build's Secret. These variables + will be available to all build steps in this build. + item_type: + type: String + - name: 'volumes' + type: Array + description: | + Global list of volumes to mount for ALL build steps + + Each volume is created as an empty volume prior to starting the build process. + Upon completion of the build, volumes and their contents are discarded. Global + volume names and paths cannot conflict with the volumes defined a build step. + + Using a global volume in a build with only one step is not valid as it is indicative + of a build request with an incorrect configuration. + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + Name of the volume to mount. + + Volume names must be unique per build step and must be valid names for Docker volumes. + Each named volume must be used by at least two build steps. + - name: 'path' + type: String + description: | + Path at which to mount the volume. + + Paths must be absolute and cannot conflict with other volume paths on the same + build step or with certain reserved volume paths. diff --git a/mmv1/products/cloudbuild/go_product.yaml b/mmv1/products/cloudbuild/go_product.yaml new file mode 100644 index 000000000000..0f2aa50748c9 --- /dev/null +++ b/mmv1/products/cloudbuild/go_product.yaml @@ -0,0 +1,23 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'CloudBuild' +legacy_name: 'cloudbuild' +display_name: 'Cloud Build' +versions: + - name: 'ga' + base_url: 'https://cloudbuild.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/cloudbuild/product.yaml b/mmv1/products/cloudbuild/product.yaml index e7f79963047c..b1ccee3d57a7 100644 --- a/mmv1/products/cloudbuild/product.yaml +++ b/mmv1/products/cloudbuild/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2018 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,18 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: CloudBuild +display_name: Cloud Build +legacy_name: 'cloudbuild' +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://cloudbuild.googleapis.com/v1/ +scopes: + - https://www.googleapis.com/auth/cloud-platform +======= --- name: 'CloudBuild' legacy_name: 'cloudbuild' @@ -20,3 +36,4 @@ versions: base_url: 'https://cloudbuild.googleapis.com/v1/' scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/cloudbuildv2/Connection.yaml b/mmv1/products/cloudbuildv2/Connection.yaml index 205195397bcf..c48625969db3 100644 --- a/mmv1/products/cloudbuildv2/Connection.yaml +++ b/mmv1/products/cloudbuildv2/Connection.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,56 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Connection' +base_url: projects/{{project}}/locations/{{location}}/connections +create_url: projects/{{project}}/locations/{{location}}/connections?connectionId={{name}} +self_link: projects/{{project}}/locations/{{location}}/connections/{{name}} +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/build/docs' + api: 'https://cloud.google.com/build/docs/api/reference/rest' +autogen_async: true +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + base_url: '{{op_id}}' +update_verb: :PATCH +description: | + A connection to a SCM like GitHub, GitHub Enterprise, Bitbucket Data Center/Cloud or GitLab. +exclude_tgc: true +legacy_long_form_project: true +iam_policy: !ruby/object:Api::Resource::IamPolicy + skip_import_test: true + method_name_separator: ':' + fetch_iam_policy_verb: :GET + allowed_iam_role: 'roles/cloudbuild.connectionViewer' + parent_resource_attribute: 'name' +id_format: 'projects/{{project}}/locations/{{location}}/connections/{{name}}' +import_format: + [ + 'projects/{{project}}/locations/{{location}}/connections/{{name}}', + '{{name}}', + ] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'cloudbuildv2_connection' + primary_resource_id: 'my-connection' + primary_resource_name: "fmt.Sprintf(\"tf-test-connection%s\", + context[\"random_suffix\"\ + ])" + vars: + connection_name: 'tf-test-connection' + - !ruby/object:Provider::Terraform::Examples + name: 'cloudbuildv2_connection_ghe' + skip_test: true + - !ruby/object:Provider::Terraform::Examples + name: 'cloudbuildv2_connection_github' + skip_test: true +parameters: + - !ruby/object:Api::Type::String + name: name +======= --- name: 'Connection' description: | @@ -62,17 +116,114 @@ examples: parameters: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: Immutable. The resource name of the connection. url_param_only: true required: true immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: location +======= - name: 'location' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: The location for the resource url_param_only: true required: true immutable: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: createTime + description: Output only. Server assigned timestamp for when the connection was created. + output: true + - !ruby/object:Api::Type::String + name: updateTime + description: Output only. Server assigned timestamp for when the connection was updated. + output: true + - !ruby/object:Api::Type::NestedObject + name: githubConfig + description: Configuration for connections to github.com. + conflicts: + - 'github_enterprise_config' + - 'gitlab_config' + - 'bitbucket_cloud_config' + - 'bitbucket_data_center_config' + properties: + - !ruby/object:Api::Type::NestedObject + name: authorizerCredential + description: OAuth credential of the account that authorized the Cloud Build GitHub App. It is recommended to use a robot account instead of a human user account. The OAuth token must be tied to the Cloud Build GitHub App. + properties: + - !ruby/object:Api::Type::String + name: oauthTokenSecretVersion + description: 'A SecretManager resource containing the OAuth token that authorizes the Cloud Build connection. Format: `projects/*/secrets/*/versions/*`.' + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - !ruby/object:Api::Type::String + name: username + description: Output only. The username associated to this token. + output: true + - !ruby/object:Api::Type::Integer + name: appInstallationId + description: GitHub App installation id. + - !ruby/object:Api::Type::NestedObject + name: githubEnterpriseConfig + conflicts: + - 'github_config' + - 'gitlab_config' + - 'bitbucket_cloud_config' + - 'bitbucket_data_center_config' + description: Configuration for connections to an instance of GitHub Enterprise. + properties: + - !ruby/object:Api::Type::String + name: hostUri + description: Required. The URI of the GitHub Enterprise host this connection is for. + required: true + - !ruby/object:Api::Type::Integer + name: appId + description: Id of the GitHub App created from the manifest. + - !ruby/object:Api::Type::String + name: appSlug + description: The URL-friendly name of the GitHub App. + - !ruby/object:Api::Type::String + name: privateKeySecretVersion + description: SecretManager resource containing the private key of the GitHub App, formatted as `projects/*/secrets/*/versions/*`. + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - !ruby/object:Api::Type::String + name: webhookSecretSecretVersion + description: SecretManager resource containing the webhook secret of the GitHub App, formatted as `projects/*/secrets/*/versions/*`. + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - !ruby/object:Api::Type::Integer + name: appInstallationId + description: ID of the installation of the GitHub App. + - !ruby/object:Api::Type::NestedObject + name: serviceDirectoryConfig + description: Configuration for using Service Directory to privately connect to a GitHub Enterprise server. This should only be set if the GitHub Enterprise server is hosted on-premises and not reachable by public internet. If this field is left empty, calls to the GitHub Enterprise server will be made over the public internet. + properties: + - !ruby/object:Api::Type::String + name: service + description: 'Required. The Service Directory service name. Format: projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}.' + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - !ruby/object:Api::Type::String + name: sslCa + description: SSL certificate to use for requests to GitHub Enterprise. + - !ruby/object:Api::Type::NestedObject + name: gitlabConfig + conflicts: + - 'github_config' + - 'github_enterprise_config' + - 'bitbucket_cloud_config' + - 'bitbucket_data_center_config' + description: Configuration for connections to gitlab.com or an instance of GitLab Enterprise. + properties: + - !ruby/object:Api::Type::String + name: hostUri + description: The URI of the GitLab Enterprise host this connection is for. If not specified, the default value is https://gitlab.com. + default_from_api: true + - !ruby/object:Api::Type::String + name: webhookSecretSecretVersion +======= - name: 'createTime' type: String description: Output only. Server assigned timestamp for when the connection was created. @@ -162,10 +313,72 @@ properties: default_from_api: true - name: 'webhookSecretSecretVersion' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: Required. Immutable. SecretManager resource containing the webhook secret of a GitLab Enterprise project, formatted as `projects/*/secrets/*/versions/*`. required: true immutable: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: readAuthorizerCredential + description: Required. A GitLab personal access token with the minimum `read_api` scope access. + required: true + properties: + - !ruby/object:Api::Type::String + name: userTokenSecretVersion + description: 'Required. A SecretManager resource containing the user token that authorizes the Cloud Build connection. Format: `projects/*/secrets/*/versions/*`.' + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - !ruby/object:Api::Type::String + name: username + description: Output only. The username associated to this token. + output: true + - !ruby/object:Api::Type::NestedObject + name: authorizerCredential + description: Required. A GitLab personal access token with the `api` scope access. + required: true + properties: + - !ruby/object:Api::Type::String + name: userTokenSecretVersion + description: 'Required. A SecretManager resource containing the user token that authorizes the Cloud Build connection. Format: `projects/*/secrets/*/versions/*`.' + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - !ruby/object:Api::Type::String + name: username + description: Output only. The username associated to this token. + output: true + - !ruby/object:Api::Type::NestedObject + name: serviceDirectoryConfig + description: Configuration for using Service Directory to privately connect to a GitLab Enterprise server. This should only be set if the GitLab Enterprise server is hosted on-premises and not reachable by public internet. If this field is left empty, calls to the GitLab Enterprise server will be made over the public internet. + properties: + - !ruby/object:Api::Type::String + name: service + description: 'Required. The Service Directory service name. Format: projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}.' + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - !ruby/object:Api::Type::String + name: sslCa + description: SSL certificate to use for requests to GitLab Enterprise. + - !ruby/object:Api::Type::String + name: serverVersion + description: Output only. Version of the GitLab Enterprise server running on the `host_uri`. + output: true + - !ruby/object:Api::Type::NestedObject + name: bitbucketDataCenterConfig + conflicts: + - 'github_config' + - 'github_enterprise_config' + - 'bitbucket_cloud_config' + - 'gitlab_config' + description: Configuration for connections to Bitbucket Data Center. + properties: + - !ruby/object:Api::Type::String + name: hostUri + description: The URI of the Bitbucket Data Center host this connection is for. + required: true + - !ruby/object:Api::Type::String + name: webhookSecretSecretVersion +======= - name: 'readAuthorizerCredential' type: NestedObject description: Required. A GitLab personal access token with the minimum `read_api` scope access. @@ -225,10 +438,72 @@ properties: required: true - name: 'webhookSecretSecretVersion' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: Required. Immutable. SecretManager resource containing the webhook secret used to verify webhook events, formatted as `projects/*/secrets/*/versions/*`. required: true immutable: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: readAuthorizerCredential + description: Required. A http access token with the `REPO_READ` access. + required: true + properties: + - !ruby/object:Api::Type::String + name: userTokenSecretVersion + description: 'Required. A SecretManager resource containing the user token that authorizes the Cloud Build connection. Format: `projects/*/secrets/*/versions/*`.' + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - !ruby/object:Api::Type::String + name: username + description: Output only. The username associated to this token. + output: true + - !ruby/object:Api::Type::NestedObject + name: authorizerCredential + description: Required. A http access token with the `REPO_ADMIN` scope access. + required: true + properties: + - !ruby/object:Api::Type::String + name: userTokenSecretVersion + description: 'Required. A SecretManager resource containing the user token that authorizes the Cloud Build connection. Format: `projects/*/secrets/*/versions/*`.' + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - !ruby/object:Api::Type::String + name: username + description: Output only. The username associated to this token. + output: true + - !ruby/object:Api::Type::NestedObject + name: serviceDirectoryConfig + description: Configuration for using Service Directory to privately connect to a Bitbucket Data Center. This should only be set if the Bitbucket Data Center is hosted on-premises and not reachable by public internet. If this field is left empty, calls to the Bitbucket Data Center will be made over the public internet. + properties: + - !ruby/object:Api::Type::String + name: service + description: 'Required. The Service Directory service name. Format: projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}.' + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - !ruby/object:Api::Type::String + name: sslCa + description: SSL certificate to use for requests to the Bitbucket Data Center. + - !ruby/object:Api::Type::String + name: serverVersion + description: Output only. Version of the Bitbucket Data Center running on the `host_uri`. + output: true + - !ruby/object:Api::Type::NestedObject + name: bitbucketCloudConfig + conflicts: + - 'github_config' + - 'github_enterprise_config' + - 'gitlab_config' + - 'bitbucket_data_center_config' + description: Configuration for connections to Bitbucket Cloud. + properties: + - !ruby/object:Api::Type::String + name: workspace + description: The Bitbucket Cloud Workspace ID to be connected to Google Cloud Platform. + required: true + - !ruby/object:Api::Type::String + name: webhookSecretSecretVersion +======= - name: 'readAuthorizerCredential' type: NestedObject description: Required. A http access token with the `REPO_READ` access. @@ -288,10 +563,77 @@ properties: required: true - name: 'webhookSecretSecretVersion' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: Required. Immutable. SecretManager resource containing the webhook secret used to verify webhook events, formatted as `projects/*/secrets/*/versions/*`. required: true immutable: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: readAuthorizerCredential + description: Required. An access token with the `repository` access. It can be either a workspace, project or repository access token. It's recommended to use a system account to generate the credentials. + required: true + properties: + - !ruby/object:Api::Type::String + name: userTokenSecretVersion + description: 'Required. A SecretManager resource containing the user token that authorizes the Cloud Build connection. Format: `projects/*/secrets/*/versions/*`.' + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - !ruby/object:Api::Type::String + name: username + description: Output only. The username associated to this token. + output: true + - !ruby/object:Api::Type::NestedObject + name: authorizerCredential + description: Required. An access token with the `webhook`, `repository`, `repository:admin` and `pullrequest` scope access. It can be either a workspace, project or repository access token. It's recommended to use a system account to generate these credentials. + required: true + properties: + - !ruby/object:Api::Type::String + name: userTokenSecretVersion + description: 'Required. A SecretManager resource containing the user token that authorizes the Cloud Build connection. Format: `projects/*/secrets/*/versions/*`.' + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - !ruby/object:Api::Type::String + name: username + description: Output only. The username associated to this token. + output: true + - !ruby/object:Api::Type::NestedObject + name: installationState + description: Output only. Installation state of the Connection. + output: true + properties: + - !ruby/object:Api::Type::Enum + name: stage + description: Output only. Current step of the installation process. + output: true + values: + - :STAGE_UNSPECIFIED + - :PENDING_CREATE_APP + - :PENDING_USER_OAUTH + - :PENDING_INSTALL_APP + - :COMPLETE + - !ruby/object:Api::Type::String + name: message + description: Output only. Message of what the user should do next to continue the installation. Empty string if the installation is already complete. + output: true + - !ruby/object:Api::Type::String + name: actionUri + description: Output only. Link to follow for next action. Empty string if the installation is already complete. + output: true + - !ruby/object:Api::Type::Boolean + name: disabled + description: If disabled is set to true, functionality is disabled for this connection. Repository based API methods and webhooks processing for repositories in this connection will be disabled. + - !ruby/object:Api::Type::Boolean + name: reconciling + description: Output only. Set to true when the connection is being set up or updated in the background. + output: true + - !ruby/object:Api::Type::KeyValueAnnotations + name: annotations + description: Allows clients to store small amounts of arbitrary data. + - !ruby/object:Api::Type::Fingerprint + name: etag + description: This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding. +======= - name: 'readAuthorizerCredential' type: NestedObject description: Required. An access token with the `repository` access. It can be either a workspace, project or repository access token. It's recommended to use a system account to generate the credentials. @@ -357,3 +699,4 @@ properties: type: Fingerprint description: This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding. output: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/cloudbuildv2/Repository.yaml b/mmv1/products/cloudbuildv2/Repository.yaml index 31e65c9c70bd..64f612a32d4e 100644 --- a/mmv1/products/cloudbuildv2/Repository.yaml +++ b/mmv1/products/cloudbuildv2/Repository.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,23 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: Repository +base_url: projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/repositories +create_url: projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/repositories?repositoryId={{name}} +self_link: projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/repositories/{{name}} +immutable: true +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/build/docs' + api: 'https://cloud.google.com/build/docs/api/reference/rest' +autogen_async: true +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + base_url: '{{op_id}}' +description: "A repository associated to a parent connection." +======= --- name: 'Repository' description: "A repository associated to a parent connection." @@ -37,11 +58,54 @@ async: resource_inside_response: false custom_code: encoder: 'templates/terraform/encoders/cloudbuildv2_repository.go.tmpl' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 exclude_tgc: true legacy_long_form_project: true examples: # These tests depend on secrets stored in a separate project, so we prefer not # to show them in the docs. +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'cloudbuildv2_repository_ghe' + primary_resource_id: 'primary' + skip_docs: true + vars: + connection_name: 'connection' + repository_name: 'repository' + - !ruby/object:Provider::Terraform::Examples + name: 'cloudbuildv2_repository_github' + primary_resource_id: 'primary' + skip_docs: true + vars: + connection_name: 'connection' + repository_name: 'repository' + - !ruby/object:Provider::Terraform::Examples + name: 'cloudbuildv2_repository_gle' + primary_resource_id: 'primary' + skip_docs: true + vars: + connection_name: 'connection' + repository_name: 'repository' + - !ruby/object:Provider::Terraform::Examples + name: 'cloudbuildv2_repository_ghe_doc' + skip_test: true + - !ruby/object:Provider::Terraform::Examples + name: 'cloudbuildv2_repository_github_doc' + skip_test: true +custom_code: !ruby/object:Provider::Terraform::CustomCode + encoder: templates/terraform/encoders/cloudbuildv2_repository.go.erb +parameters: + - !ruby/object:Api::Type::String + name: location + description: The location for the resource + url_param_only: true + immutable: true + default_from_api: true # EXTRACT_FROM_FIELD_IF_EMPTY + - !ruby/object:Api::Type::ResourceRef + name: parent_connection + resource: connection + imports: name +======= - name: 'cloudbuildv2_repository_ghe' primary_resource_id: 'primary' vars: @@ -74,20 +138,48 @@ parameters: default_from_api: true - name: 'parent_connection' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: The connection for the resource url_param_only: true required: true immutable: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' +<<<<<<< HEAD +properties: + - !ruby/object:Api::Type::String + name: name +======= resource: 'connection' imports: 'name' properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: Name of the repository. required: true immutable: true ignore_read: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: remoteUri + description: Required. Git Clone HTTPS URI. + required: true + immutable: true + - !ruby/object:Api::Type::String + name: createTime + description: Output only. Server assigned timestamp for when the connection was created. + output: true + - !ruby/object:Api::Type::String + name: updateTime + description: Output only. Server assigned timestamp for when the connection was updated. + output: true + - !ruby/object:Api::Type::KeyValueAnnotations + name: annotations + description: Allows clients to store small amounts of arbitrary data. + immutable: true + - !ruby/object:Api::Type::String + name: etag +======= - name: 'remoteUri' type: String description: Required. Git Clone HTTPS URI. @@ -107,5 +199,6 @@ properties: immutable: true - name: 'etag' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding. output: true diff --git a/mmv1/products/cloudbuildv2/go_Connection.yaml b/mmv1/products/cloudbuildv2/go_Connection.yaml new file mode 100644 index 000000000000..26aecf337c87 --- /dev/null +++ b/mmv1/products/cloudbuildv2/go_Connection.yaml @@ -0,0 +1,360 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Connection' +description: | + A connection to a SCM like GitHub, GitHub Enterprise, Bitbucket Data Center/Cloud or GitLab. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/build/docs' + api: 'https://cloud.google.com/build/docs/api/reference/rest' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/connections/{{name}}' +base_url: 'projects/{{project}}/locations/{{location}}/connections' +self_link: 'projects/{{project}}/locations/{{location}}/connections/{{name}}' +create_url: 'projects/{{project}}/locations/{{location}}/connections?connectionId={{name}}' +update_verb: 'PATCH' +import_format: + - 'projects/{{project}}/locations/{{location}}/connections/{{name}}' + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + result: + resource_inside_response: false +iam_policy: + exclude_import_test: true + method_name_separator: ':' + allowed_iam_role: 'roles/cloudbuild.connectionViewer' + parent_resource_attribute: 'name' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' +custom_code: +exclude_tgc: true +legacy_long_form_project: true +examples: + - name: 'cloudbuildv2_connection' + primary_resource_id: 'my-connection' + primary_resource_name: 'fmt.Sprintf("tf-test-connection%s", context["random_suffix"])' + vars: + connection_name: 'tf-test-connection' + - name: 'cloudbuildv2_connection_ghe' + exclude_test: true + - name: 'cloudbuildv2_connection_github' + exclude_test: true +parameters: + - name: 'name' + type: String + description: Immutable. The resource name of the connection. + url_param_only: true + required: true + immutable: true + - name: 'location' + type: String + description: The location for the resource + url_param_only: true + required: true + immutable: true +properties: + - name: 'createTime' + type: String + description: Output only. Server assigned timestamp for when the connection was created. + output: true + - name: 'updateTime' + type: String + description: Output only. Server assigned timestamp for when the connection was updated. + output: true + - name: 'githubConfig' + type: NestedObject + description: Configuration for connections to github.com. + conflicts: + - github_enterprise_config + - gitlab_config + - bitbucket_cloud_config + - bitbucket_data_center_config + properties: + - name: 'authorizerCredential' + type: NestedObject + description: OAuth credential of the account that authorized the Cloud Build GitHub App. It is recommended to use a robot account instead of a human user account. The OAuth token must be tied to the Cloud Build GitHub App. + properties: + - name: 'oauthTokenSecretVersion' + type: String + description: 'A SecretManager resource containing the OAuth token that authorizes the Cloud Build connection. Format: `projects/*/secrets/*/versions/*`.' + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - name: 'username' + type: String + description: Output only. The username associated to this token. + output: true + - name: 'appInstallationId' + type: Integer + description: GitHub App installation id. + - name: 'githubEnterpriseConfig' + type: NestedObject + description: Configuration for connections to an instance of GitHub Enterprise. + conflicts: + - github_config + - gitlab_config + - bitbucket_cloud_config + - bitbucket_data_center_config + properties: + - name: 'hostUri' + type: String + description: Required. The URI of the GitHub Enterprise host this connection is for. + required: true + - name: 'appId' + type: Integer + description: Id of the GitHub App created from the manifest. + - name: 'appSlug' + type: String + description: The URL-friendly name of the GitHub App. + - name: 'privateKeySecretVersion' + type: String + description: SecretManager resource containing the private key of the GitHub App, formatted as `projects/*/secrets/*/versions/*`. + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - name: 'webhookSecretSecretVersion' + type: String + description: SecretManager resource containing the webhook secret of the GitHub App, formatted as `projects/*/secrets/*/versions/*`. + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - name: 'appInstallationId' + type: Integer + description: ID of the installation of the GitHub App. + - name: 'serviceDirectoryConfig' + type: NestedObject + description: Configuration for using Service Directory to privately connect to a GitHub Enterprise server. This should only be set if the GitHub Enterprise server is hosted on-premises and not reachable by public internet. If this field is left empty, calls to the GitHub Enterprise server will be made over the public internet. + properties: + - name: 'service' + type: String + description: 'Required. The Service Directory service name. Format: projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}.' + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - name: 'sslCa' + type: String + description: SSL certificate to use for requests to GitHub Enterprise. + - name: 'gitlabConfig' + type: NestedObject + description: Configuration for connections to gitlab.com or an instance of GitLab Enterprise. + conflicts: + - github_config + - github_enterprise_config + - bitbucket_cloud_config + - bitbucket_data_center_config + properties: + - name: 'hostUri' + type: String + description: The URI of the GitLab Enterprise host this connection is for. If not specified, the default value is https://gitlab.com. + default_from_api: true + - name: 'webhookSecretSecretVersion' + type: String + description: Required. Immutable. SecretManager resource containing the webhook secret of a GitLab Enterprise project, formatted as `projects/*/secrets/*/versions/*`. + required: true + immutable: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - name: 'readAuthorizerCredential' + type: NestedObject + description: Required. A GitLab personal access token with the minimum `read_api` scope access. + required: true + properties: + - name: 'userTokenSecretVersion' + type: String + description: 'Required. A SecretManager resource containing the user token that authorizes the Cloud Build connection. Format: `projects/*/secrets/*/versions/*`.' + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - name: 'username' + type: String + description: Output only. The username associated to this token. + output: true + - name: 'authorizerCredential' + type: NestedObject + description: Required. A GitLab personal access token with the `api` scope access. + required: true + properties: + - name: 'userTokenSecretVersion' + type: String + description: 'Required. A SecretManager resource containing the user token that authorizes the Cloud Build connection. Format: `projects/*/secrets/*/versions/*`.' + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - name: 'username' + type: String + description: Output only. The username associated to this token. + output: true + - name: 'serviceDirectoryConfig' + type: NestedObject + description: Configuration for using Service Directory to privately connect to a GitLab Enterprise server. This should only be set if the GitLab Enterprise server is hosted on-premises and not reachable by public internet. If this field is left empty, calls to the GitLab Enterprise server will be made over the public internet. + properties: + - name: 'service' + type: String + description: 'Required. The Service Directory service name. Format: projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}.' + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - name: 'sslCa' + type: String + description: SSL certificate to use for requests to GitLab Enterprise. + - name: 'serverVersion' + type: String + description: Output only. Version of the GitLab Enterprise server running on the `host_uri`. + output: true + - name: 'bitbucketDataCenterConfig' + type: NestedObject + description: Configuration for connections to Bitbucket Data Center. + conflicts: + - github_config + - github_enterprise_config + - bitbucket_cloud_config + - gitlab_config + properties: + - name: 'hostUri' + type: String + description: The URI of the Bitbucket Data Center host this connection is for. + required: true + - name: 'webhookSecretSecretVersion' + type: String + description: Required. Immutable. SecretManager resource containing the webhook secret used to verify webhook events, formatted as `projects/*/secrets/*/versions/*`. + required: true + immutable: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - name: 'readAuthorizerCredential' + type: NestedObject + description: Required. A http access token with the `REPO_READ` access. + required: true + properties: + - name: 'userTokenSecretVersion' + type: String + description: 'Required. A SecretManager resource containing the user token that authorizes the Cloud Build connection. Format: `projects/*/secrets/*/versions/*`.' + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - name: 'username' + type: String + description: Output only. The username associated to this token. + output: true + - name: 'authorizerCredential' + type: NestedObject + description: Required. A http access token with the `REPO_ADMIN` scope access. + required: true + properties: + - name: 'userTokenSecretVersion' + type: String + description: 'Required. A SecretManager resource containing the user token that authorizes the Cloud Build connection. Format: `projects/*/secrets/*/versions/*`.' + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - name: 'username' + type: String + description: Output only. The username associated to this token. + output: true + - name: 'serviceDirectoryConfig' + type: NestedObject + description: Configuration for using Service Directory to privately connect to a Bitbucket Data Center. This should only be set if the Bitbucket Data Center is hosted on-premises and not reachable by public internet. If this field is left empty, calls to the Bitbucket Data Center will be made over the public internet. + properties: + - name: 'service' + type: String + description: 'Required. The Service Directory service name. Format: projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}.' + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - name: 'sslCa' + type: String + description: SSL certificate to use for requests to the Bitbucket Data Center. + - name: 'serverVersion' + type: String + description: Output only. Version of the Bitbucket Data Center running on the `host_uri`. + output: true + - name: 'bitbucketCloudConfig' + type: NestedObject + description: Configuration for connections to Bitbucket Cloud. + conflicts: + - github_config + - github_enterprise_config + - gitlab_config + - bitbucket_data_center_config + properties: + - name: 'workspace' + type: String + description: The Bitbucket Cloud Workspace ID to be connected to Google Cloud Platform. + required: true + - name: 'webhookSecretSecretVersion' + type: String + description: Required. Immutable. SecretManager resource containing the webhook secret used to verify webhook events, formatted as `projects/*/secrets/*/versions/*`. + required: true + immutable: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - name: 'readAuthorizerCredential' + type: NestedObject + description: Required. An access token with the `repository` access. It can be either a workspace, project or repository access token. It's recommended to use a system account to generate the credentials. + required: true + properties: + - name: 'userTokenSecretVersion' + type: String + description: 'Required. A SecretManager resource containing the user token that authorizes the Cloud Build connection. Format: `projects/*/secrets/*/versions/*`.' + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - name: 'username' + type: String + description: Output only. The username associated to this token. + output: true + - name: 'authorizerCredential' + type: NestedObject + description: Required. An access token with the `webhook`, `repository`, `repository:admin` and `pullrequest` scope access. It can be either a workspace, project or repository access token. It's recommended to use a system account to generate these credentials. + required: true + properties: + - name: 'userTokenSecretVersion' + type: String + description: 'Required. A SecretManager resource containing the user token that authorizes the Cloud Build connection. Format: `projects/*/secrets/*/versions/*`.' + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - name: 'username' + type: String + description: Output only. The username associated to this token. + output: true + - name: 'installationState' + type: NestedObject + description: Output only. Installation state of the Connection. + output: true + properties: + - name: 'stage' + type: Enum + description: Output only. Current step of the installation process. + output: true + enum_values: + - 'STAGE_UNSPECIFIED' + - 'PENDING_CREATE_APP' + - 'PENDING_USER_OAUTH' + - 'PENDING_INSTALL_APP' + - 'COMPLETE' + - name: 'message' + type: String + description: Output only. Message of what the user should do next to continue the installation. Empty string if the installation is already complete. + output: true + - name: 'actionUri' + type: String + description: Output only. Link to follow for next action. Empty string if the installation is already complete. + output: true + - name: 'disabled' + type: Boolean + description: If disabled is set to true, functionality is disabled for this connection. Repository based API methods and webhooks processing for repositories in this connection will be disabled. + - name: 'reconciling' + type: Boolean + description: Output only. Set to true when the connection is being set up or updated in the background. + output: true + - name: 'annotations' + type: KeyValueAnnotations + description: Allows clients to store small amounts of arbitrary data. + - name: 'etag' + type: Fingerprint + description: This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding. + output: true diff --git a/mmv1/products/cloudbuildv2/go_Repository.yaml b/mmv1/products/cloudbuildv2/go_Repository.yaml new file mode 100644 index 000000000000..5f1c97ee7464 --- /dev/null +++ b/mmv1/products/cloudbuildv2/go_Repository.yaml @@ -0,0 +1,112 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Repository' +description: "A repository associated to a parent connection." +references: + guides: + 'Official Documentation': 'https://cloud.google.com/build/docs' + api: 'https://cloud.google.com/build/docs/api/reference/rest' +docs: +base_url: 'projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/repositories' +self_link: 'projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/repositories/{{name}}' +create_url: 'projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/repositories?repositoryId={{name}}' +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + result: + resource_inside_response: false +custom_code: + encoder: 'templates/terraform/encoders/go/cloudbuildv2_repository.go.tmpl' +exclude_tgc: true +legacy_long_form_project: true +examples: +# These tests depend on secrets stored in a separate project, so we prefer not +# to show them in the docs. + - name: 'cloudbuildv2_repository_ghe' + primary_resource_id: 'primary' + vars: + connection_name: 'connection' + repository_name: 'repository' + exclude_docs: true + - name: 'cloudbuildv2_repository_github' + primary_resource_id: 'primary' + vars: + connection_name: 'connection' + repository_name: 'repository' + exclude_docs: true + - name: 'cloudbuildv2_repository_gle' + primary_resource_id: 'primary' + vars: + connection_name: 'connection' + repository_name: 'repository' + exclude_docs: true + - name: 'cloudbuildv2_repository_ghe_doc' + exclude_test: true + - name: 'cloudbuildv2_repository_github_doc' + exclude_test: true +parameters: + - name: 'location' + type: String + description: The location for the resource + url_param_only: true + immutable: true + # EXTRACT_FROM_FIELD_IF_EMPTY + default_from_api: true + - name: 'parent_connection' + type: ResourceRef + description: The connection for the resource + url_param_only: true + required: true + immutable: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + resource: 'connection' + imports: 'name' +properties: + - name: 'name' + type: String + description: Name of the repository. + required: true + immutable: true + ignore_read: true + - name: 'remoteUri' + type: String + description: Required. Git Clone HTTPS URI. + required: true + immutable: true + - name: 'createTime' + type: String + description: Output only. Server assigned timestamp for when the connection was created. + output: true + - name: 'updateTime' + type: String + description: Output only. Server assigned timestamp for when the connection was updated. + output: true + - name: 'annotations' + type: KeyValueAnnotations + description: Allows clients to store small amounts of arbitrary data. + immutable: true + - name: 'etag' + type: String + description: This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding. + output: true diff --git a/mmv1/products/cloudbuildv2/go_product.yaml b/mmv1/products/cloudbuildv2/go_product.yaml new file mode 100644 index 000000000000..0aeb24b60b63 --- /dev/null +++ b/mmv1/products/cloudbuildv2/go_product.yaml @@ -0,0 +1,32 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +<<<<<<<< HEAD:mmv1/products/cloudbuildv2/go_product.yaml +name: 'Cloudbuildv2' +display_name: 'Cloud Build v2' +versions: + - name: 'ga' + base_url: 'https://cloudbuild.googleapis.com/v2/' +======== +name: 'Clouddomains' +display_name: 'Cloud Domains' +versions: + - name: 'ga' + base_url: 'https://domains.googleapis.com/v1/' + - name: 'beta' + base_url: 'https://domains.googleapis.com/v1beta1/' +>>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856:mmv1/products/clouddomains/product.yaml +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/cloudbuildv2/product.yaml b/mmv1/products/cloudbuildv2/product.yaml index 5c3e629ed15f..762b9c93ac23 100644 --- a/mmv1/products/cloudbuildv2/product.yaml +++ b/mmv1/products/cloudbuildv2/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,17 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: Cloudbuildv2 +display_name: Cloud Build v2 +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://cloudbuild.googleapis.com/v2/ +scopes: + - https://www.googleapis.com/auth/cloud-platform +======= --- name: 'Cloudbuildv2' display_name: 'Cloud Build v2' @@ -19,3 +34,4 @@ versions: base_url: 'https://cloudbuild.googleapis.com/v2/' scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/clouddeploy/Automation.yaml b/mmv1/products/clouddeploy/Automation.yaml index d2e82a60d497..74b4bdcff40f 100644 --- a/mmv1/products/clouddeploy/Automation.yaml +++ b/mmv1/products/clouddeploy/Automation.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,172 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Automation' +description: | + An `Automation` enables the automation of manually driven actions for a Delivery Pipeline, which includes Release promotion amongst Targets, Rollout repair and Rollout deployment strategy advancement. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Automate your deployment': 'https://cloud.google.com/deploy/docs/automation' + api: 'https://cloud.google.com/deploy/docs/api/reference/rest/v1/projects.locations.deliveryPipelines.automations' +base_url: 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{delivery_pipeline}}/automations' +self_link: 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{delivery_pipeline}}/automations/{{name}}' + +create_url: 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{delivery_pipeline}}/automations?automationId={{name}}' +update_verb: :PATCH +update_mask: true +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + resource_inside_response: false + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +id_format: 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{delivery_pipeline}}/automations/{{name}}' +import_format: + [ + 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{delivery_pipeline}}/automations/{{name}}', + ] +autogen_async: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: "clouddeploy_automation_basic" + primary_resource_id: "b-automation" + vars: + automation: "cd-automation" + delivery_pipeline: "cd-pipeline" + test_env_vars: + service_account: :SERVICE_ACCT + - !ruby/object:Provider::Terraform::Examples + name: "clouddeploy_automation_full" + + primary_resource_id: "f-automation" + vars: + automation: "cd-automation" + delivery_pipeline: "cd-pipeline" + test_env_vars: + service_account: :SERVICE_ACCT +parameters: + - !ruby/object:Api::Type::String + name: "location" + immutable: true + url_param_only: true + description: "The location for the resource" + required: true + - !ruby/object:Api::Type::String + name: "delivery_pipeline" + immutable: true + url_param_only: true + description: "The delivery_pipeline for the resource" + required: true +properties: + - !ruby/object:Api::Type::String + name: "name" + description: "Name of the `Automation`." + required: true + immutable: true + url_param_only: true + - !ruby/object:Api::Type::String + name: "uid" + description: "Output only. Unique identifier of the `Automation`." + output: true + - !ruby/object:Api::Type::String + name: "description" + description: "Optional. Description of the `Automation`. Max length is 255 characters." + - !ruby/object:Api::Type::String + name: "createTime" + description: "Output only. Time at which the automation was created." + output: true + - !ruby/object:Api::Type::String + name: "updateTime" + description: "Output only. Time at which the automation was updated." + output: true + - !ruby/object:Api::Type::KeyValueAnnotations + name: "annotations" + description: "Optional. User annotations. These attributes can only be set and used by the user, and not by Cloud Deploy. Annotations must meet the following constraints: * Annotations are key/value pairs. * Valid annotation keys have two segments: an optional prefix and name, separated by a slash (`/`). * The name segment is required and must be 63 characters or less, beginning and ending with an alphanumeric character (`[a-z0-9A-Z]`) with dashes (`-`), underscores (`_`), dots (`.`), and alphanumerics between. * The prefix is optional. If specified, the prefix must be a DNS subdomain: a series of DNS labels separated by dots(`.`), not longer than 253 characters in total, followed by a slash (`/`). See https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/#syntax-and-character-set for more details." + - !ruby/object:Api::Type::KeyValueLabels + name: "labels" + description: "Optional. Labels are attributes that can be set and used by both the user and by Cloud Deploy. Labels must meet the following constraints: * Keys and values can contain only lowercase letters, numeric characters, underscores, and dashes. * All characters must use UTF-8 encoding, and international characters are allowed. * Keys must start with a lowercase letter or international character. * Each resource is limited to a maximum of 64 labels. Both keys and values are additionally constrained to be <= 63 characters." + - !ruby/object:Api::Type::String + name: "etag" + description: "Optional. The weak etag of the `Automation` resource. This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding." + output: true + - !ruby/object:Api::Type::Boolean + name: "suspended" + description: "Optional. When Suspended, automation is deactivated from execution." + send_empty_value: true + - !ruby/object:Api::Type::String + name: "serviceAccount" + description: "Required. Email address of the user-managed IAM service account that creates Cloud Deploy release and rollout resources." + required: true + - !ruby/object:Api::Type::NestedObject + name: "selector" + description: "Required. Selected resources to which the automation will be applied." + required: true + properties: + - !ruby/object:Api::Type::Array + name: "targets" + description: "Contains attributes about a target." + required: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: "id" + description: "ID of the `Target`. The value of this field could be one of the following: * The last segment of a target name. It only needs the ID to determine which target is being referred to * \"*\", all targets in a location." + - !ruby/object:Api::Type::KeyValuePairs + name: "labels" + description: "Target labels." + default_from_api: true + - !ruby/object:Api::Type::Array + name: "rules" + description: "Required. List of Automation rules associated with the Automation resource. Must have at least one rule and limited to 250 rules per Delivery Pipeline. Note: the order of the rules here is not the same as the order of execution." + required: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::NestedObject + name: "promoteReleaseRule" + description: "Optional. `PromoteReleaseRule` will automatically promote a release from the current target to a specified target." + properties: + - !ruby/object:Api::Type::String + name: "id" + description: "Required. ID of the rule. This id must be unique in the `Automation` resource to which this rule belongs. The format is `a-z{0,62}`." + required: true + - !ruby/object:Api::Type::String + name: "wait" + description: "Optional. How long the release need to be paused until being promoted to the next target." + - !ruby/object:Api::Type::String + name: "destinationTargetId" + description: "Optional. The ID of the stage in the pipeline to which this `Release` is deploying. If unspecified, default it to the next stage in the promotion flow. The value of this field could be one of the following: * The last segment of a target name. It only needs the ID to determine if the target is one of the stages in the promotion sequence defined in the pipeline. * \"@next\", the next target in the promotion sequence." + - !ruby/object:Api::Type::String + name: "destinationPhase" + description: "Optional. The starting phase of the rollout created by this operation. Default to the first phase." + - !ruby/object:Api::Type::NestedObject + name: "advanceRolloutRule" + description: "Optional. The `AdvanceRolloutRule` will automatically advance a successful Rollout." + properties: + - !ruby/object:Api::Type::String + name: "id" + description: "Required. ID of the rule. This id must be unique in the `Automation` resource to which this rule belongs. The format is `a-z{0,62}`." + required: true + - !ruby/object:Api::Type::String + name: "wait" + description: "Optional. How long to wait after a rollout is finished." + - !ruby/object:Api::Type::Array + name: "sourcePhases" + item_type: Api::Type::String + description: "Optional. Proceeds only after phase name matched any one in the list. This value must consist of lower-case letters, numbers, and hyphens, start with a letter and end with a letter or a number, and have a max length of 63 characters. In other words, it must match the following regex: `^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$`." +======= --- name: 'Automation' description: | @@ -174,3 +344,4 @@ properties: description: "Optional. Proceeds only after phase name matched any one in the list. This value must consist of lower-case letters, numbers, and hyphens, start with a letter and end with a letter or a number, and have a max length of 63 characters. In other words, it must match the following regex: `^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$`." item_type: type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/clouddeploy/CustomTargetType.yaml b/mmv1/products/clouddeploy/CustomTargetType.yaml index 3f7368ffe4b4..2686ea99d173 100644 --- a/mmv1/products/clouddeploy/CustomTargetType.yaml +++ b/mmv1/products/clouddeploy/CustomTargetType.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,188 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: "CustomTargetType" +description: | + A Cloud Deploy `CustomTargetType` defines a type of custom target that can be referenced in a + Cloud Deploy `Target` in order to facilitate deploying to other systems besides the supported runtimes. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + "Define and use a custom target type": "https://cloud.google.com/deploy/docs/deploy-app-custom-target" + api: "https://cloud.google.com/deploy/docs/api/reference/rest/v1/projects.locations.customTargetTypes" +base_url: "projects/{{project}}/locations/{{location}}/customTargetTypes" +self_link: "projects/{{project}}/locations/{{location}}/customTargetTypes/{{name}}" +create_url: "projects/{{project}}/locations/{{location}}/customTargetTypes?customTargetTypeId={{name}}" +update_verb: :PATCH +update_mask: true +autogen_async: true +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: "name" + base_url: "{{op_id}}" + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: "response" + resource_inside_response: false + status: !ruby/object:Api::OpAsync::Status + path: "done" + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: "error" + message: "message" +id_format: "projects/{{project}}/locations/{{location}}/customTargetTypes/{{name}}" +import_format: + [ + 'projects/{{project}}/locations/{{location}}/customTargetTypes/{{name}}' + ] +iam_policy: !ruby/object:Api::Resource::IamPolicy + parent_resource_attribute: 'name' + method_name_separator: ':' + base_url: 'projects/{{project}}/locations/{{location}}/customTargetTypes/{{name}}' + import_format: ['projects/{{project}}/locations/{{location}}/customTargetTypes/{{name}}', '{{name}}'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: "clouddeploy_custom_target_type_basic" + primary_resource_id: "custom-target-type" + primary_resource_name: 'fmt.Sprintf("tf-test-my-custom-target-type%s", context["random_suffix"])' + vars: + custom_target_type_name: "my-custom-target-type" + - !ruby/object:Provider::Terraform::Examples + name: "clouddeploy_custom_target_type_git_skaffold_modules" + primary_resource_id: "custom-target-type" + primary_resource_name: 'fmt.Sprintf("tf-test-my-custom-target-type%s", context["random_suffix"])' + vars: + custom_target_type_name: "my-custom-target-type" + - !ruby/object:Provider::Terraform::Examples + name: "clouddeploy_custom_target_type_gcs_skaffold_modules" + primary_resource_id: "custom-target-type" + primary_resource_name: 'fmt.Sprintf("tf-test-my-custom-target-type%s", context["random_suffix"])' + vars: + custom_target_type_name: "my-custom-target-type" + - !ruby/object:Provider::Terraform::Examples + name: "clouddeploy_custom_target_type_gcb_repo_skaffold_modules" + primary_resource_id: "custom-target-type" + primary_resource_name: 'fmt.Sprintf("tf-test-my-custom-target-type%s", context["random_suffix"])' + vars: + custom_target_type_name: "my-custom-target-type" +parameters: + - !ruby/object:Api::Type::String + name: "location" + required: true + immutable: true + url_param_only: true + description: "The location of the source." +properties: + - !ruby/object:Api::Type::String + name: "name" + description: "Name of the `CustomTargetType`." + required: true + immutable: true + url_param_only: true + - !ruby/object:Api::Type::String + name: "customTargetTypeId" + description: "Resource id of the `CustomTargetType`." + output: true + - !ruby/object:Api::Type::String + name: "uid" + description: "Unique identifier of the `CustomTargetType`." + output: true + - !ruby/object:Api::Type::String + name: "description" + description: "Description of the `CustomTargetType`. Max length is 255 characters." + - !ruby/object:Api::Type::KeyValueAnnotations + name: "annotations" + description: "User annotations. These attributes can only be set and used by the user, and not by Cloud Deploy. See https://google.aip.dev/128#annotations for more details such as format and size limitations." + - !ruby/object:Api::Type::KeyValueLabels + name: "labels" + description: "Labels are attributes that can be set and used by both the user and by Cloud Deploy. Labels must meet the following constraints: * Keys and values can contain only lowercase letters, numeric characters, underscores, and dashes. * All characters must use UTF-8 encoding, and international characters are allowed. * Keys must start with a lowercase letter or international character. * Each resource is limited to a maximum of 64 labels. Both keys and values are additionally constrained to be <= 128 bytes." + - !ruby/object:Api::Type::String + name: "createTime" + description: "Time at which the `CustomTargetType` was created." + output: true + - !ruby/object:Api::Type::String + name: "updateTime" + description: "Time at which the `CustomTargetType` was updated." + output: true + - !ruby/object:Api::Type::String + name: "etag" + description: "The weak etag of the `CustomTargetType` resource. This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding." + output: true + - !ruby/object:Api::Type::NestedObject + name: "customActions" + description: "Configures render and deploy for the `CustomTargetType` using Skaffold custom actions." + properties: + - !ruby/object:Api::Type::String + name: "renderAction" + description: "The Skaffold custom action responsible for render operations. If not provided then Cloud Deploy will perform the render operations via `skaffold render`." + - !ruby/object:Api::Type::String + name: "deployAction" + description: "The Skaffold custom action responsible for deploy operations." + required: true + - !ruby/object:Api::Type::Array + name: "includeSkaffoldModules" + description: "List of Skaffold modules Cloud Deploy will include in the Skaffold Config as required before performing diagnose." + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Array + name: "configs" + description: "The Skaffold Config modules to use from the specified source." + item_type: Api::Type::String + - !ruby/object:Api::Type::NestedObject + name: "git" + description: "Remote git repository containing the Skaffold Config modules." + exactly_one_of: + - git + - googleCloudStorage + - googleCloudBuildRepo + properties: + - !ruby/object:Api::Type::String + name: "repo" + description: "Git repository the package should be cloned from." + required: true + - !ruby/object:Api::Type::String + name: "path" + description: "Relative path from the repository root to the Skaffold file." + - !ruby/object:Api::Type::String + name: "ref" + description: "Git ref the package should be cloned from." + - !ruby/object:Api::Type::NestedObject + name: "googleCloudStorage" + description: "Cloud Storage bucket containing Skaffold Config modules." + exactly_one_of: + - git + - googleCloudStorage + - googleCloudBuildRepo + properties: + - !ruby/object:Api::Type::String + name: "source" + description: "Cloud Storage source paths to copy recursively. For example, providing `gs://my-bucket/dir/configs/*` will result in Skaffold copying all files within the `dir/configs` directory in the bucket `my-bucket`." + required: true + - !ruby/object:Api::Type::String + name: "path" + description: "Relative path from the source to the Skaffold file." + - !ruby/object:Api::Type::NestedObject + name: "googleCloudBuildRepo" + description: "Cloud Build 2nd gen repository containing the Skaffold Config modules." + exactly_one_of: + - git + - googleCloudStorage + - googleCloudBuildRepo + properties: + - !ruby/object:Api::Type::String + name: "repository" + description: "Cloud Build 2nd gen repository in the format of 'projects//locations//connections//repositories/'." + required: true + - !ruby/object:Api::Type::String + name: "path" + description: "Relative path from the repository root to the Skaffold file." + - !ruby/object:Api::Type::String + name: "ref" +======= --- name: 'CustomTargetType' description: | @@ -192,4 +378,5 @@ properties: description: "Relative path from the repository root to the Skaffold file." - name: 'ref' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: "Branch or tag to use when cloning the repository." diff --git a/mmv1/products/clouddeploy/DeliveryPipeline.yaml b/mmv1/products/clouddeploy/DeliveryPipeline.yaml index e9fc0874ca46..3f4c43a25fff 100644 --- a/mmv1/products/clouddeploy/DeliveryPipeline.yaml +++ b/mmv1/products/clouddeploy/DeliveryPipeline.yaml @@ -11,17 +11,41 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'DeliveryPipeline' +description: | + A DeliveryPipeline defines a pipeline through which a Skaffold configuration can progress. +references: !ruby/object:Api::Resource::ReferenceLinks +======= --- name: 'DeliveryPipeline' description: | A DeliveryPipeline defines a pipeline through which a Skaffold configuration can progress. exclude_resource: true references: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 guides: 'Deploy an app to GKE using Cloud Deploy': 'https://cloud.google.com/deploy/docs/deploy-app-gke' 'Deploy an app to Cloud Run using Cloud Deploy': 'https://cloud.google.com/deploy/docs/deploy-app-run' 'Create a pipeline and release in the Google Cloud console': 'https://cloud.google.com/deploy/docs/deploy-app-in-console' api: 'https://cloud.google.com/deploy/docs/api/reference/rest/v1/projects.locations.deliveryPipelines' +<<<<<<< HEAD +base_url: 'projects/{{project}}/locations/{{location}}/deliveryPipelines' +self_link: 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{name}}' +exclude_resource: true +id_format: 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{name}}' +import_format: + - 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{name}}' +iam_policy: !ruby/object:Api::Resource::IamPolicy + parent_resource_attribute: 'name' + method_name_separator: ':' + base_url: 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{name}}' + import_format: ['projects/{{project}}/locations/{{location}}/deliveryPipelines/{{name}}', '{{name}}'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'clouddeploy_delivery_pipeline_basic' +======= docs: id_format: 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{name}}' base_url: 'projects/{{project}}/locations/{{location}}/deliveryPipelines' @@ -43,13 +67,20 @@ iam_policy: custom_code: examples: - name: 'clouddeploy_delivery_pipeline_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' primary_resource_name: 'fmt.Sprintf("tf-test-cd-delivery-pipeline%s", context["random_suffix"])' vars: delivery_pipeline: 'cd-delivery-pipeline' +<<<<<<< HEAD +properties: + - !ruby/object:Api::Type::String + name: "name" +======= parameters: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: "Dummy property." required: true diff --git a/mmv1/products/clouddeploy/Target.yaml b/mmv1/products/clouddeploy/Target.yaml index 9f2c6bfdf82b..fd03584d7387 100644 --- a/mmv1/products/clouddeploy/Target.yaml +++ b/mmv1/products/clouddeploy/Target.yaml @@ -11,6 +11,26 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Target' +description: | + The Cloud Deploy `Target` resource. +base_url: 'projects/{{project}}/locations/{{location}}/targets' +self_link: 'projects/{{project}}/locations/{{location}}/targets/{{name}}' +exclude_resource: true +id_format: 'projects/{{project}}/locations/{{location}}/targets/{{name}}' +import_format: + - 'projects/{{project}}/locations/{{location}}/targets/{{name}}' +iam_policy: !ruby/object:Api::Resource::IamPolicy + parent_resource_attribute: 'name' + method_name_separator: ':' + base_url: 'projects/{{project}}/locations/{{location}}/targets/{{name}}' + import_format: ['projects/{{project}}/locations/{{location}}/targets/{{name}}', '{{name}}'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'clouddeploy_target_basic' +======= --- name: 'Target' description: | @@ -37,13 +57,20 @@ iam_policy: custom_code: examples: - name: 'clouddeploy_target_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' primary_resource_name: 'fmt.Sprintf("tf-test-cd-target%s", context["random_suffix"])' vars: target: 'cd-target' +<<<<<<< HEAD +properties: + - !ruby/object:Api::Type::String + name: "name" +======= parameters: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: "Dummy property." required: true diff --git a/mmv1/products/clouddeploy/go_Automation.yaml b/mmv1/products/clouddeploy/go_Automation.yaml new file mode 100644 index 000000000000..d7dadd6404b5 --- /dev/null +++ b/mmv1/products/clouddeploy/go_Automation.yaml @@ -0,0 +1,177 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Automation' +description: | + An `Automation` enables the automation of manually driven actions for a Delivery Pipeline, which includes Release promotion amongst Targets, Rollout repair and Rollout deployment strategy advancement. +references: + guides: + 'Automate your deployment': 'https://cloud.google.com/deploy/docs/automation' + api: 'https://cloud.google.com/deploy/docs/api/reference/rest/v1/projects.locations.deliveryPipelines.automations' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{delivery_pipeline}}/automations/{{name}}' +base_url: 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{delivery_pipeline}}/automations' +self_link: 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{delivery_pipeline}}/automations/{{name}}' +create_url: 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{delivery_pipeline}}/automations?automationId={{name}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{delivery_pipeline}}/automations/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: false + error: + path: 'error' + message: 'message' +custom_code: +examples: + - name: 'clouddeploy_automation_basic' + primary_resource_id: 'b-automation' + vars: + automation: 'cd-automation' + delivery_pipeline: 'cd-pipeline' + test_env_vars: + service_account: 'SERVICE_ACCT' + - name: 'clouddeploy_automation_full' + primary_resource_id: 'f-automation' + vars: + automation: 'cd-automation' + delivery_pipeline: 'cd-pipeline' + test_env_vars: + service_account: 'SERVICE_ACCT' +parameters: + - name: 'location' + type: String + description: "The location for the resource" + url_param_only: true + required: true + immutable: true + - name: 'delivery_pipeline' + type: String + description: "The delivery_pipeline for the resource" + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: "Name of the `Automation`." + url_param_only: true + required: true + immutable: true + - name: 'uid' + type: String + description: "Output only. Unique identifier of the `Automation`." + output: true + - name: 'description' + type: String + description: "Optional. Description of the `Automation`. Max length is 255 characters." + - name: 'createTime' + type: String + description: "Output only. Time at which the automation was created." + output: true + - name: 'updateTime' + type: String + description: "Output only. Time at which the automation was updated." + output: true + - name: 'annotations' + type: KeyValueAnnotations + description: "Optional. User annotations. These attributes can only be set and used by the user, and not by Cloud Deploy. Annotations must meet the following constraints: * Annotations are key/value pairs. * Valid annotation keys have two segments: an optional prefix and name, separated by a slash (`/`). * The name segment is required and must be 63 characters or less, beginning and ending with an alphanumeric character (`[a-z0-9A-Z]`) with dashes (`-`), underscores (`_`), dots (`.`), and alphanumerics between. * The prefix is optional. If specified, the prefix must be a DNS subdomain: a series of DNS labels separated by dots(`.`), not longer than 253 characters in total, followed by a slash (`/`). See https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/#syntax-and-character-set for more details." + - name: 'labels' + type: KeyValueLabels + description: "Optional. Labels are attributes that can be set and used by both the user and by Cloud Deploy. Labels must meet the following constraints: * Keys and values can contain only lowercase letters, numeric characters, underscores, and dashes. * All characters must use UTF-8 encoding, and international characters are allowed. * Keys must start with a lowercase letter or international character. * Each resource is limited to a maximum of 64 labels. Both keys and values are additionally constrained to be <= 63 characters." + - name: 'etag' + type: String + description: "Optional. The weak etag of the `Automation` resource. This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding." + output: true + - name: 'suspended' + type: Boolean + description: "Optional. When Suspended, automation is deactivated from execution." + send_empty_value: true + - name: 'serviceAccount' + type: String + description: "Required. Email address of the user-managed IAM service account that creates Cloud Deploy release and rollout resources." + required: true + - name: 'selector' + type: NestedObject + description: "Required. Selected resources to which the automation will be applied." + required: true + properties: + - name: 'targets' + type: Array + description: "Contains attributes about a target." + required: true + item_type: + type: NestedObject + properties: + - name: 'id' + type: String + description: "ID of the `Target`. The value of this field could be one of the following: * The last segment of a target name. It only needs the ID to determine which target is being referred to * \"*\", all targets in a location." + - name: 'labels' + type: KeyValuePairs + description: "Target labels." + default_from_api: true + - name: 'rules' + type: Array + description: "Required. List of Automation rules associated with the Automation resource. Must have at least one rule and limited to 250 rules per Delivery Pipeline. Note: the order of the rules here is not the same as the order of execution." + required: true + item_type: + type: NestedObject + properties: + - name: 'promoteReleaseRule' + type: NestedObject + description: "Optional. `PromoteReleaseRule` will automatically promote a release from the current target to a specified target." + properties: + - name: 'id' + type: String + description: "Required. ID of the rule. This id must be unique in the `Automation` resource to which this rule belongs. The format is `a-z{0,62}`." + required: true + - name: 'wait' + type: String + description: "Optional. How long the release need to be paused until being promoted to the next target." + - name: 'destinationTargetId' + type: String + description: "Optional. The ID of the stage in the pipeline to which this `Release` is deploying. If unspecified, default it to the next stage in the promotion flow. The value of this field could be one of the following: * The last segment of a target name. It only needs the ID to determine if the target is one of the stages in the promotion sequence defined in the pipeline. * \"@next\", the next target in the promotion sequence." + - name: 'destinationPhase' + type: String + description: "Optional. The starting phase of the rollout created by this operation. Default to the first phase." + - name: 'advanceRolloutRule' + type: NestedObject + description: "Optional. The `AdvanceRolloutRule` will automatically advance a successful Rollout." + properties: + - name: 'id' + type: String + description: "Required. ID of the rule. This id must be unique in the `Automation` resource to which this rule belongs. The format is `a-z{0,62}`." + required: true + - name: 'wait' + type: String + description: "Optional. How long to wait after a rollout is finished." + - name: 'sourcePhases' + type: Array + description: "Optional. Proceeds only after phase name matched any one in the list. This value must consist of lower-case letters, numbers, and hyphens, start with a letter and end with a letter or a number, and have a max length of 63 characters. In other words, it must match the following regex: `^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$`." + item_type: + type: String diff --git a/mmv1/products/clouddeploy/go_CustomTargetType.yaml b/mmv1/products/clouddeploy/go_CustomTargetType.yaml new file mode 100644 index 000000000000..33e61223005b --- /dev/null +++ b/mmv1/products/clouddeploy/go_CustomTargetType.yaml @@ -0,0 +1,196 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'CustomTargetType' +description: | + A Cloud Deploy `CustomTargetType` defines a type of custom target that can be referenced in a + Cloud Deploy `Target` in order to facilitate deploying to other systems besides the supported runtimes. +references: + guides: + 'Define and use a custom target type': 'https://cloud.google.com/deploy/docs/deploy-app-custom-target' + api: 'https://cloud.google.com/deploy/docs/api/reference/rest/v1/projects.locations.customTargetTypes' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/customTargetTypes/{{name}}' +base_url: 'projects/{{project}}/locations/{{location}}/customTargetTypes' +self_link: 'projects/{{project}}/locations/{{location}}/customTargetTypes/{{name}}' +create_url: 'projects/{{project}}/locations/{{location}}/customTargetTypes?customTargetTypeId={{name}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/customTargetTypes/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: false + error: + path: 'error' + message: 'message' +iam_policy: + method_name_separator: ':' + parent_resource_attribute: 'name' + base_url: 'projects/{{project}}/locations/{{location}}/customTargetTypes/{{name}}' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/{{location}}/customTargetTypes/{{name}}' + - '{{name}}' +custom_code: +examples: + - name: 'clouddeploy_custom_target_type_basic' + primary_resource_id: 'custom-target-type' + primary_resource_name: 'fmt.Sprintf("tf-test-my-custom-target-type%s", context["random_suffix"])' + vars: + custom_target_type_name: 'my-custom-target-type' + - name: 'clouddeploy_custom_target_type_git_skaffold_modules' + primary_resource_id: 'custom-target-type' + primary_resource_name: 'fmt.Sprintf("tf-test-my-custom-target-type%s", context["random_suffix"])' + vars: + custom_target_type_name: 'my-custom-target-type' + - name: 'clouddeploy_custom_target_type_gcs_skaffold_modules' + primary_resource_id: 'custom-target-type' + primary_resource_name: 'fmt.Sprintf("tf-test-my-custom-target-type%s", context["random_suffix"])' + vars: + custom_target_type_name: 'my-custom-target-type' + - name: 'clouddeploy_custom_target_type_gcb_repo_skaffold_modules' + primary_resource_id: 'custom-target-type' + primary_resource_name: 'fmt.Sprintf("tf-test-my-custom-target-type%s", context["random_suffix"])' + vars: + custom_target_type_name: 'my-custom-target-type' +parameters: + - name: 'location' + type: String + description: "The location of the source." + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: "Name of the `CustomTargetType`." + url_param_only: true + required: true + immutable: true + - name: 'customTargetTypeId' + type: String + description: "Resource id of the `CustomTargetType`." + output: true + - name: 'uid' + type: String + description: "Unique identifier of the `CustomTargetType`." + output: true + - name: 'description' + type: String + description: "Description of the `CustomTargetType`. Max length is 255 characters." + - name: 'annotations' + type: KeyValueAnnotations + description: "User annotations. These attributes can only be set and used by the user, and not by Cloud Deploy. See https://google.aip.dev/128#annotations for more details such as format and size limitations." + - name: 'labels' + type: KeyValueLabels + description: "Labels are attributes that can be set and used by both the user and by Cloud Deploy. Labels must meet the following constraints: * Keys and values can contain only lowercase letters, numeric characters, underscores, and dashes. * All characters must use UTF-8 encoding, and international characters are allowed. * Keys must start with a lowercase letter or international character. * Each resource is limited to a maximum of 64 labels. Both keys and values are additionally constrained to be <= 128 bytes." + - name: 'createTime' + type: String + description: "Time at which the `CustomTargetType` was created." + output: true + - name: 'updateTime' + type: String + description: "Time at which the `CustomTargetType` was updated." + output: true + - name: 'etag' + type: String + description: "The weak etag of the `CustomTargetType` resource. This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding." + output: true + - name: 'customActions' + type: NestedObject + description: "Configures render and deploy for the `CustomTargetType` using Skaffold custom actions." + properties: + - name: 'renderAction' + type: String + description: "The Skaffold custom action responsible for render operations. If not provided then Cloud Deploy will perform the render operations via `skaffold render`." + - name: 'deployAction' + type: String + description: "The Skaffold custom action responsible for deploy operations." + required: true + - name: 'includeSkaffoldModules' + type: Array + description: "List of Skaffold modules Cloud Deploy will include in the Skaffold Config as required before performing diagnose." + item_type: + type: NestedObject + properties: + - name: 'configs' + type: Array + description: "The Skaffold Config modules to use from the specified source." + item_type: + type: String + - name: 'git' + type: NestedObject + description: "Remote git repository containing the Skaffold Config modules." + exactly_one_of: + - 'git' + - 'googleCloudStorage' + - 'googleCloudBuildRepo' + properties: + - name: 'repo' + type: String + description: "Git repository the package should be cloned from." + required: true + - name: 'path' + type: String + description: "Relative path from the repository root to the Skaffold file." + - name: 'ref' + type: String + description: "Git ref the package should be cloned from." + - name: 'googleCloudStorage' + type: NestedObject + description: "Cloud Storage bucket containing Skaffold Config modules." + exactly_one_of: + - 'git' + - 'googleCloudStorage' + - 'googleCloudBuildRepo' + properties: + - name: 'source' + type: String + description: "Cloud Storage source paths to copy recursively. For example, providing `gs://my-bucket/dir/configs/*` will result in Skaffold copying all files within the `dir/configs` directory in the bucket `my-bucket`." + required: true + - name: 'path' + type: String + description: "Relative path from the source to the Skaffold file." + - name: 'googleCloudBuildRepo' + type: NestedObject + description: "Cloud Build 2nd gen repository containing the Skaffold Config modules." + exactly_one_of: + - 'git' + - 'googleCloudStorage' + - 'googleCloudBuildRepo' + properties: + - name: 'repository' + type: String + description: "Cloud Build 2nd gen repository in the format of 'projects//locations//connections//repositories/'." + required: true + - name: 'path' + type: String + description: "Relative path from the repository root to the Skaffold file." + - name: 'ref' + type: String + description: "Branch or tag to use when cloning the repository." diff --git a/mmv1/products/clouddeploy/go_DeliveryPipeline.yaml b/mmv1/products/clouddeploy/go_DeliveryPipeline.yaml new file mode 100644 index 000000000000..b76a721f65d3 --- /dev/null +++ b/mmv1/products/clouddeploy/go_DeliveryPipeline.yaml @@ -0,0 +1,56 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'DeliveryPipeline' +description: | + A DeliveryPipeline defines a pipeline through which a Skaffold configuration can progress. +exclude_resource: true +references: + guides: + 'Deploy an app to GKE using Cloud Deploy': 'https://cloud.google.com/deploy/docs/deploy-app-gke' + 'Deploy an app to Cloud Run using Cloud Deploy': 'https://cloud.google.com/deploy/docs/deploy-app-run' + 'Create a pipeline and release in the Google Cloud console': 'https://cloud.google.com/deploy/docs/deploy-app-in-console' + api: 'https://cloud.google.com/deploy/docs/api/reference/rest/v1/projects.locations.deliveryPipelines' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{name}}' +base_url: 'projects/{{project}}/locations/{{location}}/deliveryPipelines' +self_link: 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{name}}' +import_format: + - 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: + method_name_separator: ':' + parent_resource_attribute: 'name' + base_url: 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{name}}' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{name}}' + - '{{name}}' +custom_code: +examples: + - name: 'clouddeploy_delivery_pipeline_basic' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-cd-delivery-pipeline%s", context["random_suffix"])' + vars: + delivery_pipeline: 'cd-delivery-pipeline' +parameters: +properties: + - name: 'name' + type: String + description: "Dummy property." + required: true diff --git a/mmv1/products/clouddeploy/go_Target.yaml b/mmv1/products/clouddeploy/go_Target.yaml new file mode 100644 index 000000000000..b897ab8a86ad --- /dev/null +++ b/mmv1/products/clouddeploy/go_Target.yaml @@ -0,0 +1,50 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Target' +description: | + The Cloud Deploy `Target` resource. +exclude_resource: true +docs: +id_format: 'projects/{{project}}/locations/{{location}}/targets/{{name}}' +base_url: 'projects/{{project}}/locations/{{location}}/targets' +self_link: 'projects/{{project}}/locations/{{location}}/targets/{{name}}' +import_format: + - 'projects/{{project}}/locations/{{location}}/targets/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: + method_name_separator: ':' + parent_resource_attribute: 'name' + base_url: 'projects/{{project}}/locations/{{location}}/targets/{{name}}' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/{{location}}/targets/{{name}}' + - '{{name}}' +custom_code: +examples: + - name: 'clouddeploy_target_basic' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-cd-target%s", context["random_suffix"])' + vars: + target: 'cd-target' +parameters: +properties: + - name: 'name' + type: String + description: "Dummy property." + required: true diff --git a/mmv1/products/clouddeploy/go_product.yaml b/mmv1/products/clouddeploy/go_product.yaml new file mode 100644 index 000000000000..d08276ee376a --- /dev/null +++ b/mmv1/products/clouddeploy/go_product.yaml @@ -0,0 +1,24 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Clouddeploy' +display_name: 'Cloud Deploy' +versions: + - name: 'ga' + base_url: 'https://clouddeploy.googleapis.com/v1/' + - name: 'beta' + base_url: 'https://clouddeploy.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/clouddeploy/product.yaml b/mmv1/products/clouddeploy/product.yaml index afdecd3a1643..19d4c67f4779 100644 --- a/mmv1/products/clouddeploy/product.yaml +++ b/mmv1/products/clouddeploy/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,7 +15,29 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: Clouddeploy +display_name: Cloud Deploy +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://clouddeploy.googleapis.com/v1/ + - !ruby/object:Api::Product::Version + name: beta + base_url: https://clouddeploy.googleapis.com/v1/ +scopes: + - https://www.googleapis.com/auth/cloud-platform +======= +# Warning: This is a temporary file, and should not be edited directly --- +<<<<<<<< HEAD:mmv1/products/billingbudget/go_product.yaml +name: 'Billing' +display_name: 'Cloud Billing' +versions: + - name: 'ga' + base_url: 'https://billingbudgets.googleapis.com/v1/' +======== name: 'Clouddeploy' display_name: 'Cloud Deploy' versions: @@ -19,5 +45,7 @@ versions: base_url: 'https://clouddeploy.googleapis.com/v1/' - name: 'beta' base_url: 'https://clouddeploy.googleapis.com/v1/' +>>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856:mmv1/products/clouddeploy/product.yaml scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/clouddomains/Registration.yaml b/mmv1/products/clouddomains/Registration.yaml index c641c5cf7568..403b7972b460 100644 --- a/mmv1/products/clouddomains/Registration.yaml +++ b/mmv1/products/clouddomains/Registration.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,28 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Registration' +description: | + Registers a new domain name and creates a corresponding Registration resource. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Register a domain with Cloud Domains': 'https://cloud.google.com/domains/docs/buy-register-domain' + api: 'https://cloud.google.com/domains/docs/reference/rest/v1/projects.locations.registrations' +base_url: 'projects/{{project}}/locations/{{location}}/registrations' +self_link: 'projects/{{project}}/locations/{{location}}/registrations/{{domain_name}}' +create_url: 'projects/{{project}}/locations/{{location}}/registrations:register' +import_format: ['projects/{{project}}/locations/{{location}}/registrations/{{domain_name}}'] +immutable: true +# Cannot be deleted +skip_delete: true +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: templates/terraform/constants/clouddomains_registration.go.erb + post_create: templates/terraform/post_create/clouddomains_registration.go.erb + encoder: templates/terraform/encoders/clouddomains_registration.go.erb +docs: !ruby/object:Provider::Terraform::Docs +======= --- name: 'Registration' description: | @@ -20,10 +46,38 @@ references: 'Register a domain with Cloud Domains': 'https://cloud.google.com/domains/docs/buy-register-domain' api: 'https://cloud.google.com/domains/docs/reference/rest/v1/projects.locations.registrations' docs: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 warning: | The Terraform implementation of this resource will not actually delete a Registration during `terraform destroy`. Instead it will "abandon" the resource and remove it from state. For information on deleting a registered domain, see https://cloud.google.com/domains/docs/delete-domain +<<<<<<< HEAD +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + resource_inside_response: false + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +id_format: 'projects/{{project}}/locations/{{location}}/registrations/{{domain_name}}' +autogen_async: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: "clouddomains_registration_full" + primary_resource_id: "my_registration" + # Must be tested in staging environment with all-time unique domains + skip_test: true +======= id_format: 'projects/{{project}}/locations/{{location}}/registrations/{{domain_name}}' base_url: 'projects/{{project}}/locations/{{location}}/registrations' self_link: 'projects/{{project}}/locations/{{location}}/registrations/{{domain_name}}' @@ -60,6 +114,7 @@ examples: primary_resource_id: 'my_registration' # Must be tested in staging environment with all-time unique domains exclude_test: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # ignore_read_extra: # - 'contact_settings.0.registrant_contact.0.phone_number' # - 'contact_settings.0.registrant_contact.0.fax_number' @@ -71,6 +126,83 @@ examples: # - 'contact_settings.0.technical_contact.0.fax_number' # - 'contact_settings.0.technical_contact.0.postal_address' parameters: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: location + url_param_only: true + description: "The location for the resource" + required: true + - !ruby/object:Api::Type::String + name: domainName + description: "Required. The domain name. Unicode domain names must be expressed in Punycode format." + required: true +properties: + - !ruby/object:Api::Type::String + name: name + description: "Output only. Name of the Registration resource, in the format projects/*/locations/*/registrations/." + output: true + - !ruby/object:Api::Type::String + name: createTime + description: "Output only. Time at which the automation was created." + output: true + - !ruby/object:Api::Type::String + name: expireTime + description: "Output only. Time at which the automation was updated." + output: true + - !ruby/object:Api::Type::String + name: state + output: true + description: Output only. The current state of the Registration. + - !ruby/object:Api::Type::Array + name: issues + description: Output only. The set of issues with the Registration that require attention. + item_type: Api::Type::String + output: true + - !ruby/object:Api::Type::KeyValueLabels + name: labels + description: Set of labels associated with the Registration. + - !ruby/object:Api::Type::Array + name: domainNotices + description: The list of domain notices that you acknowledge. Possible value is HSTS_PRELOADED + item_type: Api::Type::String + ignore_read: true + - !ruby/object:Api::Type::Array + name: contactNotices + description: The list of contact notices that the caller acknowledges. Possible value is PUBLIC_CONTACT_DATA_ACKNOWLEDGEMENT + item_type: Api::Type::String + ignore_read: true + - !ruby/object:Api::Type::NestedObject + name: yearlyPrice + required: true + ignore_read: true + description: | + Required. Yearly price to register or renew the domain. The value that should be put here can be obtained from + registrations.retrieveRegisterParameters or registrations.searchDomains calls. + properties: + - !ruby/object:Api::Type::String + name: currencyCode + description: The three-letter currency code defined in ISO 4217. + - !ruby/object:Api::Type::String + name: units + description: The whole units of the amount. For example if currencyCode is "USD", then 1 unit is one US dollar. + - !ruby/object:Api::Type::Array + name: supportedPrivacy + description: Output only. Set of options for the contactSettings.privacy field that this Registration supports. + item_type: Api::Type::String + output: true + - !ruby/object:Api::Type::String + name: registerFailureReason + output: true + description: Output only. The reason the domain registration failed. Only set for domains in REGISTRATION_FAILED state. + - !ruby/object:Api::Type::NestedObject + name: managementSettings + description: "Settings for management of the Registration, including renewal, billing, and transfer" + default_from_api: true + properties: + - !ruby/object:Api::Type::String + name: renewalMethod + output: true +======= - name: 'location' type: String description: "The location for the resource" @@ -149,14 +281,24 @@ properties: properties: - name: 'renewalMethod' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Output only. The actual renewal method for this Registration. When preferredRenewalMethod is set to AUTOMATIC_RENEWAL, the actual renewalMethod can be equal to RENEWAL_DISABLED—for example, when there are problems with the billing account or reported domain abuse. In such cases, check the issues field on the Registration. After the problem is resolved, the renewalMethod is automatically updated to preferredRenewalMethod in a few hours. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: preferredRenewalMethod + default_from_api: true + at_least_one_of: + - managementSettings.0.preferredRenewalMethod + - managementSettings.0.transferLockState +======= output: true - name: 'preferredRenewalMethod' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The desired renewal method for this Registration. The actual renewalMethod is automatically updated to reflect this choice. If unset or equal to RENEWAL_METHOD_UNSPECIFIED, the actual renewalMethod is treated as if it were set to AUTOMATIC_RENEWAL. @@ -166,6 +308,86 @@ properties: When preferredRenewalMethod is set to AUTOMATIC_RENEWAL, the actual renewalMethod can be set to RENEWAL_DISABLED in case of problems with the billing account or reported domain abuse. In such cases, check the issues field on the Registration. After the problem is resolved, the renewalMethod is automatically updated to preferredRenewalMethod in a few hours. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: transferLockState + default_from_api: true + at_least_one_of: + - managementSettings.0.preferredRenewalMethod + - managementSettings.0.transferLockState + description: Controls whether the domain can be transferred to another registrar. Values are UNLOCKED or LOCKED. + - !ruby/object:Api::Type::NestedObject + name: dnsSettings + description: Settings controlling the DNS configuration of the Registration. + properties: + - !ruby/object:Api::Type::NestedObject + name: customDns + description: Configuration for an arbitrary DNS provider. + properties: + - !ruby/object:Api::Type::Array + name: nameServers + required: true + description: | + Required. A list of name servers that store the DNS zone for this domain. Each name server is a domain + name, with Unicode domain names expressed in Punycode format. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: dsRecords + description: | + The list of DS records for this domain, which are used to enable DNSSEC. The domain's DNS provider can provide + the values to set here. If this field is empty, DNSSEC is disabled. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Integer + name: keyTag + description: The key tag of the record. Must be set in range 0 -- 65535. + - !ruby/object:Api::Type::String + name: algorithm + description: The algorithm used to generate the referenced DNSKEY. + - !ruby/object:Api::Type::String + name: digestType + description: The hash function used to generate the digest of the referenced DNSKEY. + - !ruby/object:Api::Type::String + name: digest + description: The digest generated from the referenced DNSKEY. + - !ruby/object:Api::Type::Array + name: "glueRecords" + description: "The list of glue records for this Registration. Commonly empty." + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: hostName + description: "Required. Domain name of the host in Punycode format." + required: true + - !ruby/object:Api::Type::Array + name: ipv4Addresses + description: | + List of IPv4 addresses corresponding to this host in the standard decimal format (e.g. 198.51.100.1). + At least one of ipv4_address and ipv6_address must be set. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: ipv6Addresses + description: | + List of IPv4 addresses corresponding to this host in the standard decimal format (e.g. 198.51.100.1). + At least one of ipv4_address and ipv6_address must be set. + item_type: Api::Type::String + - !ruby/object:Api::Type::NestedObject + name: contactSettings + description: Required. Settings for contact information linked to the Registration. + required: true + properties: + - !ruby/object:Api::Type::String + name: privacy + required: true + description: | + Required. Privacy setting for the contacts associated with the Registration. + Values are PUBLIC_CONTACT_DATA, PRIVATE_CONTACT_DATA, and REDACTED_CONTACT_DATA + - !ruby/object:Api::Type::NestedObject + name: registrantContact + required: true + # ignore read on phone and fax numbers. Need to use custom flatten because ignore_read doesn't work with nested fields + custom_flatten: templates/terraform/custom_flatten/clouddomains_ignore_numbers_registrant.go.erb +======= default_from_api: true at_least_one_of: - 'managementSettings.0.preferredRenewalMethod' @@ -250,11 +472,34 @@ properties: required: true - name: 'registrantContact' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain. Warning: For new Registrations, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension. +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::String + name: email + required: true + description: Required. Email address of the contact. + - !ruby/object:Api::Type::String + name: phoneNumber + required: true + description: Required. Phone number of the contact in international format. For example, "+1-800-555-0123". + - !ruby/object:Api::Type::String + name: faxNumber + description: Fax number of the contact in international format. For example, "+1-800-555-0123". + - !ruby/object:Api::Type::NestedObject + name: postalAddress + required: true + description: Required. Postal address of the contact. + properties: + - !ruby/object:Api::Type::String + name: regionCode + required: true +======= required: true # ignore read on phone and fax numbers. Need to use custom flatten because ignore_read doesn't work with nested fields custom_flatten: 'templates/terraform/custom_flatten/clouddomains_ignore_numbers_registrant.go.tmpl' @@ -277,10 +522,20 @@ properties: properties: - name: 'regionCode' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Required. CLDR region code of the country/region of the address. This is never inferred and it is up to the user to ensure the value is correct. See https://cldr.unicode.org/ and https://www.unicode.org/cldr/charts/30/supplemental/territory_information.html for details. Example: "CH" for Switzerland. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: postalCode + description: | + Postal code of the address. Not all countries use or require postal codes to be present, but where they are used, + they may trigger additional validation with other parts of the address (e.g. state/zip validation in the U.S.A.). + - !ruby/object:Api::Type::String + name: administrativeArea +======= required: true - name: 'postalCode' type: String @@ -289,11 +544,25 @@ properties: they may trigger additional validation with other parts of the address (e.g. state/zip validation in the U.S.A.). - name: 'administrativeArea' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Highest administrative subdivision which is used for postal addresses of a country or region. For example, this can be a state, a province, an oblast, or a prefecture. Specifically, for Spain this is the province and not the autonomous community (e.g. "Barcelona" and not "Catalonia"). Many countries don't use an administrative area in postal addresses. E.g. in Switzerland this should be left unpopulated. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: locality + description: | + Generally refers to the city/town portion of the address. Examples: US city, IT comune, UK post town. In regions of the world + where localities are not well defined or do not fit into this structure well, leave locality empty and use addressLines. + - !ruby/object:Api::Type::String + name: organization + description: | + The name of the organization at the address. + - !ruby/object:Api::Type::Array + name: addressLines +======= - name: 'locality' type: String description: | @@ -305,6 +574,7 @@ properties: The name of the organization at the address. - name: 'addressLines' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Unstructured address lines describing the lower levels of an address. Because values in addressLines do not have type information and may sometimes contain multiple values in a single @@ -312,6 +582,20 @@ properties: "envelope order" for the country/region of the address. In places where this can vary (e.g. Japan), address_language is used to make it explicit (e.g. "ja" for large-to-small ordering and "ja-Latn" or "en" for small-to-large). This way, the most specific line of an address can be selected based on the language. +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: recipients + description: | + The recipient at the address. This field may, under certain circumstances, contain multiline information. For example, + it might contain "care of" information. + item_type: Api::Type::String + - !ruby/object:Api::Type::NestedObject + name: adminContact + required: true + # ignore read on phone and fax numbers. Need to use custom flatten because ignore_read doesn't work with nested fields + custom_flatten: templates/terraform/custom_flatten/clouddomains_ignore_numbers_admin.go.erb +======= item_type: type: String - name: 'recipients' @@ -323,11 +607,34 @@ properties: type: String - name: 'adminContact' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain. Warning: For new Registrations, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension. +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::String + name: email + required: true + description: Required. Email address of the contact. + - !ruby/object:Api::Type::String + name: phoneNumber + required: true + description: Required. Phone number of the contact in international format. For example, "+1-800-555-0123". + - !ruby/object:Api::Type::String + name: faxNumber + description: Fax number of the contact in international format. For example, "+1-800-555-0123". + - !ruby/object:Api::Type::NestedObject + name: postalAddress + required: true + description: Required. Postal address of the contact. + properties: + - !ruby/object:Api::Type::String + name: regionCode + required: true +======= required: true # ignore read on phone and fax numbers. Need to use custom flatten because ignore_read doesn't work with nested fields custom_flatten: 'templates/terraform/custom_flatten/clouddomains_ignore_numbers_admin.go.tmpl' @@ -350,10 +657,20 @@ properties: properties: - name: 'regionCode' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Required. CLDR region code of the country/region of the address. This is never inferred and it is up to the user to ensure the value is correct. See https://cldr.unicode.org/ and https://www.unicode.org/cldr/charts/30/supplemental/territory_information.html for details. Example: "CH" for Switzerland. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: postalCode + description: | + Postal code of the address. Not all countries use or require postal codes to be present, but where they are used, + they may trigger additional validation with other parts of the address (e.g. state/zip validation in the U.S.A.). + - !ruby/object:Api::Type::String + name: administrativeArea +======= required: true - name: 'postalCode' type: String @@ -362,11 +679,25 @@ properties: they may trigger additional validation with other parts of the address (e.g. state/zip validation in the U.S.A.). - name: 'administrativeArea' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Highest administrative subdivision which is used for postal addresses of a country or region. For example, this can be a state, a province, an oblast, or a prefecture. Specifically, for Spain this is the province and not the autonomous community (e.g. "Barcelona" and not "Catalonia"). Many countries don't use an administrative area in postal addresses. E.g. in Switzerland this should be left unpopulated. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: locality + description: | + Generally refers to the city/town portion of the address. Examples: US city, IT comune, UK post town. In regions of the world + where localities are not well defined or do not fit into this structure well, leave locality empty and use addressLines. + - !ruby/object:Api::Type::String + name: organization + description: | + The name of the organization at the address. + - !ruby/object:Api::Type::Array + name: addressLines +======= - name: 'locality' type: String description: | @@ -378,6 +709,7 @@ properties: The name of the organization at the address. - name: 'addressLines' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Unstructured address lines describing the lower levels of an address. Because values in addressLines do not have type information and may sometimes contain multiple values in a single @@ -385,6 +717,20 @@ properties: "envelope order" for the country/region of the address. In places where this can vary (e.g. Japan), address_language is used to make it explicit (e.g. "ja" for large-to-small ordering and "ja-Latn" or "en" for small-to-large). This way, the most specific line of an address can be selected based on the language. +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: recipients + description: | + The recipient at the address. This field may, under certain circumstances, contain multiline information. For example, + it might contain "care of" information. + item_type: Api::Type::String + - !ruby/object:Api::Type::NestedObject + name: technicalContact + required: true + # ignore read on phone and fax numbers. Need to use custom flatten because ignore_read doesn't work with nested fields + custom_flatten: templates/terraform/custom_flatten/clouddomains_ignore_numbers_technical.go.erb +======= item_type: type: String - name: 'recipients' @@ -396,11 +742,34 @@ properties: type: String - name: 'technicalContact' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain. Warning: For new Registrations, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension. +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::String + name: email + required: true + description: Required. Email address of the contact. + - !ruby/object:Api::Type::String + name: phoneNumber + required: true + description: Required. Phone number of the contact in international format. For example, "+1-800-555-0123". + - !ruby/object:Api::Type::String + name: faxNumber + description: Fax number of the contact in international format. For example, "+1-800-555-0123". + - !ruby/object:Api::Type::NestedObject + name: postalAddress + required: true + description: Required. Postal address of the contact. + properties: + - !ruby/object:Api::Type::String + name: regionCode + required: true +======= required: true # ignore read on phone and fax numbers. Need to use custom flatten because ignore_read doesn't work with nested fields custom_flatten: 'templates/terraform/custom_flatten/clouddomains_ignore_numbers_technical.go.tmpl' @@ -423,10 +792,20 @@ properties: properties: - name: 'regionCode' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Required. CLDR region code of the country/region of the address. This is never inferred and it is up to the user to ensure the value is correct. See https://cldr.unicode.org/ and https://www.unicode.org/cldr/charts/30/supplemental/territory_information.html for details. Example: "CH" for Switzerland. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: postalCode + description: | + Postal code of the address. Not all countries use or require postal codes to be present, but where they are used, + they may trigger additional validation with other parts of the address (e.g. state/zip validation in the U.S.A.). + - !ruby/object:Api::Type::String + name: administrativeArea +======= required: true - name: 'postalCode' type: String @@ -435,11 +814,25 @@ properties: they may trigger additional validation with other parts of the address (e.g. state/zip validation in the U.S.A.). - name: 'administrativeArea' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Highest administrative subdivision which is used for postal addresses of a country or region. For example, this can be a state, a province, an oblast, or a prefecture. Specifically, for Spain this is the province and not the autonomous community (e.g. "Barcelona" and not "Catalonia"). Many countries don't use an administrative area in postal addresses. E.g. in Switzerland this should be left unpopulated. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: locality + description: | + Generally refers to the city/town portion of the address. Examples: US city, IT comune, UK post town. In regions of the world + where localities are not well defined or do not fit into this structure well, leave locality empty and use addressLines. + - !ruby/object:Api::Type::String + name: organization + description: | + The name of the organization at the address. + - !ruby/object:Api::Type::Array + name: addressLines +======= - name: 'locality' type: String description: | @@ -451,6 +844,7 @@ properties: The name of the organization at the address. - name: 'addressLines' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Unstructured address lines describing the lower levels of an address. Because values in addressLines do not have type information and may sometimes contain multiple values in a single @@ -458,6 +852,15 @@ properties: "envelope order" for the country/region of the address. In places where this can vary (e.g. Japan), address_language is used to make it explicit (e.g. "ja" for large-to-small ordering and "ja-Latn" or "en" for small-to-large). This way, the most specific line of an address can be selected based on the language. +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: recipients + description: | + The recipient at the address. This field may, under certain circumstances, contain multiline information. For example, + it might contain "care of" information. + item_type: Api::Type::String +======= item_type: type: String - name: 'recipients' @@ -467,3 +870,4 @@ properties: it might contain "care of" information. item_type: type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/clouddomains/go_Registration.yaml b/mmv1/products/clouddomains/go_Registration.yaml new file mode 100644 index 000000000000..23d41e383b91 --- /dev/null +++ b/mmv1/products/clouddomains/go_Registration.yaml @@ -0,0 +1,470 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Registration' +description: | + Registers a new domain name and creates a corresponding Registration resource. +references: + guides: + 'Register a domain with Cloud Domains': 'https://cloud.google.com/domains/docs/buy-register-domain' + api: 'https://cloud.google.com/domains/docs/reference/rest/v1/projects.locations.registrations' +docs: + warning: | + The Terraform implementation of this resource will not actually delete a Registration during + `terraform destroy`. Instead it will "abandon" the resource and remove it from state. + For information on deleting a registered domain, see https://cloud.google.com/domains/docs/delete-domain +id_format: 'projects/{{project}}/locations/{{location}}/registrations/{{domain_name}}' +base_url: 'projects/{{project}}/locations/{{location}}/registrations' +self_link: 'projects/{{project}}/locations/{{location}}/registrations/{{domain_name}}' +create_url: 'projects/{{project}}/locations/{{location}}/registrations:register' +# Cannot be deleted +exclude_delete: true +immutable: true +import_format: + - 'projects/{{project}}/locations/{{location}}/registrations/{{domain_name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: false + error: + path: 'error' + message: 'message' +custom_code: + constants: 'templates/terraform/constants/go/clouddomains_registration.go.tmpl' + encoder: 'templates/terraform/encoders/go/clouddomains_registration.go.tmpl' + post_create: 'templates/terraform/post_create/go/clouddomains_registration.go.tmpl' +examples: + - name: 'clouddomains_registration_full' + primary_resource_id: 'my_registration' + # Must be tested in staging environment with all-time unique domains + exclude_test: true + # ignore_read_extra: + # - 'contact_settings.0.registrant_contact.0.phone_number' + # - 'contact_settings.0.registrant_contact.0.fax_number' + # - 'contact_settings.0.registrant_contact.0.postal_address' + # - 'contact_settings.0.admin_contact.0.phone_number' + # - 'contact_settings.0.admin_contact.0.fax_number' + # - 'contact_settings.0.admin_contact.0.postal_address' + # - 'contact_settings.0.technical_contact.0.phone_number' + # - 'contact_settings.0.technical_contact.0.fax_number' + # - 'contact_settings.0.technical_contact.0.postal_address' +parameters: + - name: 'location' + type: String + description: "The location for the resource" + url_param_only: true + required: true + - name: 'domainName' + type: String + description: "Required. The domain name. Unicode domain names must be expressed in Punycode format." + required: true +properties: + - name: 'name' + type: String + description: "Output only. Name of the Registration resource, in the format projects/*/locations/*/registrations/." + output: true + - name: 'createTime' + type: String + description: "Output only. Time at which the automation was created." + output: true + - name: 'expireTime' + type: String + description: "Output only. Time at which the automation was updated." + output: true + - name: 'state' + type: String + description: Output only. The current state of the Registration. + output: true + - name: 'issues' + type: Array + description: Output only. The set of issues with the Registration that require attention. + output: true + item_type: + type: String + - name: 'labels' + type: KeyValueLabels + description: Set of labels associated with the Registration. + - name: 'domainNotices' + type: Array + description: The list of domain notices that you acknowledge. Possible value is HSTS_PRELOADED + ignore_read: true + item_type: + type: String + - name: 'contactNotices' + type: Array + description: The list of contact notices that the caller acknowledges. Possible value is PUBLIC_CONTACT_DATA_ACKNOWLEDGEMENT + ignore_read: true + item_type: + type: String + - name: 'yearlyPrice' + type: NestedObject + description: | + Required. Yearly price to register or renew the domain. The value that should be put here can be obtained from + registrations.retrieveRegisterParameters or registrations.searchDomains calls. + required: true + ignore_read: true + properties: + - name: 'currencyCode' + type: String + description: The three-letter currency code defined in ISO 4217. + - name: 'units' + type: String + description: The whole units of the amount. For example if currencyCode is "USD", then 1 unit is one US dollar. + - name: 'supportedPrivacy' + type: Array + description: Output only. Set of options for the contactSettings.privacy field that this Registration supports. + output: true + item_type: + type: String + - name: 'registerFailureReason' + type: String + description: Output only. The reason the domain registration failed. Only set for domains in REGISTRATION_FAILED state. + output: true + - name: 'managementSettings' + type: NestedObject + description: "Settings for management of the Registration, including renewal, billing, and transfer" + default_from_api: true + properties: + - name: 'renewalMethod' + type: String + description: | + Output only. The actual renewal method for this Registration. When preferredRenewalMethod is set to AUTOMATIC_RENEWAL, + the actual renewalMethod can be equal to RENEWAL_DISABLED—for example, when there are problems with the billing account + or reported domain abuse. In such cases, check the issues field on the Registration. After the problem is resolved, the + renewalMethod is automatically updated to preferredRenewalMethod in a few hours. + output: true + - name: 'preferredRenewalMethod' + type: String + description: | + The desired renewal method for this Registration. The actual renewalMethod is automatically updated to reflect this choice. + If unset or equal to RENEWAL_METHOD_UNSPECIFIED, the actual renewalMethod is treated as if it were set to AUTOMATIC_RENEWAL. + You cannot use RENEWAL_DISABLED during resource creation, and you can update the renewal status only when the Registration + resource has state ACTIVE or SUSPENDED. + + When preferredRenewalMethod is set to AUTOMATIC_RENEWAL, the actual renewalMethod can be set to RENEWAL_DISABLED in case of + problems with the billing account or reported domain abuse. In such cases, check the issues field on the Registration. After + the problem is resolved, the renewalMethod is automatically updated to preferredRenewalMethod in a few hours. + default_from_api: true + at_least_one_of: + - 'managementSettings.0.preferredRenewalMethod' + - 'managementSettings.0.transferLockState' + - name: 'transferLockState' + type: String + description: Controls whether the domain can be transferred to another registrar. Values are UNLOCKED or LOCKED. + default_from_api: true + at_least_one_of: + - 'managementSettings.0.preferredRenewalMethod' + - 'managementSettings.0.transferLockState' + - name: 'dnsSettings' + type: NestedObject + description: Settings controlling the DNS configuration of the Registration. + properties: + - name: 'customDns' + type: NestedObject + description: Configuration for an arbitrary DNS provider. + properties: + - name: 'nameServers' + type: Array + description: | + Required. A list of name servers that store the DNS zone for this domain. Each name server is a domain + name, with Unicode domain names expressed in Punycode format. + required: true + item_type: + type: String + - name: 'dsRecords' + type: Array + description: | + The list of DS records for this domain, which are used to enable DNSSEC. The domain's DNS provider can provide + the values to set here. If this field is empty, DNSSEC is disabled. + item_type: + type: NestedObject + properties: + - name: 'keyTag' + type: Integer + description: The key tag of the record. Must be set in range 0 -- 65535. + - name: 'algorithm' + type: String + description: The algorithm used to generate the referenced DNSKEY. + - name: 'digestType' + type: String + description: The hash function used to generate the digest of the referenced DNSKEY. + - name: 'digest' + type: String + description: The digest generated from the referenced DNSKEY. + - name: 'glueRecords' + type: Array + description: "The list of glue records for this Registration. Commonly empty." + item_type: + type: NestedObject + properties: + - name: 'hostName' + type: String + description: "Required. Domain name of the host in Punycode format." + required: true + - name: 'ipv4Addresses' + type: Array + description: | + List of IPv4 addresses corresponding to this host in the standard decimal format (e.g. 198.51.100.1). + At least one of ipv4_address and ipv6_address must be set. + item_type: + type: String + - name: 'ipv6Addresses' + type: Array + description: | + List of IPv4 addresses corresponding to this host in the standard decimal format (e.g. 198.51.100.1). + At least one of ipv4_address and ipv6_address must be set. + item_type: + type: String + - name: 'contactSettings' + type: NestedObject + description: Required. Settings for contact information linked to the Registration. + required: true + properties: + - name: 'privacy' + type: String + description: | + Required. Privacy setting for the contacts associated with the Registration. + Values are PUBLIC_CONTACT_DATA, PRIVATE_CONTACT_DATA, and REDACTED_CONTACT_DATA + required: true + - name: 'registrantContact' + type: NestedObject + description: | + Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain. + + Warning: For new Registrations, the registrant receives an email confirmation that they must complete within 15 days to + avoid domain suspension. + required: true + # ignore read on phone and fax numbers. Need to use custom flatten because ignore_read doesn't work with nested fields + custom_flatten: 'templates/terraform/custom_flatten/go/clouddomains_ignore_numbers_registrant.go.tmpl' + properties: + - name: 'email' + type: String + description: Required. Email address of the contact. + required: true + - name: 'phoneNumber' + type: String + description: Required. Phone number of the contact in international format. For example, "+1-800-555-0123". + required: true + - name: 'faxNumber' + type: String + description: Fax number of the contact in international format. For example, "+1-800-555-0123". + - name: 'postalAddress' + type: NestedObject + description: Required. Postal address of the contact. + required: true + properties: + - name: 'regionCode' + type: String + description: | + Required. CLDR region code of the country/region of the address. This is never inferred and it is up to the user to + ensure the value is correct. See https://cldr.unicode.org/ and + https://www.unicode.org/cldr/charts/30/supplemental/territory_information.html for details. Example: "CH" for Switzerland. + required: true + - name: 'postalCode' + type: String + description: | + Postal code of the address. Not all countries use or require postal codes to be present, but where they are used, + they may trigger additional validation with other parts of the address (e.g. state/zip validation in the U.S.A.). + - name: 'administrativeArea' + type: String + description: | + Highest administrative subdivision which is used for postal addresses of a country or region. For example, this can be a state, + a province, an oblast, or a prefecture. Specifically, for Spain this is the province and not the autonomous community + (e.g. "Barcelona" and not "Catalonia"). Many countries don't use an administrative area in postal addresses. E.g. in Switzerland + this should be left unpopulated. + - name: 'locality' + type: String + description: | + Generally refers to the city/town portion of the address. Examples: US city, IT comune, UK post town. In regions of the world + where localities are not well defined or do not fit into this structure well, leave locality empty and use addressLines. + - name: 'organization' + type: String + description: | + The name of the organization at the address. + - name: 'addressLines' + type: Array + description: | + Unstructured address lines describing the lower levels of an address. + Because values in addressLines do not have type information and may sometimes contain multiple values in a single + field (e.g. "Austin, TX"), it is important that the line order is clear. The order of address lines should be + "envelope order" for the country/region of the address. In places where this can vary (e.g. Japan), address_language + is used to make it explicit (e.g. "ja" for large-to-small ordering and "ja-Latn" or "en" for small-to-large). This way, + the most specific line of an address can be selected based on the language. + item_type: + type: String + - name: 'recipients' + type: Array + description: | + The recipient at the address. This field may, under certain circumstances, contain multiline information. For example, + it might contain "care of" information. + item_type: + type: String + - name: 'adminContact' + type: NestedObject + description: | + Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain. + + Warning: For new Registrations, the registrant receives an email confirmation that they must complete within 15 days to + avoid domain suspension. + required: true + # ignore read on phone and fax numbers. Need to use custom flatten because ignore_read doesn't work with nested fields + custom_flatten: 'templates/terraform/custom_flatten/go/clouddomains_ignore_numbers_admin.go.tmpl' + properties: + - name: 'email' + type: String + description: Required. Email address of the contact. + required: true + - name: 'phoneNumber' + type: String + description: Required. Phone number of the contact in international format. For example, "+1-800-555-0123". + required: true + - name: 'faxNumber' + type: String + description: Fax number of the contact in international format. For example, "+1-800-555-0123". + - name: 'postalAddress' + type: NestedObject + description: Required. Postal address of the contact. + required: true + properties: + - name: 'regionCode' + type: String + description: | + Required. CLDR region code of the country/region of the address. This is never inferred and it is up to the user to + ensure the value is correct. See https://cldr.unicode.org/ and + https://www.unicode.org/cldr/charts/30/supplemental/territory_information.html for details. Example: "CH" for Switzerland. + required: true + - name: 'postalCode' + type: String + description: | + Postal code of the address. Not all countries use or require postal codes to be present, but where they are used, + they may trigger additional validation with other parts of the address (e.g. state/zip validation in the U.S.A.). + - name: 'administrativeArea' + type: String + description: | + Highest administrative subdivision which is used for postal addresses of a country or region. For example, this can be a state, + a province, an oblast, or a prefecture. Specifically, for Spain this is the province and not the autonomous community + (e.g. "Barcelona" and not "Catalonia"). Many countries don't use an administrative area in postal addresses. E.g. in Switzerland + this should be left unpopulated. + - name: 'locality' + type: String + description: | + Generally refers to the city/town portion of the address. Examples: US city, IT comune, UK post town. In regions of the world + where localities are not well defined or do not fit into this structure well, leave locality empty and use addressLines. + - name: 'organization' + type: String + description: | + The name of the organization at the address. + - name: 'addressLines' + type: Array + description: | + Unstructured address lines describing the lower levels of an address. + Because values in addressLines do not have type information and may sometimes contain multiple values in a single + field (e.g. "Austin, TX"), it is important that the line order is clear. The order of address lines should be + "envelope order" for the country/region of the address. In places where this can vary (e.g. Japan), address_language + is used to make it explicit (e.g. "ja" for large-to-small ordering and "ja-Latn" or "en" for small-to-large). This way, + the most specific line of an address can be selected based on the language. + item_type: + type: String + - name: 'recipients' + type: Array + description: | + The recipient at the address. This field may, under certain circumstances, contain multiline information. For example, + it might contain "care of" information. + item_type: + type: String + - name: 'technicalContact' + type: NestedObject + description: | + Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain. + + Warning: For new Registrations, the registrant receives an email confirmation that they must complete within 15 days to + avoid domain suspension. + required: true + # ignore read on phone and fax numbers. Need to use custom flatten because ignore_read doesn't work with nested fields + custom_flatten: 'templates/terraform/custom_flatten/go/clouddomains_ignore_numbers_technical.go.tmpl' + properties: + - name: 'email' + type: String + description: Required. Email address of the contact. + required: true + - name: 'phoneNumber' + type: String + description: Required. Phone number of the contact in international format. For example, "+1-800-555-0123". + required: true + - name: 'faxNumber' + type: String + description: Fax number of the contact in international format. For example, "+1-800-555-0123". + - name: 'postalAddress' + type: NestedObject + description: Required. Postal address of the contact. + required: true + properties: + - name: 'regionCode' + type: String + description: | + Required. CLDR region code of the country/region of the address. This is never inferred and it is up to the user to + ensure the value is correct. See https://cldr.unicode.org/ and + https://www.unicode.org/cldr/charts/30/supplemental/territory_information.html for details. Example: "CH" for Switzerland. + required: true + - name: 'postalCode' + type: String + description: | + Postal code of the address. Not all countries use or require postal codes to be present, but where they are used, + they may trigger additional validation with other parts of the address (e.g. state/zip validation in the U.S.A.). + - name: 'administrativeArea' + type: String + description: | + Highest administrative subdivision which is used for postal addresses of a country or region. For example, this can be a state, + a province, an oblast, or a prefecture. Specifically, for Spain this is the province and not the autonomous community + (e.g. "Barcelona" and not "Catalonia"). Many countries don't use an administrative area in postal addresses. E.g. in Switzerland + this should be left unpopulated. + - name: 'locality' + type: String + description: | + Generally refers to the city/town portion of the address. Examples: US city, IT comune, UK post town. In regions of the world + where localities are not well defined or do not fit into this structure well, leave locality empty and use addressLines. + - name: 'organization' + type: String + description: | + The name of the organization at the address. + - name: 'addressLines' + type: Array + description: | + Unstructured address lines describing the lower levels of an address. + Because values in addressLines do not have type information and may sometimes contain multiple values in a single + field (e.g. "Austin, TX"), it is important that the line order is clear. The order of address lines should be + "envelope order" for the country/region of the address. In places where this can vary (e.g. Japan), address_language + is used to make it explicit (e.g. "ja" for large-to-small ordering and "ja-Latn" or "en" for small-to-large). This way, + the most specific line of an address can be selected based on the language. + item_type: + type: String + - name: 'recipients' + type: Array + description: | + The recipient at the address. This field may, under certain circumstances, contain multiline information. For example, + it might contain "care of" information. + item_type: + type: String diff --git a/mmv1/products/clouddomains/go_product.yaml b/mmv1/products/clouddomains/go_product.yaml new file mode 100644 index 000000000000..7f7c87b9d838 --- /dev/null +++ b/mmv1/products/clouddomains/go_product.yaml @@ -0,0 +1,24 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Clouddomains' +display_name: 'Cloud Domains' +versions: + - name: 'ga' + base_url: 'https://domains.googleapis.com/v1/' + - name: 'beta' + base_url: 'https://domains.googleapis.com/v1beta1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/clouddomains/product.yaml b/mmv1/products/clouddomains/product.yaml index 3d41bbe2a549..4bd0244f43ea 100644 --- a/mmv1/products/clouddomains/product.yaml +++ b/mmv1/products/clouddomains/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,7 +15,29 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: Clouddomains +display_name: Cloud Domains +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://domains.googleapis.com/v1/ + - !ruby/object:Api::Product::Version + name: beta + base_url: https://domains.googleapis.com/v1beta1/ +scopes: + - https://www.googleapis.com/auth/cloud-platform +======= +# Warning: This is a temporary file, and should not be edited directly --- +<<<<<<<< HEAD:mmv1/products/cloudbuildv2/go_product.yaml +name: 'Cloudbuildv2' +display_name: 'Cloud Build v2' +versions: + - name: 'ga' + base_url: 'https://cloudbuild.googleapis.com/v2/' +======== name: 'Clouddomains' display_name: 'Cloud Domains' versions: @@ -19,5 +45,7 @@ versions: base_url: 'https://domains.googleapis.com/v1/' - name: 'beta' base_url: 'https://domains.googleapis.com/v1beta1/' +>>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856:mmv1/products/clouddomains/product.yaml scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/cloudfunctions/CloudFunction.yaml b/mmv1/products/cloudfunctions/CloudFunction.yaml index e09afc57d7ed..a32decbc3742 100644 --- a/mmv1/products/cloudfunctions/CloudFunction.yaml +++ b/mmv1/products/cloudfunctions/CloudFunction.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,49 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'CloudFunction' +base_url: projects/{{project}}/locations/{{region}}/functions +create_verb: :POST +description: | + A Cloud Function that contains user computation executed in response to an event. +collection_url_key: 'functions' +update_mask: true +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +iam_policy: !ruby/object:Api::Resource::IamPolicy + parent_resource_attribute: 'cloud_function' + method_name_separator: ':' + +legacy_name: 'google_cloudfunctions_function' +id_format: 'projects/{{project}}/locations/{{region}}/functions/{{cloud_function}}' +import_format: + ['projects/{{project}}/locations/{{region}}/functions/{{cloud_function}}'] +exclude_resource: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'cloudfunctions_cloud_function' + primary_resource_id: 'function' + primary_resource_name: "fmt.Sprintf(\"tf-test-my-function%s\", + context[\"random_suffix\"\ + ])" +======= --- name: 'CloudFunction' legacy_name: 'google_cloudfunctions_function' @@ -50,21 +97,60 @@ examples: - name: 'cloudfunctions_cloud_function' primary_resource_id: 'function' primary_resource_name: 'fmt.Sprintf("tf-test-my-function%s", context["random_suffix"])' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: function_name: 'my-function' bucket_name: 'cloudfunctions-function-example-bucket' zip_path: 'path/to/index.zip' test_vars_overrides: +<<<<<<< HEAD + zip_path: 'acctest.CreateZIPArchiveForCloudFunctionSource(t, testHTTPTriggerPath)' +parameters: + - !ruby/object:Api::Type::String + name: 'region' + required: true + description: The location of this cloud function. +======= 'zip_path': 'acctest.CreateZIPArchiveForCloudFunctionSource(t, testHTTPTriggerPath)' parameters: - name: 'region' type: String description: The location of this cloud function. required: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # This is not a real API field. # This is a more user-centric way for users to specify # that they want to use a HTTP Trigger rather than # send httpsTrigger with an empty dictionary. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'trigger_http' + description: 'Use HTTP to trigger this function' +properties: + - !ruby/object:Api::Type::String + name: 'name' + required: true + description: | + A user-defined name of the function. Function names must + be unique globally and match pattern `projects/*/locations/*/functions/*`. + - !ruby/object:Api::Type::String + name: 'description' + description: 'User-provided description of a function.' + - !ruby/object:Api::Type::Enum + name: 'status' + output: true + description: | + Status of the function deployment. + values: + - :CLOUD_FUNCTION_STATUS_UNSPECIFIED + - :ACTOVE + - :OFFLINE + - :DEPLOY_IN_PROGRESS + - :DELETE_IN_PROGRESS + - :UNKNOWN + - !ruby/object:Api::Type::String + name: 'entryPoint' +======= - name: 'trigger_http' type: Boolean description: 'Use HTTP to trigger this function' @@ -92,12 +178,22 @@ properties: - 'UNKNOWN' - name: 'entryPoint' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". For Node.js this is name of a function exported by the module specified in source_location. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'runtime' + description: | + The runtime in which the function is going to run. If empty, + defaults to Node.js 6. + - !ruby/object:Api::Type::String + name: 'timeout' +======= - name: 'runtime' type: String description: | @@ -105,10 +201,44 @@ properties: defaults to Node.js 6. - name: 'timeout' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The function execution timeout. Execution is considered failed and can be terminated if the function is not completed at the end of the timeout period. Defaults to 60 seconds. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'availableMemoryMb' + description: 'The amount of memory in MB available for a function.' + - !ruby/object:Api::Type::String + name: 'serviceAccountEmail' + output: true + description: 'The email of the service account for this function.' + - !ruby/object:Api::Type::String + name: 'buildServiceAccount' + default_from_api: true + description: 'The fully-qualified name of the service account to be used for the build step of deploying this function' + - !ruby/object:Api::Type::String + name: 'updateTime' + output: true + description: 'The last update timestamp of a Cloud Function' + - !ruby/object:Api::Type::String + name: 'versionId' + output: true + description: | + The version identifier of the Cloud Function. Each deployment attempt + results in a new version of a function being created. + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: | + A set of key/value label pairs associated with this Cloud Function. + - !ruby/object:Api::Type::KeyValuePairs + name: 'environmentVariables' + description: | + Environment variables that shall be available during function execution. + - !ruby/object:Api::Type::String + name: 'sourceArchiveUrl' +======= - name: 'availableMemoryMb' type: Integer description: 'The amount of memory in MB available for a function.' @@ -140,10 +270,61 @@ properties: Environment variables that shall be available during function execution. - name: 'sourceArchiveUrl' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The Google Cloud Storage URL, starting with gs://, pointing to the zip archive which contains the function. exactly_one_of: +<<<<<<< HEAD + - source_repository + - source_archive_url + - source_upload_url + - !ruby/object:Api::Type::String + name: 'sourceUploadUrl' + description: | + The Google Cloud Storage signed URL used for source uploading. + exactly_one_of: + - source_repository + - source_archive_url + - source_upload_url + - !ruby/object:Api::Type::NestedObject + name: 'sourceRepository' + description: | + The source repository where a function is hosted. + exactly_one_of: + - source_repository + - source_archive_url + - source_upload_url + properties: + - !ruby/object:Api::Type::String + name: 'url' + required: true + description: | + The URL pointing to the hosted repository where the function is defined + - !ruby/object:Api::Type::String + name: 'deployedUrl' + output: true + description: | + The URL pointing to the hosted repository where the function were defined + at the time of deployment. + - !ruby/object:Api::Type::NestedObject + name: 'httpsTrigger' + description: | + An HTTPS endpoint type of source that can be triggered via URL. + properties: + - !ruby/object:Api::Type::String + name: 'url' + output: true + description: 'The deployed url for the function.' + - !ruby/object:Api::Type::NestedObject + name: 'eventTrigger' + description: | + An HTTPS endpoint type of source that can be triggered via URL. + properties: + - !ruby/object:Api::Type::String + name: 'eventType' + required: true +======= - 'source_repository' - 'source_archive_url' - 'source_upload_url' @@ -191,10 +372,21 @@ properties: properties: - name: 'eventType' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The type of event to observe. For example: `providers/cloud.storage/eventTypes/object.change` and `providers/cloud.pubsub/eventTypes/topic.publish`. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'resource' + required: true + description: | + The resource(s) from which to observe events, + for example, `projects/_/buckets/myBucket.` + - !ruby/object:Api::Type::String + name: 'service' +======= required: true - name: 'resource' type: String @@ -204,5 +396,6 @@ properties: required: true - name: 'service' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The hostname of the service that should be observed. diff --git a/mmv1/products/cloudfunctions/go_CloudFunction.yaml b/mmv1/products/cloudfunctions/go_CloudFunction.yaml new file mode 100644 index 000000000000..e8ba6ea7a8b1 --- /dev/null +++ b/mmv1/products/cloudfunctions/go_CloudFunction.yaml @@ -0,0 +1,209 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'CloudFunction' +legacy_name: 'google_cloudfunctions_function' +description: | + A Cloud Function that contains user computation executed in response to an event. +exclude_resource: true +docs: +id_format: 'projects/{{project}}/locations/{{region}}/functions/{{cloud_function}}' +base_url: 'projects/{{project}}/locations/{{region}}/functions' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{region}}/functions/{{cloud_function}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +collection_url_key: 'functions' +iam_policy: + method_name_separator: ':' + parent_resource_attribute: 'cloud_function' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' +custom_code: +examples: + - name: 'cloudfunctions_cloud_function' + primary_resource_id: 'function' + primary_resource_name: 'fmt.Sprintf("tf-test-my-function%s", context["random_suffix"])' + vars: + function_name: 'my-function' + bucket_name: 'cloudfunctions-function-example-bucket' + zip_path: 'path/to/index.zip' + test_vars_overrides: + 'zip_path': 'acctest.CreateZIPArchiveForCloudFunctionSource(t, testHTTPTriggerPath)' +parameters: + - name: 'region' + type: String + description: The location of this cloud function. + required: true + # This is not a real API field. + # This is a more user-centric way for users to specify + # that they want to use a HTTP Trigger rather than + # send httpsTrigger with an empty dictionary. + - name: 'trigger_http' + type: Boolean + description: 'Use HTTP to trigger this function' +properties: + - name: 'name' + type: String + description: | + A user-defined name of the function. Function names must + be unique globally and match pattern `projects/*/locations/*/functions/*`. + required: true + - name: 'description' + type: String + description: 'User-provided description of a function.' + - name: 'status' + type: Enum + description: | + Status of the function deployment. + output: true + enum_values: + - 'CLOUD_FUNCTION_STATUS_UNSPECIFIED' + - 'ACTOVE' + - 'OFFLINE' + - 'DEPLOY_IN_PROGRESS' + - 'DELETE_IN_PROGRESS' + - 'UNKNOWN' + - name: 'entryPoint' + type: String + description: | + The name of the function (as defined in source code) that will be executed. + Defaults to the resource name suffix, if not specified. For backward + compatibility, if function with given name is not found, then the system + will try to use function named "function". For Node.js this is name of a + function exported by the module specified in source_location. + - name: 'runtime' + type: String + description: | + The runtime in which the function is going to run. If empty, + defaults to Node.js 6. + - name: 'timeout' + type: String + description: | + The function execution timeout. Execution is considered failed and can + be terminated if the function is not completed at the end of the timeout + period. Defaults to 60 seconds. + - name: 'availableMemoryMb' + type: Integer + description: 'The amount of memory in MB available for a function.' + - name: 'serviceAccountEmail' + type: String + description: 'The email of the service account for this function.' + output: true + - name: 'buildServiceAccount' + type: String + description: 'The fully-qualified name of the service account to be used for the build step of deploying this function' + default_from_api: true + - name: 'updateTime' + type: String + description: 'The last update timestamp of a Cloud Function' + output: true + - name: 'versionId' + type: String + description: | + The version identifier of the Cloud Function. Each deployment attempt + results in a new version of a function being created. + output: true + - name: 'labels' + type: KeyValueLabels + description: | + A set of key/value label pairs associated with this Cloud Function. + - name: 'environmentVariables' + type: KeyValuePairs + description: | + Environment variables that shall be available during function execution. + - name: 'sourceArchiveUrl' + type: String + description: | + The Google Cloud Storage URL, starting with gs://, pointing to the zip + archive which contains the function. + exactly_one_of: + - 'source_repository' + - 'source_archive_url' + - 'source_upload_url' + - name: 'sourceUploadUrl' + type: String + description: | + The Google Cloud Storage signed URL used for source uploading. + exactly_one_of: + - 'source_repository' + - 'source_archive_url' + - 'source_upload_url' + - name: 'sourceRepository' + type: NestedObject + description: | + The source repository where a function is hosted. + exactly_one_of: + - 'source_repository' + - 'source_archive_url' + - 'source_upload_url' + properties: + - name: 'url' + type: String + description: | + The URL pointing to the hosted repository where the function is defined + required: true + - name: 'deployedUrl' + type: String + description: | + The URL pointing to the hosted repository where the function were defined + at the time of deployment. + output: true + - name: 'httpsTrigger' + type: NestedObject + description: | + An HTTPS endpoint type of source that can be triggered via URL. + properties: + - name: 'url' + type: String + description: 'The deployed url for the function.' + output: true + - name: 'eventTrigger' + type: NestedObject + description: | + An HTTPS endpoint type of source that can be triggered via URL. + properties: + - name: 'eventType' + type: String + description: | + The type of event to observe. For example: + `providers/cloud.storage/eventTypes/object.change` and + `providers/cloud.pubsub/eventTypes/topic.publish`. + required: true + - name: 'resource' + type: String + description: | + The resource(s) from which to observe events, + for example, `projects/_/buckets/myBucket.` + required: true + - name: 'service' + type: String + description: | + The hostname of the service that should be observed. diff --git a/mmv1/products/cloudfunctions/go_product.yaml b/mmv1/products/cloudfunctions/go_product.yaml new file mode 100644 index 000000000000..0992b4ca143e --- /dev/null +++ b/mmv1/products/cloudfunctions/go_product.yaml @@ -0,0 +1,23 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'CloudFunctions' +legacy_name: 'cloudfunctions' +display_name: 'Cloud Functions' +versions: + - name: 'ga' + base_url: 'https://cloudfunctions.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/cloudfunctions/product.yaml b/mmv1/products/cloudfunctions/product.yaml index 1ed0c30be222..d3af9595f06b 100644 --- a/mmv1/products/cloudfunctions/product.yaml +++ b/mmv1/products/cloudfunctions/product.yaml @@ -1,3 +1,13 @@ +<<<<<<< HEAD +# Copyright 2022 Google LLC. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +======= # Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -5,11 +15,41 @@ # # http://www.apache.org/licenses/LICENSE-2.0 # +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +<<<<<<<< HEAD:mmv1/products/cloudfunctions/product.yaml + +--- !ruby/object:Api::Product +name: CloudFunctions +display_name: Cloud Functions +legacy_name: 'cloudfunctions' +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://cloudfunctions.googleapis.com/v1/ +scopes: + - https://www.googleapis.com/auth/cloud-platform +======== +name: storage_release +description: Creates a Firebase Rules Release for a Storage bucket +type: release +versions: +- beta +resource: ./storage_release.tf.tmpl +variables: +- name: project + type: project +- name: region + type: region +- name: bucket + type: resource_name +>>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856:tpgtools/overrides/firebaserules/samples/release/storage_release.yaml +======= --- name: 'CloudFunctions' @@ -20,3 +60,4 @@ versions: base_url: 'https://cloudfunctions.googleapis.com/v1/' scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/cloudfunctions2/Function.yaml b/mmv1/products/cloudfunctions2/Function.yaml index c5dadbe2b121..1490ace331ec 100644 --- a/mmv1/products/cloudfunctions2/Function.yaml +++ b/mmv1/products/cloudfunctions2/Function.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,58 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'function' +base_url: projects/{{project}}/locations/{{location}}/functions +create_url: projects/{{project}}/locations/{{location}}/functions?functionId={{name}} +self_link: projects/{{project}}/locations/{{location}}/functions/{{name}} +create_verb: :POST +update_verb: :PATCH +references: !ruby/object:Api::Resource::ReferenceLinks + api: 'https://cloud.google.com/functions/docs/reference/rest/v2beta/projects.locations.functions' +description: | + A Cloud Function that contains user computation executed in response to an event. +collection_url_key: 'functions' +update_mask: true +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + # It takes about 35-40 mins to get the resource created + timeouts: !ruby/object:Api::Timeouts + insert_minutes: 60 + update_minutes: 60 + delete_minutes: 60 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +id_format: 'projects/{{project}}/locations/{{location}}/functions/{{name}}' +import_format: + ['projects/{{project}}/locations/{{location}}/functions/{{name}}'] +taint_resource_on_failed_create: true +autogen_async: true +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: 'templates/terraform/constants/cloudfunctions2_function.go.erb' + encoder: 'templates/terraform/encoders/cloudfunctions2_runtime_update_policy.go.erb' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'cloudfunctions2_basic' + primary_resource_id: 'function' + primary_resource_name: "fmt.Sprintf(\"tf-test-function-v2%s\", + context[\"random_suffix\"\ + ])" +======= --- name: 'function' description: | @@ -65,20 +121,34 @@ examples: - name: 'cloudfunctions2_basic' primary_resource_id: 'function' primary_resource_name: 'fmt.Sprintf("tf-test-function-v2%s", context["random_suffix"])' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: function: 'function-v2' bucket_name: 'gcf-source' zip_path: 'function-source.zip' test_env_vars: +<<<<<<< HEAD + project: :PROJECT_NAME + test_vars_overrides: + location: + '"us-central1"' + zip_path: '"./test-fixtures/function-source.zip"' +======= project: 'PROJECT_NAME' test_vars_overrides: 'location': '"us-central1"' 'zip_path': '"./test-fixtures/function-source.zip"' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # ignore these fields during import step ignore_read_extra: - 'build_config.0.source.0.storage_source.0.object' - 'build_config.0.source.0.storage_source.0.bucket' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'cloudfunctions2_full' +======= - name: 'cloudfunctions2_full' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'function' vars: bucket_name: 'gcf-source' @@ -87,16 +157,30 @@ examples: function: 'gcf-function' zip_path: 'function-source.zip' test_env_vars: +<<<<<<< HEAD + project: :PROJECT_NAME + test_vars_overrides: + zip_path: '"./test-fixtures/function-source-pubsub.zip"' + primary_resource_id: '"terraform-test"' + location: + '"us-central1"' +======= project: 'PROJECT_NAME' test_vars_overrides: 'zip_path': '"./test-fixtures/function-source-pubsub.zip"' 'primary_resource_id': '"terraform-test"' 'location': '"us-central1"' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # ignore these fields during import step ignore_read_extra: - 'build_config.0.source.0.storage_source.0.object' - 'build_config.0.source.0.storage_source.0.bucket' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'cloudfunctions2_scheduler_auth' +======= - name: 'cloudfunctions2_scheduler_auth' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'function' vars: bucket_name: 'gcf-source' @@ -104,17 +188,32 @@ examples: function: 'gcf-function' zip_path: 'function-source.zip' test_env_vars: +<<<<<<< HEAD + project: :PROJECT_NAME + test_vars_overrides: + primary_resource_id: '"terraform-test"' + location: + '"us-central1"' + zip_path: '"./test-fixtures/function-source.zip"' +======= project: 'PROJECT_NAME' test_vars_overrides: 'primary_resource_id': '"terraform-test"' 'location': '"us-central1"' 'zip_path': '"./test-fixtures/function-source.zip"' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # ignore these fields during import step ignore_read_extra: - 'build_config.0.source.0.storage_source.0.object' - 'build_config.0.source.0.storage_source.0.bucket' +<<<<<<< HEAD + skip_test: true + - !ruby/object:Provider::Terraform::Examples + name: 'cloudfunctions2_basic_gcs' +======= exclude_test: true - name: 'cloudfunctions2_basic_gcs' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'function' vars: bucket_name_source: 'gcf-source-bucket' @@ -123,16 +222,32 @@ examples: function_name: 'gcf-function' zip_path: 'function-source.zip' test_env_vars: +<<<<<<< HEAD + project: :PROJECT_NAME + test_vars_overrides: + zip_path: '"./test-fixtures/function-source-eventarc-gcs.zip"' + primary_resource_id: '"terraform-test"' + policyChanged: + "acctest.BootstrapPSARole(t, \"service-\", \"gcp-sa-pubsub\", + \"roles/cloudkms.cryptoKeyEncrypterDecrypter\"\ + )" +======= project: 'PROJECT_NAME' test_vars_overrides: 'zip_path': '"./test-fixtures/function-source-eventarc-gcs.zip"' 'primary_resource_id': '"terraform-test"' 'policyChanged': 'acctest.BootstrapPSARole(t, "service-", "gcp-sa-pubsub", "roles/cloudkms.cryptoKeyEncrypterDecrypter")' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # ignore these fields during import step ignore_read_extra: - 'build_config.0.source.0.storage_source.0.object' - 'build_config.0.source.0.storage_source.0.bucket' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'cloudfunctions2_basic_auditlogs' +======= - name: 'cloudfunctions2_basic_auditlogs' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'function' vars: bucket_name_source: 'gcf-source-bucket' @@ -141,34 +256,67 @@ examples: function_name: 'gcf-function' zip_path: 'function-source.zip' test_env_vars: +<<<<<<< HEAD + project: :PROJECT_NAME + test_vars_overrides: + zip_path: '"./test-fixtures/function-source-eventarc-gcs.zip"' + primary_resource_id: '"terraform-test"' + policyChanged: + "acctest.BootstrapPSARole(t, \"service-\", \"gcp-sa-pubsub\", + \"roles/cloudkms.cryptoKeyEncrypterDecrypter\"\ + )" +======= project: 'PROJECT_NAME' test_vars_overrides: 'zip_path': '"./test-fixtures/function-source-eventarc-gcs.zip"' 'primary_resource_id': '"terraform-test"' 'policyChanged': 'acctest.BootstrapPSARole(t, "service-", "gcp-sa-pubsub", "roles/cloudkms.cryptoKeyEncrypterDecrypter")' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # ignore these fields during import step ignore_read_extra: - 'build_config.0.source.0.storage_source.0.object' - 'build_config.0.source.0.storage_source.0.bucket' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'cloudfunctions2_basic_builder' + primary_resource_id: 'function' + primary_resource_name: "fmt.Sprintf(\"tf-test-function-v2%s\", + context[\"random_suffix\"\ + ])" +======= - name: 'cloudfunctions2_basic_builder' primary_resource_id: 'function' primary_resource_name: 'fmt.Sprintf("tf-test-function-v2%s", context["random_suffix"])' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: function: 'function-v2' bucket_name: 'gcf-source' zip_path: 'function-source.zip' service_account: 'gcf-sa' test_env_vars: +<<<<<<< HEAD + project: :PROJECT_NAME + test_vars_overrides: + location: + '"us-central1"' + zip_path: '"./test-fixtures/function-source.zip"' +======= project: 'PROJECT_NAME' test_vars_overrides: 'location': '"us-central1"' 'zip_path': '"./test-fixtures/function-source.zip"' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # ignore these fields during import step ignore_read_extra: - 'build_config.0.source.0.storage_source.0.object' - 'build_config.0.source.0.storage_source.0.bucket' external_providers: ["random", "time"] +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'cloudfunctions2_secret_env' +======= - name: 'cloudfunctions2_secret_env' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'function' vars: function: 'function-secret' @@ -176,16 +324,32 @@ examples: zip_path: 'function-source.zip' secret: 'secret' test_env_vars: +<<<<<<< HEAD + project: :PROJECT_NAME + test_vars_overrides: + location: '"us-central1"' + zip_path: '"./test-fixtures/function-source.zip"' + policyChanged: + "acctest.BootstrapPSARole(t, \"service-\", \"gcp-sa-pubsub\", + \"roles/cloudkms.cryptoKeyEncrypterDecrypter\"\ + )" +======= project: 'PROJECT_NAME' test_vars_overrides: 'location': '"us-central1"' 'zip_path': '"./test-fixtures/function-source.zip"' 'policyChanged': 'acctest.BootstrapPSARole(t, "service-", "gcp-sa-pubsub", "roles/cloudkms.cryptoKeyEncrypterDecrypter")' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # ignore these fields during import step ignore_read_extra: - 'build_config.0.source.0.storage_source.0.object' - 'build_config.0.source.0.storage_source.0.bucket' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'cloudfunctions2_secret_volume' +======= - name: 'cloudfunctions2_secret_volume' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'function' vars: function: 'function-secret' @@ -193,16 +357,32 @@ examples: zip_path: 'function-source.zip' secret: 'secret' test_env_vars: +<<<<<<< HEAD + project: :PROJECT_NAME + test_vars_overrides: + location: '"us-central1"' + zip_path: '"./test-fixtures/function-source.zip"' + policyChanged: + "acctest.BootstrapPSARole(t, \"service-\", \"gcp-sa-pubsub\", + \"roles/cloudkms.cryptoKeyEncrypterDecrypter\"\ + )" +======= project: 'PROJECT_NAME' test_vars_overrides: 'location': '"us-central1"' 'zip_path': '"./test-fixtures/function-source.zip"' 'policyChanged': 'acctest.BootstrapPSARole(t, "service-", "gcp-sa-pubsub", "roles/cloudkms.cryptoKeyEncrypterDecrypter")' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # ignore these fields during import step ignore_read_extra: - 'build_config.0.source.0.storage_source.0.object' - 'build_config.0.source.0.storage_source.0.bucket' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'cloudfunctions2_private_workerpool' +======= - name: 'cloudfunctions2_private_workerpool' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'function' vars: function: 'function-workerpool' @@ -210,17 +390,34 @@ examples: zip_path: 'function-source.zip' pool: 'workerpool' test_env_vars: +<<<<<<< HEAD + project: :PROJECT_NAME + test_vars_overrides: + location: + '"us-central1"' + zip_path: '"./test-fixtures/function-source.zip"' +======= project: 'PROJECT_NAME' test_vars_overrides: 'location': '"us-central1"' 'zip_path': '"./test-fixtures/function-source.zip"' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # ignore these fields during import step ignore_read_extra: - 'build_config.0.source.0.storage_source.0.object' - 'build_config.0.source.0.storage_source.0.bucket' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'cloudfunctions2_cmek' + skip_docs: true # the example file is written in a repetitive way to help acc tests, so exclude + skip_vcr: true + primary_resource_id: 'function' + min_version: beta +======= - name: 'cloudfunctions2_cmek' primary_resource_id: 'function' min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: function: 'function-cmek' bucket_name: 'gcf-source' @@ -230,21 +427,38 @@ examples: unencoded-ar-repo: 'ar-repo' kms_key_name: 'cmek-key' test_env_vars: +<<<<<<< HEAD + project: :PROJECT_NAME + test_vars_overrides: + kms_key_name: 'acctest.BootstrapKMSKeyInLocation(t, "us-central1").CryptoKey.Name' + location: + '"us-central1"' + zip_path: '"./test-fixtures/function-source.zip"' +======= project: 'PROJECT_NAME' test_vars_overrides: 'kms_key_name': 'acctest.BootstrapKMSKeyInLocation(t, "us-central1").CryptoKey.Name' 'location': '"us-central1"' 'zip_path': '"./test-fixtures/function-source.zip"' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # ignore these fields during import step ignore_read_extra: - 'build_config.0.source.0.storage_source.0.object' - 'build_config.0.source.0.storage_source.0.bucket' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'cloudfunctions2_cmek_docs' + skip_test: true # this example file will cause IAM conflicts between tests if used to make a test + primary_resource_id: 'function' + min_version: beta +======= # the example file is written in a repetitive way to help acc tests, so exclude exclude_docs: true skip_vcr: true - name: 'cloudfunctions2_cmek_docs' primary_resource_id: 'function' min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: function: 'function-cmek' bucket_name: 'gcf-source' @@ -254,11 +468,18 @@ examples: unencoded-ar-repo: 'ar-repo' kms_key_name: 'cmek-key' project: 'my-project-name' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'cloudfunctions2_abiu' + primary_resource_id: 'function' + min_version: beta +======= # this example file will cause IAM conflicts between tests if used to make a test exclude_test: true - name: 'cloudfunctions2_abiu' primary_resource_id: 'function' min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: bucket_name: 'gcf-source' service_account: 'gcf-sa' @@ -266,18 +487,34 @@ examples: function: 'gcf-function' zip_path: 'function-source.zip' test_env_vars: +<<<<<<< HEAD + project: :PROJECT_NAME + test_vars_overrides: + zip_path: '"./test-fixtures/function-source-pubsub.zip"' + primary_resource_id: '"terraform-test"' + location: + '"europe-west6"' +======= project: 'PROJECT_NAME' test_vars_overrides: 'zip_path': '"./test-fixtures/function-source-pubsub.zip"' 'primary_resource_id': '"terraform-test"' 'location': '"europe-west6"' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # ignore these fields during import step ignore_read_extra: - 'build_config.0.source.0.storage_source.0.object' - 'build_config.0.source.0.storage_source.0.bucket' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'cloudfunctions2_abiu_on_deploy' + primary_resource_id: 'function' + min_version: beta +======= - name: 'cloudfunctions2_abiu_on_deploy' primary_resource_id: 'function' min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: bucket_name: 'gcf-source' service_account: 'gcf-sa' @@ -285,15 +522,79 @@ examples: function: 'gcf-function' zip_path: 'function-source.zip' test_env_vars: +<<<<<<< HEAD + project: :PROJECT_NAME + test_vars_overrides: + zip_path: '"./test-fixtures/function-source-pubsub.zip"' + primary_resource_id: '"terraform-test"' + location: + '"europe-west6"' +======= project: 'PROJECT_NAME' test_vars_overrides: 'zip_path': '"./test-fixtures/function-source-pubsub.zip"' 'primary_resource_id': '"terraform-test"' 'location': '"europe-west6"' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # ignore these fields during import step ignore_read_extra: - 'build_config.0.source.0.storage_source.0.object' - 'build_config.0.source.0.storage_source.0.bucket' +<<<<<<< HEAD +iam_policy: !ruby/object:Api::Resource::IamPolicy + parent_resource_attribute: 'cloud_function' + method_name_separator: ':' + import_format: + [ + 'projects/{{project}}/locations/{{location}}/functions/{{cloud_function}}', + '{{cloud_function}}', + ] +parameters: + - !ruby/object:Api::Type::String + name: 'location' + immutable: true + required: true + url_param_only: true + description: The location of this cloud function. +properties: + - !ruby/object:Api::Type::String + name: 'name' + required: true + immutable: true + description: | + A user-defined name of the function. Function names must + be unique globally and match pattern `projects/*/locations/*/functions/*`. + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + custom_expand: 'templates/terraform/custom_expand/shortname_to_url.go.erb' + - !ruby/object:Api::Type::String + name: 'description' + description: 'User-provided description of a function.' + - !ruby/object:Api::Type::Enum + name: 'environment' + output: true + description: 'The environment the function is hosted on.' + values: + - :ENVIRONMENT_UNSPECIFIED + - :GEN_1 + - :GEN_2 + - !ruby/object:Api::Type::String + name: 'url' + output: true + description: 'Output only. The deployed url for the function.' + - !ruby/object:Api::Type::Enum + name: 'state' + output: true + description: 'Describes the current state of the function.' + values: + - :STATE_UNSPECIFIED + - :ACTIVE + - :FAILED + - :DEPLOYING + - :DELETING + - :UNKNOWN + - !ruby/object:Api::Type::NestedObject + name: 'buildConfig' +======= parameters: - name: 'location' type: String @@ -339,16 +640,31 @@ properties: - 'UNKNOWN' - name: 'buildConfig' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Describes the Build step of the function that builds a container from the given source. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'build' +======= - name: 'build' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The Cloud Build name of the latest successful deployment of the function. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'runtime' + description: | + The runtime in which to run the function. Required when deploying a new + function, optional when updating an existing function. + - !ruby/object:Api::Type::String + name: 'entryPoint' +======= - name: 'runtime' type: String description: | @@ -356,22 +672,55 @@ properties: function, optional when updating an existing function. - name: 'entryPoint' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". For Node.js this is name of a function exported by the module specified in source_location. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'source' + description: 'The location of the function source code.' + properties: + - !ruby/object:Api::Type::NestedObject + name: 'storageSource' +======= - name: 'source' type: NestedObject description: 'The location of the function source code.' properties: - name: 'storageSource' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: 'If provided, get the source from this location in Google Cloud Storage.' exactly_one_of: +<<<<<<< HEAD + - storage_source + - repo_source + properties: + - !ruby/object:Api::Type::String + name: 'bucket' + description: 'Google Cloud Storage bucket containing the source' + custom_flatten: 'templates/terraform/custom_flatten/cloudfunctions2_function_source_bucket.go.erb' + - !ruby/object:Api::Type::String + name: 'object' + description: + 'Google Cloud Storage object containing the source.' + custom_flatten: 'templates/terraform/custom_flatten/cloudfunctions2_function_source_object.go.erb' + - !ruby/object:Api::Type::Integer + name: 'generation' + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/cloudfunctions2_function_source_generation.go.erb' + description: | + Google Cloud Storage generation for the object. If the generation + is omitted, the latest generation will be used. + - !ruby/object:Api::Type::NestedObject + name: 'repoSource' +======= - 'storage_source' - 'repo_source' properties: @@ -393,10 +742,112 @@ properties: custom_flatten: 'templates/terraform/custom_flatten/cloudfunctions2_function_source_generation.go.tmpl' - name: 'repoSource' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: 'If provided, get the source from this location in a Cloud Source Repository.' exactly_one_of: +<<<<<<< HEAD + - storage_source + - repo_source + properties: + - !ruby/object:Api::Type::String + name: 'projectId' + immutable: true + description: | + ID of the project that owns the Cloud Source Repository. If omitted, the + project ID requesting the build is assumed. + - !ruby/object:Api::Type::String + name: 'repoName' + description: 'Name of the Cloud Source Repository.' + - !ruby/object:Api::Type::String + name: 'branchName' + description: 'Regex matching branches to build.' + exactly_one_of: + - branch_name + - tag_name + - commit_sha + - !ruby/object:Api::Type::String + name: 'tagName' + description: 'Regex matching tags to build.' + exactly_one_of: + - branch_name + - tag_name + - commit_sha + - !ruby/object:Api::Type::String + name: 'commitSha' + description: 'Regex matching tags to build.' + exactly_one_of: + - branch_name + - tag_name + - commit_sha + - !ruby/object:Api::Type::String + name: 'dir' + description: | + Directory, relative to the source root, in which to run the build. + - !ruby/object:Api::Type::Boolean + name: 'invertRegex' + description: | + Only trigger a build if the revision regex does + NOT match the revision regex. + - !ruby/object:Api::Type::String + name: 'workerPool' + description: + 'Name of the Cloud Build Custom Worker Pool that should be used to + build the function.' + - !ruby/object:Api::Type::KeyValuePairs + name: 'environmentVariables' + description: | + User-provided build-time environment variables for the function. + default_from_api: true + - !ruby/object:Api::Type::String + name: 'dockerRepository' + description: | + User managed repository created in Artifact Registry optionally with a customer managed encryption key. + default_from_api: true + - !ruby/object:Api::Type::String + name: 'serviceAccount' + description: 'The fully-qualified name of the service account to be used for building the container.' + default_from_api: true + - !ruby/object:Api::Type::NestedObject + name: 'automaticUpdatePolicy' + description: | + Security patches are applied automatically to the runtime without requiring + the function to be redeployed. + exactly_one_of: + - automatic_update_policy + - on_deploy_update_policy + send_empty_value: true + allow_empty_object: true + default_from_api: true + properties: [] + - !ruby/object:Api::Type::NestedObject + name: 'onDeployUpdatePolicy' + description: | + Security patches are only applied when a function is redeployed. + exactly_one_of: + - automatic_update_policy + - on_deploy_update_policy + send_empty_value: true + allow_empty_object: true + properties: + - !ruby/object:Api::Type::String + name: 'runtimeVersion' + output: true + description: | + The runtime version which was used during latest function deployment. + - !ruby/object:Api::Type::NestedObject + name: 'serviceConfig' + description: 'Describes the Service being deployed.' + properties: + - !ruby/object:Api::Type::String + name: 'service' + description: | + Name of the service associated with a Function. + default_from_api: true + - !ruby/object:Api::Type::Integer + name: 'timeoutSeconds' +======= - 'storage_source' - 'repo_source' properties: @@ -497,43 +948,111 @@ properties: default_from_api: true - name: 'timeoutSeconds' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The function execution timeout. Execution is considered failed and can be terminated if the function is not completed at the end of the timeout period. Defaults to 60 seconds. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'availableMemory' +======= - name: 'availableMemory' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The amount of memory available for a function. Defaults to 256M. Supported units are k, M, G, Mi, Gi. If no unit is supplied the value is interpreted as bytes. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'maxInstanceRequestConcurrency' +======= - name: 'maxInstanceRequestConcurrency' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: 'Sets the maximum number of concurrent requests that each instance can receive. Defaults to 1.' default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'availableCpu' +======= - name: 'availableCpu' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: 'The number of CPUs used in a single container instance. Default value is calculated from available memory.' default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::KeyValuePairs + name: 'environmentVariables' +======= - name: 'environmentVariables' type: KeyValuePairs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: 'Environment variables that shall be available during function execution.' default_from_api: true diff_suppress_func: 'environmentVariablesDiffSuppress' +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'maxInstanceCount' +======= - name: 'maxInstanceCount' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The limit on the maximum number of function instances that may coexist at a given time. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'minInstanceCount' + description: | + The limit on the minimum number of function instances that may coexist at a + given time. + - !ruby/object:Api::Type::String + name: 'vpcConnector' + description: + 'The Serverless VPC Access connector that this cloud function can + connect to.' + - !ruby/object:Api::Type::Enum + name: 'vpcConnectorEgressSettings' + description: 'Available egress settings.' + values: + - :VPC_CONNECTOR_EGRESS_SETTINGS_UNSPECIFIED + - :PRIVATE_RANGES_ONLY + - :ALL_TRAFFIC + - !ruby/object:Api::Type::Enum + name: 'ingressSettings' + description: + 'Available ingress settings. Defaults to "ALLOW_ALL" if unspecified.' + values: + - :ALLOW_ALL + - :ALLOW_INTERNAL_ONLY + - :ALLOW_INTERNAL_AND_GCLB + default_value: :ALLOW_ALL + - !ruby/object:Api::Type::String + name: 'uri' + description: 'URI of the Service deployed.' + output: true + - !ruby/object:Api::Type::String + name: 'gcfUri' + description: 'URIs of the Service deployed' + output: true + - !ruby/object:Api::Type::String + name: 'serviceAccountEmail' + description: 'The email of the service account for this function.' + default_from_api: true + - !ruby/object:Api::Type::Boolean + name: 'allTrafficOnLatestRevision' +======= - name: 'minInstanceCount' type: Integer description: | @@ -574,10 +1093,60 @@ properties: default_from_api: true - name: 'allTrafficOnLatestRevision' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: 'Whether 100% of traffic is routed to the latest revision. Defaults to true.' default_value: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'secretEnvironmentVariables' + description: 'Secret environment variables configuration.' + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: key + description: | + Name of the environment variable. + required: true + - !ruby/object:Api::Type::String + name: projectId + description: | + Project identifier (preferrably project number but can also be the project ID) of the project that contains the secret. If not set, it will be populated with the function's project assuming that the secret exists in the same project as of the function. + required: true + - !ruby/object:Api::Type::String + name: secret + description: | + Name of the secret in secret manager (not the full resource name). + required: true + - !ruby/object:Api::Type::String + name: version + description: | + Version of the secret (version number or the string 'latest'). It is recommended to use a numeric version for secret environment variables as any updates to the secret value is not reflected until new instances start. + required: true + - !ruby/object:Api::Type::Array + name: 'secretVolumes' + description: 'Secret volumes configuration.' + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: mountPath + description: | + The path within the container to mount the secret volume. For example, setting the mountPath as /etc/secrets would mount the secret value files under the /etc/secrets directory. This directory will also be completely shadowed and unavailable to mount any other secrets. Recommended mount path: /etc/secrets + required: true + - !ruby/object:Api::Type::String + name: projectId + description: | + Project identifier (preferrably project number but can also be the project ID) of the project that contains the secret. If not set, it will be populated with the function's project assuming that the secret exists in the same project as of the function. + required: true + - !ruby/object:Api::Type::String + name: secret + description: | + Name of the secret in secret manager (not the full resource name). + required: true + - !ruby/object:Api::Type::Array + name: 'versions' +======= - name: 'secretEnvironmentVariables' type: Array description: 'Secret environment variables configuration.' @@ -627,11 +1196,28 @@ properties: required: true - name: 'versions' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: List of secret versions to mount for this secret. If empty, the latest version of the secret will be made available in a file named after the secret under the mount point.' default_from_api: true +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: version + description: | + Version of the secret (version number or the string 'latest'). It is preferable to use latest version with secret volumes as secret value changes are reflected immediately. + required: true + - !ruby/object:Api::Type::String + name: path + description: | + Relative path of the file under the mount path where the secret value for this version will be fetched and made available. For example, setting the mountPath as '/etc/secrets' and path as secret_foo would mount the secret value file at /etc/secrets/secret_foo. + required: true + - !ruby/object:Api::Type::NestedObject + name: 'eventTrigger' +======= item_type: type: NestedObject properties: @@ -647,22 +1233,45 @@ properties: required: true - name: 'eventTrigger' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An Eventarc trigger managed by Google Cloud Functions that fires events in response to a condition in another service. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'trigger' + description: 'Output only. The resource name of the Eventarc trigger.' + output: true + - !ruby/object:Api::Type::String + name: 'triggerRegion' +======= - name: 'trigger' type: String description: 'Output only. The resource name of the Eventarc trigger.' output: true - name: 'triggerRegion' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The region that the trigger will be in. The trigger will only receive events originating in this region. It can be the same region as the function, a different region or multi-region, or the global region. If not provided, defaults to the same region as the function. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'eventType' + description: 'Required. The type of event to observe.' + - !ruby/object:Api::Type::Array + name: 'eventFilters' + description: 'Criteria used to filter events.' + is_set: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: attribute +======= - name: 'eventType' type: String description: 'Required. The type of event to observe.' @@ -675,38 +1284,80 @@ properties: properties: - name: 'attribute' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | 'Required. The name of a CloudEvents attribute. Currently, only a subset of attributes are supported for filtering. Use the `gcloud eventarc providers describe` command to learn more about events and their attributes. Do not filter for the 'type' attribute here, as this is already achieved by the resource's `event_type` attribute. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: value +======= - name: 'value' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Required. The value for the attribute. If the operator field is set as `match-path-pattern`, this value can be a path pattern instead of an exact value. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: operator +======= - name: 'operator' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Optional. The operator used for matching the events with the value of the filter. If not specified, only events that have an exact key-value pair specified in the filter are matched. The only allowed value is `match-path-pattern`. [See documentation on path patterns here](https://cloud.google.com/eventarc/docs/path-patterns)' +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'pubsubTopic' +======= - name: 'pubsubTopic' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of a Pub/Sub topic in the same project that will be used as the transport topic for the event delivery. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'serviceAccountEmail' +======= - name: 'serviceAccountEmail' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Optional. The email of the trigger's service account. The service account must have permission to invoke Cloud Run services. If empty, defaults to the Compute Engine default service account: {project_number}-compute@developer.gserviceaccount.com. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'retryPolicy' + description: | + Describes the retry policy in case of function's execution failure. + Retried execution is charged as any other execution. + values: + - :RETRY_POLICY_UNSPECIFIED + - :RETRY_POLICY_DO_NOT_RETRY + - :RETRY_POLICY_RETRY + - !ruby/object:Api::Type::String + name: 'updateTime' + output: true + description: 'The last update timestamp of a Cloud Function.' + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: | + A set of key/value label pairs associated with this Cloud Function. + - !ruby/object:Api::Type::String + name: 'kmsKeyName' +======= - name: 'retryPolicy' type: Enum description: | @@ -726,6 +1377,7 @@ properties: A set of key/value label pairs associated with this Cloud Function. - name: 'kmsKeyName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}. diff --git a/mmv1/products/cloudfunctions2/go_Function.yaml b/mmv1/products/cloudfunctions2/go_Function.yaml new file mode 100644 index 000000000000..6cdd462ac726 --- /dev/null +++ b/mmv1/products/cloudfunctions2/go_Function.yaml @@ -0,0 +1,732 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'function' +description: | + A Cloud Function that contains user computation executed in response to an event. +references: + guides: + api: 'https://cloud.google.com/functions/docs/reference/rest/v2beta/projects.locations.functions' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/functions/{{name}}' +base_url: 'projects/{{project}}/locations/{{location}}/functions' +self_link: 'projects/{{project}}/locations/{{location}}/functions/{{name}}' +create_url: 'projects/{{project}}/locations/{{location}}/functions?functionId={{name}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/functions/{{name}}' +timeouts: + insert_minutes: 60 + update_minutes: 60 + delete_minutes: 60 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + # It takes about 35-40 mins to get the resource created + timeouts: + insert_minutes: 60 + update_minutes: 60 + delete_minutes: 60 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +iam_policy: + method_name_separator: ':' + parent_resource_attribute: 'cloud_function' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/{{location}}/functions/{{cloud_function}}' + - '{{cloud_function}}' +custom_code: + constants: 'templates/terraform/constants/go/cloudfunctions2_function.go.tmpl' + encoder: 'templates/terraform/encoders/go/cloudfunctions2_runtime_update_policy.go.tmpl' +taint_resource_on_failed_create: true +examples: + - name: 'cloudfunctions2_basic' + primary_resource_id: 'function' + primary_resource_name: 'fmt.Sprintf("tf-test-function-v2%s", context["random_suffix"])' + vars: + function: 'function-v2' + bucket_name: 'gcf-source' + zip_path: 'function-source.zip' + test_env_vars: + project: 'PROJECT_NAME' + test_vars_overrides: + 'location': '"us-central1"' + 'zip_path': '"./test-fixtures/function-source.zip"' + # ignore these fields during import step + ignore_read_extra: + - 'build_config.0.source.0.storage_source.0.object' + - 'build_config.0.source.0.storage_source.0.bucket' + - name: 'cloudfunctions2_full' + primary_resource_id: 'function' + vars: + bucket_name: 'gcf-source' + service_account: 'gcf-sa' + topic: 'functions2-topic' + function: 'gcf-function' + zip_path: 'function-source.zip' + test_env_vars: + project: 'PROJECT_NAME' + test_vars_overrides: + 'zip_path': '"./test-fixtures/function-source-pubsub.zip"' + 'primary_resource_id': '"terraform-test"' + 'location': '"us-central1"' + # ignore these fields during import step + ignore_read_extra: + - 'build_config.0.source.0.storage_source.0.object' + - 'build_config.0.source.0.storage_source.0.bucket' + - name: 'cloudfunctions2_scheduler_auth' + primary_resource_id: 'function' + vars: + bucket_name: 'gcf-source' + service_account: 'gcf-sa' + function: 'gcf-function' + zip_path: 'function-source.zip' + test_env_vars: + project: 'PROJECT_NAME' + test_vars_overrides: + 'primary_resource_id': '"terraform-test"' + 'location': '"us-central1"' + 'zip_path': '"./test-fixtures/function-source.zip"' + # ignore these fields during import step + ignore_read_extra: + - 'build_config.0.source.0.storage_source.0.object' + - 'build_config.0.source.0.storage_source.0.bucket' + exclude_test: true + - name: 'cloudfunctions2_basic_gcs' + primary_resource_id: 'function' + vars: + bucket_name_source: 'gcf-source-bucket' + bucket_name_trigger: 'gcf-trigger-bucket' + service_account: 'gcf-sa' + function_name: 'gcf-function' + zip_path: 'function-source.zip' + test_env_vars: + project: 'PROJECT_NAME' + test_vars_overrides: + 'zip_path': '"./test-fixtures/function-source-eventarc-gcs.zip"' + 'primary_resource_id': '"terraform-test"' + 'policyChanged': 'acctest.BootstrapPSARole(t, "service-", "gcp-sa-pubsub", "roles/cloudkms.cryptoKeyEncrypterDecrypter")' + # ignore these fields during import step + ignore_read_extra: + - 'build_config.0.source.0.storage_source.0.object' + - 'build_config.0.source.0.storage_source.0.bucket' + - name: 'cloudfunctions2_basic_auditlogs' + primary_resource_id: 'function' + vars: + bucket_name_source: 'gcf-source-bucket' + bucket_name_auditlogs: 'gcf-auditlog-bucket' + service_account: 'gcf-sa' + function_name: 'gcf-function' + zip_path: 'function-source.zip' + test_env_vars: + project: 'PROJECT_NAME' + test_vars_overrides: + 'zip_path': '"./test-fixtures/function-source-eventarc-gcs.zip"' + 'primary_resource_id': '"terraform-test"' + 'policyChanged': 'acctest.BootstrapPSARole(t, "service-", "gcp-sa-pubsub", "roles/cloudkms.cryptoKeyEncrypterDecrypter")' + # ignore these fields during import step + ignore_read_extra: + - 'build_config.0.source.0.storage_source.0.object' + - 'build_config.0.source.0.storage_source.0.bucket' + - name: 'cloudfunctions2_basic_builder' + primary_resource_id: 'function' + primary_resource_name: 'fmt.Sprintf("tf-test-function-v2%s", context["random_suffix"])' + vars: + function: 'function-v2' + bucket_name: 'gcf-source' + zip_path: 'function-source.zip' + service_account: 'gcf-sa' + test_env_vars: + project: 'PROJECT_NAME' + test_vars_overrides: + 'location': '"us-central1"' + 'zip_path': '"./test-fixtures/function-source.zip"' + # ignore these fields during import step + ignore_read_extra: + - 'build_config.0.source.0.storage_source.0.object' + - 'build_config.0.source.0.storage_source.0.bucket' + external_providers: ["random", "time"] + - name: 'cloudfunctions2_secret_env' + primary_resource_id: 'function' + vars: + function: 'function-secret' + bucket_name: 'gcf-source' + zip_path: 'function-source.zip' + secret: 'secret' + test_env_vars: + project: 'PROJECT_NAME' + test_vars_overrides: + 'location': '"us-central1"' + 'zip_path': '"./test-fixtures/function-source.zip"' + 'policyChanged': 'acctest.BootstrapPSARole(t, "service-", "gcp-sa-pubsub", "roles/cloudkms.cryptoKeyEncrypterDecrypter")' + # ignore these fields during import step + ignore_read_extra: + - 'build_config.0.source.0.storage_source.0.object' + - 'build_config.0.source.0.storage_source.0.bucket' + - name: 'cloudfunctions2_secret_volume' + primary_resource_id: 'function' + vars: + function: 'function-secret' + bucket_name: 'gcf-source' + zip_path: 'function-source.zip' + secret: 'secret' + test_env_vars: + project: 'PROJECT_NAME' + test_vars_overrides: + 'location': '"us-central1"' + 'zip_path': '"./test-fixtures/function-source.zip"' + 'policyChanged': 'acctest.BootstrapPSARole(t, "service-", "gcp-sa-pubsub", "roles/cloudkms.cryptoKeyEncrypterDecrypter")' + # ignore these fields during import step + ignore_read_extra: + - 'build_config.0.source.0.storage_source.0.object' + - 'build_config.0.source.0.storage_source.0.bucket' + - name: 'cloudfunctions2_private_workerpool' + primary_resource_id: 'function' + vars: + function: 'function-workerpool' + bucket_name: 'gcf-source' + zip_path: 'function-source.zip' + pool: 'workerpool' + test_env_vars: + project: 'PROJECT_NAME' + test_vars_overrides: + 'location': '"us-central1"' + 'zip_path': '"./test-fixtures/function-source.zip"' + # ignore these fields during import step + ignore_read_extra: + - 'build_config.0.source.0.storage_source.0.object' + - 'build_config.0.source.0.storage_source.0.bucket' + - name: 'cloudfunctions2_cmek' + primary_resource_id: 'function' + min_version: 'beta' + vars: + function: 'function-cmek' + bucket_name: 'gcf-source' + zip_path: 'function-source.zip' + kms_service_name: 'cloudkms.googleapis.com' + cmek-repo: 'cmek-repo' + unencoded-ar-repo: 'ar-repo' + kms_key_name: 'cmek-key' + test_env_vars: + project: 'PROJECT_NAME' + test_vars_overrides: + 'kms_key_name': 'acctest.BootstrapKMSKeyInLocation(t, "us-central1").CryptoKey.Name' + 'location': '"us-central1"' + 'zip_path': '"./test-fixtures/function-source.zip"' + # ignore these fields during import step + ignore_read_extra: + - 'build_config.0.source.0.storage_source.0.object' + - 'build_config.0.source.0.storage_source.0.bucket' + # the example file is written in a repetitive way to help acc tests, so exclude + exclude_docs: true + skip_vcr: true + - name: 'cloudfunctions2_cmek_docs' + primary_resource_id: 'function' + min_version: 'beta' + vars: + function: 'function-cmek' + bucket_name: 'gcf-source' + zip_path: 'function-source.zip' + kms_service_name: 'cloudkms.googleapis.com' + cmek-repo: 'cmek-repo' + unencoded-ar-repo: 'ar-repo' + kms_key_name: 'cmek-key' + project: 'my-project-name' + # this example file will cause IAM conflicts between tests if used to make a test + exclude_test: true + - name: 'cloudfunctions2_abiu' + primary_resource_id: 'function' + min_version: 'beta' + vars: + bucket_name: 'gcf-source' + service_account: 'gcf-sa' + topic: 'functions2-topic' + function: 'gcf-function' + zip_path: 'function-source.zip' + test_env_vars: + project: 'PROJECT_NAME' + test_vars_overrides: + 'zip_path': '"./test-fixtures/function-source-pubsub.zip"' + 'primary_resource_id': '"terraform-test"' + 'location': '"europe-west6"' + # ignore these fields during import step + ignore_read_extra: + - 'build_config.0.source.0.storage_source.0.object' + - 'build_config.0.source.0.storage_source.0.bucket' + - name: 'cloudfunctions2_abiu_on_deploy' + primary_resource_id: 'function' + min_version: 'beta' + vars: + bucket_name: 'gcf-source' + service_account: 'gcf-sa' + topic: 'functions2-topic' + function: 'gcf-function' + zip_path: 'function-source.zip' + test_env_vars: + project: 'PROJECT_NAME' + test_vars_overrides: + 'zip_path': '"./test-fixtures/function-source-pubsub.zip"' + 'primary_resource_id': '"terraform-test"' + 'location': '"europe-west6"' + # ignore these fields during import step + ignore_read_extra: + - 'build_config.0.source.0.storage_source.0.object' + - 'build_config.0.source.0.storage_source.0.bucket' +parameters: + - name: 'location' + type: String + description: The location of this cloud function. + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: | + A user-defined name of the function. Function names must + be unique globally and match pattern `projects/*/locations/*/functions/*`. + required: true + immutable: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/shortname_to_url.go.tmpl' + - name: 'description' + type: String + description: 'User-provided description of a function.' + - name: 'environment' + type: Enum + description: 'The environment the function is hosted on.' + output: true + enum_values: + - 'ENVIRONMENT_UNSPECIFIED' + - 'GEN_1' + - 'GEN_2' + - name: 'url' + type: String + description: 'Output only. The deployed url for the function.' + output: true + - name: 'state' + type: Enum + description: 'Describes the current state of the function.' + output: true + enum_values: + - 'STATE_UNSPECIFIED' + - 'ACTIVE' + - 'FAILED' + - 'DEPLOYING' + - 'DELETING' + - 'UNKNOWN' + - name: 'buildConfig' + type: NestedObject + description: | + Describes the Build step of the function that builds a container + from the given source. + properties: + - name: 'build' + type: String + description: | + The Cloud Build name of the latest successful + deployment of the function. + output: true + - name: 'runtime' + type: String + description: | + The runtime in which to run the function. Required when deploying a new + function, optional when updating an existing function. + - name: 'entryPoint' + type: String + description: | + The name of the function (as defined in source code) that will be executed. + Defaults to the resource name suffix, if not specified. For backward + compatibility, if function with given name is not found, then the system + will try to use function named "function". For Node.js this is name of a + function exported by the module specified in source_location. + - name: 'source' + type: NestedObject + description: 'The location of the function source code.' + properties: + - name: 'storageSource' + type: NestedObject + description: + 'If provided, get the source from this location in Google Cloud + Storage.' + exactly_one_of: + - 'storage_source' + - 'repo_source' + properties: + - name: 'bucket' + type: String + description: 'Google Cloud Storage bucket containing the source' + custom_flatten: 'templates/terraform/custom_flatten/go/cloudfunctions2_function_source_bucket.go.tmpl' + - name: 'object' + type: String + description: + 'Google Cloud Storage object containing the source.' + custom_flatten: 'templates/terraform/custom_flatten/go/cloudfunctions2_function_source_object.go.tmpl' + - name: 'generation' + type: Integer + description: | + Google Cloud Storage generation for the object. If the generation + is omitted, the latest generation will be used. + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/go/cloudfunctions2_function_source_generation.go.tmpl' + - name: 'repoSource' + type: NestedObject + description: + 'If provided, get the source from this location in a Cloud Source + Repository.' + exactly_one_of: + - 'storage_source' + - 'repo_source' + properties: + - name: 'projectId' + type: String + description: | + ID of the project that owns the Cloud Source Repository. If omitted, the + project ID requesting the build is assumed. + immutable: true + - name: 'repoName' + type: String + description: 'Name of the Cloud Source Repository.' + - name: 'branchName' + type: String + description: 'Regex matching branches to build.' + exactly_one_of: + - 'branch_name' + - 'tag_name' + - 'commit_sha' + - name: 'tagName' + type: String + description: 'Regex matching tags to build.' + exactly_one_of: + - 'branch_name' + - 'tag_name' + - 'commit_sha' + - name: 'commitSha' + type: String + description: 'Regex matching tags to build.' + exactly_one_of: + - 'branch_name' + - 'tag_name' + - 'commit_sha' + - name: 'dir' + type: String + description: | + Directory, relative to the source root, in which to run the build. + - name: 'invertRegex' + type: Boolean + description: | + Only trigger a build if the revision regex does + NOT match the revision regex. + - name: 'workerPool' + type: String + description: + 'Name of the Cloud Build Custom Worker Pool that should be used to + build the function.' + - name: 'environmentVariables' + type: KeyValuePairs + description: | + User-provided build-time environment variables for the function. + default_from_api: true + - name: 'dockerRepository' + type: String + description: | + User managed repository created in Artifact Registry optionally with a customer managed encryption key. + default_from_api: true + - name: 'serviceAccount' + type: String + description: 'The fully-qualified name of the service account to be used for building the container.' + default_from_api: true + - name: 'automaticUpdatePolicy' + type: NestedObject + description: | + Security patches are applied automatically to the runtime without requiring + the function to be redeployed. + default_from_api: true + send_empty_value: true + allow_empty_object: true + exactly_one_of: + - 'automatic_update_policy' + - 'on_deploy_update_policy' + properties: + [] + - name: 'onDeployUpdatePolicy' + type: NestedObject + description: | + Security patches are only applied when a function is redeployed. + send_empty_value: true + allow_empty_object: true + exactly_one_of: + - 'automatic_update_policy' + - 'on_deploy_update_policy' + properties: + - name: 'runtimeVersion' + type: String + description: | + The runtime version which was used during latest function deployment. + output: true + - name: 'serviceConfig' + type: NestedObject + description: 'Describes the Service being deployed.' + properties: + - name: 'service' + type: String + description: | + Name of the service associated with a Function. + default_from_api: true + - name: 'timeoutSeconds' + type: Integer + description: | + The function execution timeout. Execution is considered failed and + can be terminated if the function is not completed at the end of the + timeout period. Defaults to 60 seconds. + default_from_api: true + - name: 'availableMemory' + type: String + description: | + The amount of memory available for a function. + Defaults to 256M. Supported units are k, M, G, Mi, Gi. If no unit is + supplied the value is interpreted as bytes. + default_from_api: true + - name: 'maxInstanceRequestConcurrency' + type: Integer + description: + 'Sets the maximum number of concurrent requests that each instance can + receive. Defaults to 1.' + default_from_api: true + - name: 'availableCpu' + type: String + description: + 'The number of CPUs used in a single container instance. Default value + is calculated from available memory.' + default_from_api: true + - name: 'environmentVariables' + type: KeyValuePairs + description: + 'Environment variables that shall be available during function + execution.' + default_from_api: true + diff_suppress_func: 'environmentVariablesDiffSuppress' + - name: 'maxInstanceCount' + type: Integer + description: | + The limit on the maximum number of function instances that may coexist at a + given time. + default_from_api: true + - name: 'minInstanceCount' + type: Integer + description: | + The limit on the minimum number of function instances that may coexist at a + given time. + - name: 'vpcConnector' + type: String + description: + 'The Serverless VPC Access connector that this cloud function can + connect to.' + - name: 'vpcConnectorEgressSettings' + type: Enum + description: 'Available egress settings.' + enum_values: + - 'VPC_CONNECTOR_EGRESS_SETTINGS_UNSPECIFIED' + - 'PRIVATE_RANGES_ONLY' + - 'ALL_TRAFFIC' + - name: 'ingressSettings' + type: Enum + description: + 'Available ingress settings. Defaults to "ALLOW_ALL" if unspecified.' + default_value: "ALLOW_ALL" + enum_values: + - 'ALLOW_ALL' + - 'ALLOW_INTERNAL_ONLY' + - 'ALLOW_INTERNAL_AND_GCLB' + - name: 'uri' + type: String + description: 'URI of the Service deployed.' + output: true + - name: 'gcfUri' + type: String + description: 'URIs of the Service deployed' + output: true + - name: 'serviceAccountEmail' + type: String + description: 'The email of the service account for this function.' + default_from_api: true + - name: 'allTrafficOnLatestRevision' + type: Boolean + description: + 'Whether 100% of traffic is routed to the latest revision. Defaults to + true.' + default_value: true + - name: 'secretEnvironmentVariables' + type: Array + description: 'Secret environment variables configuration.' + item_type: + type: NestedObject + properties: + - name: 'key' + type: String + description: | + Name of the environment variable. + required: true + - name: 'projectId' + type: String + description: | + Project identifier (preferrably project number but can also be the project ID) of the project that contains the secret. If not set, it will be populated with the function's project assuming that the secret exists in the same project as of the function. + required: true + - name: 'secret' + type: String + description: | + Name of the secret in secret manager (not the full resource name). + required: true + - name: 'version' + type: String + description: | + Version of the secret (version number or the string 'latest'). It is recommended to use a numeric version for secret environment variables as any updates to the secret value is not reflected until new instances start. + required: true + - name: 'secretVolumes' + type: Array + description: 'Secret volumes configuration.' + item_type: + type: NestedObject + properties: + - name: 'mountPath' + type: String + description: | + The path within the container to mount the secret volume. For example, setting the mountPath as /etc/secrets would mount the secret value files under the /etc/secrets directory. This directory will also be completely shadowed and unavailable to mount any other secrets. Recommended mount path: /etc/secrets + required: true + - name: 'projectId' + type: String + description: | + Project identifier (preferrably project number but can also be the project ID) of the project that contains the secret. If not set, it will be populated with the function's project assuming that the secret exists in the same project as of the function. + required: true + - name: 'secret' + type: String + description: | + Name of the secret in secret manager (not the full resource name). + required: true + - name: 'versions' + type: Array + description: + List of secret versions to mount for this secret. If empty, the + latest version of the secret will be made available in a file + named after the secret under the mount point.' + default_from_api: true + item_type: + type: NestedObject + properties: + - name: 'version' + type: String + description: | + Version of the secret (version number or the string 'latest'). It is preferable to use latest version with secret volumes as secret value changes are reflected immediately. + required: true + - name: 'path' + type: String + description: | + Relative path of the file under the mount path where the secret value for this version will be fetched and made available. For example, setting the mountPath as '/etc/secrets' and path as secret_foo would mount the secret value file at /etc/secrets/secret_foo. + required: true + - name: 'eventTrigger' + type: NestedObject + description: | + An Eventarc trigger managed by Google Cloud Functions that fires events in + response to a condition in another service. + properties: + - name: 'trigger' + type: String + description: 'Output only. The resource name of the Eventarc trigger.' + output: true + - name: 'triggerRegion' + type: String + description: | + The region that the trigger will be in. The trigger will only receive + events originating in this region. It can be the same + region as the function, a different region or multi-region, or the global + region. If not provided, defaults to the same region as the function. + default_from_api: true + - name: 'eventType' + type: String + description: 'Required. The type of event to observe.' + - name: 'eventFilters' + type: Array + description: 'Criteria used to filter events.' + is_set: true + item_type: + type: NestedObject + properties: + - name: 'attribute' + type: String + description: | + 'Required. The name of a CloudEvents attribute. + Currently, only a subset of attributes are supported for filtering. Use the `gcloud eventarc providers describe` command to learn more about events and their attributes. + Do not filter for the 'type' attribute here, as this is already achieved by the resource's `event_type` attribute. + required: true + - name: 'value' + type: String + description: | + Required. The value for the attribute. + If the operator field is set as `match-path-pattern`, this value can be a path pattern instead of an exact value. + required: true + - name: 'operator' + type: String + description: | + Optional. The operator used for matching the events with the value of + the filter. If not specified, only events that have an exact key-value + pair specified in the filter are matched. + The only allowed value is `match-path-pattern`. + [See documentation on path patterns here](https://cloud.google.com/eventarc/docs/path-patterns)' + - name: 'pubsubTopic' + type: String + description: | + The name of a Pub/Sub topic in the same project that will be used + as the transport topic for the event delivery. + default_from_api: true + - name: 'serviceAccountEmail' + type: String + description: | + Optional. The email of the trigger's service account. The service account + must have permission to invoke Cloud Run services. If empty, defaults to the + Compute Engine default service account: {project_number}-compute@developer.gserviceaccount.com. + default_from_api: true + - name: 'retryPolicy' + type: Enum + description: | + Describes the retry policy in case of function's execution failure. + Retried execution is charged as any other execution. + enum_values: + - 'RETRY_POLICY_UNSPECIFIED' + - 'RETRY_POLICY_DO_NOT_RETRY' + - 'RETRY_POLICY_RETRY' + - name: 'updateTime' + type: String + description: 'The last update timestamp of a Cloud Function.' + output: true + - name: 'labels' + type: KeyValueLabels + description: | + A set of key/value label pairs associated with this Cloud Function. + - name: 'kmsKeyName' + type: String + description: | + Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. + It must match the pattern projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}. diff --git a/mmv1/products/cloudfunctions2/go_product.yaml b/mmv1/products/cloudfunctions2/go_product.yaml new file mode 100644 index 000000000000..48d6ff6888bd --- /dev/null +++ b/mmv1/products/cloudfunctions2/go_product.yaml @@ -0,0 +1,24 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Cloudfunctions2' +display_name: 'Cloud Functions (2nd gen)' +versions: + - name: 'beta' + base_url: 'https://cloudfunctions.googleapis.com/v2beta/' + - name: 'ga' + base_url: 'https://cloudfunctions.googleapis.com/v2/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/cloudfunctions2/product.yaml b/mmv1/products/cloudfunctions2/product.yaml index e3a9eff862f4..75605605779b 100644 --- a/mmv1/products/cloudfunctions2/product.yaml +++ b/mmv1/products/cloudfunctions2/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2022 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,20 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: Cloudfunctions2 +display_name: Cloud Functions (2nd gen) +scopes: + - https://www.googleapis.com/auth/cloud-platform +versions: + - !ruby/object:Api::Product::Version + name: beta + base_url: https://cloudfunctions.googleapis.com/v2beta/ + - !ruby/object:Api::Product::Version + name: ga + base_url: https://cloudfunctions.googleapis.com/v2/ +======= --- name: 'Cloudfunctions2' display_name: 'Cloud Functions (2nd gen)' @@ -21,3 +39,4 @@ versions: base_url: 'https://cloudfunctions.googleapis.com/v2/' scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/cloudidentity/Group.yaml b/mmv1/products/cloudidentity/Group.yaml index f3b8b25de0b2..2f8f65f9adea 100644 --- a/mmv1/products/cloudidentity/Group.yaml +++ b/mmv1/products/cloudidentity/Group.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,27 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Group' +base_url: 'groups?initialGroupConfig={{initial_group_config}}' +update_url: '{{name}}' +self_link: '{{name}}' +update_verb: :PATCH +update_mask: true +description: | + A Cloud Identity resource representing a Group. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/identity/docs/how-to/setup' + api: 'https://cloud.google.com/identity/docs/reference/rest/v1beta1/groups' +async: !ruby/object:Provider::Terraform::PollAsync + check_response_func_existence: transport_tpg.PollCheckForExistenceWith403 + check_response_func_absence: transport_tpg.PollCheckForAbsenceWith403 + target_occurrences: 10 + actions: ['create', 'update', 'delete'] +docs: !ruby/object:Provider::Terraform::Docs +======= --- name: 'Group' description: | @@ -20,12 +45,22 @@ references: 'Official Documentation': 'https://cloud.google.com/identity/docs/how-to/setup' api: 'https://cloud.google.com/identity/docs/reference/rest/v1beta1/groups' docs: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 warning: | If you are using User ADCs (Application Default Credentials) with this resource, you must specify a `billing_project` and set `user_project_override` to true in the provider configuration. Otherwise the Cloud Identity API will return a 403 error. Your account must have the `serviceusage.services.use` permission on the `billing_project` you defined. +<<<<<<< HEAD +import_format: ['{{name}}'] +skip_sweeper: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'cloud_identity_groups_basic' + # Has a handwritten test due to CloudIdentityGroup-related tests needing to run synchronously + skip_test: true +======= base_url: 'groups?initialGroupConfig={{initial_group_config}}' self_link: '{{name}}' update_url: '{{name}}' @@ -50,10 +85,21 @@ custom_code: exclude_sweeper: true examples: - name: 'cloud_identity_groups_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'cloud_identity_group_basic' vars: id_group: 'my-identity-group' test_env_vars: +<<<<<<< HEAD + org_domain: :ORG_DOMAIN + cust_id: :CUST_ID +custom_code: !ruby/object:Provider::Terraform::CustomCode + post_create: templates/terraform/post_create/set_computed_name.erb + custom_import: templates/terraform/custom_import/cloud_identity_group_import.go.erb +parameters: + - !ruby/object:Api::Type::Enum + name: 'initialGroupConfig' +======= org_domain: 'ORG_DOMAIN' cust_id: 'CUST_ID' # Has a handwritten test due to CloudIdentityGroup-related tests needing to run synchronously @@ -61,12 +107,40 @@ examples: parameters: - name: 'initialGroupConfig' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The initial configuration options for creating a Group. See the [API reference](https://cloud.google.com/identity/docs/reference/rest/v1beta1/groups/create#initialgroupconfig) for possible values. +<<<<<<< HEAD + values: + - 'INITIAL_GROUP_CONFIG_UNSPECIFIED' + - 'WITH_INITIAL_OWNER' + - 'EMPTY' + default_value: :EMPTY + url_param_only: true + immutable: true +properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + Resource name of the Group in the format: groups/{group_id}, where group_id + is the unique ID assigned to the Group. + - !ruby/object:Api::Type::NestedObject + name: 'groupKey' + required: true + immutable: true + description: | + EntityKey of the Group. + properties: + - !ruby/object:Api::Type::String + name: 'id' + required: true + immutable: true +======= url_param_only: true immutable: true default_value: "EMPTY" @@ -90,6 +164,7 @@ properties: properties: - name: 'id' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The ID of the entity. @@ -100,10 +175,16 @@ properties: to the Identity Source's requirements. Must be unique within a namespace. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'namespace' + immutable: true +======= required: true immutable: true - name: 'namespace' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The namespace in which the entity exists. @@ -113,15 +194,42 @@ properties: If specified, the EntityKey represents an external-identity-mapped group. The namespace must correspond to an identity source created in Admin Console and must be in the form of `identitysources/{identity_source_id}`. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'parent' + required: true + immutable: true +======= immutable: true - name: 'parent' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The resource name of the entity under which this Group resides in the Cloud Identity resource hierarchy. Must be of the form identitysources/{identity_source_id} for external-identity-mapped groups or customers/{customer_id} for Google Groups. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'displayName' + description: | + The display name of the Group. + - !ruby/object:Api::Type::String + name: 'description' + description: | + An extended description to help users determine the purpose of a Group. + Must not be longer than 4,096 characters. + - !ruby/object:Api::Type::Array + name: 'additionalGroupKeys' + output: true + description: 'Additional group keys associated with the Group' + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'id' + output: true +======= required: true immutable: true - name: 'displayName' @@ -142,6 +250,7 @@ properties: properties: - name: 'id' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The ID of the entity. @@ -152,9 +261,15 @@ properties: to the Identity Source's requirements. Must be unique within a namespace. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'namespace' + output: true +======= output: true - name: 'namespace' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The namespace in which the entity exists. @@ -164,6 +279,21 @@ properties: If specified, the EntityKey represents an external-identity-mapped group. The namespace must correspond to an identity source created in Admin Console and must be in the form of `identitysources/{identity_source_id}`. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'createTime' + output: true + description: | + The time when the Group was created. + - !ruby/object:Api::Type::String + name: 'updateTime' + output: true + description: | + The time when the Group was last updated. + - !ruby/object:Api::Type::KeyValuePairs + name: 'labels' + required: true +======= output: true - name: 'createTime' type: String @@ -177,6 +307,7 @@ properties: output: true - name: 'labels' type: KeyValuePairs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | One or more label entries that apply to the Group. Currently supported labels contain a key with an empty value. @@ -187,4 +318,7 @@ properties: Dynamic groups have a label with a key of cloudidentity.googleapis.com/groups.dynamic. Identity-mapped groups for Cloud Search have a label with a key of system/groups/external and an empty value. +<<<<<<< HEAD +======= required: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/cloudidentity/GroupMembership.yaml b/mmv1/products/cloudidentity/GroupMembership.yaml index c89d41f2607a..c69d341f928c 100644 --- a/mmv1/products/cloudidentity/GroupMembership.yaml +++ b/mmv1/products/cloudidentity/GroupMembership.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,21 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'GroupMembership' +base_url: '{{group}}/memberships' +self_link: '{{name}}' +description: | + A Membership defines a relationship between a Group and an entity belonging to that Group, referred to as a "member". +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/identity/docs/how-to/memberships-google-groups' + api: 'https://cloud.google.com/identity/docs/reference/rest/v1/groups.memberships' +immutable: true +read_error_transform: 'transformCloudIdentityGroupMembershipReadError' +docs: !ruby/object:Provider::Terraform::Docs +======= --- name: 'GroupMembership' description: | @@ -20,12 +39,22 @@ references: 'Official Documentation': 'https://cloud.google.com/identity/docs/how-to/memberships-google-groups' api: 'https://cloud.google.com/identity/docs/reference/rest/v1/groups.memberships' docs: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 warning: | If you are using User ADCs (Application Default Credentials) with this resource, you must specify a `billing_project` and set `user_project_override` to true in the provider configuration. Otherwise the Cloud Identity API will return a 403 error. Your account must have the `serviceusage.services.use` permission on the `billing_project` you defined. +<<<<<<< HEAD +import_format: ['{{%name}}'] +skip_sweeper: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'cloud_identity_group_membership' + # Has a handwritten test due to CloudIdentityGroup-related tests needing to run synchronously + skip_test: true +======= base_url: '{{group}}/memberships' self_link: '{{name}}' immutable: true @@ -43,19 +72,160 @@ exclude_sweeper: true read_error_transform: 'transformCloudIdentityGroupMembershipReadError' examples: - name: 'cloud_identity_group_membership' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'cloud_identity_group_membership_basic' vars: id_group: 'my-identity-group' test_env_vars: +<<<<<<< HEAD + org_domain: :ORG_DOMAIN + cust_id: :CUST_ID + - !ruby/object:Provider::Terraform::Examples + name: 'cloud_identity_group_membership_user' + # Has a handwritten test due to CloudIdentityGroup-related tests needing to run synchronously + skip_test: true +======= org_domain: 'ORG_DOMAIN' cust_id: 'CUST_ID' # Has a handwritten test due to CloudIdentityGroup-related tests needing to run synchronously exclude_test: true - name: 'cloud_identity_group_membership_user' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'cloud_identity_group_membership_basic' vars: id_group: 'my-identity-group' test_env_vars: +<<<<<<< HEAD + org_domain: :ORG_DOMAIN + cust_id: :CUST_ID + identity_user: :IDENTITY_USER +custom_code: !ruby/object:Provider::Terraform::CustomCode + post_create: templates/terraform/post_create/set_computed_name.erb + post_import: templates/terraform/post_import/cloud_identity_group_membership.go.erb + custom_update: templates/terraform/custom_update/cloud_identity_group_membership.go.erb + +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'group' + resource: 'Group' + imports: 'name' + description: | + The name of the Group to create this membership in. + required: true + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + The resource name of the Membership, of the form groups/{group_id}/memberships/{membership_id}. + - !ruby/object:Api::Type::NestedObject + name: 'memberKey' + immutable: true + description: | + EntityKey of the member. + min_version: beta + exactly_one_of: + - member_key + - preferred_member_key + default_from_api: true + properties: + - !ruby/object:Api::Type::String + name: 'id' + required: true + immutable: true + description: | + The ID of the entity. + + For Google-managed entities, the id must be the email address of an existing + group or user. + + For external-identity-mapped entities, the id must be a string conforming + to the Identity Source's requirements. + + Must be unique within a namespace. + - !ruby/object:Api::Type::String + name: 'namespace' + immutable: true + description: | + The namespace in which the entity exists. + + If not specified, the EntityKey represents a Google-managed entity + such as a Google user or a Google Group. + + If specified, the EntityKey represents an external-identity-mapped group. + The namespace must correspond to an identity source created in Admin Console + and must be in the form of `identitysources/{identity_source_id}`. + - !ruby/object:Api::Type::NestedObject + name: 'preferredMemberKey' + immutable: true + description: | + EntityKey of the member. + exactly_one_of: + - member_key + - preferred_member_key + default_from_api: true + properties: + - !ruby/object:Api::Type::String + name: 'id' + required: true + immutable: true + description: | + The ID of the entity. + + For Google-managed entities, the id must be the email address of an existing + group or user. + + For external-identity-mapped entities, the id must be a string conforming + to the Identity Source's requirements. + + Must be unique within a namespace. + - !ruby/object:Api::Type::String + name: 'namespace' + immutable: true + description: | + The namespace in which the entity exists. + + If not specified, the EntityKey represents a Google-managed entity + such as a Google user or a Google Group. + + If specified, the EntityKey represents an external-identity-mapped group. + The namespace must correspond to an identity source created in Admin Console + and must be in the form of `identitysources/{identity_source_id}`. + - !ruby/object:Api::Type::String + name: 'createTime' + output: true + description: | + The time when the Membership was created. + - !ruby/object:Api::Type::String + name: 'updateTime' + output: true + description: | + The time when the Membership was last updated. + - !ruby/object:Api::Type::Array + name: 'roles' + required: true + description: | + The MembershipRoles that apply to the Membership. + Must not contain duplicate MembershipRoles with the same name. + update_verb: :POST + update_url: '{{name}}:modifyMembershipRoles' + is_set: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Enum + name: 'name' + required: true + description: | + The name of the MembershipRole. Must be one of OWNER, MANAGER, MEMBER. + values: + - :OWNER + - :MANAGER + - :MEMBER + - !ruby/object:Api::Type::NestedObject + name: 'expiryDetail' +======= org_domain: 'ORG_DOMAIN' cust_id: 'CUST_ID' identity_user: 'IDENTITY_USER' @@ -183,12 +353,19 @@ properties: - 'MEMBER' - name: 'expiryDetail' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The MembershipRole expiry details, only supported for MEMBER role. Other roles cannot be accompanied with MEMBER role having expiry. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'expireTime' + required: true +======= - name: 'expireTime' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The time at which the MembershipRole will expire. @@ -196,9 +373,17 @@ properties: resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'type' + output: true + description: | + The type of the membership. +======= required: true - name: 'type' type: String description: | The type of the membership. output: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/cloudidentity/go_Group.yaml b/mmv1/products/cloudidentity/go_Group.yaml new file mode 100644 index 000000000000..a70024d6d5bd --- /dev/null +++ b/mmv1/products/cloudidentity/go_Group.yaml @@ -0,0 +1,191 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Group' +description: | + A Cloud Identity resource representing a Group. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/identity/docs/how-to/setup' + api: 'https://cloud.google.com/identity/docs/reference/rest/v1beta1/groups' +docs: + warning: | + If you are using User ADCs (Application Default Credentials) with this resource, + you must specify a `billing_project` and set `user_project_override` to true + in the provider configuration. Otherwise the Cloud Identity API will return a 403 error. + Your account must have the `serviceusage.services.use` permission on the + `billing_project` you defined. +base_url: 'groups?initialGroupConfig={{initial_group_config}}' +self_link: '{{name}}' +update_url: '{{name}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + type: 'PollAsync' + check_response_func_existence: 'transport_tpg.PollCheckForExistenceWith403' + check_response_func_absence: 'transport_tpg.PollCheckForAbsenceWith403' + suppress_error: false + target_occurrences: 10 + actions: ['create', 'update', 'delete'] +custom_code: + post_create: 'templates/terraform/post_create/go/set_computed_name.tmpl' + custom_import: 'templates/terraform/custom_import/go/cloud_identity_group_import.go.tmpl' +exclude_sweeper: true +examples: + - name: 'cloud_identity_groups_basic' + primary_resource_id: 'cloud_identity_group_basic' + vars: + id_group: 'my-identity-group' + test_env_vars: + org_domain: 'ORG_DOMAIN' + cust_id: 'CUST_ID' + # Has a handwritten test due to CloudIdentityGroup-related tests needing to run synchronously + exclude_test: true +parameters: + - name: 'initialGroupConfig' + type: Enum + description: | + The initial configuration options for creating a Group. + + See the + [API reference](https://cloud.google.com/identity/docs/reference/rest/v1beta1/groups/create#initialgroupconfig) + for possible values. + url_param_only: true + immutable: true + default_value: "EMPTY" + enum_values: + - 'INITIAL_GROUP_CONFIG_UNSPECIFIED' + - 'WITH_INITIAL_OWNER' + - 'EMPTY' +properties: + - name: 'name' + type: String + description: | + Resource name of the Group in the format: groups/{group_id}, where group_id + is the unique ID assigned to the Group. + output: true + - name: 'groupKey' + type: NestedObject + description: | + EntityKey of the Group. + required: true + immutable: true + properties: + - name: 'id' + type: String + description: | + The ID of the entity. + + For Google-managed entities, the id must be the email address of an existing + group or user. + + For external-identity-mapped entities, the id must be a string conforming + to the Identity Source's requirements. + + Must be unique within a namespace. + required: true + immutable: true + - name: 'namespace' + type: String + description: | + The namespace in which the entity exists. + + If not specified, the EntityKey represents a Google-managed entity + such as a Google user or a Google Group. + + If specified, the EntityKey represents an external-identity-mapped group. + The namespace must correspond to an identity source created in Admin Console + and must be in the form of `identitysources/{identity_source_id}`. + immutable: true + - name: 'parent' + type: String + description: | + The resource name of the entity under which this Group resides in the + Cloud Identity resource hierarchy. + + Must be of the form identitysources/{identity_source_id} for external-identity-mapped + groups or customers/{customer_id} for Google Groups. + required: true + immutable: true + - name: 'displayName' + type: String + description: | + The display name of the Group. + - name: 'description' + type: String + description: | + An extended description to help users determine the purpose of a Group. + Must not be longer than 4,096 characters. + - name: 'additionalGroupKeys' + type: Array + description: 'Additional group keys associated with the Group' + output: true + item_type: + type: NestedObject + properties: + - name: 'id' + type: String + description: | + The ID of the entity. + + For Google-managed entities, the id must be the email address of an existing + group or user. + + For external-identity-mapped entities, the id must be a string conforming + to the Identity Source's requirements. + + Must be unique within a namespace. + output: true + - name: 'namespace' + type: String + description: | + The namespace in which the entity exists. + + If not specified, the EntityKey represents a Google-managed entity + such as a Google user or a Google Group. + + If specified, the EntityKey represents an external-identity-mapped group. + The namespace must correspond to an identity source created in Admin Console + and must be in the form of `identitysources/{identity_source_id}`. + output: true + - name: 'createTime' + type: String + description: | + The time when the Group was created. + output: true + - name: 'updateTime' + type: String + description: | + The time when the Group was last updated. + output: true + - name: 'labels' + type: KeyValuePairs + description: | + One or more label entries that apply to the Group. Currently supported labels contain a key with an empty value. + + Google Groups are the default type of group and have a label with a key of cloudidentity.googleapis.com/groups.discussion_forum and an empty value. + + Existing Google Groups can have an additional label with a key of cloudidentity.googleapis.com/groups.security and an empty value added to them. This is an immutable change and the security label cannot be removed once added. + + Dynamic groups have a label with a key of cloudidentity.googleapis.com/groups.dynamic. + + Identity-mapped groups for Cloud Search have a label with a key of system/groups/external and an empty value. + required: true diff --git a/mmv1/products/cloudidentity/go_GroupMembership.yaml b/mmv1/products/cloudidentity/go_GroupMembership.yaml new file mode 100644 index 000000000000..32f83d3fa536 --- /dev/null +++ b/mmv1/products/cloudidentity/go_GroupMembership.yaml @@ -0,0 +1,205 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'GroupMembership' +description: | + A Membership defines a relationship between a Group and an entity belonging to that Group, referred to as a "member". +references: + guides: + 'Official Documentation': 'https://cloud.google.com/identity/docs/how-to/memberships-google-groups' + api: 'https://cloud.google.com/identity/docs/reference/rest/v1/groups.memberships' +docs: + warning: | + If you are using User ADCs (Application Default Credentials) with this resource, + you must specify a `billing_project` and set `user_project_override` to true + in the provider configuration. Otherwise the Cloud Identity API will return a 403 error. + Your account must have the `serviceusage.services.use` permission on the + `billing_project` you defined. +base_url: '{{group}}/memberships' +self_link: '{{name}}' +immutable: true +import_format: + - '{{%name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + post_create: 'templates/terraform/post_create/go/set_computed_name.tmpl' + custom_update: 'templates/terraform/custom_update/go/cloud_identity_group_membership.go.tmpl' + post_import: 'templates/terraform/post_import/go/cloud_identity_group_membership.go.tmpl' +exclude_sweeper: true +read_error_transform: 'transformCloudIdentityGroupMembershipReadError' +examples: + - name: 'cloud_identity_group_membership' + primary_resource_id: 'cloud_identity_group_membership_basic' + vars: + id_group: 'my-identity-group' + test_env_vars: + org_domain: 'ORG_DOMAIN' + cust_id: 'CUST_ID' + # Has a handwritten test due to CloudIdentityGroup-related tests needing to run synchronously + exclude_test: true + - name: 'cloud_identity_group_membership_user' + primary_resource_id: 'cloud_identity_group_membership_basic' + vars: + id_group: 'my-identity-group' + test_env_vars: + org_domain: 'ORG_DOMAIN' + cust_id: 'CUST_ID' + identity_user: 'IDENTITY_USER' + # Has a handwritten test due to CloudIdentityGroup-related tests needing to run synchronously + exclude_test: true +parameters: + - name: 'group' + type: ResourceRef + description: | + The name of the Group to create this membership in. + url_param_only: true + required: true + immutable: true + resource: 'Group' + imports: 'name' +properties: + - name: 'name' + type: String + description: | + The resource name of the Membership, of the form groups/{group_id}/memberships/{membership_id}. + output: true + - name: 'memberKey' + type: NestedObject + description: | + EntityKey of the member. + min_version: 'beta' + immutable: true + default_from_api: true + exactly_one_of: + - 'member_key' + - 'preferred_member_key' + properties: + - name: 'id' + type: String + description: | + The ID of the entity. + + For Google-managed entities, the id must be the email address of an existing + group or user. + + For external-identity-mapped entities, the id must be a string conforming + to the Identity Source's requirements. + + Must be unique within a namespace. + required: true + immutable: true + - name: 'namespace' + type: String + description: | + The namespace in which the entity exists. + + If not specified, the EntityKey represents a Google-managed entity + such as a Google user or a Google Group. + + If specified, the EntityKey represents an external-identity-mapped group. + The namespace must correspond to an identity source created in Admin Console + and must be in the form of `identitysources/{identity_source_id}`. + immutable: true + - name: 'preferredMemberKey' + type: NestedObject + description: | + EntityKey of the member. + immutable: true + default_from_api: true + exactly_one_of: + - 'member_key' + - 'preferred_member_key' + properties: + - name: 'id' + type: String + description: | + The ID of the entity. + + For Google-managed entities, the id must be the email address of an existing + group or user. + + For external-identity-mapped entities, the id must be a string conforming + to the Identity Source's requirements. + + Must be unique within a namespace. + required: true + immutable: true + - name: 'namespace' + type: String + description: | + The namespace in which the entity exists. + + If not specified, the EntityKey represents a Google-managed entity + such as a Google user or a Google Group. + + If specified, the EntityKey represents an external-identity-mapped group. + The namespace must correspond to an identity source created in Admin Console + and must be in the form of `identitysources/{identity_source_id}`. + immutable: true + - name: 'createTime' + type: String + description: | + The time when the Membership was created. + output: true + - name: 'updateTime' + type: String + description: | + The time when the Membership was last updated. + output: true + - name: 'roles' + type: Array + description: | + The MembershipRoles that apply to the Membership. + Must not contain duplicate MembershipRoles with the same name. + is_set: true + required: true + update_url: '{{name}}:modifyMembershipRoles' + update_verb: 'POST' + item_type: + type: NestedObject + properties: + - name: 'name' + type: Enum + description: | + The name of the MembershipRole. Must be one of OWNER, MANAGER, MEMBER. + required: true + enum_values: + - 'OWNER' + - 'MANAGER' + - 'MEMBER' + - name: 'expiryDetail' + type: NestedObject + description: | + The MembershipRole expiry details, only supported for MEMBER role. + Other roles cannot be accompanied with MEMBER role having expiry. + properties: + - name: 'expireTime' + type: String + description: | + The time at which the MembershipRole will expire. + + A timestamp in RFC3339 UTC "Zulu" format, with nanosecond + resolution and up to nine fractional digits. + + Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + required: true + - name: 'type' + type: String + description: | + The type of the membership. + output: true diff --git a/mmv1/products/cloudidentity/go_product.yaml b/mmv1/products/cloudidentity/go_product.yaml new file mode 100644 index 000000000000..14883c7af453 --- /dev/null +++ b/mmv1/products/cloudidentity/go_product.yaml @@ -0,0 +1,24 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'CloudIdentity' +display_name: 'Cloud Identity' +versions: + - name: 'ga' + base_url: 'https://cloudidentity.googleapis.com/v1/' + - name: 'beta' + base_url: 'https://cloudidentity.googleapis.com/v1beta1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-identity' diff --git a/mmv1/products/cloudidentity/product.yaml b/mmv1/products/cloudidentity/product.yaml index 65640b3aa9c2..1ee888f80fb5 100644 --- a/mmv1/products/cloudidentity/product.yaml +++ b/mmv1/products/cloudidentity/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2020 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,7 +15,31 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: CloudIdentity +display_name: Cloud Identity +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://cloudidentity.googleapis.com/v1/ + - !ruby/object:Api::Product::Version + name: beta + base_url: https://cloudidentity.googleapis.com/v1beta1/ +scopes: + - https://www.googleapis.com/auth/cloud-identity +======= +# Warning: This is a temporary file, and should not be edited directly --- +<<<<<<<< HEAD:mmv1/products/dialogflowcx/go_product.yaml +name: 'DialogflowCX' +display_name: 'Dialogflow CX' +versions: + - name: 'ga' + base_url: 'https://{{location}}-dialogflow.googleapis.com/v3/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' +======== name: 'CloudIdentity' display_name: 'Cloud Identity' versions: @@ -21,3 +49,5 @@ versions: base_url: 'https://cloudidentity.googleapis.com/v1beta1/' scopes: - 'https://www.googleapis.com/auth/cloud-identity' +>>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856:mmv1/products/cloudidentity/product.yaml +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/cloudids/Endpoint.yaml b/mmv1/products/cloudids/Endpoint.yaml index 11076d3f7e30..d333a849b3e0 100644 --- a/mmv1/products/cloudids/Endpoint.yaml +++ b/mmv1/products/cloudids/Endpoint.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,98 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Endpoint' +base_url: 'projects/{{project}}/locations/{{location}}/endpoints' +create_url: 'projects/{{project}}/locations/{{location}}/endpoints?endpointId={{name}}' +self_link: 'projects/{{project}}/locations/{{location}}/endpoints/{{name}}' +create_verb: :POST +update_verb: :PATCH +update_mask: true +description: | + Cloud IDS is an intrusion detection service that provides threat detection for intrusions, malware, spyware, and command-and-control attacks on your network. +references: !ruby/object:Api::Resource::ReferenceLinks + api: 'https://cloud.google.com/intrusion-detection-system/docs/configuring-ids' +id_format: 'projects/{{project}}/locations/{{location}}/endpoints/{{name}}' +import_format: + ['projects/{{project}}/locations/{{location}}/endpoints/{{name}}'] +autogen_async: true +skip_sweeper: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'cloudids_endpoint' + primary_resource_id: + 'example-endpoint' + # skip_test set to true since the example is identical to what's in the _test.go file. + skip_test: true +parameters: + - !ruby/object:Api::Type::String + name: 'location' + required: true + url_param_only: true + immutable: true + description: | + The location for the endpoint. + ignore_read: true +properties: + - !ruby/object:Api::Type::String + name: 'name' + required: true + immutable: true + description: | + Name of the endpoint in the format projects/{project_id}/locations/{locationId}/endpoints/{endpointId}. + custom_flatten: 'templates/terraform/custom_flatten/id_from_name.erb' + custom_expand: 'templates/terraform/custom_expand/shortname_to_url.go.erb' + - !ruby/object:Api::Type::String + name: 'createTime' + output: true + description: | + Creation timestamp in RFC 3339 text format. + - !ruby/object:Api::Type::String + name: 'updateTime' + output: true + description: | + Last update timestamp in RFC 3339 text format. + - !ruby/object:Api::Type::String + name: 'network' + required: true + immutable: true + description: | + Name of the VPC network that is connected to the IDS endpoint. This can either contain the VPC network name itself (like "src-net") or the full URL to the network (like "projects/{project_id}/global/networks/src-net"). + - !ruby/object:Api::Type::String + immutable: true + name: 'description' + description: | + An optional description of the endpoint. + - !ruby/object:Api::Type::String + name: 'endpointForwardingRule' + output: true + description: | + URL of the endpoint's network address to which traffic is to be sent by Packet Mirroring. + - !ruby/object:Api::Type::String + name: 'endpointIp' + output: true + description: | + Internal IP address of the endpoint's network entry point. + - !ruby/object:Api::Type::Enum + name: 'severity' + required: true + immutable: true + description: | + The minimum alert severity level that is reported by the endpoint. + values: + - :INFORMATIONAL + - :LOW + - :MEDIUM + - :HIGH + - :CRITICAL + - !ruby/object:Api::Type::Array + name: 'threatExceptions' + description: | + Configuration for threat IDs excluded from generating alerts. Limit: 99 IDs. + item_type: Api::Type::String +======= --- name: 'Endpoint' description: | @@ -119,3 +215,4 @@ properties: Configuration for threat IDs excluded from generating alerts. Limit: 99 IDs. item_type: type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/cloudids/go_Endpoint.yaml b/mmv1/products/cloudids/go_Endpoint.yaml new file mode 100644 index 000000000000..bf82294490fb --- /dev/null +++ b/mmv1/products/cloudids/go_Endpoint.yaml @@ -0,0 +1,122 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Endpoint' +description: | + Cloud IDS is an intrusion detection service that provides threat detection for intrusions, malware, spyware, and command-and-control attacks on your network. +references: + guides: + api: 'https://cloud.google.com/intrusion-detection-system/docs/configuring-ids' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/endpoints/{{name}}' +base_url: 'projects/{{project}}/locations/{{location}}/endpoints' +self_link: 'projects/{{project}}/locations/{{location}}/endpoints/{{name}}' +create_url: 'projects/{{project}}/locations/{{location}}/endpoints?endpointId={{name}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/endpoints/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 2000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: +exclude_sweeper: true +examples: + - name: 'cloudids_endpoint' + primary_resource_id: 'example-endpoint' + # skip_test set to true since the example is identical to what's in the _test.go file. + exclude_test: true +parameters: + - name: 'location' + type: String + description: | + The location for the endpoint. + url_param_only: true + required: true + immutable: true + ignore_read: true +properties: + - name: 'name' + type: String + description: | + Name of the endpoint in the format projects/{project_id}/locations/{locationId}/endpoints/{endpointId}. + required: true + immutable: true + custom_flatten: 'templates/terraform/custom_flatten/go/id_from_name.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/shortname_to_url.go.tmpl' + - name: 'createTime' + type: String + description: | + Creation timestamp in RFC 3339 text format. + output: true + - name: 'updateTime' + type: String + description: | + Last update timestamp in RFC 3339 text format. + output: true + - name: 'network' + type: String + description: | + Name of the VPC network that is connected to the IDS endpoint. This can either contain the VPC network name itself (like "src-net") or the full URL to the network (like "projects/{project_id}/global/networks/src-net"). + required: true + immutable: true + - name: 'description' + type: String + description: | + An optional description of the endpoint. + immutable: true + - name: 'endpointForwardingRule' + type: String + description: | + URL of the endpoint's network address to which traffic is to be sent by Packet Mirroring. + output: true + - name: 'endpointIp' + type: String + description: | + Internal IP address of the endpoint's network entry point. + output: true + - name: 'severity' + type: Enum + description: | + The minimum alert severity level that is reported by the endpoint. + required: true + immutable: true + enum_values: + - 'INFORMATIONAL' + - 'LOW' + - 'MEDIUM' + - 'HIGH' + - 'CRITICAL' + - name: 'threatExceptions' + type: Array + description: | + Configuration for threat IDs excluded from generating alerts. Limit: 99 IDs. + item_type: + type: String diff --git a/mmv1/products/cloudids/go_product.yaml b/mmv1/products/cloudids/go_product.yaml new file mode 100644 index 000000000000..ffe8c33468fa --- /dev/null +++ b/mmv1/products/cloudids/go_product.yaml @@ -0,0 +1,34 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'CloudIds' +display_name: 'Cloud Intrusion Detection Service' +versions: + - name: 'ga' + base_url: 'https://ids.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/cloudids' +async: + type: "OpAsync" + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 2000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' diff --git a/mmv1/products/cloudids/product.yaml b/mmv1/products/cloudids/product.yaml index bd3761940ce6..d28b3be89759 100644 --- a/mmv1/products/cloudids/product.yaml +++ b/mmv1/products/cloudids/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2022 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,32 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: CloudIds +display_name: Cloud Intrusion Detection Service +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://ids.googleapis.com/v1/ +scopes: + - https://www.googleapis.com/auth/cloudids +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 2000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error +======= --- name: 'CloudIds' display_name: 'Cloud Intrusion Detection Service' @@ -29,5 +59,6 @@ async: path: 'response' resource_inside_response: true error: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 path: 'error' message: 'message' diff --git a/mmv1/products/cloudquotas/QuotaPreference.yaml b/mmv1/products/cloudquotas/QuotaPreference.yaml index bc7d6c9e391c..5a1fcec0ca7d 100644 --- a/mmv1/products/cloudquotas/QuotaPreference.yaml +++ b/mmv1/products/cloudquotas/QuotaPreference.yaml @@ -11,6 +11,16 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'QuotaPreference' +description: | + QuotaPreference represents the preferred quota configuration specified for a project, folder or organization. There is only one QuotaPreference resource for a quota value targeting a unique set of dimensions. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Cloud Quotas Overview': 'https://cloud.google.com/docs/quotas/overview' + api: 'https://cloud.google.com/docs/quotas/reference/rest/v1/projects.locations.quotaPreferences' +======= --- name: 'QuotaPreference' description: | @@ -21,10 +31,96 @@ references: api: 'https://cloud.google.com/docs/quotas/reference/rest/v1/projects.locations.quotaPreferences' docs: id_format: '{{parent}}/locations/global/quotaPreferences/{{name}}' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 base_url: '{{parent}}/locations/global/quotaPreferences' self_link: '{{parent}}/locations/global/quotaPreferences/{{name}}' create_url: '{{parent}}/locations/global/quotaPreferences?quotaPreferenceId={{name}}&ignoreSafetyChecks={{ignore_safety_checks}}' update_url: '{{parent}}/locations/global/quotaPreferences/{{name}}?ignoreSafetyChecks={{ignore_safety_checks}}' +<<<<<<< HEAD +update_verb: :PATCH +update_mask: true +skip_delete: true +autogen_async: false +import_format: ['{{%parent}}/locations/global/quotaPreferences/{{name}}'] +id_format: '{{parent}}/locations/global/quotaPreferences/{{name}}' + +examples: + - !ruby/object:Provider::Terraform::Examples + name: "cloudquotas_quota_preference_basic" + primary_resource_id: "preference" + skip_test: true + vars: + name: "compute_googleapis_com-CPUS-per-project_us-east1" + test_env_vars: + project: :PROJECT_NAME + +parameters: + - !ruby/object:Api::Type::String + name: 'parent' + immutable: true + url_param_only: true + required: true + default_from_api: true + description: The parent of the quota preference. Allowed parents are "projects/[project-id / number]" or "folders/[folder-id / number]" or "organizations/[org-id / number]". + - !ruby/object:Api::Type::Enum + name: 'ignore_safety_checks' + url_param_only: true + default_value: :QUOTA_SAFETY_CHECK_UNSPECIFIED + description: The list of quota safety checks to be ignored. + values: + - :QUOTA_SAFETY_CHECK_UNSPECIFIED + - :QUOTA_DECREASE_BELOW_USAGE + - :QUOTA_DECREASE_PERCENTAGE_TOO_HIGH + +properties: + - !ruby/object:Api::Type::String + name: 'name' + default_from_api: true + description: | + The resource name of the quota preference. Required except in the CREATE requests. + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + custom_expand: templates/terraform/custom_expand/resource_from_self_link.go.erb + custom_flatten: templates/terraform/custom_flatten/name_from_self_link.erb + - !ruby/object:Api::Type::String + name: 'service' + required: true + default_from_api: true + description: The name of the service to which the quota preference is applied. + - !ruby/object:Api::Type::String + name: 'quotaId' + required: true + default_from_api: true + description: | + The id of the quota to which the quota preference is applied. A quota id is unique in the service. + Example: `CPUS-per-project-region`. + - !ruby/object:Api::Type::NestedObject + name: 'quotaConfig' + required: true + description: The preferred quota configuration. + properties: + - !ruby/object:Api::Type::String + name: 'preferredValue' + required: true + description: | + The preferred value. Must be greater than or equal to -1. If set to -1, it means the value is "unlimited". + - !ruby/object:Api::Type::String + name: 'stateDetail' + output: true + description: Optional details about the state of this quota preference. + - !ruby/object:Api::Type::String + name: 'grantedValue' + output: true + description: Granted quota value. + - !ruby/object:Api::Type::String + name: 'traceId' + custom_expand: 'templates/terraform/custom_expand/cloudquotas_quota_preference_trace_id.go.erb' + output: true + description: | + The trace id that the Google Cloud uses to provision the requested quota. This trace id may be used by the client to contact Cloud support to track the state of a quota preference request. The trace id is only produced for increase requests and is unique for each request. The quota decrease requests do not have a trace id. + - !ruby/object:Api::Type::KeyValuePairs + name: 'annotations' + custom_flatten: 'templates/terraform/custom_flatten/cloudquotas_quota_preference_annotations.go.erb' +======= update_verb: 'PATCH' update_mask: true exclude_delete: true @@ -107,10 +203,20 @@ properties: custom_expand: 'templates/terraform/custom_expand/cloudquotas_quota_preference_trace_id.go.tmpl' - name: 'annotations' type: KeyValuePairs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- The annotations map for clients to store small amounts of arbitrary data. Do not put PII or other sensitive information here. See https://google.aip.dev/128#annotations. An object containing a list of "key: value" pairs. Example: `{ "name": "wrench", "mass": "1.3kg", "count": "3" }`. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'requestOrigin' + output: true + description: The origin of the quota preference request. + - !ruby/object:Api::Type::KeyValuePairs + name: 'dimensions' + default_from_api: true +======= custom_flatten: 'templates/terraform/custom_flatten/cloudquotas_quota_preference_annotations.go.tmpl' - name: 'requestOrigin' type: String @@ -118,12 +224,44 @@ properties: output: true - name: 'dimensions' type: KeyValuePairs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- The dimensions that this quota preference applies to. The key of the map entry is the name of a dimension, such as "region", "zone", "network_id", and the value of the map entry is the dimension value. If a dimension is missing from the map of dimensions, the quota preference applies to all the dimension values except for those that have other quota preferences configured for the specific value. NOTE: QuotaPreferences can only be applied across all values of "user" and "resource" dimension. Do not set values for "user" or "resource" in the dimension map. Example: `{"provider": "Foo Inc"}` where "provider" is a service specific dimension. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'etag' + output: true + description: | + The current etag of the quota preference. If an etag is provided on update and does not match the current server's etag of the quota preference, the request will be blocked and an ABORTED error will be returned. See https://google.aip.dev/134#etags for more details on etags. + - !ruby/object:Api::Type::String + name: 'createTime' + output: true + description: | + Create time stamp. + A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: `2014-10-02T15:01:23Z` and `2014-10-02T15:01:23.045123456Z`. + - !ruby/object:Api::Type::String + name: 'updateTime' + output: true + description: | + Update time stamp. + A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: `2014-10-02T15:01:23Z` and `2014-10-02T15:01:23.045123456Z`. + - !ruby/object:Api::Type::Boolean + name: 'reconciling' + output: true + description: | + Is the quota preference pending Google Cloud approval and fulfillment. + - !ruby/object:Api::Type::String + name: 'justification' + ignore_read: true + description: The reason / justification for this quota preference. + - !ruby/object:Api::Type::String + name: 'contactEmail' + ignore_read: true +======= default_from_api: true - name: 'etag' type: String @@ -153,8 +291,12 @@ properties: ignore_read: true - name: 'contactEmail' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- An email address that can be used for quota related communication between the Google Cloud and the user in case the Google Cloud needs further information to make a decision on whether the user preferred quota can be granted. The Google account for the email address must have quota update permission for the project, folder or organization this quota preference is for. +<<<<<<< HEAD +======= ignore_read: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/cloudquotas/go_QuotaPreference.yaml b/mmv1/products/cloudquotas/go_QuotaPreference.yaml new file mode 100644 index 000000000000..54ed4d9f2952 --- /dev/null +++ b/mmv1/products/cloudquotas/go_QuotaPreference.yaml @@ -0,0 +1,161 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'QuotaPreference' +description: | + QuotaPreference represents the preferred quota configuration specified for a project, folder or organization. There is only one QuotaPreference resource for a quota value targeting a unique set of dimensions. +references: + guides: + 'Cloud Quotas Overview': 'https://cloud.google.com/docs/quotas/overview' + api: 'https://cloud.google.com/docs/quotas/reference/rest/v1/projects.locations.quotaPreferences' +docs: +id_format: '{{parent}}/locations/global/quotaPreferences/{{name}}' +base_url: '{{parent}}/locations/global/quotaPreferences' +self_link: '{{parent}}/locations/global/quotaPreferences/{{name}}' +create_url: '{{parent}}/locations/global/quotaPreferences?quotaPreferenceId={{name}}&ignoreSafetyChecks={{ignore_safety_checks}}' +update_url: '{{parent}}/locations/global/quotaPreferences/{{name}}?ignoreSafetyChecks={{ignore_safety_checks}}' +update_verb: 'PATCH' +update_mask: true +exclude_delete: true +import_format: + - '{{%parent}}/locations/global/quotaPreferences/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: +examples: + - name: 'cloudquotas_quota_preference_basic' + primary_resource_id: 'preference' + vars: + name: 'compute_googleapis_com-CPUS-per-project_us-east1' + test_env_vars: + project: 'PROJECT_NAME' + exclude_test: true +parameters: + - name: 'parent' + type: String + description: The parent of the quota preference. Allowed parents are "projects/[project-id / number]" or "folders/[folder-id / number]" or "organizations/[org-id / number]". + url_param_only: true + required: true + immutable: true + default_from_api: true + - name: 'ignore_safety_checks' + type: Enum + description: The list of quota safety checks to be ignored. + url_param_only: true + default_value: "QUOTA_SAFETY_CHECK_UNSPECIFIED" + enum_values: + - 'QUOTA_SAFETY_CHECK_UNSPECIFIED' + - 'QUOTA_DECREASE_BELOW_USAGE' + - 'QUOTA_DECREASE_PERCENTAGE_TOO_HIGH' +properties: + - name: 'name' + type: String + description: | + The resource name of the quota preference. Required except in the CREATE requests. + default_from_api: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/resource_from_self_link.go.tmpl' + - name: 'service' + type: String + description: The name of the service to which the quota preference is applied. + required: true + default_from_api: true + - name: 'quotaId' + type: String + description: | + The id of the quota to which the quota preference is applied. A quota id is unique in the service. + Example: `CPUS-per-project-region`. + required: true + default_from_api: true + - name: 'quotaConfig' + type: NestedObject + description: The preferred quota configuration. + required: true + properties: + - name: 'preferredValue' + type: String + description: | + The preferred value. Must be greater than or equal to -1. If set to -1, it means the value is "unlimited". + required: true + - name: 'stateDetail' + type: String + description: Optional details about the state of this quota preference. + output: true + - name: 'grantedValue' + type: String + description: Granted quota value. + output: true + - name: 'traceId' + type: String + description: | + The trace id that the Google Cloud uses to provision the requested quota. This trace id may be used by the client to contact Cloud support to track the state of a quota preference request. The trace id is only produced for increase requests and is unique for each request. The quota decrease requests do not have a trace id. + output: true + custom_expand: 'templates/terraform/custom_expand/go/cloudquotas_quota_preference_trace_id.go.tmpl' + - name: 'annotations' + type: KeyValuePairs + description: |- + The annotations map for clients to store small amounts of arbitrary data. Do not put PII or other sensitive information here. See https://google.aip.dev/128#annotations. + + An object containing a list of "key: value" pairs. Example: `{ "name": "wrench", "mass": "1.3kg", "count": "3" }`. + custom_flatten: 'templates/terraform/custom_flatten/go/cloudquotas_quota_preference_annotations.go.tmpl' + - name: 'requestOrigin' + type: String + description: The origin of the quota preference request. + output: true + - name: 'dimensions' + type: KeyValuePairs + description: |- + The dimensions that this quota preference applies to. The key of the map entry is the name of a dimension, such as "region", "zone", "network_id", and the value of the map entry is the dimension value. If a dimension is missing from the map of dimensions, the quota preference applies to all the dimension values except for those that have other quota preferences configured for the specific value. + + NOTE: QuotaPreferences can only be applied across all values of "user" and "resource" dimension. Do not set values for "user" or "resource" in the dimension map. + + Example: `{"provider": "Foo Inc"}` where "provider" is a service specific dimension. + default_from_api: true + - name: 'etag' + type: String + description: | + The current etag of the quota preference. If an etag is provided on update and does not match the current server's etag of the quota preference, the request will be blocked and an ABORTED error will be returned. See https://google.aip.dev/134#etags for more details on etags. + output: true + - name: 'createTime' + type: String + description: | + Create time stamp. + A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: `2014-10-02T15:01:23Z` and `2014-10-02T15:01:23.045123456Z`. + output: true + - name: 'updateTime' + type: String + description: | + Update time stamp. + A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: `2014-10-02T15:01:23Z` and `2014-10-02T15:01:23.045123456Z`. + output: true + - name: 'reconciling' + type: Boolean + description: | + Is the quota preference pending Google Cloud approval and fulfillment. + output: true + - name: 'justification' + type: String + description: The reason / justification for this quota preference. + ignore_read: true + - name: 'contactEmail' + type: String + description: |- + An email address that can be used for quota related communication between the Google Cloud and the user in case the Google Cloud needs further information to make a decision on whether the user preferred quota can be granted. + + The Google account for the email address must have quota update permission for the project, folder or organization this quota preference is for. + ignore_read: true diff --git a/mmv1/products/cloudquotas/go_product.yaml b/mmv1/products/cloudquotas/go_product.yaml new file mode 100644 index 000000000000..425e06dff489 --- /dev/null +++ b/mmv1/products/cloudquotas/go_product.yaml @@ -0,0 +1,32 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +<<<<<<<< HEAD:mmv1/products/cloudquotas/go_product.yaml +name: 'CloudQuotas' +display_name: 'Cloud Quotas' +versions: + - name: 'ga' + base_url: 'https://cloudquotas.googleapis.com/v1/' +======== +name: 'Composer' +display_name: 'Cloud Composer' +versions: + - name: 'ga' + base_url: 'https://composer.googleapis.com/v1/' + - name: 'beta' + base_url: 'https://composer.googleapis.com/v1beta1/' +>>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856:mmv1/products/composer/product.yaml +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/cloudquotas/product.yaml b/mmv1/products/cloudquotas/product.yaml index 740dfc91284b..ac6497339da4 100644 --- a/mmv1/products/cloudquotas/product.yaml +++ b/mmv1/products/cloudquotas/product.yaml @@ -11,6 +11,17 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: CloudQuotas +display_name: Cloud Quotas +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://cloudquotas.googleapis.com/v1/ +scopes: + - https://www.googleapis.com/auth/cloud-platform +======= --- name: 'CloudQuotas' display_name: 'Cloud Quotas' @@ -19,3 +30,4 @@ versions: base_url: 'https://cloudquotas.googleapis.com/v1/' scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/cloudrun/DomainMapping.yaml b/mmv1/products/cloudrun/DomainMapping.yaml index 7bc3a80cee43..a2de12a15906 100644 --- a/mmv1/products/cloudrun/DomainMapping.yaml +++ b/mmv1/products/cloudrun/DomainMapping.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,30 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: DomainMapping +kind: DomainMapping +base_url: apis/domains.cloudrun.com/v1/namespaces/{{project}}/domainmappings +cai_base_url: projects/{{project}}/locations/{{location}}/DomainMappings +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/run/docs/mapping-custom-domains' + api: 'https://cloud.google.com/run/docs/reference/rest/v1/projects.locations.domainmappings' +description: |- + Resource to hold the state and status of a user's domain mapping. +immutable: true +id_format: 'locations/{{location}}/namespaces/{{project}}/domainmappings/{{name}}' +import_format: + ['locations/{{location}}/namespaces/{{project}}/domainmappings/{{name}}'] +error_retry_predicates: ['transport_tpg.IsCloudRunCreationConflict'] +async: !ruby/object:Provider::Terraform::PollAsync + check_response_func_existence: PollCheckKnativeStatusFunc(res) + actions: ['create', 'update'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'cloud_run_domain_mapping_basic' +======= --- name: 'DomainMapping' kind: 'DomainMapping' @@ -51,18 +79,51 @@ schema_version: 1 state_upgraders: true examples: - name: 'cloud_run_domain_mapping_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: cloud_run_service_name: 'cloudrun-srv' test_env_vars: +<<<<<<< HEAD + namespace: :PROJECT_NAME +custom_code: !ruby/object:Provider::Terraform::CustomCode + encoder: 'templates/terraform/encoders/cloud_run_domain_mapping.go.erb' + decoder: 'templates/terraform/decoders/cloud_run.go.erb' + constants: templates/terraform/constants/cloud_run_domain_mapping.go.erb +custom_diff: [ + 'hasMetadata', +] +state_upgraders: true +schema_version: 1 +parameters: + - !ruby/object:Api::Type::String + name: location +======= namespace: 'PROJECT_NAME' parameters: - name: 'location' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: The location of the cloud run instance. eg us-central1 url_param_only: true required: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: name + url_param_only: true + immutable: true + description: |- + Name should be a [verified](https://support.google.com/webmasters/answer/9008080) domain + required: true + - !ruby/object:Api::Type::NestedObject + name: status + description: The current status of the DomainMapping. + output: true + properties: + - !ruby/object:Api::Type::Array + name: conditions +======= - name: 'name' type: String description: |- @@ -77,10 +138,35 @@ properties: properties: - name: 'conditions' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Array of observed DomainMappingConditions, indicating the current state of the DomainMapping. output: true +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: message + output: true + description: |- + Human readable message indicating details about the current status. + - !ruby/object:Api::Type::String + name: status + output: true + description: Status of the condition, one of True, False, Unknown. + - !ruby/object:Api::Type::String + name: reason + output: true + description: |- + One-word CamelCase reason for the condition's current status. + - !ruby/object:Api::Type::String + name: type + output: true + description: Type of domain mapping condition. + - !ruby/object:Api::Type::Integer + name: observedGeneration +======= item_type: type: NestedObject properties: @@ -104,16 +190,56 @@ properties: output: true - name: 'observedGeneration' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- ObservedGeneration is the 'Generation' of the DomainMapping that was last processed by the controller. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: resourceRecords +======= - name: 'resourceRecords' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- The resource records required to configure this domain mapping. These records must be added to the domain's DNS configuration in order to serve the application via this domain mapping. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Enum + name: type + description: 'Resource record type. Example: `AAAA`.' + values: + - :A + - :AAAA + - :CNAME + - !ruby/object:Api::Type::String + name: rrdata + output: true + description: |- + Data for this record. Values vary by record type, as defined in RFC 1035 + (section 5) and RFC 1034 (section 3.6.1). + - !ruby/object:Api::Type::String + name: name + output: true + description: |- + Relative name of the object affected by this record. Only applicable for + `CNAME` records. Example: 'www'. + - !ruby/object:Api::Type::String + name: mappedRouteName + output: true + description: The name of the route that the mapping currently points to. + - !ruby/object:Api::Type::NestedObject + name: spec + description: The spec for this DomainMapping. + required: true + properties: + - !ruby/object:Api::Type::Boolean + name: forceOverride +======= item_type: type: NestedObject properties: @@ -147,11 +273,37 @@ properties: properties: - name: 'forceOverride' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- If set, the mapping will override any mapping set before this spec was set. It is recommended that the user leaves this empty to receive an error warning about a potential conflict and only set it once the respective UI has given such a warning. +<<<<<<< HEAD + custom_flatten: templates/terraform/custom_flatten/cloudrun_ignore_force_override.go.erb + - !ruby/object:Api::Type::String + name: routeName + required: true + description: |- + The name of the Cloud Run Service that this DomainMapping applies to. + The route must exist. + custom_expand: 'templates/terraform/custom_expand/resource_from_self_link.go.erb' + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - !ruby/object:Api::Type::Enum + name: certificateMode + description: The mode of the certificate. + values: + - :NONE + - :AUTOMATIC + default_value: :AUTOMATIC + - !ruby/object:Api::Type::NestedObject + name: metadata + default_from_api: true + description: Metadata associated with this DomainMapping. + properties: + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' +======= custom_flatten: 'templates/terraform/custom_flatten/cloudrun_ignore_force_override.go.tmpl' - name: 'routeName' type: String @@ -175,11 +327,21 @@ properties: properties: - name: 'labels' type: KeyValueLabels +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: generation + description: |- + A sequence number representing a specific generation of the desired state. + output: true + - !ruby/object:Api::Type::String + name: resourceVersion +======= - name: 'generation' type: Integer description: |- @@ -187,6 +349,7 @@ properties: output: true - name: 'resourceVersion' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used @@ -197,6 +360,15 @@ properties: More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: selfLink + description: |- + SelfLink is a URL representing this object. + output: true + - !ruby/object:Api::Type::String + name: uid +======= - name: 'selfLink' type: String description: |- @@ -204,12 +376,24 @@ properties: output: true - name: 'uid' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- UID is a unique id generated by the server on successful creation of a resource and is not allowed to change on PUT operations. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: namespace + required: true + description: |- + In Cloud Run the namespace must be equal to either the + project ID or project number. + custom_flatten: templates/terraform/custom_flatten/set_to_project.go.erb + - !ruby/object:Api::Type::KeyValueAnnotations + name: 'annotations' +======= - name: 'namespace' type: String description: |- @@ -219,6 +403,7 @@ properties: custom_flatten: 'templates/terraform/custom_flatten/set_to_project.go.tmpl' - name: 'annotations' type: KeyValueAnnotations +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Annotations is a key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. diff --git a/mmv1/products/cloudrun/Service.yaml b/mmv1/products/cloudrun/Service.yaml index dbc773c694ea..f2b61ef3ac92 100644 --- a/mmv1/products/cloudrun/Service.yaml +++ b/mmv1/products/cloudrun/Service.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,29 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: Service +kind: Service +base_url: apis/serving.knative.dev/v1/namespaces/{{project}}/services +cai_base_url: projects/{{project}}/locations/{{location}}/services +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/run/docs/' + api: 'https://cloud.google.com/run/docs/reference/rest/v1/namespaces.services' +description: |- + A Cloud Run service has a unique endpoint and autoscales containers. +iam_policy: !ruby/object:Api::Resource::IamPolicy + method_name_separator: ':' + parent_resource_attribute: 'service' + base_url: v1/projects/{{project}}/locations/{{location}}/services/{{service}} + import_format: + [ + 'projects/{{project}}/locations/{{location}}/services/{{service}}', + '{{service}}', + ] +docs: !ruby/object:Provider::Terraform::Docs +======= --- name: 'Service' kind: 'Service' @@ -21,10 +48,47 @@ references: 'Official Documentation': 'https://cloud.google.com/run/docs/' api: 'https://cloud.google.com/run/docs/reference/rest/v1/namespaces.services' docs: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 warning: | We recommend using the `google_cloud_run_v2_service` resource which offers a better developer experience and broader support of Cloud Run features. id_format: 'locations/{{location}}/namespaces/{{project}}/services/{{name}}' +<<<<<<< HEAD +import_format: + ['locations/{{location}}/namespaces/{{project}}/services/{{name}}'] +error_retry_predicates: ['transport_tpg.IsCloudRunCreationConflict'] +async: !ruby/object:Provider::Terraform::PollAsync + check_response_func_existence: PollCheckKnativeStatusFunc(res) + actions: ['create', 'update'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'cloud_run_service_basic' + primary_resource_id: 'default' + primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-srv%s\", + context[\"random_suffix\"\ + ])" + vars: + cloud_run_service_name: 'cloudrun-srv' + test_env_vars: + project: :PROJECT_NAME + - !ruby/object:Provider::Terraform::Examples + name: 'cloud_run_service_gpu' + min_version: 'beta' + primary_resource_id: 'default' + primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-srv%s\", + context[\"random_suffix\"\ + ])" + vars: + cloud_run_service_name: 'cloudrun-srv' + test_env_vars: + project: :PROJECT_NAME + - !ruby/object:Provider::Terraform::Examples + name: 'cloud_run_service_sql' + primary_resource_id: 'default' + primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-srv%s\", + context[\"random_suffix\"\ + ])" +======= base_url: 'apis/serving.knative.dev/v1/namespaces/{{project}}/services' cai_base_url: 'projects/{{project}}/locations/{{location}}/services' import_format: @@ -79,11 +143,48 @@ examples: - name: 'cloud_run_service_sql' primary_resource_id: 'default' primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: cloud_run_service_name: 'cloudrun-srv' cloud_run_sql_name: 'cloudrun-sql' deletion_protection: 'true' test_vars_overrides: +<<<<<<< HEAD + deletion_protection: 'false' + oics_vars_overrides: + deletion_protection: 'false' + ignore_read_extra: + - 'autogenerate_revision_name' + - !ruby/object:Provider::Terraform::Examples + name: 'cloud_run_service_noauth' + primary_resource_id: 'default' + primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-srv%s\", + context[\"random_suffix\"\ + ])" + vars: + cloud_run_service_name: 'cloudrun-srv' + test_env_vars: + project: :PROJECT_NAME + - !ruby/object:Provider::Terraform::Examples + name: 'cloud_run_service_multiple_environment_variables' + primary_resource_id: 'default' + primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-srv%s\", + context[\"random_suffix\"\ + ])" + vars: + cloud_run_service_name: 'cloudrun-srv' + test_env_vars: + project: :PROJECT_NAME + ignore_read_extra: + - 'autogenerate_revision_name' + skip_docs: true + - !ruby/object:Provider::Terraform::Examples + name: 'cloud_run_service_secret_environment_variables' + primary_resource_id: 'default' + primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-srv%s\", + context[\"random_suffix\"\ + ])" +======= 'deletion_protection': 'false' oics_vars_overrides: 'deletion_protection': 'false' @@ -109,10 +210,23 @@ examples: - name: 'cloud_run_service_secret_environment_variables' primary_resource_id: 'default' primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: cloud_run_service_name: 'cloudrun-srv' secret_id: 'secret' test_env_vars: +<<<<<<< HEAD + project: :PROJECT_NAME + ignore_read_extra: + - 'autogenerate_revision_name' + skip_docs: true + - !ruby/object:Provider::Terraform::Examples + name: 'cloud_run_service_secret_volumes' + primary_resource_id: 'default' + primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-srv%s\", + context[\"random_suffix\"\ + ])" +======= project: 'PROJECT_NAME' ignore_read_extra: - 'autogenerate_revision_name' @@ -120,19 +234,44 @@ examples: - name: 'cloud_run_service_secret_volumes' primary_resource_id: 'default' primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: cloud_run_service_name: 'cloudrun-srv' secret_id: 'secret' test_env_vars: +<<<<<<< HEAD + project: :PROJECT_NAME + ignore_read_extra: + - 'autogenerate_revision_name' + skip_docs: true + - !ruby/object:Provider::Terraform::Examples + name: 'cloud_run_service_probes' +======= project: 'PROJECT_NAME' ignore_read_extra: - 'autogenerate_revision_name' exclude_docs: true - name: 'cloud_run_service_probes' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 + primary_resource_id: 'default' + vars: + cloud_run_service_name: 'cloudrun-srv' + test_env_vars: +<<<<<<< HEAD + project: :PROJECT_NAME + - !ruby/object:Provider::Terraform::Examples + name: 'cloud_run_service_multicontainer' + min_version: beta primary_resource_id: 'default' vars: cloud_run_service_name: 'cloudrun-srv' test_env_vars: + project: :PROJECT_NAME +virtual_fields: + - !ruby/object:Api::Type::Boolean + name: 'autogenerate_revision_name' + default_value: false +======= project: 'PROJECT_NAME' - name: 'cloud_run_service_multicontainer' primary_resource_id: 'default' @@ -143,29 +282,65 @@ examples: project: 'PROJECT_NAME' virtual_fields: - name: 'autogenerate_revision_name' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If set to `true`, the revision name (template.metadata.name) will be omitted and autogenerated by Cloud Run. This cannot be set to `true` while `template.metadata.name` is also set. (For legacy support, if `template.metadata.name` is unset in state while this field is set to false, the revision name will still autogenerate.) +<<<<<<< HEAD +custom_code: !ruby/object:Provider::Terraform::CustomCode + encoder: 'templates/terraform/encoders/cloud_run_service.go.erb' + decoder: 'templates/terraform/decoders/cloud_run.go.erb' + constants: templates/terraform/constants/cloud_run_service.go.erb +custom_diff: [ + 'revisionNameCustomizeDiff', +] +state_upgraders: true +state_upgrade_base_schema_version: 1 +schema_version: 2 +parameters: + - !ruby/object:Api::Type::String + name: location +======= type: Boolean default_value: false parameters: - name: 'location' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: The location of the cloud run instance. eg us-central1 url_param_only: true required: true immutable: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: name + # This is a convenience field as terraform expects `name` to be a top level property + url_param_only: true + immutable: true +======= - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Name must be unique within a Google Cloud project and region. Is required when creating resources. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names +<<<<<<< HEAD + required: true + - !ruby/object:Api::Type::NestedObject + name: spec + required: true + description: Spec holds the desired state of the Service (from the client). + flatten_object: true + properties: + - !ruby/object:Api::Type::Array + name: traffic +======= # This is a convenience field as terraform expects `name` to be a top level property url_param_only: true required: true @@ -178,10 +353,30 @@ properties: properties: - name: 'traffic' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations default_from_api: true +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: revisionName + description: |- + RevisionName of a specific revision to which to send this portion of traffic. + - !ruby/object:Api::Type::Integer + name: percent + required: true + description: |- + Percent specifies percent of the traffic to this Revision or Configuration. + - !ruby/object:Api::Type::String + name: tag + description: |- + Tag is optionally used to expose a dedicated url for referencing this target exclusively. + - !ruby/object:Api::Type::Boolean + name: latestRevision +======= item_type: type: NestedObject properties: @@ -200,20 +395,32 @@ properties: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - name: 'latestRevision' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: url + output: true +======= - name: 'url' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- URL displays the URL for accessing tagged traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: template +======= output: true - name: 'template' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- template holds the latest specification for the Revision to be stamped out. The template references the container image, and may also @@ -226,8 +433,13 @@ properties: Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: metadata +======= - name: 'metadata' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances @@ -238,13 +450,27 @@ properties: annotation key. default_from_api: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::KeyValuePairs + name: 'labels' +======= - name: 'labels' type: KeyValuePairs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Map of string keys and values that can be used to organize and categorize (scope and select) objects. default_from_api: true diff_suppress_func: 'cloudrunTemplateLabelDiffSuppress' +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: generation + description: |- + A sequence number representing a specific generation of the desired state. + output: true + - !ruby/object:Api::Type::String + name: resourceVersion +======= - name: 'generation' type: Integer description: |- @@ -252,6 +478,7 @@ properties: output: true - name: 'resourceVersion' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used @@ -259,6 +486,15 @@ properties: resource or set of resources. They may only be valid for a particular resource or set of resources. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: selfLink + description: |- + SelfLink is a URL representing this object. + output: true + - !ruby/object:Api::Type::String + name: uid +======= - name: 'selfLink' type: String description: |- @@ -266,19 +502,31 @@ properties: output: true - name: 'uid' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- UID is a unique id generated by the server on successful creation of a resource and is not allowed to change on PUT operations. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: namespace +======= - name: 'namespace' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- In Cloud Run the namespace must be equal to either the project ID or project number. It will default to the resource's project. default_from_api: true +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/default_to_project.go.erb' + - !ruby/object:Api::Type::KeyValuePairs + name: 'annotations' +======= custom_expand: 'templates/terraform/custom_expand/default_to_project.go.tmpl' - name: 'annotations' type: KeyValuePairs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Annotations is a key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. @@ -323,12 +571,47 @@ properties: See https://cloud.google.com/sdk/gcloud/reference/run/deploy#--vpc-egress. default_from_api: true diff_suppress_func: 'cloudrunTemplateAnnotationDiffSuppress' +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: name +======= - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Name must be unique within a Google Cloud project and region. Is required when creating resources. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/cloud_run_service_revision_name.erb' + default_from_api: true + - !ruby/object:Api::Type::NestedObject + name: spec + required: true + description: + RevisionSpec holds the desired state of the Revision (from the + client). + default_from_api: true + properties: + - !ruby/object:Api::Type::Array + name: containers + update_verb: :PUT + required: true + description: |- + Containers defines the unit of execution for this Revision. + default_from_api: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: name + description: Name of the container + default_from_api: true + - !ruby/object:Api::Type::String + deprecation_message: >- + `working_dir` is deprecated and will be removed in a future major release. This field is not supported by the Cloud Run API. + name: workingDir + immutable: true +======= default_from_api: true custom_expand: 'templates/terraform/custom_expand/cloud_run_service_revision_name.tmpl' - name: 'spec' @@ -354,10 +637,24 @@ properties: default_from_api: true - name: 'workingDir' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: args + description: |- + Arguments to the entrypoint. + The docker image's CMD is used if this is not provided. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: envFrom + deprecation_message: >- + `env_from` is deprecated and will be removed in a future major release. This field is not supported by the Cloud Run API. + immutable: true +======= immutable: true deprecation_message: '`working_dir` is deprecated and will be removed in a future major release. This field is not supported by the Cloud Run API.' - name: 'args' @@ -369,12 +666,103 @@ properties: type: String - name: 'envFrom' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- List of sources to populate environment variables in the container. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: prefix + description: |- + An optional identifier to prepend to each key in the ConfigMap. + - !ruby/object:Api::Type::NestedObject + name: configMapRef + description: |- + The ConfigMap to select from. + properties: + - !ruby/object:Api::Type::Boolean + name: optional + description: |- + Specify whether the ConfigMap must be defined + - !ruby/object:Api::Type::NestedObject + name: localObjectReference + description: The ConfigMap to select from. + properties: + - !ruby/object:Api::Type::String + name: name + required: true + description: |- + Name of the referent. + - !ruby/object:Api::Type::NestedObject + name: secretRef + description: |- + The Secret to select from. + properties: + - !ruby/object:Api::Type::NestedObject + name: localObjectReference + description: The Secret to select from. + properties: + - !ruby/object:Api::Type::String + name: name + required: true + description: |- + Name of the referent. + - !ruby/object:Api::Type::Boolean + name: optional + description: |- + Specify whether the Secret must be defined + - !ruby/object:Api::Type::String + name: image + required: true + description: |- + Docker image name. This is most often a reference to a container located + in the container registry, such as gcr.io/cloudrun/hello + - !ruby/object:Api::Type::Array + name: command + description: |- + Entrypoint array. Not executed within a shell. + The docker image's ENTRYPOINT is used if this is not provided. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: env + description: |- + List of environment variables to set in the container. + is_set: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: name + description: Name of the environment variable. + - !ruby/object:Api::Type::String + name: value + description: |- + Defaults to "". + - !ruby/object:Api::Type::NestedObject + name: valueFrom + description: |- + Source for the environment variable's value. Only supports secret_key_ref. + properties: + - !ruby/object:Api::Type::NestedObject + name: secretKeyRef + required: true + description: |- + Selects a key (version) of a secret in Secret Manager. + properties: + - !ruby/object:Api::Type::String + name: key + required: true + description: |- + A Cloud Secret Manager secret version. Must be 'latest' for the latest + version or an integer for a specific version. + - !ruby/object:Api::Type::String + name: name + required: true +======= immutable: true deprecation_message: '`env_from` is deprecated and will be removed in a future major release. This field is not supported by the Cloud Run API.' item_type: @@ -467,12 +855,24 @@ properties: required: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects/{project-id|project-number}/secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: ports + description: |- + List of open ports in the container. + default_from_api: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: name +======= required: true - name: 'ports' type: Array @@ -484,11 +884,21 @@ properties: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: If specified, used to specify which protocol to use. Allowed values are "http1" (HTTP/1) and "h2c" (HTTP/2 end-to-end). Defaults to "http1". default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: protocol + description: + Protocol for port. Must be "TCP". Defaults to + "TCP". + - !ruby/object:Api::Type::Integer + name: containerPort +======= - name: 'protocol' type: String description: @@ -496,31 +906,69 @@ properties: "TCP". - name: 'containerPort' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: Port number the container listens on. This must be a valid port number (between 1 and 65535). Defaults to "8080". +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: resources +======= - name: 'resources' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Compute Resources required by this container. Used to set values such as max memory default_from_api: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::KeyValuePairs + name: limits +======= - name: 'limits' type: KeyValuePairs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::KeyValuePairs + name: requests +======= - name: 'requests' type: KeyValuePairs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: volumeMounts + description: |- + Volume to mount into the container's filesystem. + Only supports SecretVolumeSources. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: mountPath + required: true + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + - !ruby/object:Api::Type::String + name: name + required: true + description: |- + This must match the Name of a Volume. + - !ruby/object:Api::Type::NestedObject + name: startupProbe +======= - name: 'volumeMounts' type: Array description: |- @@ -542,38 +990,74 @@ properties: required: true - name: 'startupProbe' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. default_from_api: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: initialDelaySeconds +======= - name: 'initialDelaySeconds' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value is 240. default_value: 0 +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: timeoutSeconds +======= - name: 'timeoutSeconds' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than periodSeconds. default_value: 1 +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: periodSeconds +======= - name: 'periodSeconds' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value is 240. default_value: 10 +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: failureThreshold +======= - name: 'failureThreshold' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. default_value: 3 +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: tcpSocket + description: |- + TcpSocket specifies an action involving a TCP port. + exactly_one_of: + - template.0.spec.0.containers.0.startup_probe.0.tcp_socket + - template.0.spec.0.containers.0.startup_probe.0.http_get + - template.0.spec.0.containers.0.startup_probe.0.grpc + send_empty_value: true + allow_empty_object: true + properties: + - !ruby/object:Api::Type::Integer + name: port +======= - name: 'tcpSocket' type: NestedObject description: |- @@ -587,10 +1071,31 @@ properties: properties: - name: 'port' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Port number to access on the container. Number must be in the range 1 to 65535. If not specified, defaults to the same value as container.ports[0].containerPort. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: httpGet + description: |- + HttpGet specifies the http request to perform. + exactly_one_of: + - template.0.spec.0.containers.0.startup_probe.0.tcp_socket + - template.0.spec.0.containers.0.startup_probe.0.http_get + - template.0.spec.0.containers.0.startup_probe.0.grpc + send_empty_value: true + allow_empty_object: true + properties: + - !ruby/object:Api::Type::String + name: path + description: |- + Path to access on the HTTP server. If set, it should not be empty string. + default_value: '/' + - !ruby/object:Api::Type::Integer + name: port +======= - name: 'httpGet' type: NestedObject description: |- @@ -609,10 +1114,43 @@ properties: default_value: "/" - name: 'port' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Port number to access on the container. Number must be in the range 1 to 65535. If not specified, defaults to the same value as container.ports[0].containerPort. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: httpHeaders + description: |- + Custom headers to set in the request. HTTP allows repeated headers. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: name + description: |- + The header field name. + required: true + - !ruby/object:Api::Type::String + name: value + description: |- + The header field value. + default_value: '' + send_empty_value: true + - !ruby/object:Api::Type::NestedObject + name: grpc + description: |- + GRPC specifies an action involving a GRPC port. + exactly_one_of: + - template.0.spec.0.containers.0.startup_probe.0.tcp_socket + - template.0.spec.0.containers.0.startup_probe.0.http_get + - template.0.spec.0.containers.0.startup_probe.0.grpc + send_empty_value: true + allow_empty_object: true + properties: + - !ruby/object:Api::Type::Integer + name: port +======= - name: 'httpHeaders' type: Array description: |- @@ -644,16 +1182,31 @@ properties: properties: - name: 'port' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Port number to access on the container. Number must be in the range 1 to 65535. If not specified, defaults to the same value as container.ports[0].containerPort. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: service +======= - name: 'service' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- The name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: livenessProbe + description: |- + Periodic probe of container liveness. Container will be restarted if the probe fails. + properties: + - !ruby/object:Api::Type::Integer + name: initialDelaySeconds +======= - name: 'livenessProbe' type: NestedObject description: |- @@ -661,30 +1214,65 @@ properties: properties: - name: 'initialDelaySeconds' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value is 3600. default_value: 0 +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: timeoutSeconds +======= - name: 'timeoutSeconds' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. default_value: 1 +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: periodSeconds +======= - name: 'periodSeconds' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value is 3600. default_value: 10 +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: failureThreshold +======= - name: 'failureThreshold' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. default_value: 3 +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: httpGet + description: |- + HttpGet specifies the http request to perform. + exactly_one_of: + - template.0.spec.0.containers.0.liveness_probe.0.http_get + - template.0.spec.0.containers.0.liveness_probe.0.grpc + send_empty_value: true + allow_empty_object: true + properties: + - !ruby/object:Api::Type::String + name: path + description: |- + Path to access on the HTTP server. If set, it should not be empty string. + default_value: '/' + - !ruby/object:Api::Type::Integer + name: port +======= - name: 'httpGet' type: NestedObject description: |- @@ -702,10 +1290,42 @@ properties: default_value: "/" - name: 'port' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Port number to access on the container. Number must be in the range 1 to 65535. If not specified, defaults to the same value as container.ports[0].containerPort. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: httpHeaders + description: |- + Custom headers to set in the request. HTTP allows repeated headers. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: name + description: |- + The header field name. + required: true + - !ruby/object:Api::Type::String + name: value + description: |- + The header field value. + default_value: '' + send_empty_value: true + - !ruby/object:Api::Type::NestedObject + name: grpc + description: |- + GRPC specifies an action involving a GRPC port. + exactly_one_of: + - template.0.spec.0.containers.0.liveness_probe.0.http_get + - template.0.spec.0.containers.0.liveness_probe.0.grpc + send_empty_value: true + allow_empty_object: true + properties: + - !ruby/object:Api::Type::Integer + name: port +======= - name: 'httpHeaders' type: Array description: |- @@ -736,30 +1356,56 @@ properties: properties: - name: 'port' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Port number to access on the container. Number must be in the range 1 to 65535. If not specified, defaults to the same value as container.ports[0].containerPort. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: service +======= - name: 'service' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- The name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC. +<<<<<<< HEAD + - !ruby/object:Api::Type::KeyValuePairs + name: nodeSelector + min_version: beta +======= - name: 'nodeSelector' type: KeyValuePairs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Node Selector describes the hardware requirements of the resources. Use the following node selector keys to configure features on a Revision: - `run.googleapis.com/accelerator` sets the [type of GPU](https://cloud.google.com/run/docs/configuring/services/gpu) required by the Revision to run. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: containerConcurrency +======= min_version: 'beta' - name: 'containerConcurrency' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. If not specified or 0, defaults to 80 when requested CPU >= 1 and defaults to 1 when requested CPU < 1. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: timeoutSeconds + description: |- + TimeoutSeconds holds the max duration the instance is allowed for responding to a request. + default_from_api: true + - !ruby/object:Api::Type::String + name: serviceAccountName +======= - name: 'timeoutSeconds' type: Integer description: |- @@ -767,12 +1413,28 @@ properties: default_from_api: true - name: 'serviceAccountName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: volumes + description: |- + Volume represents a named volume in a container. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: name + required: true + description: |- + Volume's name. + - !ruby/object:Api::Type::NestedObject + name: secret +======= - name: 'volumes' type: Array description: |- @@ -787,13 +1449,20 @@ properties: required: true - name: 'secret' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: secretName + required: true +======= - name: 'secretName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. @@ -804,22 +1473,45 @@ properties: commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: defaultMode +======= required: true - name: 'defaultMode' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Mode bits to use on created files by default. Must be a value between 0000 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: items +======= - name: 'items' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: key + required: true + description: |- + The Cloud Secret Manager secret version. + Can be 'latest' for the latest value or an integer for a specific version. + - !ruby/object:Api::Type::String + name: path + required: true +======= item_type: type: NestedObject properties: @@ -831,19 +1523,49 @@ properties: required: true - name: 'path' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: mode +======= required: true - name: 'mode' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Mode bits to use on this file, must be a value between 0000 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: emptyDir + description: |- + Ephemeral storage which can be backed by real disks (HD, SSD), network storage or memory (i.e. tmpfs). For now only in memory (tmpfs) is supported. It is ephemeral in the sense that when the sandbox is taken down, the data is destroyed with it (it does not persist across sandbox runs). + min_version: beta + properties: + - !ruby/object:Api::Type::String + name: 'medium' + description: |- + The medium on which the data is stored. The default is "" which means to use the node's default medium. Must be an empty string (default) or Memory. + - !ruby/object:Api::Type::String + name: 'sizeLimit' + description: |- + Limit on the storage usable by this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. This field's values are of the 'Quantity' k8s type: https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/quantity/. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir. + - !ruby/object:Api::Type::NestedObject + name: csi + description: |- + A filesystem specified by the Container Storage Interface (CSI). + properties: + - !ruby/object:Api::Type::String + name: 'driver' + required: true +======= - name: 'emptyDir' type: NestedObject description: |- @@ -865,10 +1587,20 @@ properties: properties: - name: 'driver' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Unique name representing the type of file system to be created. Cloud Run supports the following values: * gcsfuse.run.googleapis.com: Mount a Google Cloud Storage bucket using GCSFuse. This driver requires the run.googleapis.com/execution-environment annotation to be unset or set to "gen2" +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'readOnly' + default_from_api: true + description: |- + If true, all mounts created from this volume will be read-only. + - !ruby/object:Api::Type::KeyValuePairs + name: 'volumeAttributes' +======= required: true - name: 'readOnly' type: Boolean @@ -877,16 +1609,42 @@ properties: default_from_api: true - name: 'volumeAttributes' type: KeyValuePairs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Driver-specific attributes. The following options are supported for available drivers: * gcsfuse.run.googleapis.com * bucketName: The name of the Cloud Storage Bucket that backs this volume. The Cloud Run Service identity must have access to this bucket. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: nfs +======= - name: 'nfs' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- A filesystem backed by a Network File System share. This filesystem requires the run.googleapis.com/execution-environment annotation to be unset or set to "gen2" properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: server + required: true + description: |- + IP address or hostname of the NFS server + - !ruby/object:Api::Type::String + name: path + required: true + description: |- + Path exported by the NFS server + - !ruby/object:Api::Type::Boolean + name: readOnly + description: |- + If true, mount the NFS volume as read only in all mounts. Defaults to false. + - !ruby/object:Api::Type::Enum + name: servingState + deprecation_message: >- + `serving_state` is deprecated and will be removed in a future major release. This field is not supported by the Cloud Run API. +======= - name: 'server' type: String description: |- @@ -903,12 +1661,52 @@ properties: If true, mount the NFS volume as read only in all mounts. Defaults to false. - name: 'servingState' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- ServingState holds a value describing the state the resources are in for this Revision. It is expected that the system will manipulate this based on routability and load. output: true +<<<<<<< HEAD + values: + - :ACTIVE + - :RESERVE + - :RETIRED + + - !ruby/object:Api::Type::NestedObject + name: status + description: The current status of the Service. + output: true + properties: + - !ruby/object:Api::Type::Array + name: conditions + description: |- + Array of observed Service Conditions, indicating the current ready state of the service. + output: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: message + output: true + description: |- + Human readable message indicating details about the current status. + - !ruby/object:Api::Type::String + name: status + output: true + description: Status of the condition, one of True, False, Unknown. + - !ruby/object:Api::Type::String + name: reason + output: true + description: |- + One-word CamelCase reason for the condition's current status. + - !ruby/object:Api::Type::String + name: type + output: true + description: Type of domain mapping condition. + - !ruby/object:Api::Type::String + name: url +======= deprecation_message: '`serving_state` is deprecated and will be removed in a future major release. This field is not supported by the Cloud Run API.' enum_values: - 'ACTIVE' @@ -947,13 +1745,19 @@ properties: output: true - name: 'url' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- From RouteStatus. URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: observedGeneration +======= - name: 'observedGeneration' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. @@ -961,26 +1765,63 @@ properties: Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: latestCreatedRevisionName +======= - name: 'latestCreatedRevisionName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: latestReadyRevisionName +======= - name: 'latestReadyRevisionName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision stamped out from this Service's Configuration that has had its "Ready" condition become "True". output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: traffic +======= - name: 'traffic' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations output: true +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: revisionName + description: |- + RevisionName of a specific revision to which to send this portion of traffic. + output: true + - !ruby/object:Api::Type::Integer + name: percent + output: true + description: |- + Percent specifies percent of the traffic to this Revision or Configuration. + - !ruby/object:Api::Type::String + name: tag + output: true + description: |- + Tag is optionally used to expose a dedicated url for referencing this target exclusively. + - !ruby/object:Api::Type::Boolean + name: latestRevision + output: true +======= item_type: type: NestedObject properties: @@ -1001,19 +1842,38 @@ properties: output: true - name: 'latestRevision' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: url + output: true +======= output: true - name: 'url' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- URL displays the URL for accessing tagged traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: metadata + required: false + description: |- + Metadata associated with this Service, including name, namespace, labels, + and annotations. + default_from_api: true + properties: + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' +======= output: true - name: 'metadata' type: NestedObject @@ -1025,10 +1885,20 @@ properties: properties: - name: 'labels' type: KeyValueLabels +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: generation + description: |- + A sequence number representing a specific generation of the desired state. + output: true + - !ruby/object:Api::Type::String + name: resourceVersion +======= - name: 'generation' type: Integer description: |- @@ -1036,6 +1906,7 @@ properties: output: true - name: 'resourceVersion' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used @@ -1043,6 +1914,15 @@ properties: resource or set of resources. They may only be valid for a particular resource or set of resources. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: selfLink + description: |- + SelfLink is a URL representing this object. + output: true + - !ruby/object:Api::Type::String + name: uid +======= - name: 'selfLink' type: String description: |- @@ -1050,10 +1930,24 @@ properties: output: true - name: 'uid' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- UID is a unique id generated by the server on successful creation of a resource and is not allowed to change on PUT operations. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: namespace + required: false + description: |- + In Cloud Run the namespace must be equal to either the + project ID or project number. + default_from_api: true + custom_flatten: templates/terraform/custom_flatten/set_to_project.go.erb + custom_expand: 'templates/terraform/custom_expand/default_to_project.go.erb' + - !ruby/object:Api::Type::KeyValueAnnotations + name: 'annotations' +======= - name: 'namespace' type: String description: |- @@ -1065,6 +1959,7 @@ properties: custom_expand: 'templates/terraform/custom_expand/default_to_project.go.tmpl' - name: 'annotations' type: KeyValueAnnotations +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Annotations is a key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. diff --git a/mmv1/products/cloudrun/go_DomainMapping.yaml b/mmv1/products/cloudrun/go_DomainMapping.yaml new file mode 100644 index 000000000000..29402e0fe87f --- /dev/null +++ b/mmv1/products/cloudrun/go_DomainMapping.yaml @@ -0,0 +1,230 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'DomainMapping' +kind: 'DomainMapping' +description: |- + Resource to hold the state and status of a user's domain mapping. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/run/docs/mapping-custom-domains' + api: 'https://cloud.google.com/run/docs/reference/rest/v1/projects.locations.domainmappings' +docs: +id_format: 'locations/{{location}}/namespaces/{{project}}/domainmappings/{{name}}' +base_url: 'apis/domains.cloudrun.com/v1/namespaces/{{project}}/domainmappings' +cai_base_url: 'projects/{{project}}/locations/{{location}}/DomainMappings' +immutable: true +import_format: + - 'locations/{{location}}/namespaces/{{project}}/domainmappings/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + type: 'PollAsync' + check_response_func_existence: 'PollCheckKnativeStatusFunc(res)' + check_response_func_absence: 'transport_tpg.PollCheckForAbsence' + suppress_error: false + target_occurrences: 1 + actions: ['create', 'update'] +custom_code: + constants: 'templates/terraform/constants/go/cloud_run_domain_mapping.go.tmpl' + encoder: 'templates/terraform/encoders/go/cloud_run_domain_mapping.go.tmpl' + decoder: 'templates/terraform/decoders/go/cloud_run.go.tmpl' +custom_diff: + - 'hasMetadata' +error_retry_predicates: + + - 'transport_tpg.IsCloudRunCreationConflict' +schema_version: 1 +state_upgraders: true +examples: + - name: 'cloud_run_domain_mapping_basic' + primary_resource_id: 'default' + vars: + cloud_run_service_name: 'cloudrun-srv' + test_env_vars: + namespace: 'PROJECT_NAME' +parameters: + - name: 'location' + type: String + description: The location of the cloud run instance. eg us-central1 + url_param_only: true + required: true +properties: + - name: 'name' + type: String + description: |- + Name should be a [verified](https://support.google.com/webmasters/answer/9008080) domain + url_param_only: true + required: true + immutable: true + - name: 'status' + type: NestedObject + description: The current status of the DomainMapping. + output: true + properties: + - name: 'conditions' + type: Array + description: |- + Array of observed DomainMappingConditions, indicating the current state + of the DomainMapping. + output: true + item_type: + type: NestedObject + properties: + - name: 'message' + type: String + description: |- + Human readable message indicating details about the current status. + output: true + - name: 'status' + type: String + description: Status of the condition, one of True, False, Unknown. + output: true + - name: 'reason' + type: String + description: |- + One-word CamelCase reason for the condition's current status. + output: true + - name: 'type' + type: String + description: Type of domain mapping condition. + output: true + - name: 'observedGeneration' + type: Integer + description: |- + ObservedGeneration is the 'Generation' of the DomainMapping that + was last processed by the controller. + output: true + - name: 'resourceRecords' + type: Array + description: |- + The resource records required to configure this domain mapping. These + records must be added to the domain's DNS configuration in order to + serve the application via this domain mapping. + item_type: + type: NestedObject + properties: + - name: 'type' + type: Enum + description: 'Resource record type. Example: `AAAA`.' + enum_values: + - 'A' + - 'AAAA' + - 'CNAME' + - name: 'rrdata' + type: String + description: |- + Data for this record. Values vary by record type, as defined in RFC 1035 + (section 5) and RFC 1034 (section 3.6.1). + output: true + - name: 'name' + type: String + description: |- + Relative name of the object affected by this record. Only applicable for + `CNAME` records. Example: 'www'. + output: true + - name: 'mappedRouteName' + type: String + description: The name of the route that the mapping currently points to. + output: true + - name: 'spec' + type: NestedObject + description: The spec for this DomainMapping. + required: true + properties: + - name: 'forceOverride' + type: Boolean + description: |- + If set, the mapping will override any mapping set before this spec was set. + It is recommended that the user leaves this empty to receive an error + warning about a potential conflict and only set it once the respective UI + has given such a warning. + custom_flatten: 'templates/terraform/custom_flatten/go/cloudrun_ignore_force_override.go.tmpl' + - name: 'routeName' + type: String + description: |- + The name of the Cloud Run Service that this DomainMapping applies to. + The route must exist. + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + custom_expand: 'templates/terraform/custom_expand/go/resource_from_self_link.go.tmpl' + - name: 'certificateMode' + type: Enum + description: The mode of the certificate. + default_value: "AUTOMATIC" + enum_values: + - 'NONE' + - 'AUTOMATIC' + - name: 'metadata' + type: NestedObject + description: Metadata associated with this DomainMapping. + default_from_api: true + properties: + - name: 'labels' + type: KeyValueLabels + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and routes. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + - name: 'generation' + type: Integer + description: |- + A sequence number representing a specific generation of the desired state. + output: true + - name: 'resourceVersion' + type: String + description: |- + An opaque value that represents the internal version of this object that + can be used by clients to determine when objects have changed. May be used + for optimistic concurrency, change detection, and the watch operation on a + resource or set of resources. They may only be valid for a + particular resource or set of resources. + + More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + output: true + - name: 'selfLink' + type: String + description: |- + SelfLink is a URL representing this object. + output: true + - name: 'uid' + type: String + description: |- + UID is a unique id generated by the server on successful creation of a resource and is not + allowed to change on PUT operations. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids + output: true + - name: 'namespace' + type: String + description: |- + In Cloud Run the namespace must be equal to either the + project ID or project number. + required: true + custom_flatten: 'templates/terraform/custom_flatten/go/set_to_project.go.tmpl' + - name: 'annotations' + type: KeyValueAnnotations + description: |- + Annotations is a key value map stored with a resource that + may be set by external tools to store and retrieve arbitrary metadata. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + + **Note**: The Cloud Run API may add additional annotations that were not provided in your config. + If terraform plan shows a diff where a server-side annotation is added, you can add it to your config + or apply the lifecycle.ignore_changes rule to the metadata.0.annotations field. diff --git a/mmv1/products/cloudrun/go_Service.yaml b/mmv1/products/cloudrun/go_Service.yaml new file mode 100644 index 000000000000..554794418cbf --- /dev/null +++ b/mmv1/products/cloudrun/go_Service.yaml @@ -0,0 +1,1090 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Service' +kind: 'Service' +description: |- + A Cloud Run service has a unique endpoint and autoscales containers. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/run/docs/' + api: 'https://cloud.google.com/run/docs/reference/rest/v1/namespaces.services' +docs: + warning: | + We recommend using the `google_cloud_run_v2_service` resource which offers a better + developer experience and broader support of Cloud Run features. +id_format: 'locations/{{location}}/namespaces/{{project}}/services/{{name}}' +base_url: 'apis/serving.knative.dev/v1/namespaces/{{project}}/services' +cai_base_url: 'projects/{{project}}/locations/{{location}}/services' +import_format: + - 'locations/{{location}}/namespaces/{{project}}/services/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + type: 'PollAsync' + check_response_func_existence: 'PollCheckKnativeStatusFunc(res)' + check_response_func_absence: 'transport_tpg.PollCheckForAbsence' + suppress_error: false + target_occurrences: 1 + actions: ['create', 'update'] +iam_policy: + method_name_separator: ':' + parent_resource_attribute: 'service' + base_url: 'v1/projects/{{project}}/locations/{{location}}/services/{{service}}' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/{{location}}/services/{{service}}' + - '{{service}}' +custom_code: + constants: 'templates/terraform/constants/go/cloud_run_service.go.tmpl' + encoder: 'templates/terraform/encoders/go/cloud_run_service.go.tmpl' + decoder: 'templates/terraform/decoders/go/cloud_run.go.tmpl' +custom_diff: + - 'revisionNameCustomizeDiff' +error_retry_predicates: + + - 'transport_tpg.IsCloudRunCreationConflict' +schema_version: 2 +state_upgrade_base_schema_version: 1 +state_upgraders: true +examples: + - name: 'cloud_run_service_basic' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' + vars: + cloud_run_service_name: 'cloudrun-srv' + test_env_vars: + project: 'PROJECT_NAME' + - name: 'cloud_run_service_gpu' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' + min_version: 'beta' + vars: + cloud_run_service_name: 'cloudrun-srv' + test_env_vars: + project: 'PROJECT_NAME' + - name: 'cloud_run_service_sql' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' + vars: + cloud_run_service_name: 'cloudrun-srv' + cloud_run_sql_name: 'cloudrun-sql' + deletion_protection: 'true' + test_vars_overrides: + 'deletion_protection': 'false' + oics_vars_overrides: + 'deletion_protection': 'false' + ignore_read_extra: + - 'autogenerate_revision_name' + - name: 'cloud_run_service_noauth' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' + vars: + cloud_run_service_name: 'cloudrun-srv' + test_env_vars: + project: 'PROJECT_NAME' + - name: 'cloud_run_service_multiple_environment_variables' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' + vars: + cloud_run_service_name: 'cloudrun-srv' + test_env_vars: + project: 'PROJECT_NAME' + ignore_read_extra: + - 'autogenerate_revision_name' + exclude_docs: true + - name: 'cloud_run_service_secret_environment_variables' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' + vars: + cloud_run_service_name: 'cloudrun-srv' + secret_id: 'secret' + test_env_vars: + project: 'PROJECT_NAME' + ignore_read_extra: + - 'autogenerate_revision_name' + exclude_docs: true + - name: 'cloud_run_service_secret_volumes' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' + vars: + cloud_run_service_name: 'cloudrun-srv' + secret_id: 'secret' + test_env_vars: + project: 'PROJECT_NAME' + ignore_read_extra: + - 'autogenerate_revision_name' + exclude_docs: true + - name: 'cloud_run_service_probes' + primary_resource_id: 'default' + vars: + cloud_run_service_name: 'cloudrun-srv' + test_env_vars: + project: 'PROJECT_NAME' + - name: 'cloud_run_service_multicontainer' + primary_resource_id: 'default' + min_version: 'beta' + vars: + cloud_run_service_name: 'cloudrun-srv' + test_env_vars: + project: 'PROJECT_NAME' +virtual_fields: + - name: 'autogenerate_revision_name' + description: | + If set to `true`, the revision name (template.metadata.name) will be omitted and + autogenerated by Cloud Run. This cannot be set to `true` while `template.metadata.name` + is also set. + (For legacy support, if `template.metadata.name` is unset in state while + this field is set to false, the revision name will still autogenerate.) + type: Boolean + default_value: false +parameters: + - name: 'location' + type: String + description: The location of the cloud run instance. eg us-central1 + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: |- + Name must be unique within a Google Cloud project and region. + Is required when creating resources. Name is primarily intended + for creation idempotence and configuration definition. Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + # This is a convenience field as terraform expects `name` to be a top level property + url_param_only: true + required: true + immutable: true + - name: 'spec' + type: NestedObject + description: Spec holds the desired state of the Service (from the client). + required: true + flatten_object: true + properties: + - name: 'traffic' + type: Array + description: |- + Traffic specifies how to distribute traffic over a collection of Knative Revisions + and Configurations + default_from_api: true + item_type: + type: NestedObject + properties: + - name: 'revisionName' + type: String + description: |- + RevisionName of a specific revision to which to send this portion of traffic. + - name: 'percent' + type: Integer + description: |- + Percent specifies percent of the traffic to this Revision or Configuration. + required: true + - name: 'tag' + type: String + description: |- + Tag is optionally used to expose a dedicated url for referencing this target exclusively. + - name: 'latestRevision' + type: Boolean + description: |- + LatestRevision may be optionally provided to indicate that the latest ready + Revision of the Configuration should be used for this traffic target. When + provided LatestRevision must be true if RevisionName is empty; it must be + false when RevisionName is non-empty. + - name: 'url' + type: String + description: |- + URL displays the URL for accessing tagged traffic targets. URL is displayed in status, + and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, + but may not contain anything else (e.g. basic auth, url path, etc.) + output: true + - name: 'template' + type: NestedObject + description: |- + template holds the latest specification for the Revision to + be stamped out. The template references the container image, and may also + include labels and annotations that should be attached to the Revision. + To correlate a Revision, and/or to force a Revision to be created when the + spec doesn't otherwise change, a nonce label may be provided in the + template metadata. For more details, see: + https://github.com/knative/serving/blob/main/docs/client-conventions.md#associate-modifications-with-revisions + + Cloud Run does not currently support referencing a build that is + responsible for materializing the container image from source. + properties: + - name: 'metadata' + type: NestedObject + description: |- + Optional metadata for this Revision, including labels and annotations. + Name will be generated by the Configuration. To set minimum instances + for this revision, use the "autoscaling.knative.dev/minScale" annotation + key. To set maximum instances for this revision, use the + "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL + connections for the revision, use the "run.googleapis.com/cloudsql-instances" + annotation key. + default_from_api: true + properties: + - name: 'labels' + type: KeyValuePairs + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + default_from_api: true + diff_suppress_func: 'cloudrunTemplateLabelDiffSuppress' + - name: 'generation' + type: Integer + description: |- + A sequence number representing a specific generation of the desired state. + output: true + - name: 'resourceVersion' + type: String + description: |- + An opaque value that represents the internal version of this object that + can be used by clients to determine when objects have changed. May be used + for optimistic concurrency, change detection, and the watch operation on a + resource or set of resources. They may only be valid for a + particular resource or set of resources. + output: true + - name: 'selfLink' + type: String + description: |- + SelfLink is a URL representing this object. + output: true + - name: 'uid' + type: String + description: |- + UID is a unique id generated by the server on successful creation of a resource and is not + allowed to change on PUT operations. + output: true + - name: 'namespace' + type: String + description: |- + In Cloud Run the namespace must be equal to either the + project ID or project number. It will default to the resource's project. + default_from_api: true + custom_expand: 'templates/terraform/custom_expand/go/default_to_project.go.tmpl' + - name: 'annotations' + type: KeyValuePairs + description: |- + Annotations is a key value map stored with a resource that + may be set by external tools to store and retrieve arbitrary metadata. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + + **Note**: The Cloud Run API may add additional annotations that were not provided in your config. + If terraform plan shows a diff where a server-side annotation is added, you can add it to your config + or apply the lifecycle.ignore_changes rule to the metadata.0.annotations field. + + Annotations with `run.googleapis.com/` and `autoscaling.knative.dev` are restricted. Use the following annotation + keys to configure features on a Revision template: + + - `autoscaling.knative.dev/maxScale` sets the [maximum number of container + instances](https://cloud.google.com/sdk/gcloud/reference/run/deploy#--max-instances) of the Revision to run. + - `autoscaling.knative.dev/minScale` sets the [minimum number of container + instances](https://cloud.google.com/sdk/gcloud/reference/run/deploy#--min-instances) of the Revision to run. + - `run.googleapis.com/client-name` sets the client name calling the Cloud Run API. + - `run.googleapis.com/cloudsql-instances` sets the [Cloud SQL + instances](https://cloud.google.com/sdk/gcloud/reference/run/deploy#--add-cloudsql-instances) the Revision connects to. + - `run.googleapis.com/cpu-throttling` sets whether to throttle the CPU when the container is not actively serving + requests. See https://cloud.google.com/sdk/gcloud/reference/run/deploy#--[no-]cpu-throttling. + - `run.googleapis.com/encryption-key-shutdown-hours` sets the number of hours to wait before an automatic shutdown + server after CMEK key revocation is detected. + - `run.googleapis.com/encryption-key` sets the [CMEK key](https://cloud.google.com/run/docs/securing/using-cmek) + reference to encrypt the container with. + - `run.googleapis.com/execution-environment` sets the [execution + environment](https://cloud.google.com/sdk/gcloud/reference/run/deploy#--execution-environment) + where the application will run. + - `run.googleapis.com/post-key-revocation-action-type` sets the + [action type](https://cloud.google.com/sdk/gcloud/reference/run/deploy#--post-key-revocation-action-type) + after CMEK key revocation. + - `run.googleapis.com/secrets` sets a list of key-value pairs to set as + [secrets](https://cloud.google.com/run/docs/configuring/secrets#yaml). + - `run.googleapis.com/sessionAffinity` sets whether to enable + [session affinity](https://cloud.google.com/sdk/gcloud/reference/beta/run/deploy#--[no-]session-affinity) + for connections to the Revision. + - `run.googleapis.com/startup-cpu-boost` sets whether to allocate extra CPU to containers on startup. + See https://cloud.google.com/sdk/gcloud/reference/run/deploy#--[no-]cpu-boost. + - `run.googleapis.com/vpc-access-connector` sets a [VPC connector](https://cloud.google.com/run/docs/configuring/connecting-vpc#terraform_1) + for the Revision. + - `run.googleapis.com/vpc-access-egress` sets the outbound traffic to send through the VPC connector for this resource. + See https://cloud.google.com/sdk/gcloud/reference/run/deploy#--vpc-egress. + default_from_api: true + diff_suppress_func: 'cloudrunTemplateAnnotationDiffSuppress' + - name: 'name' + type: String + description: |- + Name must be unique within a Google Cloud project and region. + Is required when creating resources. Name is primarily intended + for creation idempotence and configuration definition. Cannot be updated. + default_from_api: true + custom_expand: 'templates/terraform/custom_expand/go/cloud_run_service_revision_name.tmpl' + - name: 'spec' + type: NestedObject + description: + RevisionSpec holds the desired state of the Revision (from the + client). + required: true + default_from_api: true + properties: + - name: 'containers' + type: Array + description: |- + Containers defines the unit of execution for this Revision. + required: true + default_from_api: true + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: Name of the container + default_from_api: true + - name: 'workingDir' + type: String + description: |- + Container's working directory. + If not specified, the container runtime's default will be used, which + might be configured in the container image. + immutable: true + deprecation_message: '`working_dir` is deprecated and will be removed in a future major release. This field is not supported by the Cloud Run API.' + - name: 'args' + type: Array + description: |- + Arguments to the entrypoint. + The docker image's CMD is used if this is not provided. + item_type: + type: String + - name: 'envFrom' + type: Array + description: |- + List of sources to populate environment variables in the container. + All invalid keys will be reported as an event when the container is starting. + When a key exists in multiple sources, the value associated with the last source will + take precedence. Values defined by an Env with a duplicate key will take + precedence. + immutable: true + deprecation_message: '`env_from` is deprecated and will be removed in a future major release. This field is not supported by the Cloud Run API.' + item_type: + type: NestedObject + properties: + - name: 'prefix' + type: String + description: |- + An optional identifier to prepend to each key in the ConfigMap. + - name: 'configMapRef' + type: NestedObject + description: |- + The ConfigMap to select from. + properties: + - name: 'optional' + type: Boolean + description: |- + Specify whether the ConfigMap must be defined + - name: 'localObjectReference' + type: NestedObject + description: The ConfigMap to select from. + properties: + - name: 'name' + type: String + description: |- + Name of the referent. + required: true + - name: 'secretRef' + type: NestedObject + description: |- + The Secret to select from. + properties: + - name: 'localObjectReference' + type: NestedObject + description: The Secret to select from. + properties: + - name: 'name' + type: String + description: |- + Name of the referent. + required: true + - name: 'optional' + type: Boolean + description: |- + Specify whether the Secret must be defined + - name: 'image' + type: String + description: |- + Docker image name. This is most often a reference to a container located + in the container registry, such as gcr.io/cloudrun/hello + required: true + - name: 'command' + type: Array + description: |- + Entrypoint array. Not executed within a shell. + The docker image's ENTRYPOINT is used if this is not provided. + item_type: + type: String + - name: 'env' + type: Array + description: |- + List of environment variables to set in the container. + is_set: true + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: Name of the environment variable. + - name: 'value' + type: String + description: |- + Defaults to "". + - name: 'valueFrom' + type: NestedObject + description: |- + Source for the environment variable's value. Only supports secret_key_ref. + properties: + - name: 'secretKeyRef' + type: NestedObject + description: |- + Selects a key (version) of a secret in Secret Manager. + required: true + properties: + - name: 'key' + type: String + description: |- + A Cloud Secret Manager secret version. Must be 'latest' for the latest + version or an integer for a specific version. + required: true + - name: 'name' + type: String + description: |- + The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. + If the secret is in another project, you must define an alias. + An alias definition has the form: :projects/{project-id|project-number}/secrets/. + If multiple alias definitions are needed, they must be separated by commas. + The alias definitions must be set on the run.googleapis.com/secrets annotation. + required: true + - name: 'ports' + type: Array + description: |- + List of open ports in the container. + default_from_api: true + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: + If specified, used to specify which protocol to + use. Allowed values are "http1" (HTTP/1) and "h2c" + (HTTP/2 end-to-end). Defaults to "http1". + default_from_api: true + - name: 'protocol' + type: String + description: + Protocol for port. Must be "TCP". Defaults to + "TCP". + - name: 'containerPort' + type: Integer + description: + Port number the container listens on. This must be + a valid port number (between 1 and 65535). + Defaults to "8080". + - name: 'resources' + type: NestedObject + description: |- + Compute Resources required by this container. Used to set values such as max memory + default_from_api: true + properties: + - name: 'limits' + type: KeyValuePairs + description: |- + Limits describes the maximum amount of compute resources allowed. + The values of the map is string form of the 'quantity' k8s type: + https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go + default_from_api: true + - name: 'requests' + type: KeyValuePairs + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined value. + The values of the map is string form of the 'quantity' k8s type: + https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go + - name: 'volumeMounts' + type: Array + description: |- + Volume to mount into the container's filesystem. + Only supports SecretVolumeSources. + item_type: + type: NestedObject + properties: + - name: 'mountPath' + type: String + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + required: true + - name: 'name' + type: String + description: |- + This must match the Name of a Volume. + required: true + - name: 'startupProbe' + type: NestedObject + description: |- + Startup probe of application within the container. + All other probes are disabled if a startup probe is provided, until it + succeeds. Container will not be added to service endpoints if the probe fails. + default_from_api: true + properties: + - name: 'initialDelaySeconds' + type: Integer + description: |- + Number of seconds after the container has started before the probe is + initiated. + Defaults to 0 seconds. Minimum value is 0. Maximum value is 240. + default_value: 0 + - name: 'timeoutSeconds' + type: Integer + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. Maximum value is 3600. + Must be smaller than periodSeconds. + default_value: 1 + - name: 'periodSeconds' + type: Integer + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. Maximum value is 240. + default_value: 10 + - name: 'failureThreshold' + type: Integer + description: |- + Minimum consecutive failures for the probe to be considered failed after + having succeeded. Defaults to 3. Minimum value is 1. + default_value: 3 + - name: 'tcpSocket' + type: NestedObject + description: |- + TcpSocket specifies an action involving a TCP port. + send_empty_value: true + allow_empty_object: true + exactly_one_of: + - 'template.0.spec.0.containers.0.startup_probe.0.tcp_socket' + - 'template.0.spec.0.containers.0.startup_probe.0.http_get' + - 'template.0.spec.0.containers.0.startup_probe.0.grpc' + properties: + - name: 'port' + type: Integer + description: |- + Port number to access on the container. Number must be in the range 1 to 65535. + If not specified, defaults to the same value as container.ports[0].containerPort. + default_from_api: true + - name: 'httpGet' + type: NestedObject + description: |- + HttpGet specifies the http request to perform. + send_empty_value: true + allow_empty_object: true + exactly_one_of: + - 'template.0.spec.0.containers.0.startup_probe.0.tcp_socket' + - 'template.0.spec.0.containers.0.startup_probe.0.http_get' + - 'template.0.spec.0.containers.0.startup_probe.0.grpc' + properties: + - name: 'path' + type: String + description: |- + Path to access on the HTTP server. If set, it should not be empty string. + default_value: "/" + - name: 'port' + type: Integer + description: |- + Port number to access on the container. Number must be in the range 1 to 65535. + If not specified, defaults to the same value as container.ports[0].containerPort. + default_from_api: true + - name: 'httpHeaders' + type: Array + description: |- + Custom headers to set in the request. HTTP allows repeated headers. + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: |- + The header field name. + required: true + - name: 'value' + type: String + description: |- + The header field value. + send_empty_value: true + default_value: "" + - name: 'grpc' + type: NestedObject + description: |- + GRPC specifies an action involving a GRPC port. + send_empty_value: true + allow_empty_object: true + exactly_one_of: + - 'template.0.spec.0.containers.0.startup_probe.0.tcp_socket' + - 'template.0.spec.0.containers.0.startup_probe.0.http_get' + - 'template.0.spec.0.containers.0.startup_probe.0.grpc' + properties: + - name: 'port' + type: Integer + description: |- + Port number to access on the container. Number must be in the range 1 to 65535. + If not specified, defaults to the same value as container.ports[0].containerPort. + default_from_api: true + - name: 'service' + type: String + description: |- + The name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + If this is not specified, the default behavior is defined by gRPC. + - name: 'livenessProbe' + type: NestedObject + description: |- + Periodic probe of container liveness. Container will be restarted if the probe fails. + properties: + - name: 'initialDelaySeconds' + type: Integer + description: |- + Number of seconds after the container has started before the probe is + initiated. + Defaults to 0 seconds. Minimum value is 0. Maximum value is 3600. + default_value: 0 + - name: 'timeoutSeconds' + type: Integer + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. Maximum value is 3600. + Must be smaller than period_seconds. + default_value: 1 + - name: 'periodSeconds' + type: Integer + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. Maximum value is 3600. + default_value: 10 + - name: 'failureThreshold' + type: Integer + description: |- + Minimum consecutive failures for the probe to be considered failed after + having succeeded. Defaults to 3. Minimum value is 1. + default_value: 3 + - name: 'httpGet' + type: NestedObject + description: |- + HttpGet specifies the http request to perform. + send_empty_value: true + allow_empty_object: true + exactly_one_of: + - 'template.0.spec.0.containers.0.liveness_probe.0.http_get' + - 'template.0.spec.0.containers.0.liveness_probe.0.grpc' + properties: + - name: 'path' + type: String + description: |- + Path to access on the HTTP server. If set, it should not be empty string. + default_value: "/" + - name: 'port' + type: Integer + description: |- + Port number to access on the container. Number must be in the range 1 to 65535. + If not specified, defaults to the same value as container.ports[0].containerPort. + default_from_api: true + - name: 'httpHeaders' + type: Array + description: |- + Custom headers to set in the request. HTTP allows repeated headers. + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: |- + The header field name. + required: true + - name: 'value' + type: String + description: |- + The header field value. + send_empty_value: true + default_value: "" + - name: 'grpc' + type: NestedObject + description: |- + GRPC specifies an action involving a GRPC port. + send_empty_value: true + allow_empty_object: true + exactly_one_of: + - 'template.0.spec.0.containers.0.liveness_probe.0.http_get' + - 'template.0.spec.0.containers.0.liveness_probe.0.grpc' + properties: + - name: 'port' + type: Integer + description: |- + Port number to access on the container. Number must be in the range 1 to 65535. + If not specified, defaults to the same value as container.ports[0].containerPort. + default_from_api: true + - name: 'service' + type: String + description: |- + The name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + If this is not specified, the default behavior is defined by gRPC. + - name: 'nodeSelector' + type: KeyValuePairs + description: |- + Node Selector describes the hardware requirements of the resources. + Use the following node selector keys to configure features on a Revision: + - `run.googleapis.com/accelerator` sets the [type of GPU](https://cloud.google.com/run/docs/configuring/services/gpu) required by the Revision to run. + min_version: 'beta' + - name: 'containerConcurrency' + type: Integer + description: |- + ContainerConcurrency specifies the maximum allowed in-flight (concurrent) + requests per container of the Revision. If not specified or 0, defaults to 80 when + requested CPU >= 1 and defaults to 1 when requested CPU < 1. + default_from_api: true + - name: 'timeoutSeconds' + type: Integer + description: |- + TimeoutSeconds holds the max duration the instance is allowed for responding to a request. + default_from_api: true + - name: 'serviceAccountName' + type: String + description: |- + Email address of the IAM service account associated with the revision of the + service. The service account represents the identity of the running revision, + and determines what permissions the revision has. If not provided, the revision + will use the project's default service account. + default_from_api: true + - name: 'volumes' + type: Array + description: |- + Volume represents a named volume in a container. + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: |- + Volume's name. + required: true + - name: 'secret' + type: NestedObject + description: |- + The secret's value will be presented as the content of a file whose + name is defined in the item path. If no items are defined, the name of + the file is the secret_name. + properties: + - name: 'secretName' + type: String + description: |- + The name of the secret in Cloud Secret Manager. By default, the secret + is assumed to be in the same project. + If the secret is in another project, you must define an alias. + An alias definition has the form: + {alias}:projects/{project-id|project-number}/secrets/{secret-name}. + If multiple alias definitions are needed, they must be separated by + commas. + The alias definitions must be set on the run.googleapis.com/secrets + annotation. + required: true + - name: 'defaultMode' + type: Integer + description: |- + Mode bits to use on created files by default. Must be a value between 0000 + and 0777. Defaults to 0644. Directories within the path are not affected by + this setting. This might be in conflict with other options that affect the + file mode, like fsGroup, and the result can be other mode bits set. + - name: 'items' + type: Array + description: |- + If unspecified, the volume will expose a file whose name is the + secret_name. + If specified, the key will be used as the version to fetch from Cloud + Secret Manager and the path will be the name of the file exposed in the + volume. When items are defined, they must specify a key and a path. + item_type: + type: NestedObject + properties: + - name: 'key' + type: String + description: |- + The Cloud Secret Manager secret version. + Can be 'latest' for the latest value or an integer for a specific version. + required: true + - name: 'path' + type: String + description: |- + The relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. + required: true + - name: 'mode' + type: Integer + description: |- + Mode bits to use on this file, must be a value between 0000 and 0777. If + not specified, the volume defaultMode will be used. This might be in + conflict with other options that affect the file mode, like fsGroup, and + the result can be other mode bits set. + - name: 'emptyDir' + type: NestedObject + description: |- + Ephemeral storage which can be backed by real disks (HD, SSD), network storage or memory (i.e. tmpfs). For now only in memory (tmpfs) is supported. It is ephemeral in the sense that when the sandbox is taken down, the data is destroyed with it (it does not persist across sandbox runs). + min_version: 'beta' + properties: + - name: 'medium' + type: String + description: |- + The medium on which the data is stored. The default is "" which means to use the node's default medium. Must be an empty string (default) or Memory. + - name: 'sizeLimit' + type: String + description: |- + Limit on the storage usable by this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. This field's values are of the 'Quantity' k8s type: https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/quantity/. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir. + - name: 'csi' + type: NestedObject + description: |- + A filesystem specified by the Container Storage Interface (CSI). + properties: + - name: 'driver' + type: String + description: |- + Unique name representing the type of file system to be created. Cloud Run supports the following values: + * gcsfuse.run.googleapis.com: Mount a Google Cloud Storage bucket using GCSFuse. This driver requires the + run.googleapis.com/execution-environment annotation to be unset or set to "gen2" + required: true + - name: 'readOnly' + type: Boolean + description: |- + If true, all mounts created from this volume will be read-only. + default_from_api: true + - name: 'volumeAttributes' + type: KeyValuePairs + description: |- + Driver-specific attributes. The following options are supported for available drivers: + * gcsfuse.run.googleapis.com + * bucketName: The name of the Cloud Storage Bucket that backs this volume. The Cloud Run Service identity must have access to this bucket. + - name: 'nfs' + type: NestedObject + description: |- + A filesystem backed by a Network File System share. This filesystem requires the + run.googleapis.com/execution-environment annotation to be unset or set to "gen2" + properties: + - name: 'server' + type: String + description: |- + IP address or hostname of the NFS server + required: true + - name: 'path' + type: String + description: |- + Path exported by the NFS server + required: true + - name: 'readOnly' + type: Boolean + description: |- + If true, mount the NFS volume as read only in all mounts. Defaults to false. + - name: 'servingState' + type: Enum + description: |- + ServingState holds a value describing the state the resources + are in for this Revision. + It is expected + that the system will manipulate this based on routability and load. + output: true + deprecation_message: '`serving_state` is deprecated and will be removed in a future major release. This field is not supported by the Cloud Run API.' + enum_values: + - 'ACTIVE' + - 'RESERVE' + - 'RETIRED' + - name: 'status' + type: NestedObject + description: The current status of the Service. + output: true + properties: + - name: 'conditions' + type: Array + description: |- + Array of observed Service Conditions, indicating the current ready state of the service. + output: true + item_type: + type: NestedObject + properties: + - name: 'message' + type: String + description: |- + Human readable message indicating details about the current status. + output: true + - name: 'status' + type: String + description: Status of the condition, one of True, False, Unknown. + output: true + - name: 'reason' + type: String + description: |- + One-word CamelCase reason for the condition's current status. + output: true + - name: 'type' + type: String + description: Type of domain mapping condition. + output: true + - name: 'url' + type: String + description: |- + From RouteStatus. URL holds the url that will distribute traffic over the provided traffic + targets. It generally has the form + https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app + output: true + - name: 'observedGeneration' + type: Integer + description: |- + ObservedGeneration is the 'Generation' of the Route that was last processed by the + controller. + + Clients polling for completed reconciliation should poll until observedGeneration = + metadata.generation and the Ready condition's status is True or False. + output: true + - name: 'latestCreatedRevisionName' + type: String + description: |- + From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created + from this Service's Configuration. It might not be ready yet, for that use + LatestReadyRevisionName. + output: true + - name: 'latestReadyRevisionName' + type: String + description: |- + From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision + stamped out from this Service's Configuration that has had its "Ready" condition become + "True". + output: true + - name: 'traffic' + type: Array + description: |- + Traffic specifies how to distribute traffic over a collection of Knative Revisions + and Configurations + output: true + item_type: + type: NestedObject + properties: + - name: 'revisionName' + type: String + description: |- + RevisionName of a specific revision to which to send this portion of traffic. + output: true + - name: 'percent' + type: Integer + description: |- + Percent specifies percent of the traffic to this Revision or Configuration. + output: true + - name: 'tag' + type: String + description: |- + Tag is optionally used to expose a dedicated url for referencing this target exclusively. + output: true + - name: 'latestRevision' + type: Boolean + description: |- + LatestRevision may be optionally provided to indicate that the latest ready + Revision of the Configuration should be used for this traffic target. When + provided LatestRevision must be true if RevisionName is empty; it must be + false when RevisionName is non-empty. + output: true + - name: 'url' + type: String + description: |- + URL displays the URL for accessing tagged traffic targets. URL is displayed in status, + and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, + but may not contain anything else (e.g. basic auth, url path, etc.) + + output: true + - name: 'metadata' + type: NestedObject + description: |- + Metadata associated with this Service, including name, namespace, labels, + and annotations. + required: false + default_from_api: true + properties: + - name: 'labels' + type: KeyValueLabels + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and routes. + - name: 'generation' + type: Integer + description: |- + A sequence number representing a specific generation of the desired state. + output: true + - name: 'resourceVersion' + type: String + description: |- + An opaque value that represents the internal version of this object that + can be used by clients to determine when objects have changed. May be used + for optimistic concurrency, change detection, and the watch operation on a + resource or set of resources. They may only be valid for a + particular resource or set of resources. + output: true + - name: 'selfLink' + type: String + description: |- + SelfLink is a URL representing this object. + output: true + - name: 'uid' + type: String + description: |- + UID is a unique id generated by the server on successful creation of a resource and is not + allowed to change on PUT operations. + output: true + - name: 'namespace' + type: String + description: |- + In Cloud Run the namespace must be equal to either the + project ID or project number. + required: false + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/go/set_to_project.go.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/default_to_project.go.tmpl' + - name: 'annotations' + type: KeyValueAnnotations + description: |- + Annotations is a key value map stored with a resource that + may be set by external tools to store and retrieve arbitrary metadata. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + + **Note**: The Cloud Run API may add additional annotations that were not provided in your config. + If terraform plan shows a diff where a server-side annotation is added, you can add it to your config + or apply the lifecycle.ignore_changes rule to the metadata.0.annotations field. + + Annotations with `run.googleapis.com/` and `autoscaling.knative.dev` are restricted. Use the following annotation + keys to configure features on a Service: + + - `run.googleapis.com/binary-authorization-breakglass` sets the [Binary Authorization breakglass](https://cloud.google.com/sdk/gcloud/reference/run/deploy#--breakglass). + - `run.googleapis.com/binary-authorization` sets the [Binary Authorization](https://cloud.google.com/sdk/gcloud/reference/run/deploy#--binary-authorization). + - `run.googleapis.com/client-name` sets the client name calling the Cloud Run API. + - `run.googleapis.com/custom-audiences` sets the [custom audiences](https://cloud.google.com/sdk/gcloud/reference/alpha/run/deploy#--add-custom-audiences) + that can be used in the audience field of ID token for authenticated requests. + - `run.googleapis.com/description` sets a user defined description for the Service. + - `run.googleapis.com/ingress` sets the [ingress settings](https://cloud.google.com/sdk/gcloud/reference/run/deploy#--ingress) + for the Service. For example, `"run.googleapis.com/ingress" = "all"`. + - `run.googleapis.com/launch-stage` sets the [launch stage](https://cloud.google.com/run/docs/troubleshooting#launch-stage-validation) + when a preview feature is used. For example, `"run.googleapis.com/launch-stage": "BETA"` diff --git a/mmv1/products/cloudrun/go_product.yaml b/mmv1/products/cloudrun/go_product.yaml new file mode 100644 index 000000000000..8df4333f2bca --- /dev/null +++ b/mmv1/products/cloudrun/go_product.yaml @@ -0,0 +1,48 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +<<<<<<<< HEAD:mmv1/products/cloudrun/go_product.yaml +name: 'CloudRun' +display_name: 'Cloud Run' +versions: + - name: 'ga' + base_url: 'https://{{location}}-run.googleapis.com/' + cai_base_url: 'https://run.googleapis.com/v1/' + - name: 'beta' + base_url: 'https://{{location}}-run.googleapis.com/' + cai_base_url: 'https://run.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' +======== +name: 'ApiGateway' +display_name: 'API Gateway' +versions: + - name: 'beta' + base_url: 'https://apigateway.googleapis.com/v1beta/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' +async: + type: "OpAsync" + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +>>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856:mmv1/products/apigateway/product.yaml diff --git a/mmv1/products/cloudrun/product.yaml b/mmv1/products/cloudrun/product.yaml index d6f93af70b97..37ea1a49aad9 100644 --- a/mmv1/products/cloudrun/product.yaml +++ b/mmv1/products/cloudrun/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2019 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,7 +15,33 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: CloudRun +display_name: Cloud Run +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://{{location}}-run.googleapis.com/ + cai_base_url: https://run.googleapis.com/v1/ + - !ruby/object:Api::Product::Version + name: beta + base_url: https://{{location}}-run.googleapis.com/ + cai_base_url: https://run.googleapis.com/v1/ +scopes: + - https://www.googleapis.com/auth/cloud-platform +======= +# Warning: This is a temporary file, and should not be edited directly --- +<<<<<<<< HEAD:mmv1/products/bigqueryanalyticshub/go_product.yaml +name: 'BigqueryAnalyticsHub' +display_name: 'Bigquery Analytics Hub' +versions: + - name: 'beta' + base_url: 'https://analyticshub.googleapis.com/v1/' + - name: 'ga' + base_url: 'https://analyticshub.googleapis.com/v1/' +======== name: 'CloudRun' display_name: 'Cloud Run' versions: @@ -21,5 +51,7 @@ versions: - name: 'beta' base_url: 'https://{{location}}-run.googleapis.com/' cai_base_url: 'https://run.googleapis.com/v1/' +>>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856:mmv1/products/cloudrun/product.yaml scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/cloudrunv2/Job.yaml b/mmv1/products/cloudrunv2/Job.yaml index eabf9ef75099..26a8168d7285 100644 --- a/mmv1/products/cloudrunv2/Job.yaml +++ b/mmv1/products/cloudrunv2/Job.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,67 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Job' +base_url: projects/{{project}}/locations/{{location}}/jobs +self_link: projects/{{project}}/locations/{{location}}/jobs/{{name}} +create_url: projects/{{project}}/locations/{{location}}/jobs?jobId={{name}} +update_verb: :PATCH +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/run/docs/' + api: 'https://cloud.google.com/run/docs/reference/rest/v2/projects.locations.jobs' +description: | + A Cloud Run Job resource that references a container image which is run to completion. +taint_resource_on_failed_create: true +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +iam_policy: !ruby/object:Api::Resource::IamPolicy + method_name_separator: ':' + parent_resource_attribute: 'name' + base_url: projects/{{project}}/locations/{{location}}/jobs/{{name}} + import_format: + ['projects/{{project}}/locations/{{location}}/jobs/{{name}}', '{{name}}'] +id_format: 'projects/{{project}}/locations/{{location}}/jobs/{{name}}' +import_format: ['projects/{{project}}/locations/{{location}}/jobs/{{name}}'] +autogen_async: true +virtual_fields: + - !ruby/object:Api::Type::Boolean + name: 'deletion_protection' + default_value: true + description: | + Whether Terraform will be prevented from destroying the job. Defaults to true. + When a`terraform destroy` or `terraform apply` would delete the job, + the command will fail if this field is not set to false in Terraform state. + When the field is set to true or unset in Terraform state, a `terraform apply` + or `terraform destroy` that would delete the job will fail. + When the field is set to false, deleting the job is allowed. +custom_code: !ruby/object:Provider::Terraform::CustomCode + pre_delete: 'templates/terraform/pre_delete/cloudrunv2_job_deletion_policy.go.erb' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'cloudrunv2_job_basic' + primary_resource_id: 'default' + primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-job%s\", + context[\"random_suffix\"\ + ])" +======= --- name: 'Job' description: | @@ -60,25 +125,53 @@ examples: - name: 'cloudrunv2_job_basic' primary_resource_id: 'default' primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-job%s", context["random_suffix"])' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: cloud_run_job_name: 'cloudrun-job' ignore_read_extra: - 'deletion_protection' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'cloudrunv2_job_limits' +======= - name: 'cloudrunv2_job_limits' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: cloud_run_job_name: 'cloudrun-job' ignore_read_extra: - 'deletion_protection' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'cloudrunv2_job_sql' + primary_resource_id: 'default' + primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-srv%s\", + context[\"random_suffix\"\ + ])" +======= - name: 'cloudrunv2_job_sql' primary_resource_id: 'default' primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: cloud_run_job_name: 'cloudrun-job' secret_id: 'secret' cloud_run_sql_name: 'cloudrun-sql' deletion_protection: 'true' test_vars_overrides: +<<<<<<< HEAD + deletion_protection: 'false' + oics_vars_overrides: + deletion_protection: 'false' + ignore_read_extra: + - 'deletion_protection' + - !ruby/object:Provider::Terraform::Examples + name: 'cloudrunv2_job_vpcaccess' + primary_resource_id: 'default' + primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-srv%s\", + context[\"random_suffix\"\ + ])" +======= 'deletion_protection': 'false' oics_vars_overrides: 'deletion_protection': 'false' @@ -87,6 +180,7 @@ examples: - name: 'cloudrunv2_job_vpcaccess' primary_resource_id: 'default' primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: cloud_run_job_name: 'cloudrun-job' vpc_access_connector_name: 'run-vpc' @@ -94,37 +188,104 @@ examples: compute_network_name: 'run-network' ignore_read_extra: - 'deletion_protection' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'cloudrunv2_job_directvpc' + primary_resource_id: 'default' + primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-job%s\", context[\"random_suffix\"\ + ])" +======= - name: 'cloudrunv2_job_directvpc' primary_resource_id: 'default' primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-job%s", context["random_suffix"])' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: cloud_run_job_name: 'cloudrun-job' ignore_read_extra: - 'deletion_protection' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'cloudrunv2_job_secret' + primary_resource_id: 'default' + primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-srv%s\", + context[\"random_suffix\"\ + ])" +======= - name: 'cloudrunv2_job_secret' primary_resource_id: 'default' primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: cloud_run_job_name: 'cloudrun-job' secret_id: 'secret' ignore_read_extra: - 'deletion_protection' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'cloudrunv2_job_emptydir' + min_version: 'beta' + primary_resource_id: 'default' + primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-job%s\", context[\"random_suffix\"\ + ])" +======= - name: 'cloudrunv2_job_emptydir' primary_resource_id: 'default' primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-job%s", context["random_suffix"])' min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: cloud_run_job_name: 'cloudrun-job' ignore_read_extra: - 'deletion_protection' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'cloudrunv2_job_run_job' + min_version: beta + primary_resource_id: 'default' + primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-job%s\", context[\"random_suffix\"\ + ])" +======= - name: 'cloudrunv2_job_run_job' primary_resource_id: 'default' primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-job%s", context["random_suffix"])' min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: cloud_run_job_name: 'cloudrun-job' ignore_read_extra: - 'deletion_protection' +<<<<<<< HEAD +parameters: + - !ruby/object:Api::Type::String + name: 'location' + required: true + immutable: true + url_param_only: true + description: The location of the cloud run job +properties: + - !ruby/object:Api::Type::String + name: 'name' + required: true + immutable: true + url_param_only: true + description: | + Name of the Job. + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + custom_expand: templates/terraform/custom_expand/resource_from_self_link.go.erb + custom_flatten: templates/terraform/custom_flatten/name_from_self_link.erb + - !ruby/object:Api::Type::String + name: 'uid' + output: true + description: | + Server assigned unique identifier for the Execution. The value is a UUID4 string and guaranteed to remain unchanged until the resource is deleted. + - !ruby/object:Api::Type::String + name: 'generation' + output: true + description: | + A number that monotonically increases every time the user modifies the desired state. + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' +======= virtual_fields: - name: 'deletion_protection' description: | @@ -166,14 +327,20 @@ properties: output: true - name: 'labels' type: KeyValueLabels +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Unstructured key value map that can be used to organize and categorize objects. User-provided labels are shared with Google's billing system, so they can be used to filter, or break down billing charges by team, component, environment, state, etc. For more information, visit https://cloud.google.com/resource-manager/docs/creating-managing-labels or https://cloud.google.com/run/docs/configuring/labels. Cloud Run API v2 does not support labels with `run.googleapis.com`, `cloud.googleapis.com`, `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and they will be rejected. All system labels in v1 now have a corresponding field in v2 Job. +<<<<<<< HEAD + - !ruby/object:Api::Type::KeyValueAnnotations + name: 'annotations' +======= - name: 'annotations' type: KeyValueAnnotations +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Unstructured key value map that may be set by external tools to store and arbitrary metadata. They are not queryable and should be preserved when modifying objects. @@ -181,6 +348,48 @@ properties: All system annotations in v1 now have a corresponding field in v2 Job. This field follows Kubernetes annotations' namespacing, limits, and rules. +<<<<<<< HEAD + - !ruby/object:Api::Type::Time + name: 'createTime' + output: true + description: |- + The creation time. + - !ruby/object:Api::Type::Time + name: 'updateTime' + output: true + description: |- + The last-modified time. + - !ruby/object:Api::Type::Time + name: 'deleteTime' + output: true + description: |- + The deletion time. + - !ruby/object:Api::Type::Time + name: 'expireTime' + output: true + description: |- + For a deleted resource, the time after which it will be permamently deleted. + - !ruby/object:Api::Type::String + name: 'creator' + output: true + description: |- + Email address of the authenticated creator. + - !ruby/object:Api::Type::String + name: 'lastModifier' + output: true + description: |- + Email address of the last authenticated modifier. + - !ruby/object:Api::Type::String + name: 'client' + description: | + Arbitrary identifier for the API client. + - !ruby/object:Api::Type::String + name: 'clientVersion' + description: | + Arbitrary version identifier for the API client. + - !ruby/object:Api::Type::Enum + name: 'launchStage' +======= - name: 'createTime' type: Time description: |- @@ -221,11 +430,34 @@ properties: Arbitrary version identifier for the API client. - name: 'launchStage' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The launch stage as defined by [Google Cloud Platform Launch Stages](https://cloud.google.com/products#product-launch-stages). Cloud Run supports ALPHA, BETA, and GA. If no value is specified, GA is assumed. Set the launch stage to a preview stage on input to allow use of preview features in that stage. On read (or output), describes whether the resource uses preview features. For example, if ALPHA is provided as input, but only BETA and GA-level features are used, this field will be BETA on output. +<<<<<<< HEAD + values: + - :UNIMPLEMENTED + - :PRELAUNCH + - :EARLY_ACCESS + - :ALPHA + - :BETA + - :GA + - :DEPRECATED + default_from_api: true + - !ruby/object:Api::Type::NestedObject + name: 'binaryAuthorization' + description: | + Settings for the Binary Authorization feature. + properties: + - !ruby/object:Api::Type::String + name: 'breakglassJustification' + description: | + If present, indicates to use Breakglass using this justification. If useDefault is False, then it must be empty. For more information on breakglass, see https://cloud.google.com/binary-authorization/docs/using-breakglass + - !ruby/object:Api::Type::Boolean + name: 'useDefault' +======= default_from_api: true enum_values: - 'UNIMPLEMENTED' @@ -246,16 +478,48 @@ properties: If present, indicates to use Breakglass using this justification. If useDefault is False, then it must be empty. For more information on breakglass, see https://cloud.google.com/binary-authorization/docs/using-breakglass - name: 'useDefault' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If True, indicates to use the default project's binary authorization policy. If False, binary authorization will be disabled. conflicts: - policy +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'policy' +======= - name: 'policy' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The path to a binary authorization policy. Format: projects/{project}/platforms/cloudRun/{policy-name} conflicts: - use_default +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'startExecutionToken' + description: |- + A unique string used as a suffix creating a new execution upon job create or update. The Job will become ready when the execution is successfully started. + The sum of job name and token length must be fewer than 63 characters. + conflicts: + - run_execution_token + min_version: beta + - !ruby/object:Api::Type::String + name: 'runExecutionToken' + description: |- + A unique string used as a suffix creating a new execution upon job create or update. The Job will become ready when the execution is successfully completed. + The sum of job name and token length must be fewer than 63 characters. + conflicts: + - start_execution_token + min_version: beta + - !ruby/object:Api::Type::NestedObject + name: 'template' + required: true + description: | + The template used to create executions for this Job. + properties: + - !ruby/object:Api::Type::KeyValuePairs + name: 'labels' +======= - name: 'startExecutionToken' type: String description: |- @@ -280,6 +544,7 @@ properties: properties: - name: 'labels' type: KeyValuePairs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Unstructured key value map that can be used to organize and categorize objects. User-provided labels are shared with Google's billing system, so they can be used to filter, or break down billing charges by team, component, environment, state, etc. For more information, visit https://cloud.google.com/resource-manager/docs/creating-managing-labels or @@ -287,8 +552,13 @@ properties: Cloud Run API v2 does not support labels with `run.googleapis.com`, `cloud.googleapis.com`, `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and they will be rejected. All system labels in v1 now have a corresponding field in v2 ExecutionTemplate. +<<<<<<< HEAD + - !ruby/object:Api::Type::KeyValuePairs + name: 'annotations' +======= - name: 'annotations' type: KeyValuePairs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Unstructured key value map that may be set by external tools to store and arbitrary metadata. They are not queryable and should be preserved when modifying objects. @@ -296,6 +566,64 @@ properties: All system annotations in v1 now have a corresponding field in v2 ExecutionTemplate. This field follows Kubernetes annotations' namespacing, limits, and rules. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'parallelism' + description: |- + Specifies the maximum desired number of tasks the execution should run at given time. Must be <= taskCount. When the job is run, if this field is 0 or unset, the maximum possible value will be used for that execution. The actual number of tasks running in steady state will be less than this number when there are fewer tasks waiting to be completed remaining, i.e. when the work left to do is less than max parallelism. + default_from_api: true + - !ruby/object:Api::Type::Integer + name: 'taskCount' + description: |- + Specifies the desired number of tasks the execution should run. Setting to 1 means that parallelism is limited to 1 and the success of that task signals the success of the execution. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ + default_from_api: true + - !ruby/object:Api::Type::NestedObject + name: 'template' + required: true + description: | + Describes the task(s) that will be created when executing an execution + properties: + - !ruby/object:Api::Type::Array + name: 'containers' + description: |- + Holds the single container that defines the unit of execution for this task. + default_from_api: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + description: |- + Name of the container specified as a DNS_LABEL. + - !ruby/object:Api::Type::String + name: 'image' + required: true + description: |- + URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images + - !ruby/object:Api::Type::Array + name: 'command' + description: |- + Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'args' + description: |- + Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references are not supported in Cloud Run. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'env' + description: |- + List of environment variables to set in the container. + is_set: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + required: true + description: |- + Name of the environment variable. Must be a C_IDENTIFIER, and mnay not exceed 32768 characters. + - !ruby/object:Api::Type::String + name: 'value' +======= - name: 'parallelism' type: Integer description: |- @@ -356,19 +684,44 @@ properties: required: true - name: 'value' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Literal value of the environment variable. Defaults to "" and the maximum allowed length is 32768 characters. Variable references are not supported in Cloud Run. # exactly_one_of: # - template.0.template.0.containers.0.env.0.value # - template.0.template.0.containers.0.env.0.valueSource +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'valueSource' +======= - name: 'valueSource' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Source for the environment variable's value. # exactly_one_of: # - template.0.template.0.containers.0.env.0.value # - template.0.template.0.containers.0.env.0.valueSource properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'secretKeyRef' + description: |- + Selects a secret and a specific version from Cloud Secret Manager. + properties: + - !ruby/object:Api::Type::String + name: 'secret' + required: true + description: |- + The name of the secret in Cloud Secret Manager. Format: {secretName} if the secret is in the same project. projects/{project}/secrets/{secretName} if the secret is in a different project. + - !ruby/object:Api::Type::String + name: 'version' + required: true + description: |- + The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. + - !ruby/object:Api::Type::NestedObject + name: 'resources' +======= - name: 'secretKeyRef' type: NestedObject description: |- @@ -386,10 +739,20 @@ properties: required: true - name: 'resources' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Compute Resource requirements by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources default_from_api: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::KeyValuePairs + name: 'limits' + description: |- + Only memory and CPU are supported. Use key `cpu` for CPU limit and `memory` for memory limit. Note: The only supported values for CPU are '1', '2', '4', and '8'. Setting 4 CPU requires at least 2Gi of memory. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go + default_from_api: true + - !ruby/object:Api::Type::Array + name: 'ports' +======= - name: 'limits' type: KeyValuePairs description: |- @@ -397,10 +760,56 @@ properties: default_from_api: true - name: 'ports' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + description: |- + If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c". + - !ruby/object:Api::Type::Integer + name: 'containerPort' + description: |- + Port number the container listens on. This must be a valid TCP port number, 0 < containerPort < 65536. + - !ruby/object:Api::Type::Array + name: 'volumeMounts' + description: |- + Volume to mount into the container's filesystem. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + required: true + description: |- + This must match the Name of a Volume. + - !ruby/object:Api::Type::String + name: 'mountPath' + required: true + description: |- + Path within the container at which the volume should be mounted. Must not contain ':'. For Cloud SQL volumes, it can be left empty, or must otherwise be /cloudsql. All instances defined in the Volume will be available as /cloudsql/[instance]. For more information on Cloud SQL volumes, visit https://cloud.google.com/sql/docs/mysql/connect-run + - !ruby/object:Api::Type::String + name: 'workingDir' + description: |- + Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. + - !ruby/object:Api::Type::Array + name: 'volumes' + description: |- + A list of Volumes to make available to containers. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + required: true + description: |- + Volume's name. + - !ruby/object:Api::Type::NestedObject + name: 'secret' +======= item_type: type: NestedObject properties: @@ -447,6 +856,7 @@ properties: required: true - name: 'secret' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret # exactly_one_of: @@ -456,6 +866,39 @@ properties: # - template.0.volumes.0.gcs # - template.0.volumes.0.nfs properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'secret' + required: true + description: |- + The name of the secret in Cloud Secret Manager. Format: {secret} if the secret is in the same project. projects/{project}/secrets/{secret} if the secret is in a different project. + - !ruby/object:Api::Type::Integer + name: 'defaultMode' + description: |- + Integer representation of mode bits to use on created files by default. Must be a value between 0000 and 0777 (octal), defaulting to 0444. Directories within the path are not affected by this setting. + - !ruby/object:Api::Type::Array + name: 'items' + description: |- + If unspecified, the volume will expose a file whose name is the secret, relative to VolumeMount.mount_path. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a path and a version. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'path' + required: true + description: |- + The relative path of the secret in the container. + - !ruby/object:Api::Type::String + name: 'version' + required: true + description: |- + The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version + - !ruby/object:Api::Type::Integer + name: 'mode' + description: |- + Integer octal mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. + - !ruby/object:Api::Type::NestedObject + name: 'cloudSqlInstance' +======= - name: 'secret' type: String description: |- @@ -488,6 +931,7 @@ properties: Integer octal mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. - name: 'cloudSqlInstance' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- For Cloud SQL volumes, contains the specific instances that should be mounted. Visit https://cloud.google.com/sql/docs/mysql/connect-run for more information on how to connect Cloud SQL and Cloud Run. # exactly_one_of: @@ -497,6 +941,18 @@ properties: # - template.0.volumes.0.gcs # - template.0.volumes.0.nfs properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'instances' + description: |- + The Cloud SQL instance connection names, as can be found in https://console.cloud.google.com/sql/instances. Visit https://cloud.google.com/sql/docs/mysql/connect-run for more information on how to connect Cloud SQL and Cloud Run. Format: {project}:{location}:{instance} + item_type: Api::Type::String + - !ruby/object:Api::Type::NestedObject + name: 'emptyDir' + description: |- + Ephemeral storage used as a shared volume. + min_version: beta +======= - name: 'instances' type: Array description: |- @@ -508,6 +964,7 @@ properties: description: |- Ephemeral storage used as a shared volume. min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # exactly_one_of: # - template.0.template.0.volumes.0.secret # - template.0.template.0.volumes.0.cloudSqlInstance @@ -515,6 +972,21 @@ properties: # - template.0.volumes.0.gcs # - template.0.volumes.0.nfs properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'medium' + description: |- + The different types of medium supported for EmptyDir. + values: + - :MEMORY + default_value: :MEMORY + - !ruby/object:Api::Type::String + name: 'sizeLimit' + description: |- + Limit on the storage usable by this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. This field's values are of the 'Quantity' k8s type: https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/quantity/. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir. + - !ruby/object:Api::Type::NestedObject + name: 'gcs' +======= - name: 'medium' type: Enum description: |- @@ -528,6 +1000,7 @@ properties: Limit on the storage usable by this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. This field's values are of the 'Quantity' k8s type: https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/quantity/. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir. - name: 'gcs' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Cloud Storage bucket mounted as a volume using GCSFuse. # exactly_one_of: @@ -537,6 +1010,19 @@ properties: # - template.0.volumes.0.gcs # - template.0.volumes.0.nfs properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'bucket' + required: true + description: |- + Name of the cloud storage bucket to back the volume. The resource service account must have permission to access the bucket. + - !ruby/object:Api::Type::Boolean + name: 'readOnly' + description: |- + If true, mount this volume as read-only in all mounts. If false, mount this volume as read-write. + - !ruby/object:Api::Type::NestedObject + name: 'nfs' +======= - name: 'bucket' type: String description: |- @@ -548,6 +1034,7 @@ properties: If true, mount this volume as read-only in all mounts. If false, mount this volume as read-write. - name: 'nfs' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- NFS share mounted as a volume. # exactly_one_of: @@ -557,6 +1044,23 @@ properties: # - template.0.volumes.0.gcs # - template.0.volumes.0.nfs properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'server' + required: true + description: |- + Hostname or IP address of the NFS server. + - !ruby/object:Api::Type::String + name: 'path' + description: |- + Path that is exported by the NFS server. + - !ruby/object:Api::Type::Boolean + name: 'readOnly' + description: |- + If true, mount this volume as read-only in all mounts. + - !ruby/object:Api::Type::String + name: 'timeout' +======= - name: 'server' type: String description: |- @@ -572,11 +1076,58 @@ properties: If true, mount this volume as read-only in all mounts. - name: 'timeout' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Max allowed time duration the Task may be active before the system will actively try to mark it failed and kill associated containers. This applies per attempt of a task, meaning each retry can run for the full timeout. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". default_from_api: true +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + regex: '^[0-9]+(?:\.[0-9]{1,9})?s$' + - !ruby/object:Api::Type::String + name: 'serviceAccount' + description: |- + Email address of the IAM service account associated with the Task of a Job. The service account represents the identity of the running task, and determines what permissions the task has. If not provided, the task will use the project's default service account. + default_from_api: true + - !ruby/object:Api::Type::Enum + name: 'executionEnvironment' + description: |- + The execution environment being used to host this Task. + values: + - :EXECUTION_ENVIRONMENT_GEN1 + - :EXECUTION_ENVIRONMENT_GEN2 + default_from_api: true + - !ruby/object:Api::Type::String + name: 'encryptionKey' + description: |- + A reference to a customer managed encryption key (CMEK) to use to encrypt this container image. For more information, go to https://cloud.google.com/run/docs/securing/using-cmek + - !ruby/object:Api::Type::NestedObject + name: 'vpcAccess' + description: |- + VPC Access configuration to use for this Task. For more information, visit https://cloud.google.com/run/docs/configuring/connecting-vpc. + properties: + - !ruby/object:Api::Type::String + name: 'connector' + description: |- + VPC Access connector name. Format: projects/{project}/locations/{location}/connectors/{connector}, where {project} can be project id or number. + - !ruby/object:Api::Type::Enum + name: 'egress' + description: |- + Traffic VPC egress settings. + values: + - :ALL_TRAFFIC + - :PRIVATE_RANGES_ONLY + default_from_api: true + - !ruby/object:Api::Type::Array + name: 'networkInterfaces' + description: |- + Direct VPC egress settings. Currently only single network interface is supported. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'network' +======= validation: regex: '^[0-9]+(?:\.[0-9]{1,9})?s$' - name: 'serviceAccount' @@ -622,18 +1173,33 @@ properties: properties: - name: 'network' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- The VPC network that the Cloud Run resource will be able to send traffic to. At least one of network or subnetwork must be specified. If both network and subnetwork are specified, the given VPC subnetwork must belong to the given VPC network. If network is not specified, it will be looked up from the subnetwork. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'subnetwork' +======= - name: 'subnetwork' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- The VPC subnetwork that the Cloud Run resource will get IPs from. At least one of network or subnetwork must be specified. If both network and subnetwork are specified, the given VPC subnetwork must belong to the given VPC network. If subnetwork is not specified, the subnetwork with the same name with the network will be used. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'tags' + description: |- + Network tags applied to this Cloud Run job. + item_type: Api::Type::String + - !ruby/object:Api::Type::Integer + name: 'maxRetries' +======= - name: 'tags' type: Array description: |- @@ -642,10 +1208,42 @@ properties: type: String - name: 'maxRetries' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Number of retries allowed per Task, before marking this Task failed. send_empty_value: true default_value: 3 +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'observedGeneration' + output: true + description: | + The generation of this Job. See comments in reconciling for additional information on reconciliation process in Cloud Run. + - !ruby/object:Api::Type::NestedObject + name: 'terminalCondition' + output: true + description: | + The Condition of this Job, containing its readiness status, and detailed error information in case it did not reach the desired state + properties: + - !ruby/object:Api::Type::String + name: 'type' + output: true + description: |- + type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready. + - !ruby/object:Api::Type::String + name: 'state' + output: true + description: |- + State of the condition. + - !ruby/object:Api::Type::String + name: 'message' + output: true + description: |- + Human readable message indicating details about the current status. + - !ruby/object:Api::Type::Time + name: 'lastTransitionTime' + output: true +======= - name: 'observedGeneration' type: String description: | @@ -674,10 +1272,58 @@ properties: output: true - name: 'lastTransitionTime' type: Time +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Last time the condition transitioned from one status to another. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'severity' + output: true + description: |- + How to interpret failures of this condition, one of Error, Warning, Info + - !ruby/object:Api::Type::String + name: 'reason' + output: true + description: |- + A common (service-level) reason for this condition. + - !ruby/object:Api::Type::String + name: 'revisionReason' + output: true + description: |- + A reason for the revision condition. + - !ruby/object:Api::Type::String + name: 'executionReason' + output: true + description: |- + A reason for the execution condition. + - !ruby/object:Api::Type::Array + name: 'conditions' + description: |- + The Conditions of all other associated sub-resources. They contain additional diagnostics information in case the Job does not reach its desired state. See comments in reconciling for additional information on `reconciliation` process in Cloud Run. + output: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'type' + output: true + description: |- + type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready. + - !ruby/object:Api::Type::String + name: 'state' + output: true + description: |- + State of the condition. + - !ruby/object:Api::Type::String + name: 'message' + output: true + description: |- + Human readable message indicating details about the current status. + - !ruby/object:Api::Type::Time + name: 'lastTransitionTime' + output: true +======= output: true - name: 'severity' type: String @@ -724,10 +1370,52 @@ properties: output: true - name: 'lastTransitionTime' type: Time +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Last time the condition transitioned from one status to another. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'severity' + output: true + description: |- + How to interpret failures of this condition, one of Error, Warning, Info + - !ruby/object:Api::Type::String + name: 'reason' + output: true + description: |- + A common (service-level) reason for this condition. + - !ruby/object:Api::Type::String + name: 'revisionReason' + output: true + description: |- + A reason for the revision condition. + - !ruby/object:Api::Type::String + name: 'executionReason' + output: true + description: |- + A reason for the execution condition. + - !ruby/object:Api::Type::Integer + name: 'executionCount' + output: true + description: | + Number of executions created for this job. + - !ruby/object:Api::Type::NestedObject + name: 'latestCreatedExecution' + output: true + description: | + Name of the last created execution. + properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + Name of the execution. + - !ruby/object:Api::Type::Time + name: 'createTime' + output: true +======= output: true - name: 'severity' type: String @@ -767,20 +1455,33 @@ properties: output: true - name: 'createTime' type: Time +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Creation timestamp of the execution. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". +<<<<<<< HEAD + - !ruby/object:Api::Type::Time + name: 'completionTime' + output: true +======= output: true - name: 'completionTime' type: Time +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Completion timestamp of the execution. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'reconciling' + output: true +======= output: true - name: 'reconciling' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Returns true if the Job is currently being acted upon by the system to bring it into the desired state. @@ -789,9 +1490,17 @@ properties: If reconciliation succeeded, the following fields will match: observedGeneration and generation, latest_succeeded_execution and latestCreatedExecution. If reconciliation failed, observedGeneration and latest_succeeded_execution will have the state of the last succeeded execution or empty for newly created Job. Additional information on the failure can be found in terminalCondition and conditions +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'etag' + output: true + description: | + A system-generated fingerprint for this version of the resource. May be used to detect modification conflict during updates. +======= output: true - name: 'etag' type: String description: | A system-generated fingerprint for this version of the resource. May be used to detect modification conflict during updates. output: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/cloudrunv2/Service.yaml b/mmv1/products/cloudrunv2/Service.yaml index b13c7da10c9b..83fb8ab98d44 100644 --- a/mmv1/products/cloudrunv2/Service.yaml +++ b/mmv1/products/cloudrunv2/Service.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,64 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Service' +base_url: projects/{{project}}/locations/{{location}}/services +self_link: projects/{{project}}/locations/{{location}}/services/{{name}} +create_url: projects/{{project}}/locations/{{location}}/services?serviceId={{name}} +update_verb: :PATCH +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/run/docs/' + api: 'https://cloud.google.com/run/docs/reference/rest/v2/projects.locations.services' +description: | + Service acts as a top-level container that manages a set of configurations and revision templates which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. +iam_policy: !ruby/object:Api::Resource::IamPolicy + method_name_separator: ':' + parent_resource_attribute: 'name' + base_url: projects/{{project}}/locations/{{location}}/services/{{name}} + import_format: ['projects/{{project}}/locations/{{location}}/services/{{name}}', '{{name}}'] +taint_resource_on_failed_create: true +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +id_format: 'projects/{{project}}/locations/{{location}}/services/{{name}}' +import_format: ['projects/{{project}}/locations/{{location}}/services/{{name}}'] +autogen_async: true +virtual_fields: + - !ruby/object:Api::Type::Boolean + name: 'deletion_protection' + default_value: true + description: | + Whether Terraform will be prevented from destroying the service. Defaults to true. + When a`terraform destroy` or `terraform apply` would delete the service, + the command will fail if this field is not set to false in Terraform state. + When the field is set to true or unset in Terraform state, a `terraform apply` + or `terraform destroy` that would delete the service will fail. + When the field is set to false, deleting the service is allowed. +custom_code: !ruby/object:Provider::Terraform::CustomCode + pre_delete: 'templates/terraform/pre_delete/cloudrunv2_service_deletion_policy.go.erb' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'cloudrunv2_service_basic' + primary_resource_id: 'default' + primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-service%s\", context[\"random_suffix\"])" +======= --- name: 'Service' description: | @@ -60,25 +122,49 @@ examples: - name: 'cloudrunv2_service_basic' primary_resource_id: 'default' primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-service%s", context["random_suffix"])' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: cloud_run_service_name: 'cloudrun-service' ignore_read_extra: - 'deletion_protection' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'cloudrunv2_service_limits' +======= - name: 'cloudrunv2_service_limits' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: cloud_run_service_name: 'cloudrun-service' ignore_read_extra: - 'deletion_protection' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'cloudrunv2_service_sql' + primary_resource_id: 'default' + primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-srv%s\", context[\"random_suffix\"])" +======= - name: 'cloudrunv2_service_sql' primary_resource_id: 'default' primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: cloud_run_service_name: 'cloudrun-service' secret_id: 'secret-1' cloud_run_sql_name: 'cloudrun-sql' deletion_protection: 'true' test_vars_overrides: +<<<<<<< HEAD + deletion_protection: 'false' + oics_vars_overrides: + deletion_protection: 'false' + ignore_read_extra: + - 'deletion_protection' + - !ruby/object:Provider::Terraform::Examples + name: 'cloudrunv2_service_vpcaccess' + primary_resource_id: 'default' + primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-srv%s\", context[\"random_suffix\"])" +======= 'deletion_protection': 'false' oics_vars_overrides: 'deletion_protection': 'false' @@ -87,6 +173,7 @@ examples: - name: 'cloudrunv2_service_vpcaccess' primary_resource_id: 'default' primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: cloud_run_service_name: 'cloudrun-service' vpc_access_connector_name: 'run-vpc' @@ -94,36 +181,73 @@ examples: compute_network_name: 'run-network' ignore_read_extra: - 'deletion_protection' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'cloudrunv2_service_directvpc' + primary_resource_id: 'default' + primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-srv%s\", context[\"random_suffix\"])" +======= - name: 'cloudrunv2_service_directvpc' primary_resource_id: 'default' primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: cloud_run_service_name: 'cloudrun-service' ignore_read_extra: - 'deletion_protection' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'cloudrunv2_service_gpu' + min_version: 'beta' + primary_resource_id: 'default' + primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-srv%s\", context[\"random_suffix\"])" +======= - name: 'cloudrunv2_service_gpu' primary_resource_id: 'default' primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: cloud_run_service_name: 'cloudrun-service' ignore_read_extra: - 'deletion_protection' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'cloudrunv2_service_probes' + primary_resource_id: 'default' + primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-srv%s\", context[\"random_suffix\"])" +======= - name: 'cloudrunv2_service_probes' primary_resource_id: 'default' primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: cloud_run_service_name: 'cloudrun-service' ignore_read_extra: - 'deletion_protection' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'cloudrunv2_service_secret' + primary_resource_id: 'default' + primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-srv%s\", context[\"random_suffix\"])" +======= - name: 'cloudrunv2_service_secret' primary_resource_id: 'default' primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: cloud_run_service_name: 'cloudrun-service' secret_id: 'secret-1' ignore_read_extra: - 'deletion_protection' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'cloudrunv2_service_multicontainer' + min_version: 'beta' + primary_resource_id: 'default' + primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-service%s\", context[\"\ + random_suffix\"])" +======= - name: 'cloudrunv2_service_multicontainer' primary_resource_id: 'default' primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-service%s", context["random_suffix"])' @@ -135,30 +259,97 @@ examples: - name: 'cloudrunv2_service_mount_gcs' primary_resource_id: 'default' primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-service-%s", context["random_suffix"])' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: cloud_run_service_name: 'cloudrun-service' ignore_read_extra: - 'deletion_protection' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'cloudrunv2_service_mount_gcs' + # Currently failing + skip_vcr: true + primary_resource_id: 'default' + primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-service-%s\", context[\"random_suffix\"])" +======= # Currently failing skip_vcr: true - name: 'cloudrunv2_service_mount_nfs' primary_resource_id: 'default' primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-service-%s", context["random_suffix"])' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: cloud_run_service_name: 'cloudrun-service' ignore_read_extra: - 'deletion_protection' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'cloudrunv2_service_mount_nfs' + # Currently failing + skip_vcr: true + primary_resource_id: 'default' + primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-service-%s\", context[\"random_suffix\"])" + vars: + cloud_run_service_name: 'cloudrun-service' + ignore_read_extra: + - 'deletion_protection' + + - !ruby/object:Provider::Terraform::Examples + name: 'cloudrunv2_service_mesh' + min_version: 'beta' + external_providers: ['time'] + primary_resource_id: 'default' + primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-service-%s\", context[\"random_suffix\"])" +======= # Currently failing skip_vcr: true - name: 'cloudrunv2_service_mesh' primary_resource_id: 'default' primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-service-%s", context["random_suffix"])' min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: cloud_run_service_name: 'cloudrun-service' mesh_name: 'network-services-mesh' ignore_read_extra: - 'deletion_protection' +<<<<<<< HEAD + +parameters: + - !ruby/object:Api::Type::String + name: 'location' + required: true + immutable: true + url_param_only: true + description: The location of the cloud run service +properties: + - !ruby/object:Api::Type::String + name: 'name' + required: true + immutable: true + url_param_only: true + description: | + Name of the Service. + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + custom_expand: templates/terraform/custom_expand/resource_from_self_link.go.erb + custom_flatten: templates/terraform/custom_flatten/name_from_self_link.erb + - !ruby/object:Api::Type::String + name: 'description' + description: | + User-provided description of the Service. This field currently has a 512-character limit. + - !ruby/object:Api::Type::String + name: 'uid' + output: true + description: | + Server assigned unique identifier for the trigger. The value is a UUID4 string and guaranteed to remain unchanged until the resource is deleted. + - !ruby/object:Api::Type::String + name: 'generation' + output: true + description: | + A number that monotonically increases every time the user modifies the desired state. Please note that unlike v1, this is an int64 value. As with most Google APIs, its JSON representation will be a string instead of an integer. + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' +======= external_providers: ["time"] virtual_fields: - name: 'deletion_protection' @@ -205,14 +396,20 @@ properties: output: true - name: 'labels' type: KeyValueLabels +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Unstructured key value map that can be used to organize and categorize objects. User-provided labels are shared with Google's billing system, so they can be used to filter, or break down billing charges by team, component, environment, state, etc. For more information, visit https://cloud.google.com/resource-manager/docs/creating-managing-labels or https://cloud.google.com/run/docs/configuring/labels. Cloud Run API v2 does not support labels with `run.googleapis.com`, `cloud.googleapis.com`, `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and they will be rejected. All system labels in v1 now have a corresponding field in v2 Service. +<<<<<<< HEAD + - !ruby/object:Api::Type::KeyValueAnnotations + name: 'annotations' +======= - name: 'annotations' type: KeyValueAnnotations +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Unstructured key value map that may be set by external tools to store and arbitrary metadata. They are not queryable and should be preserved when modifying objects. @@ -220,6 +417,57 @@ properties: All system annotations in v1 now have a corresponding field in v2 Service. This field follows Kubernetes annotations' namespacing, limits, and rules. +<<<<<<< HEAD + - !ruby/object:Api::Type::Time + name: 'createTime' + output: true + description: |- + The creation time. + - !ruby/object:Api::Type::Time + name: 'updateTime' + output: true + description: |- + The last-modified time. + - !ruby/object:Api::Type::Time + name: 'deleteTime' + output: true + description: |- + The deletion time. + - !ruby/object:Api::Type::Time + name: 'expireTime' + output: true + description: |- + For a deleted resource, the time after which it will be permamently deleted. + - !ruby/object:Api::Type::String + name: 'creator' + output: true + description: |- + Email address of the authenticated creator. + - !ruby/object:Api::Type::String + name: 'lastModifier' + output: true + description: |- + Email address of the last authenticated modifier. + - !ruby/object:Api::Type::String + name: 'client' + description: | + Arbitrary identifier for the API client. + - !ruby/object:Api::Type::String + name: 'clientVersion' + description: | + Arbitrary version identifier for the API client. + - !ruby/object:Api::Type::Enum + name: 'ingress' + description: | + Provides the ingress settings for this Service. On output, returns the currently observed ingress settings, or INGRESS_TRAFFIC_UNSPECIFIED if no revision is active. + values: + - :INGRESS_TRAFFIC_ALL + - :INGRESS_TRAFFIC_INTERNAL_ONLY + - :INGRESS_TRAFFIC_INTERNAL_LOAD_BALANCER + default_from_api: true + - !ruby/object:Api::Type::Enum + name: 'launchStage' +======= - name: 'createTime' type: Time description: |- @@ -269,11 +517,34 @@ properties: - 'INGRESS_TRAFFIC_INTERNAL_LOAD_BALANCER' - name: 'launchStage' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The launch stage as defined by [Google Cloud Platform Launch Stages](https://cloud.google.com/products#product-launch-stages). Cloud Run supports ALPHA, BETA, and GA. If no value is specified, GA is assumed. Set the launch stage to a preview stage on input to allow use of preview features in that stage. On read (or output), describes whether the resource uses preview features. For example, if ALPHA is provided as input, but only BETA and GA-level features are used, this field will be BETA on output. +<<<<<<< HEAD + values: + - :UNIMPLEMENTED + - :PRELAUNCH + - :EARLY_ACCESS + - :ALPHA + - :BETA + - :GA + - :DEPRECATED + default_from_api: true + - !ruby/object:Api::Type::NestedObject + name: 'binaryAuthorization' + description: | + Settings for the Binary Authorization feature. + properties: + - !ruby/object:Api::Type::String + name: 'breakglassJustification' + description: | + If present, indicates to use Breakglass using this justification. If useDefault is False, then it must be empty. For more information on breakglass, see https://cloud.google.com/binary-authorization/docs/using-breakglass + - !ruby/object:Api::Type::Boolean + name: 'useDefault' +======= default_from_api: true enum_values: - 'UNIMPLEMENTED' @@ -294,16 +565,56 @@ properties: If present, indicates to use Breakglass using this justification. If useDefault is False, then it must be empty. For more information on breakglass, see https://cloud.google.com/binary-authorization/docs/using-breakglass - name: 'useDefault' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If True, indicates to use the default project's binary authorization policy. If False, binary authorization will be disabled. conflicts: - policy +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'policy' +======= - name: 'policy' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The path to a binary authorization policy. Format: projects/{project}/platforms/cloudRun/{policy-name} conflicts: - use_default +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'customAudiences' + description: | + One or more custom audiences that you want this service to support. Specify each custom audience as the full URL in a string. The custom audiences are encoded in the token and used to authenticate requests. + For more information, see https://cloud.google.com/run/docs/configuring/custom-audiences. + item_type: Api::Type::String + - !ruby/object:Api::Type::NestedObject + name: 'scaling' + description: | + Scaling settings that apply to the whole service + properties: + - !ruby/object:Api::Type::Integer + name: 'minInstanceCount' + description: | + Minimum number of instances for the service, to be divided among all revisions receiving traffic. + - !ruby/object:Api::Type::Boolean + name: 'defaultUriDisabled' + min_version: beta + description: |- + Disables public resolution of the default URI of this service. + - !ruby/object:Api::Type::NestedObject + name: 'template' + required: true + description: | + The template used to create revisions for this Service. + properties: + - !ruby/object:Api::Type::String + name: 'revision' + description: |- + The unique name for the revision. If this field is omitted, it will be automatically generated based on the Service name. + - !ruby/object:Api::Type::KeyValuePairs + name: 'labels' +======= - name: 'customAudiences' type: Array description: | @@ -337,14 +648,20 @@ properties: The unique name for the revision. If this field is omitted, it will be automatically generated based on the Service name. - name: 'labels' type: KeyValuePairs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Unstructured key value map that can be used to organize and categorize objects. User-provided labels are shared with Google's billing system, so they can be used to filter, or break down billing charges by team, component, environment, state, etc. For more information, visit https://cloud.google.com/resource-manager/docs/creating-managing-labels or https://cloud.google.com/run/docs/configuring/labels. Cloud Run API v2 does not support labels with `run.googleapis.com`, `cloud.googleapis.com`, `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and they will be rejected. All system labels in v1 now have a corresponding field in v2 RevisionTemplate. +<<<<<<< HEAD + - !ruby/object:Api::Type::KeyValuePairs + name: 'annotations' +======= - name: 'annotations' type: KeyValuePairs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Unstructured key value map that may be set by external tools to store and arbitrary metadata. They are not queryable and should be preserved when modifying objects. @@ -352,12 +669,52 @@ properties: All system annotations in v1 now have a corresponding field in v2 RevisionTemplate. This field follows Kubernetes annotations' namespacing, limits, and rules. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'scaling' +======= - name: 'scaling' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Scaling settings for this Revision. default_from_api: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'minInstanceCount' + description: |- + Minimum number of serving instances that this resource should have. + - !ruby/object:Api::Type::Integer + name: 'maxInstanceCount' + description: |- + Maximum number of serving instances that this resource should have. + - !ruby/object:Api::Type::NestedObject + name: 'vpcAccess' + description: |- + VPC Access configuration to use for this Task. For more information, visit https://cloud.google.com/run/docs/configuring/connecting-vpc. + properties: + - !ruby/object:Api::Type::String + name: 'connector' + description: |- + VPC Access connector name. Format: projects/{project}/locations/{location}/connectors/{connector}, where {project} can be project id or number. + - !ruby/object:Api::Type::Enum + name: 'egress' + description: |- + Traffic VPC egress settings. + values: + - :ALL_TRAFFIC + - :PRIVATE_RANGES_ONLY + default_from_api: true + - !ruby/object:Api::Type::Array + name: 'networkInterfaces' + description: |- + Direct VPC egress settings. Currently only single network interface is supported. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'network' +======= - name: 'minInstanceCount' type: Integer description: |- @@ -392,18 +749,33 @@ properties: properties: - name: 'network' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- The VPC network that the Cloud Run resource will be able to send traffic to. At least one of network or subnetwork must be specified. If both network and subnetwork are specified, the given VPC subnetwork must belong to the given VPC network. If network is not specified, it will be looked up from the subnetwork. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'subnetwork' +======= - name: 'subnetwork' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- The VPC subnetwork that the Cloud Run resource will get IPs from. At least one of network or subnetwork must be specified. If both network and subnetwork are specified, the given VPC subnetwork must belong to the given VPC network. If subnetwork is not specified, the subnetwork with the same name with the network will be used. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'tags' + description: |- + Network tags applied to this Cloud Run service. + item_type: Api::Type::String + - !ruby/object:Api::Type::String + name: 'timeout' +======= - name: 'tags' type: Array description: |- @@ -412,11 +784,60 @@ properties: type: String - name: 'timeout' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Max allowed time for an instance to respond to a request. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". default_from_api: true +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + regex: '^[0-9]+(?:\.[0-9]{1,9})?s$' + - !ruby/object:Api::Type::String + name: 'serviceAccount' + description: |- + Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. + default_from_api: true + - !ruby/object:Api::Type::Array + name: 'containers' + description: |- + Holds the containers that define the unit of execution for this Service. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + description: |- + Name of the container specified as a DNS_LABEL. + - !ruby/object:Api::Type::String + name: 'image' + required: true + description: |- + URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images + - !ruby/object:Api::Type::Array + name: 'command' + description: |- + Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'args' + description: |- + Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references are not supported in Cloud Run. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'env' + description: |- + List of environment variables to set in the container. + is_set: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + required: true + description: |- + Name of the environment variable. Must be a C_IDENTIFIER, and may not exceed 32768 characters. + - !ruby/object:Api::Type::String + name: 'value' +======= validation: regex: '^[0-9]+(?:\.[0-9]{1,9})?s$' - name: 'serviceAccount' @@ -467,19 +888,43 @@ properties: required: true - name: 'value' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Literal value of the environment variable. Defaults to "" and the maximum allowed length is 32768 characters. Variable references are not supported in Cloud Run. # exactly_one_of: # - template.0.containers.0.env.0.value # - template.0.containers.0.env.0.valueSource +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'valueSource' +======= - name: 'valueSource' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Source for the environment variable's value. # exactly_one_of: # - template.0.containers.0.env.0.value # - template.0.containers.0.env.0.valueSource properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'secretKeyRef' + description: |- + Selects a secret and a specific version from Cloud Secret Manager. + properties: + - !ruby/object:Api::Type::String + name: 'secret' + required: true + description: |- + The name of the secret in Cloud Secret Manager. Format: {secretName} if the secret is in the same project. projects/{project}/secrets/{secretName} if the secret is in a different project. + - !ruby/object:Api::Type::String + name: 'version' + description: |- + The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. + - !ruby/object:Api::Type::NestedObject + name: 'resources' +======= - name: 'secretKeyRef' type: NestedObject description: |- @@ -496,10 +941,30 @@ properties: The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. - name: 'resources' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Compute Resource requirements by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources default_from_api: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::KeyValuePairs + name: 'limits' + description: |- + Only memory, CPU, and nvidia.com/gpu are supported. Use key `cpu` for CPU limit, `memory` for memory limit, `nvidia.com/gpu` for gpu limit. Note: The only supported values for CPU are '1', '2', '4', and '8'. Setting 4 CPU requires at least 2Gi of memory. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go + default_from_api: true + - !ruby/object:Api::Type::Boolean + name: 'cpuIdle' + description: |- + Determines whether CPU is only allocated during requests. True by default if the parent `resources` field is not set. However, if + `resources` is set, this field must be explicitly set to true to preserve the default behavior. + - !ruby/object:Api::Type::Boolean + name: 'startupCpuBoost' + description: |- + Determines whether CPU should be boosted on startup of a new container instance above the requested CPU threshold, this can help reduce cold-start latency. + - !ruby/object:Api::Type::Array + name: 'ports' + max_size: 1 +======= - name: 'limits' type: KeyValuePairs description: |- @@ -516,11 +981,72 @@ properties: Determines whether CPU should be boosted on startup of a new container instance above the requested CPU threshold, this can help reduce cold-start latency. - name: 'ports' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on default_from_api: true +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + description: |- + If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c". + default_from_api: true + - !ruby/object:Api::Type::Integer + name: 'containerPort' + description: |- + Port number the container listens on. This must be a valid TCP port number, 0 < containerPort < 65536. + - !ruby/object:Api::Type::Array + name: 'volumeMounts' + description: |- + Volume to mount into the container's filesystem. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + required: true + description: |- + This must match the Name of a Volume. + - !ruby/object:Api::Type::String + name: 'mountPath' + required: true + description: |- + Path within the container at which the volume should be mounted. Must not contain ':'. For Cloud SQL volumes, it can be left empty, or must otherwise be /cloudsql. All instances defined in the Volume will be available as /cloudsql/[instance]. For more information on Cloud SQL volumes, visit https://cloud.google.com/sql/docs/mysql/connect-run + - !ruby/object:Api::Type::String + name: 'workingDir' + description: |- + Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. + - !ruby/object:Api::Type::NestedObject + name: 'livenessProbe' + description: |- + Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + properties: + - !ruby/object:Api::Type::Integer + name: 'initialDelaySeconds' + description: |- + Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + default_value: 0 + - !ruby/object:Api::Type::Integer + name: 'timeoutSeconds' + description: |- + Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than periodSeconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + default_value: 1 + - !ruby/object:Api::Type::Integer + name: 'periodSeconds' + description: |- + How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeoutSeconds + default_value: 10 + - !ruby/object:Api::Type::Integer + name: 'failureThreshold' + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + default_value: 3 + - !ruby/object:Api::Type::NestedObject + name: 'httpGet' +======= item_type: type: NestedObject properties: @@ -582,15 +1108,119 @@ properties: default_value: 3 - name: 'httpGet' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- HTTPGet specifies the http request to perform. send_empty_value: true allow_empty_object: true +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::String + name: 'path' + default_value: '/' + description: |- + Path to access on the HTTP server. Defaults to '/'. + - !ruby/object:Api::Type::Integer + name: port + description: |- + Port number to access on the container. Number must be in the range 1 to 65535. + If not specified, defaults to the same value as container.ports[0].containerPort. + default_from_api: true + - !ruby/object:Api::Type::Array + name: 'httpHeaders' + description: |- + Custom headers to set in the request. HTTP allows repeated headers. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: name + required: true + description: |- + The header field name + - !ruby/object:Api::Type::String + name: value + description: |- + The header field value + default_value: '' + send_empty_value: true + - !ruby/object:Api::Type::NestedObject + name: grpc + description: |- + GRPC specifies an action involving a GRPC port. + send_empty_value: true + allow_empty_object: true + properties: + - !ruby/object:Api::Type::Integer + name: port + description: |- + Port number to access on the container. Number must be in the range 1 to 65535. + If not specified, defaults to the same value as container.ports[0].containerPort. + default_from_api: true + - !ruby/object:Api::Type::String + name: service + description: |- + The name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + If this is not specified, the default behavior is defined by gRPC. + - !ruby/object:Api::Type::NestedObject + name: tcpSocket + description: TCPSocketAction describes an action based on opening a socket + properties: + - !ruby/object:Api::Type::Integer + name: port + description: |- + Port number to access on the container. Must be in the range 1 to 65535. + If not specified, defaults to the exposed port of the container, which + is the value of container.ports[0].containerPort. + required: true + - !ruby/object:Api::Type::NestedObject + name: 'startupProbe' + description: |- + Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + default_from_api: true + properties: + - !ruby/object:Api::Type::Integer + name: 'initialDelaySeconds' + description: |- + Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + default_value: 0 + - !ruby/object:Api::Type::Integer + name: 'timeoutSeconds' + description: |- + Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than periodSeconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + default_value: 1 + - !ruby/object:Api::Type::Integer + name: 'periodSeconds' + description: |- + How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeoutSeconds + default_value: 10 + - !ruby/object:Api::Type::Integer + name: 'failureThreshold' + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + default_value: 3 + - !ruby/object:Api::Type::NestedObject + name: 'httpGet' + description: |- + HTTPGet specifies the http request to perform. Exactly one of HTTPGet or TCPSocket must be specified. + send_empty_value: true + allow_empty_object: true +======= +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # exactly_one_of: # - template.0.containers.0.startupProbe.0.httpGet # - template.0.containers.0.startupProbe.0.tcpSocket # - template.0.containers.0.startupProbe.0.grpc properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'path' + default_value: '/' + description: |- + Path to access on the HTTP server. Defaults to '/'. + - !ruby/object:Api::Type::Integer + name: port +======= - name: 'path' type: String description: |- @@ -690,10 +1320,32 @@ properties: default_value: "/" - name: 'port' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Port number to access on the container. Must be in the range 1 to 65535. If not specified, defaults to the same value as container.ports[0].containerPort. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'httpHeaders' + description: |- + Custom headers to set in the request. HTTP allows repeated headers. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: name + required: true + description: |- + The header field name + - !ruby/object:Api::Type::String + name: value + description: |- + The header field value + default_value: '' + send_empty_value: true + - !ruby/object:Api::Type::NestedObject + name: 'tcpSocket' +======= - name: 'httpHeaders' type: Array description: |- @@ -714,6 +1366,7 @@ properties: default_value: "" - name: 'tcpSocket' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- TCPSocket specifies an action involving a TCP port. Exactly one of HTTPGet or TCPSocket must be specified. send_empty_value: true @@ -723,14 +1376,24 @@ properties: # - template.0.containers.0.startupProbe.0.tcpSocket # - template.0.containers.0.startupProbe.0.grpc properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: port +======= - name: 'port' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Port number to access on the container. Must be in the range 1 to 65535. If not specified, defaults to the same value as container.ports[0].containerPort. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: grpc +======= - name: 'grpc' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- GRPC specifies an action involving a GRPC port. send_empty_value: true @@ -740,18 +1403,48 @@ properties: # - template.0.containers.0.startupProbe.0.tcpSocket # - template.0.containers.0.startupProbe.0.grpc properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: port +======= - name: 'port' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Port number to access on the container. Number must be in the range 1 to 65535. If not specified, defaults to the same value as container.ports[0].containerPort. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: service +======= - name: 'service' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- The name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'dependsOn' + description: |- + Containers which should be started before this container. If specified the container will wait to start until all containers with the listed names are healthy. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'volumes' + description: |- + A list of Volumes to make available to containers. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + required: true + description: |- + Volume's name. + - !ruby/object:Api::Type::NestedObject + name: 'secret' +======= - name: 'dependsOn' type: Array description: |- @@ -772,6 +1465,7 @@ properties: required: true - name: 'secret' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret # exactly_one_of: @@ -779,6 +1473,38 @@ properties: # - template.0.volumes.0.cloudSqlInstance # - template.0.volumes.0.emptyDir properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'secret' + required: true + description: |- + The name of the secret in Cloud Secret Manager. Format: {secret} if the secret is in the same project. projects/{project}/secrets/{secret} if the secret is in a different project. + - !ruby/object:Api::Type::Integer + name: 'defaultMode' + description: |- + Integer representation of mode bits to use on created files by default. Must be a value between 0000 and 0777 (octal), defaulting to 0444. Directories within the path are not affected by this setting. + - !ruby/object:Api::Type::Array + name: 'items' + description: |- + If unspecified, the volume will expose a file whose name is the secret, relative to VolumeMount.mount_path. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a path and a version. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'path' + required: true + description: |- + The relative path of the secret in the container. + - !ruby/object:Api::Type::String + name: 'version' + description: |- + The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version + - !ruby/object:Api::Type::Integer + name: 'mode' + description: |- + Integer octal mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. + - !ruby/object:Api::Type::NestedObject + name: 'cloudSqlInstance' +======= - name: 'secret' type: String description: |- @@ -810,6 +1536,7 @@ properties: Integer octal mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. - name: 'cloudSqlInstance' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- For Cloud SQL volumes, contains the specific instances that should be mounted. Visit https://cloud.google.com/sql/docs/mysql/connect-run for more information on how to connect Cloud SQL and Cloud Run. # exactly_one_of: @@ -818,6 +1545,19 @@ properties: # - template.0.volumes.0.emptyDir # - template.0.volumes.0.gcs properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'instances' + description: |- + The Cloud SQL instance connection names, as can be found in https://console.cloud.google.com/sql/instances. Visit https://cloud.google.com/sql/docs/mysql/connect-run for more information on how to connect Cloud SQL and Cloud Run. Format: {project}:{location}:{instance} + item_type: Api::Type::String + is_set: true + - !ruby/object:Api::Type::NestedObject + name: 'emptyDir' + description: |- + Ephemeral storage used as a shared volume. + min_version: beta +======= - name: 'instances' type: Array description: |- @@ -830,12 +1570,28 @@ properties: description: |- Ephemeral storage used as a shared volume. min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # exactly_one_of: # - template.0.volumes.0.secret # - template.0.volumes.0.cloudSqlInstance # - template.0.volumes.0.emptyDir # - template.0.volumes.0.gcs properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'medium' + description: |- + The different types of medium supported for EmptyDir. + values: + - :MEMORY + default_value: :MEMORY + - !ruby/object:Api::Type::String + name: 'sizeLimit' + description: |- + Limit on the storage usable by this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. This field's values are of the 'Quantity' k8s type: https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/quantity/. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir. + - !ruby/object:Api::Type::NestedObject + name: 'gcs' +======= - name: 'medium' type: Enum description: |- @@ -849,6 +1605,7 @@ properties: Limit on the storage usable by this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. This field's values are of the 'Quantity' k8s type: https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/quantity/. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir. - name: 'gcs' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Cloud Storage bucket mounted as a volume using GCSFuse. This feature is only supported in the gen2 execution environment. # exactly_one_of: @@ -857,6 +1614,45 @@ properties: # - template.0.volumes.0.emptyDir # - template.0.volumes.0.gcs properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: bucket + description: GCS Bucket name + required: true + - !ruby/object:Api::Type::Boolean + name: readOnly + description: If true, mount the GCS bucket as read-only + required: false + - !ruby/object:Api::Type::NestedObject + name: nfs + description: Represents an NFS mount. + properties: + - !ruby/object:Api::Type::String + name: server + description: Hostname or IP address of the NFS server + required: true + - !ruby/object:Api::Type::String + name: path + description: Path that is exported by the NFS server. + required: true + - !ruby/object:Api::Type::Boolean + name: readOnly + description: If true, mount the NFS volume as read only + required: false + - !ruby/object:Api::Type::Enum + name: 'executionEnvironment' + description: |- + The sandbox environment to host this Revision. + values: + - :EXECUTION_ENVIRONMENT_GEN1 + - :EXECUTION_ENVIRONMENT_GEN2 + - !ruby/object:Api::Type::String + name: 'encryptionKey' + description: |- + A reference to a customer managed encryption key (CMEK) to use to encrypt this container image. For more information, go to https://cloud.google.com/run/docs/securing/using-cmek + - !ruby/object:Api::Type::Integer + name: 'maxInstanceRequestConcurrency' +======= - name: 'bucket' type: String description: GCS Bucket name @@ -894,10 +1690,140 @@ properties: A reference to a customer managed encryption key (CMEK) to use to encrypt this container image. For more information, go to https://cloud.google.com/run/docs/securing/using-cmek - name: 'maxInstanceRequestConcurrency' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Sets the maximum number of requests that each serving instance can receive. If not specified or 0, defaults to 80 when requested CPU >= 1 and defaults to 1 when requested CPU < 1. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'sessionAffinity' + description: |- + Enables session affinity. For more information, go to https://cloud.google.com/run/docs/configuring/session-affinity + - !ruby/object:Api::Type::NestedObject + name: 'serviceMesh' + min_version: beta + description: |- + Enables Cloud Service Mesh for this Revision. + properties: + - !ruby/object:Api::Type::String + name: 'mesh' + description: |- + The Mesh resource name. For more information see https://cloud.google.com/service-mesh/docs/reference/network-services/rest/v1/projects.locations.meshes#resource:-mesh. + - !ruby/object:Api::Type::NestedObject + name: 'nodeSelector' + min_version: beta + description: Node Selector describes the hardware requirements of the resources. + properties: + - !ruby/object:Api::Type::String + name: 'accelerator' + required: true + description: + The GPU to attach to an instance. See https://cloud.google.com/run/docs/configuring/services/gpu for configuring GPU. + - !ruby/object:Api::Type::Array + name: 'traffic' + description: |- + Specifies how to distribute traffic over a collection of Revisions belonging to the Service. If traffic is empty or not provided, defaults to 100% traffic to the latest Ready Revision. + default_from_api: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Enum + name: 'type' + description: | + The allocation type for this traffic target. + values: + - :TRAFFIC_TARGET_ALLOCATION_TYPE_LATEST + - :TRAFFIC_TARGET_ALLOCATION_TYPE_REVISION + - !ruby/object:Api::Type::String + name: 'revision' + description: | + Revision to which to send this portion of traffic, if traffic allocation is by revision. + - !ruby/object:Api::Type::Integer + name: 'percent' + description: | + Specifies percent of the traffic to this Revision. This defaults to zero if unspecified. + default_from_api: true + - !ruby/object:Api::Type::String + name: 'tag' + description: | + Indicates a string to be part of the URI to exclusively reference this target. + - !ruby/object:Api::Type::String + name: 'observedGeneration' + output: true + description: | + The generation of this Service currently serving traffic. See comments in reconciling for additional information on reconciliation process in Cloud Run. Please note that unlike v1, this is an int64 value. As with most Google APIs, its JSON representation will be a string instead of an integer. + - !ruby/object:Api::Type::NestedObject + name: 'terminalCondition' + output: true + description: | + The Condition of this Service, containing its readiness status, and detailed error information in case it did not reach a serving state. See comments in reconciling for additional information on reconciliation process in Cloud Run. + properties: + - !ruby/object:Api::Type::String + name: 'type' + output: true + description: |- + type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready. + - !ruby/object:Api::Type::String + name: 'state' + output: true + description: |- + State of the condition. + - !ruby/object:Api::Type::String + name: 'message' + output: true + description: |- + Human readable message indicating details about the current status. + - !ruby/object:Api::Type::Time + name: 'lastTransitionTime' + output: true + description: |- + Last time the condition transitioned from one status to another. + - !ruby/object:Api::Type::String + name: 'severity' + output: true + description: |- + How to interpret failures of this condition, one of Error, Warning, Info + - !ruby/object:Api::Type::String + name: 'reason' + output: true + description: |- + A common (service-level) reason for this condition. + - !ruby/object:Api::Type::String + name: 'revisionReason' + output: true + description: |- + A reason for the revision condition. + - !ruby/object:Api::Type::String + name: 'executionReason' + output: true + description: |- + A reason for the execution condition. + - !ruby/object:Api::Type::Array + name: 'conditions' + description: |- + The Conditions of all other associated sub-resources. They contain additional diagnostics information in case the Service does not reach its Serving state. See comments in reconciling for additional information on reconciliation process in Cloud Run. + output: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'type' + output: true + description: |- + type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready. + - !ruby/object:Api::Type::String + name: 'state' + output: true + description: |- + State of the condition. + - !ruby/object:Api::Type::String + name: 'message' + output: true + description: |- + Human readable message indicating details about the current status. + - !ruby/object:Api::Type::Time + name: 'lastTransitionTime' + output: true +======= - name: 'sessionAffinity' type: Boolean description: |- @@ -1026,10 +1952,83 @@ properties: output: true - name: 'lastTransitionTime' type: Time +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Last time the condition transitioned from one status to another. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'severity' + output: true + description: |- + How to interpret failures of this condition, one of Error, Warning, Info + - !ruby/object:Api::Type::String + name: 'reason' + output: true + description: |- + A common (service-level) reason for this condition. + - !ruby/object:Api::Type::String + name: 'revisionReason' + output: true + description: |- + A reason for the revision condition. + - !ruby/object:Api::Type::String + name: 'executionReason' + output: true + description: |- + A reason for the execution condition. + - !ruby/object:Api::Type::String + name: 'latestReadyRevision' + output: true + description: | + Name of the latest revision that is serving traffic. See comments in reconciling for additional information on reconciliation process in Cloud Run. + - !ruby/object:Api::Type::String + name: 'latestCreatedRevision' + output: true + description: | + Name of the last created revision. See comments in reconciling for additional information on reconciliation process in Cloud Run. + - !ruby/object:Api::Type::Array + name: 'trafficStatuses' + description: |- + Detailed status information for corresponding traffic targets. See comments in reconciling for additional information on reconciliation process in Cloud Run. + output: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'type' + output: true + description: |- + The allocation type for this traffic target. + - !ruby/object:Api::Type::String + name: 'revision' + output: true + description: |- + Revision to which this traffic is sent. + - !ruby/object:Api::Type::Integer + name: 'percent' + output: true + description: |- + Specifies percent of the traffic to this Revision. + - !ruby/object:Api::Type::String + name: 'tag' + output: true + description: |- + Indicates the string used in the URI to exclusively reference this target. + - !ruby/object:Api::Type::String + name: 'uri' + output: true + description: |- + Displays the target URI. + - !ruby/object:Api::Type::String + name: 'uri' + output: true + description: | + The main URI in which this Service is serving traffic. + - !ruby/object:Api::Type::Boolean + name: 'reconciling' + output: true +======= output: true - name: 'severity' type: String @@ -1101,6 +2100,7 @@ properties: output: true - name: 'reconciling' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Returns true if the Service is currently being acted upon by the system to bring it into the desired state. @@ -1109,9 +2109,17 @@ properties: If reconciliation succeeded, the following fields will match: traffic and trafficStatuses, observedGeneration and generation, latestReadyRevision and latestCreatedRevision. If reconciliation failed, trafficStatuses, observedGeneration, and latestReadyRevision will have the state of the last serving revision, or empty for newly created Services. Additional information on the failure can be found in terminalCondition and conditions. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'etag' + output: true + description: | + A system-generated fingerprint for this version of the resource. May be used to detect modification conflict during updates. +======= output: true - name: 'etag' type: String description: | A system-generated fingerprint for this version of the resource. May be used to detect modification conflict during updates. output: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/cloudrunv2/go_Job.yaml b/mmv1/products/cloudrunv2/go_Job.yaml new file mode 100644 index 000000000000..9113c6e34aa5 --- /dev/null +++ b/mmv1/products/cloudrunv2/go_Job.yaml @@ -0,0 +1,798 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Job' +description: | + A Cloud Run Job resource that references a container image which is run to completion. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/run/docs/' + api: 'https://cloud.google.com/run/docs/reference/rest/v2/projects.locations.jobs' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/jobs/{{name}}' +base_url: 'projects/{{project}}/locations/{{location}}/jobs' +self_link: 'projects/{{project}}/locations/{{location}}/jobs/{{name}}' +create_url: 'projects/{{project}}/locations/{{location}}/jobs?jobId={{name}}' +update_verb: 'PATCH' +import_format: + - 'projects/{{project}}/locations/{{location}}/jobs/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +iam_policy: + method_name_separator: ':' + parent_resource_attribute: 'name' + base_url: 'projects/{{project}}/locations/{{location}}/jobs/{{name}}' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/{{location}}/jobs/{{name}}' + - '{{name}}' +custom_code: + pre_delete: 'templates/terraform/pre_delete/go/cloudrunv2_job_deletion_policy.go.tmpl' +taint_resource_on_failed_create: true +examples: + - name: 'cloudrunv2_job_basic' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-job%s", context["random_suffix"])' + vars: + cloud_run_job_name: 'cloudrun-job' + ignore_read_extra: + - 'deletion_protection' + - name: 'cloudrunv2_job_limits' + primary_resource_id: 'default' + vars: + cloud_run_job_name: 'cloudrun-job' + ignore_read_extra: + - 'deletion_protection' + - name: 'cloudrunv2_job_sql' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' + vars: + cloud_run_job_name: 'cloudrun-job' + secret_id: 'secret' + cloud_run_sql_name: 'cloudrun-sql' + deletion_protection: 'true' + test_vars_overrides: + 'deletion_protection': 'false' + oics_vars_overrides: + 'deletion_protection': 'false' + ignore_read_extra: + - 'deletion_protection' + - name: 'cloudrunv2_job_vpcaccess' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' + vars: + cloud_run_job_name: 'cloudrun-job' + vpc_access_connector_name: 'run-vpc' + vpc_compute_subnetwork_name: 'run-subnetwork' + compute_network_name: 'run-network' + ignore_read_extra: + - 'deletion_protection' + - name: 'cloudrunv2_job_directvpc' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-job%s", context["random_suffix"])' + vars: + cloud_run_job_name: 'cloudrun-job' + ignore_read_extra: + - 'deletion_protection' + - name: 'cloudrunv2_job_secret' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' + vars: + cloud_run_job_name: 'cloudrun-job' + secret_id: 'secret' + ignore_read_extra: + - 'deletion_protection' + - name: 'cloudrunv2_job_emptydir' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-job%s", context["random_suffix"])' + min_version: 'beta' + vars: + cloud_run_job_name: 'cloudrun-job' + ignore_read_extra: + - 'deletion_protection' + - name: 'cloudrunv2_job_run_job' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-job%s", context["random_suffix"])' + min_version: 'beta' + vars: + cloud_run_job_name: 'cloudrun-job' + ignore_read_extra: + - 'deletion_protection' +virtual_fields: + - name: 'deletion_protection' + description: | + Whether Terraform will be prevented from destroying the job. Defaults to true. + When a`terraform destroy` or `terraform apply` would delete the job, + the command will fail if this field is not set to false in Terraform state. + When the field is set to true or unset in Terraform state, a `terraform apply` + or `terraform destroy` that would delete the job will fail. + When the field is set to false, deleting the job is allowed. + type: Boolean + default_value: true +parameters: + - name: 'location' + type: String + description: The location of the cloud run job + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: | + Name of the Job. + url_param_only: true + required: true + immutable: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/resource_from_self_link.go.tmpl' + - name: 'uid' + type: String + description: | + Server assigned unique identifier for the Execution. The value is a UUID4 string and guaranteed to remain unchanged until the resource is deleted. + output: true + - name: 'generation' + type: String + description: | + A number that monotonically increases every time the user modifies the desired state. + output: true + - name: 'labels' + type: KeyValueLabels + description: |- + Unstructured key value map that can be used to organize and categorize objects. User-provided labels are shared with Google's billing system, so they can be used to filter, or break down billing charges by team, component, + environment, state, etc. For more information, visit https://cloud.google.com/resource-manager/docs/creating-managing-labels or https://cloud.google.com/run/docs/configuring/labels. + + Cloud Run API v2 does not support labels with `run.googleapis.com`, `cloud.googleapis.com`, `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and they will be rejected. + All system labels in v1 now have a corresponding field in v2 Job. + - name: 'annotations' + type: KeyValueAnnotations + description: |- + Unstructured key value map that may be set by external tools to store and arbitrary metadata. They are not queryable and should be preserved when modifying objects. + + Cloud Run API v2 does not support annotations with `run.googleapis.com`, `cloud.googleapis.com`, `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and they will be rejected on new resources. + All system annotations in v1 now have a corresponding field in v2 Job. + + This field follows Kubernetes annotations' namespacing, limits, and rules. + - name: 'createTime' + type: Time + description: |- + The creation time. + output: true + - name: 'updateTime' + type: Time + description: |- + The last-modified time. + output: true + - name: 'deleteTime' + type: Time + description: |- + The deletion time. + output: true + - name: 'expireTime' + type: Time + description: |- + For a deleted resource, the time after which it will be permamently deleted. + output: true + - name: 'creator' + type: String + description: |- + Email address of the authenticated creator. + output: true + - name: 'lastModifier' + type: String + description: |- + Email address of the last authenticated modifier. + output: true + - name: 'client' + type: String + description: | + Arbitrary identifier for the API client. + - name: 'clientVersion' + type: String + description: | + Arbitrary version identifier for the API client. + - name: 'launchStage' + type: Enum + description: | + The launch stage as defined by [Google Cloud Platform Launch Stages](https://cloud.google.com/products#product-launch-stages). Cloud Run supports ALPHA, BETA, and GA. + If no value is specified, GA is assumed. Set the launch stage to a preview stage on input to allow use of preview features in that stage. On read (or output), describes whether the resource uses preview features. + + For example, if ALPHA is provided as input, but only BETA and GA-level features are used, this field will be BETA on output. + default_from_api: true + enum_values: + - 'UNIMPLEMENTED' + - 'PRELAUNCH' + - 'EARLY_ACCESS' + - 'ALPHA' + - 'BETA' + - 'GA' + - 'DEPRECATED' + - name: 'binaryAuthorization' + type: NestedObject + description: | + Settings for the Binary Authorization feature. + properties: + - name: 'breakglassJustification' + type: String + description: | + If present, indicates to use Breakglass using this justification. If useDefault is False, then it must be empty. For more information on breakglass, see https://cloud.google.com/binary-authorization/docs/using-breakglass + - name: 'useDefault' + type: Boolean + description: | + If True, indicates to use the default project's binary authorization policy. If False, binary authorization will be disabled. + conflicts: + - policy + - name: 'policy' + type: String + description: | + The path to a binary authorization policy. Format: projects/{project}/platforms/cloudRun/{policy-name} + conflicts: + - use_default + - name: 'startExecutionToken' + type: String + description: |- + A unique string used as a suffix creating a new execution upon job create or update. The Job will become ready when the execution is successfully started. + The sum of job name and token length must be fewer than 63 characters. + min_version: 'beta' + conflicts: + - run_execution_token + - name: 'runExecutionToken' + type: String + description: |- + A unique string used as a suffix creating a new execution upon job create or update. The Job will become ready when the execution is successfully completed. + The sum of job name and token length must be fewer than 63 characters. + min_version: 'beta' + conflicts: + - start_execution_token + - name: 'template' + type: NestedObject + description: | + The template used to create executions for this Job. + required: true + properties: + - name: 'labels' + type: KeyValuePairs + description: |- + Unstructured key value map that can be used to organize and categorize objects. User-provided labels are shared with Google's billing system, so they can be used to filter, + or break down billing charges by team, component, environment, state, etc. For more information, visit https://cloud.google.com/resource-manager/docs/creating-managing-labels or + https://cloud.google.com/run/docs/configuring/labels. + + Cloud Run API v2 does not support labels with `run.googleapis.com`, `cloud.googleapis.com`, `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and they will be rejected. + All system labels in v1 now have a corresponding field in v2 ExecutionTemplate. + - name: 'annotations' + type: KeyValuePairs + description: |- + Unstructured key value map that may be set by external tools to store and arbitrary metadata. They are not queryable and should be preserved when modifying objects. + + Cloud Run API v2 does not support annotations with `run.googleapis.com`, `cloud.googleapis.com`, `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and they will be rejected. + All system annotations in v1 now have a corresponding field in v2 ExecutionTemplate. + + This field follows Kubernetes annotations' namespacing, limits, and rules. + - name: 'parallelism' + type: Integer + description: |- + Specifies the maximum desired number of tasks the execution should run at given time. Must be <= taskCount. When the job is run, if this field is 0 or unset, the maximum possible value will be used for that execution. The actual number of tasks running in steady state will be less than this number when there are fewer tasks waiting to be completed remaining, i.e. when the work left to do is less than max parallelism. + default_from_api: true + - name: 'taskCount' + type: Integer + description: |- + Specifies the desired number of tasks the execution should run. Setting to 1 means that parallelism is limited to 1 and the success of that task signals the success of the execution. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ + default_from_api: true + - name: 'template' + type: NestedObject + description: | + Describes the task(s) that will be created when executing an execution + required: true + properties: + - name: 'containers' + type: Array + description: |- + Holds the single container that defines the unit of execution for this task. + default_from_api: true + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: |- + Name of the container specified as a DNS_LABEL. + - name: 'image' + type: String + description: |- + URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images + required: true + - name: 'command' + type: Array + description: |- + Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + item_type: + type: String + - name: 'args' + type: Array + description: |- + Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references are not supported in Cloud Run. + item_type: + type: String + - name: 'env' + type: Array + description: |- + List of environment variables to set in the container. + is_set: true + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: |- + Name of the environment variable. Must be a C_IDENTIFIER, and mnay not exceed 32768 characters. + required: true + - name: 'value' + type: String + description: |- + Literal value of the environment variable. Defaults to "" and the maximum allowed length is 32768 characters. Variable references are not supported in Cloud Run. + # exactly_one_of: + # - template.0.template.0.containers.0.env.0.value + # - template.0.template.0.containers.0.env.0.valueSource + - name: 'valueSource' + type: NestedObject + description: |- + Source for the environment variable's value. + # exactly_one_of: + # - template.0.template.0.containers.0.env.0.value + # - template.0.template.0.containers.0.env.0.valueSource + properties: + - name: 'secretKeyRef' + type: NestedObject + description: |- + Selects a secret and a specific version from Cloud Secret Manager. + properties: + - name: 'secret' + type: String + description: |- + The name of the secret in Cloud Secret Manager. Format: {secretName} if the secret is in the same project. projects/{project}/secrets/{secretName} if the secret is in a different project. + required: true + - name: 'version' + type: String + description: |- + The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. + required: true + - name: 'resources' + type: NestedObject + description: |- + Compute Resource requirements by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + default_from_api: true + properties: + - name: 'limits' + type: KeyValuePairs + description: |- + Only memory and CPU are supported. Use key `cpu` for CPU limit and `memory` for memory limit. Note: The only supported values for CPU are '1', '2', '4', and '8'. Setting 4 CPU requires at least 2Gi of memory. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go + default_from_api: true + - name: 'ports' + type: Array + description: |- + List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. + + If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: |- + If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c". + - name: 'containerPort' + type: Integer + description: |- + Port number the container listens on. This must be a valid TCP port number, 0 < containerPort < 65536. + - name: 'volumeMounts' + type: Array + description: |- + Volume to mount into the container's filesystem. + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: |- + This must match the Name of a Volume. + required: true + - name: 'mountPath' + type: String + description: |- + Path within the container at which the volume should be mounted. Must not contain ':'. For Cloud SQL volumes, it can be left empty, or must otherwise be /cloudsql. All instances defined in the Volume will be available as /cloudsql/[instance]. For more information on Cloud SQL volumes, visit https://cloud.google.com/sql/docs/mysql/connect-run + required: true + - name: 'workingDir' + type: String + description: |- + Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. + - name: 'volumes' + type: Array + description: |- + A list of Volumes to make available to containers. + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: |- + Volume's name. + required: true + - name: 'secret' + type: NestedObject + description: |- + Secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + # exactly_one_of: + # - template.0.template.0.volumes.0.secret + # - template.0.template.0.volumes.0.cloudSqlInstance + # - template.0.template.0.volumes.0.emptyDir + # - template.0.volumes.0.gcs + # - template.0.volumes.0.nfs + properties: + - name: 'secret' + type: String + description: |- + The name of the secret in Cloud Secret Manager. Format: {secret} if the secret is in the same project. projects/{project}/secrets/{secret} if the secret is in a different project. + required: true + - name: 'defaultMode' + type: Integer + description: |- + Integer representation of mode bits to use on created files by default. Must be a value between 0000 and 0777 (octal), defaulting to 0444. Directories within the path are not affected by this setting. + - name: 'items' + type: Array + description: |- + If unspecified, the volume will expose a file whose name is the secret, relative to VolumeMount.mount_path. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a path and a version. + item_type: + type: NestedObject + properties: + - name: 'path' + type: String + description: |- + The relative path of the secret in the container. + required: true + - name: 'version' + type: String + description: |- + The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version + required: true + - name: 'mode' + type: Integer + description: |- + Integer octal mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. + - name: 'cloudSqlInstance' + type: NestedObject + description: |- + For Cloud SQL volumes, contains the specific instances that should be mounted. Visit https://cloud.google.com/sql/docs/mysql/connect-run for more information on how to connect Cloud SQL and Cloud Run. + # exactly_one_of: + # - template.0.template.0.volumes.0.secret + # - template.0.template.0.volumes.0.cloudSqlInstance + # - template.0.template.0.volumes.0.emptyDir + # - template.0.volumes.0.gcs + # - template.0.volumes.0.nfs + properties: + - name: 'instances' + type: Array + description: |- + The Cloud SQL instance connection names, as can be found in https://console.cloud.google.com/sql/instances. Visit https://cloud.google.com/sql/docs/mysql/connect-run for more information on how to connect Cloud SQL and Cloud Run. Format: {project}:{location}:{instance} + item_type: + type: String + - name: 'emptyDir' + type: NestedObject + description: |- + Ephemeral storage used as a shared volume. + min_version: 'beta' + # exactly_one_of: + # - template.0.template.0.volumes.0.secret + # - template.0.template.0.volumes.0.cloudSqlInstance + # - template.0.template.0.volumes.0.emptyDir + # - template.0.volumes.0.gcs + # - template.0.volumes.0.nfs + properties: + - name: 'medium' + type: Enum + description: |- + The different types of medium supported for EmptyDir. + default_value: "MEMORY" + enum_values: + - 'MEMORY' + - name: 'sizeLimit' + type: String + description: |- + Limit on the storage usable by this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. This field's values are of the 'Quantity' k8s type: https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/quantity/. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir. + - name: 'gcs' + type: NestedObject + description: |- + Cloud Storage bucket mounted as a volume using GCSFuse. + # exactly_one_of: + # - template.0.volumes.0.secret + # - template.0.volumes.0.cloudSqlInstance + # - template.0.volumes.0.emptyDir + # - template.0.volumes.0.gcs + # - template.0.volumes.0.nfs + properties: + - name: 'bucket' + type: String + description: |- + Name of the cloud storage bucket to back the volume. The resource service account must have permission to access the bucket. + required: true + - name: 'readOnly' + type: Boolean + description: |- + If true, mount this volume as read-only in all mounts. If false, mount this volume as read-write. + - name: 'nfs' + type: NestedObject + description: |- + NFS share mounted as a volume. + # exactly_one_of: + # - template.0.volumes.0.secret + # - template.0.volumes.0.cloudSqlInstance + # - template.0.volumes.0.emptyDir + # - template.0.volumes.0.gcs + # - template.0.volumes.0.nfs + properties: + - name: 'server' + type: String + description: |- + Hostname or IP address of the NFS server. + required: true + - name: 'path' + type: String + description: |- + Path that is exported by the NFS server. + - name: 'readOnly' + type: Boolean + description: |- + If true, mount this volume as read-only in all mounts. + - name: 'timeout' + type: String + description: |- + Max allowed time duration the Task may be active before the system will actively try to mark it failed and kill associated containers. This applies per attempt of a task, meaning each retry can run for the full timeout. + + A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". + default_from_api: true + validation: + regex: '^[0-9]+(?:\.[0-9]{1,9})?s$' + - name: 'serviceAccount' + type: String + description: |- + Email address of the IAM service account associated with the Task of a Job. The service account represents the identity of the running task, and determines what permissions the task has. If not provided, the task will use the project's default service account. + default_from_api: true + - name: 'executionEnvironment' + type: Enum + description: |- + The execution environment being used to host this Task. + default_from_api: true + enum_values: + - 'EXECUTION_ENVIRONMENT_GEN1' + - 'EXECUTION_ENVIRONMENT_GEN2' + - name: 'encryptionKey' + type: String + description: |- + A reference to a customer managed encryption key (CMEK) to use to encrypt this container image. For more information, go to https://cloud.google.com/run/docs/securing/using-cmek + - name: 'vpcAccess' + type: NestedObject + description: |- + VPC Access configuration to use for this Task. For more information, visit https://cloud.google.com/run/docs/configuring/connecting-vpc. + properties: + - name: 'connector' + type: String + description: |- + VPC Access connector name. Format: projects/{project}/locations/{location}/connectors/{connector}, where {project} can be project id or number. + - name: 'egress' + type: Enum + description: |- + Traffic VPC egress settings. + default_from_api: true + enum_values: + - 'ALL_TRAFFIC' + - 'PRIVATE_RANGES_ONLY' + - name: 'networkInterfaces' + type: Array + description: |- + Direct VPC egress settings. Currently only single network interface is supported. + item_type: + type: NestedObject + properties: + - name: 'network' + type: String + description: |- + The VPC network that the Cloud Run resource will be able to send traffic to. At least one of network or subnetwork must be specified. If both + network and subnetwork are specified, the given VPC subnetwork must belong to the given VPC network. If network is not specified, it will be + looked up from the subnetwork. + default_from_api: true + - name: 'subnetwork' + type: String + description: |- + The VPC subnetwork that the Cloud Run resource will get IPs from. At least one of network or subnetwork must be specified. If both + network and subnetwork are specified, the given VPC subnetwork must belong to the given VPC network. If subnetwork is not specified, the + subnetwork with the same name with the network will be used. + default_from_api: true + - name: 'tags' + type: Array + description: |- + Network tags applied to this Cloud Run job. + item_type: + type: String + - name: 'maxRetries' + type: Integer + description: |- + Number of retries allowed per Task, before marking this Task failed. + send_empty_value: true + default_value: 3 + - name: 'observedGeneration' + type: String + description: | + The generation of this Job. See comments in reconciling for additional information on reconciliation process in Cloud Run. + output: true + - name: 'terminalCondition' + type: NestedObject + description: | + The Condition of this Job, containing its readiness status, and detailed error information in case it did not reach the desired state + output: true + properties: + - name: 'type' + type: String + description: |- + type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready. + output: true + - name: 'state' + type: String + description: |- + State of the condition. + output: true + - name: 'message' + type: String + description: |- + Human readable message indicating details about the current status. + output: true + - name: 'lastTransitionTime' + type: Time + description: |- + Last time the condition transitioned from one status to another. + + A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + output: true + - name: 'severity' + type: String + description: |- + How to interpret failures of this condition, one of Error, Warning, Info + output: true + - name: 'reason' + type: String + description: |- + A common (service-level) reason for this condition. + output: true + - name: 'revisionReason' + type: String + description: |- + A reason for the revision condition. + output: true + - name: 'executionReason' + type: String + description: |- + A reason for the execution condition. + output: true + - name: 'conditions' + type: Array + description: |- + The Conditions of all other associated sub-resources. They contain additional diagnostics information in case the Job does not reach its desired state. See comments in reconciling for additional information on `reconciliation` process in Cloud Run. + output: true + item_type: + type: NestedObject + properties: + - name: 'type' + type: String + description: |- + type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready. + output: true + - name: 'state' + type: String + description: |- + State of the condition. + output: true + - name: 'message' + type: String + description: |- + Human readable message indicating details about the current status. + output: true + - name: 'lastTransitionTime' + type: Time + description: |- + Last time the condition transitioned from one status to another. + + A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + output: true + - name: 'severity' + type: String + description: |- + How to interpret failures of this condition, one of Error, Warning, Info + output: true + - name: 'reason' + type: String + description: |- + A common (service-level) reason for this condition. + output: true + - name: 'revisionReason' + type: String + description: |- + A reason for the revision condition. + output: true + - name: 'executionReason' + type: String + description: |- + A reason for the execution condition. + output: true + - name: 'executionCount' + type: Integer + description: | + Number of executions created for this job. + output: true + - name: 'latestCreatedExecution' + type: NestedObject + description: | + Name of the last created execution. + output: true + properties: + - name: 'name' + type: String + description: | + Name of the execution. + output: true + - name: 'createTime' + type: Time + description: | + Creation timestamp of the execution. + + A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + output: true + - name: 'completionTime' + type: Time + description: | + Completion timestamp of the execution. + + A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + output: true + - name: 'reconciling' + type: Boolean + description: | + Returns true if the Job is currently being acted upon by the system to bring it into the desired state. + + When a new Job is created, or an existing one is updated, Cloud Run will asynchronously perform all necessary steps to bring the Job to the desired state. This process is called reconciliation. While reconciliation is in process, observedGeneration and latest_succeeded_execution, will have transient values that might mismatch the intended state: Once reconciliation is over (and this field is false), there are two possible outcomes: reconciliation succeeded and the state matches the Job, or there was an error, and reconciliation failed. This state can be found in terminalCondition.state. + + If reconciliation succeeded, the following fields will match: observedGeneration and generation, latest_succeeded_execution and latestCreatedExecution. + + If reconciliation failed, observedGeneration and latest_succeeded_execution will have the state of the last succeeded execution or empty for newly created Job. Additional information on the failure can be found in terminalCondition and conditions + output: true + - name: 'etag' + type: String + description: | + A system-generated fingerprint for this version of the resource. May be used to detect modification conflict during updates. + output: true diff --git a/mmv1/products/cloudrunv2/go_Service.yaml b/mmv1/products/cloudrunv2/go_Service.yaml new file mode 100644 index 000000000000..16d596795d8b --- /dev/null +++ b/mmv1/products/cloudrunv2/go_Service.yaml @@ -0,0 +1,1118 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Service' +description: | + Service acts as a top-level container that manages a set of configurations and revision templates which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/run/docs/' + api: 'https://cloud.google.com/run/docs/reference/rest/v2/projects.locations.services' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/services/{{name}}' +base_url: 'projects/{{project}}/locations/{{location}}/services' +self_link: 'projects/{{project}}/locations/{{location}}/services/{{name}}' +create_url: 'projects/{{project}}/locations/{{location}}/services?serviceId={{name}}' +update_verb: 'PATCH' +import_format: + - 'projects/{{project}}/locations/{{location}}/services/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +iam_policy: + method_name_separator: ':' + parent_resource_attribute: 'name' + base_url: 'projects/{{project}}/locations/{{location}}/services/{{name}}' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/{{location}}/services/{{name}}' + - '{{name}}' +custom_code: + pre_delete: 'templates/terraform/pre_delete/go/cloudrunv2_service_deletion_policy.go.tmpl' +taint_resource_on_failed_create: true +examples: + - name: 'cloudrunv2_service_basic' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-service%s", context["random_suffix"])' + vars: + cloud_run_service_name: 'cloudrun-service' + ignore_read_extra: + - 'deletion_protection' + - name: 'cloudrunv2_service_limits' + primary_resource_id: 'default' + vars: + cloud_run_service_name: 'cloudrun-service' + ignore_read_extra: + - 'deletion_protection' + - name: 'cloudrunv2_service_sql' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' + vars: + cloud_run_service_name: 'cloudrun-service' + secret_id: 'secret-1' + cloud_run_sql_name: 'cloudrun-sql' + deletion_protection: 'true' + test_vars_overrides: + 'deletion_protection': 'false' + oics_vars_overrides: + 'deletion_protection': 'false' + ignore_read_extra: + - 'deletion_protection' + - name: 'cloudrunv2_service_vpcaccess' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' + vars: + cloud_run_service_name: 'cloudrun-service' + vpc_access_connector_name: 'run-vpc' + vpc_compute_subnetwork_name: 'run-subnetwork' + compute_network_name: 'run-network' + ignore_read_extra: + - 'deletion_protection' + - name: 'cloudrunv2_service_directvpc' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' + vars: + cloud_run_service_name: 'cloudrun-service' + ignore_read_extra: + - 'deletion_protection' + - name: 'cloudrunv2_service_gpu' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' + min_version: 'beta' + vars: + cloud_run_service_name: 'cloudrun-service' + ignore_read_extra: + - 'deletion_protection' + - name: 'cloudrunv2_service_probes' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' + vars: + cloud_run_service_name: 'cloudrun-service' + ignore_read_extra: + - 'deletion_protection' + - name: 'cloudrunv2_service_secret' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' + vars: + cloud_run_service_name: 'cloudrun-service' + secret_id: 'secret-1' + ignore_read_extra: + - 'deletion_protection' + - name: 'cloudrunv2_service_multicontainer' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-service%s", context["random_suffix"])' + min_version: 'beta' + vars: + cloud_run_service_name: 'cloudrun-service' + ignore_read_extra: + - 'deletion_protection' + - name: 'cloudrunv2_service_mount_gcs' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-service-%s", context["random_suffix"])' + vars: + cloud_run_service_name: 'cloudrun-service' + ignore_read_extra: + - 'deletion_protection' + # Currently failing + skip_vcr: true + - name: 'cloudrunv2_service_mount_nfs' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-service-%s", context["random_suffix"])' + vars: + cloud_run_service_name: 'cloudrun-service' + ignore_read_extra: + - 'deletion_protection' + # Currently failing + skip_vcr: true + - name: 'cloudrunv2_service_mesh' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-service-%s", context["random_suffix"])' + min_version: 'beta' + vars: + cloud_run_service_name: 'cloudrun-service' + mesh_name: 'network-services-mesh' + ignore_read_extra: + - 'deletion_protection' + external_providers: ["time"] +virtual_fields: + - name: 'deletion_protection' + description: | + Whether Terraform will be prevented from destroying the service. Defaults to true. + When a`terraform destroy` or `terraform apply` would delete the service, + the command will fail if this field is not set to false in Terraform state. + When the field is set to true or unset in Terraform state, a `terraform apply` + or `terraform destroy` that would delete the service will fail. + When the field is set to false, deleting the service is allowed. + type: Boolean + default_value: true +parameters: + - name: 'location' + type: String + description: The location of the cloud run service + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: | + Name of the Service. + url_param_only: true + required: true + immutable: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/resource_from_self_link.go.tmpl' + - name: 'description' + type: String + description: | + User-provided description of the Service. This field currently has a 512-character limit. + - name: 'uid' + type: String + description: | + Server assigned unique identifier for the trigger. The value is a UUID4 string and guaranteed to remain unchanged until the resource is deleted. + output: true + - name: 'generation' + type: String + description: | + A number that monotonically increases every time the user modifies the desired state. Please note that unlike v1, this is an int64 value. As with most Google APIs, its JSON representation will be a string instead of an integer. + output: true + - name: 'labels' + type: KeyValueLabels + description: |- + Unstructured key value map that can be used to organize and categorize objects. User-provided labels are shared with Google's billing system, so they can be used to filter, or break down billing charges by team, component, + environment, state, etc. For more information, visit https://cloud.google.com/resource-manager/docs/creating-managing-labels or https://cloud.google.com/run/docs/configuring/labels. + + Cloud Run API v2 does not support labels with `run.googleapis.com`, `cloud.googleapis.com`, `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and they will be rejected. + All system labels in v1 now have a corresponding field in v2 Service. + - name: 'annotations' + type: KeyValueAnnotations + description: |- + Unstructured key value map that may be set by external tools to store and arbitrary metadata. They are not queryable and should be preserved when modifying objects. + + Cloud Run API v2 does not support annotations with `run.googleapis.com`, `cloud.googleapis.com`, `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and they will be rejected in new resources. + All system annotations in v1 now have a corresponding field in v2 Service. + + This field follows Kubernetes annotations' namespacing, limits, and rules. + - name: 'createTime' + type: Time + description: |- + The creation time. + output: true + - name: 'updateTime' + type: Time + description: |- + The last-modified time. + output: true + - name: 'deleteTime' + type: Time + description: |- + The deletion time. + output: true + - name: 'expireTime' + type: Time + description: |- + For a deleted resource, the time after which it will be permamently deleted. + output: true + - name: 'creator' + type: String + description: |- + Email address of the authenticated creator. + output: true + - name: 'lastModifier' + type: String + description: |- + Email address of the last authenticated modifier. + output: true + - name: 'client' + type: String + description: | + Arbitrary identifier for the API client. + - name: 'clientVersion' + type: String + description: | + Arbitrary version identifier for the API client. + - name: 'ingress' + type: Enum + description: | + Provides the ingress settings for this Service. On output, returns the currently observed ingress settings, or INGRESS_TRAFFIC_UNSPECIFIED if no revision is active. + default_from_api: true + enum_values: + - 'INGRESS_TRAFFIC_ALL' + - 'INGRESS_TRAFFIC_INTERNAL_ONLY' + - 'INGRESS_TRAFFIC_INTERNAL_LOAD_BALANCER' + - name: 'launchStage' + type: Enum + description: | + The launch stage as defined by [Google Cloud Platform Launch Stages](https://cloud.google.com/products#product-launch-stages). Cloud Run supports ALPHA, BETA, and GA. + If no value is specified, GA is assumed. Set the launch stage to a preview stage on input to allow use of preview features in that stage. On read (or output), describes whether the resource uses preview features. + + For example, if ALPHA is provided as input, but only BETA and GA-level features are used, this field will be BETA on output. + default_from_api: true + enum_values: + - 'UNIMPLEMENTED' + - 'PRELAUNCH' + - 'EARLY_ACCESS' + - 'ALPHA' + - 'BETA' + - 'GA' + - 'DEPRECATED' + - name: 'binaryAuthorization' + type: NestedObject + description: | + Settings for the Binary Authorization feature. + properties: + - name: 'breakglassJustification' + type: String + description: | + If present, indicates to use Breakglass using this justification. If useDefault is False, then it must be empty. For more information on breakglass, see https://cloud.google.com/binary-authorization/docs/using-breakglass + - name: 'useDefault' + type: Boolean + description: | + If True, indicates to use the default project's binary authorization policy. If False, binary authorization will be disabled. + conflicts: + - policy + - name: 'policy' + type: String + description: | + The path to a binary authorization policy. Format: projects/{project}/platforms/cloudRun/{policy-name} + conflicts: + - use_default + - name: 'customAudiences' + type: Array + description: | + One or more custom audiences that you want this service to support. Specify each custom audience as the full URL in a string. The custom audiences are encoded in the token and used to authenticate requests. + For more information, see https://cloud.google.com/run/docs/configuring/custom-audiences. + item_type: + type: String + - name: 'scaling' + type: NestedObject + description: | + Scaling settings that apply to the whole service + properties: + - name: 'minInstanceCount' + type: Integer + description: | + Minimum number of instances for the service, to be divided among all revisions receiving traffic. + - name: 'defaultUriDisabled' + type: Boolean + description: |- + Disables public resolution of the default URI of this service. + min_version: 'beta' + - name: 'template' + type: NestedObject + description: | + The template used to create revisions for this Service. + required: true + properties: + - name: 'revision' + type: String + description: |- + The unique name for the revision. If this field is omitted, it will be automatically generated based on the Service name. + - name: 'labels' + type: KeyValuePairs + description: |- + Unstructured key value map that can be used to organize and categorize objects. User-provided labels are shared with Google's billing system, so they can be used to filter, or break down billing charges by team, component, environment, state, etc. + For more information, visit https://cloud.google.com/resource-manager/docs/creating-managing-labels or https://cloud.google.com/run/docs/configuring/labels. + + Cloud Run API v2 does not support labels with `run.googleapis.com`, `cloud.googleapis.com`, `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and they will be rejected. + All system labels in v1 now have a corresponding field in v2 RevisionTemplate. + - name: 'annotations' + type: KeyValuePairs + description: |- + Unstructured key value map that may be set by external tools to store and arbitrary metadata. They are not queryable and should be preserved when modifying objects. + + Cloud Run API v2 does not support annotations with `run.googleapis.com`, `cloud.googleapis.com`, `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and they will be rejected. + All system annotations in v1 now have a corresponding field in v2 RevisionTemplate. + + This field follows Kubernetes annotations' namespacing, limits, and rules. + - name: 'scaling' + type: NestedObject + description: | + Scaling settings for this Revision. + default_from_api: true + properties: + - name: 'minInstanceCount' + type: Integer + description: |- + Minimum number of serving instances that this resource should have. + - name: 'maxInstanceCount' + type: Integer + description: |- + Maximum number of serving instances that this resource should have. + - name: 'vpcAccess' + type: NestedObject + description: |- + VPC Access configuration to use for this Task. For more information, visit https://cloud.google.com/run/docs/configuring/connecting-vpc. + properties: + - name: 'connector' + type: String + description: |- + VPC Access connector name. Format: projects/{project}/locations/{location}/connectors/{connector}, where {project} can be project id or number. + - name: 'egress' + type: Enum + description: |- + Traffic VPC egress settings. + default_from_api: true + enum_values: + - 'ALL_TRAFFIC' + - 'PRIVATE_RANGES_ONLY' + - name: 'networkInterfaces' + type: Array + description: |- + Direct VPC egress settings. Currently only single network interface is supported. + item_type: + type: NestedObject + properties: + - name: 'network' + type: String + description: |- + The VPC network that the Cloud Run resource will be able to send traffic to. At least one of network or subnetwork must be specified. If both + network and subnetwork are specified, the given VPC subnetwork must belong to the given VPC network. If network is not specified, it will be + looked up from the subnetwork. + default_from_api: true + - name: 'subnetwork' + type: String + description: |- + The VPC subnetwork that the Cloud Run resource will get IPs from. At least one of network or subnetwork must be specified. If both + network and subnetwork are specified, the given VPC subnetwork must belong to the given VPC network. If subnetwork is not specified, the + subnetwork with the same name with the network will be used. + default_from_api: true + - name: 'tags' + type: Array + description: |- + Network tags applied to this Cloud Run service. + item_type: + type: String + - name: 'timeout' + type: String + description: |- + Max allowed time for an instance to respond to a request. + + A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". + default_from_api: true + validation: + regex: '^[0-9]+(?:\.[0-9]{1,9})?s$' + - name: 'serviceAccount' + type: String + description: |- + Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. + default_from_api: true + - name: 'containers' + type: Array + description: |- + Holds the containers that define the unit of execution for this Service. + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: |- + Name of the container specified as a DNS_LABEL. + - name: 'image' + type: String + description: |- + URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images + required: true + - name: 'command' + type: Array + description: |- + Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + item_type: + type: String + - name: 'args' + type: Array + description: |- + Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references are not supported in Cloud Run. + item_type: + type: String + - name: 'env' + type: Array + description: |- + List of environment variables to set in the container. + is_set: true + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: |- + Name of the environment variable. Must be a C_IDENTIFIER, and may not exceed 32768 characters. + required: true + - name: 'value' + type: String + description: |- + Literal value of the environment variable. Defaults to "" and the maximum allowed length is 32768 characters. Variable references are not supported in Cloud Run. + # exactly_one_of: + # - template.0.containers.0.env.0.value + # - template.0.containers.0.env.0.valueSource + - name: 'valueSource' + type: NestedObject + description: |- + Source for the environment variable's value. + # exactly_one_of: + # - template.0.containers.0.env.0.value + # - template.0.containers.0.env.0.valueSource + properties: + - name: 'secretKeyRef' + type: NestedObject + description: |- + Selects a secret and a specific version from Cloud Secret Manager. + properties: + - name: 'secret' + type: String + description: |- + The name of the secret in Cloud Secret Manager. Format: {secretName} if the secret is in the same project. projects/{project}/secrets/{secretName} if the secret is in a different project. + required: true + - name: 'version' + type: String + description: |- + The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. + - name: 'resources' + type: NestedObject + description: |- + Compute Resource requirements by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + default_from_api: true + properties: + - name: 'limits' + type: KeyValuePairs + description: |- + Only memory, CPU, and nvidia.com/gpu are supported. Use key `cpu` for CPU limit, `memory` for memory limit, `nvidia.com/gpu` for gpu limit. Note: The only supported values for CPU are '1', '2', '4', and '8'. Setting 4 CPU requires at least 2Gi of memory. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go + default_from_api: true + - name: 'cpuIdle' + type: Boolean + description: |- + Determines whether CPU is only allocated during requests. True by default if the parent `resources` field is not set. However, if + `resources` is set, this field must be explicitly set to true to preserve the default behavior. + - name: 'startupCpuBoost' + type: Boolean + description: |- + Determines whether CPU should be boosted on startup of a new container instance above the requested CPU threshold, this can help reduce cold-start latency. + - name: 'ports' + type: Array + description: |- + List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. + + If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on + default_from_api: true + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: |- + If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c". + default_from_api: true + - name: 'containerPort' + type: Integer + description: |- + Port number the container listens on. This must be a valid TCP port number, 0 < containerPort < 65536. + max_size: 1 + - name: 'volumeMounts' + type: Array + description: |- + Volume to mount into the container's filesystem. + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: |- + This must match the Name of a Volume. + required: true + - name: 'mountPath' + type: String + description: |- + Path within the container at which the volume should be mounted. Must not contain ':'. For Cloud SQL volumes, it can be left empty, or must otherwise be /cloudsql. All instances defined in the Volume will be available as /cloudsql/[instance]. For more information on Cloud SQL volumes, visit https://cloud.google.com/sql/docs/mysql/connect-run + required: true + - name: 'workingDir' + type: String + description: |- + Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. + - name: 'livenessProbe' + type: NestedObject + description: |- + Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + properties: + - name: 'initialDelaySeconds' + type: Integer + description: |- + Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + default_value: 0 + - name: 'timeoutSeconds' + type: Integer + description: |- + Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than periodSeconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + default_value: 1 + - name: 'periodSeconds' + type: Integer + description: |- + How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeoutSeconds + default_value: 10 + - name: 'failureThreshold' + type: Integer + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + default_value: 3 + - name: 'httpGet' + type: NestedObject + description: |- + HTTPGet specifies the http request to perform. + send_empty_value: true + allow_empty_object: true + # exactly_one_of: + # - template.0.containers.0.startupProbe.0.httpGet + # - template.0.containers.0.startupProbe.0.tcpSocket + # - template.0.containers.0.startupProbe.0.grpc + properties: + - name: 'path' + type: String + description: |- + Path to access on the HTTP server. Defaults to '/'. + default_value: "/" + - name: 'port' + type: Integer + description: |- + Port number to access on the container. Number must be in the range 1 to 65535. + If not specified, defaults to the same value as container.ports[0].containerPort. + default_from_api: true + - name: 'httpHeaders' + type: Array + description: |- + Custom headers to set in the request. HTTP allows repeated headers. + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: |- + The header field name + required: true + - name: 'value' + type: String + description: |- + The header field value + send_empty_value: true + default_value: "" + - name: 'grpc' + type: NestedObject + description: |- + GRPC specifies an action involving a GRPC port. + send_empty_value: true + allow_empty_object: true + properties: + - name: 'port' + type: Integer + description: |- + Port number to access on the container. Number must be in the range 1 to 65535. + If not specified, defaults to the same value as container.ports[0].containerPort. + default_from_api: true + - name: 'service' + type: String + description: |- + The name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + If this is not specified, the default behavior is defined by gRPC. + - name: 'tcpSocket' + type: NestedObject + description: TCPSocketAction describes an action based on opening a socket + properties: + - name: 'port' + type: Integer + description: |- + Port number to access on the container. Must be in the range 1 to 65535. + If not specified, defaults to the exposed port of the container, which + is the value of container.ports[0].containerPort. + required: true + - name: 'startupProbe' + type: NestedObject + description: |- + Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + default_from_api: true + properties: + - name: 'initialDelaySeconds' + type: Integer + description: |- + Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + default_value: 0 + - name: 'timeoutSeconds' + type: Integer + description: |- + Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than periodSeconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + default_value: 1 + - name: 'periodSeconds' + type: Integer + description: |- + How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeoutSeconds + default_value: 10 + - name: 'failureThreshold' + type: Integer + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + default_value: 3 + - name: 'httpGet' + type: NestedObject + description: |- + HTTPGet specifies the http request to perform. Exactly one of HTTPGet or TCPSocket must be specified. + send_empty_value: true + allow_empty_object: true + properties: + - name: 'path' + type: String + description: |- + Path to access on the HTTP server. Defaults to '/'. + default_value: "/" + - name: 'port' + type: Integer + description: |- + Port number to access on the container. Must be in the range 1 to 65535. + If not specified, defaults to the same value as container.ports[0].containerPort. + default_from_api: true + - name: 'httpHeaders' + type: Array + description: |- + Custom headers to set in the request. HTTP allows repeated headers. + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: |- + The header field name + required: true + - name: 'value' + type: String + description: |- + The header field value + send_empty_value: true + default_value: "" + - name: 'tcpSocket' + type: NestedObject + description: |- + TCPSocket specifies an action involving a TCP port. Exactly one of HTTPGet or TCPSocket must be specified. + send_empty_value: true + allow_empty_object: true + # exactly_one_of: + # - template.0.containers.0.startupProbe.0.httpGet + # - template.0.containers.0.startupProbe.0.tcpSocket + # - template.0.containers.0.startupProbe.0.grpc + properties: + - name: 'port' + type: Integer + description: |- + Port number to access on the container. Must be in the range 1 to 65535. + If not specified, defaults to the same value as container.ports[0].containerPort. + default_from_api: true + - name: 'grpc' + type: NestedObject + description: |- + GRPC specifies an action involving a GRPC port. + send_empty_value: true + allow_empty_object: true + # exactly_one_of: + # - template.0.containers.0.startupProbe.0.httpGet + # - template.0.containers.0.startupProbe.0.tcpSocket + # - template.0.containers.0.startupProbe.0.grpc + properties: + - name: 'port' + type: Integer + description: |- + Port number to access on the container. Number must be in the range 1 to 65535. + If not specified, defaults to the same value as container.ports[0].containerPort. + default_from_api: true + - name: 'service' + type: String + description: |- + The name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + If this is not specified, the default behavior is defined by gRPC. + - name: 'dependsOn' + type: Array + description: |- + Containers which should be started before this container. If specified the container will wait to start until all containers with the listed names are healthy. + item_type: + type: String + - name: 'volumes' + type: Array + description: |- + A list of Volumes to make available to containers. + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: |- + Volume's name. + required: true + - name: 'secret' + type: NestedObject + description: |- + Secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + # exactly_one_of: + # - template.0.volumes.0.secret + # - template.0.volumes.0.cloudSqlInstance + # - template.0.volumes.0.emptyDir + properties: + - name: 'secret' + type: String + description: |- + The name of the secret in Cloud Secret Manager. Format: {secret} if the secret is in the same project. projects/{project}/secrets/{secret} if the secret is in a different project. + required: true + - name: 'defaultMode' + type: Integer + description: |- + Integer representation of mode bits to use on created files by default. Must be a value between 0000 and 0777 (octal), defaulting to 0444. Directories within the path are not affected by this setting. + - name: 'items' + type: Array + description: |- + If unspecified, the volume will expose a file whose name is the secret, relative to VolumeMount.mount_path. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a path and a version. + item_type: + type: NestedObject + properties: + - name: 'path' + type: String + description: |- + The relative path of the secret in the container. + required: true + - name: 'version' + type: String + description: |- + The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version + - name: 'mode' + type: Integer + description: |- + Integer octal mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. + - name: 'cloudSqlInstance' + type: NestedObject + description: |- + For Cloud SQL volumes, contains the specific instances that should be mounted. Visit https://cloud.google.com/sql/docs/mysql/connect-run for more information on how to connect Cloud SQL and Cloud Run. + # exactly_one_of: + # - template.0.volumes.0.secret + # - template.0.volumes.0.cloudSqlInstance + # - template.0.volumes.0.emptyDir + # - template.0.volumes.0.gcs + properties: + - name: 'instances' + type: Array + description: |- + The Cloud SQL instance connection names, as can be found in https://console.cloud.google.com/sql/instances. Visit https://cloud.google.com/sql/docs/mysql/connect-run for more information on how to connect Cloud SQL and Cloud Run. Format: {project}:{location}:{instance} + is_set: true + item_type: + type: String + - name: 'emptyDir' + type: NestedObject + description: |- + Ephemeral storage used as a shared volume. + min_version: 'beta' + # exactly_one_of: + # - template.0.volumes.0.secret + # - template.0.volumes.0.cloudSqlInstance + # - template.0.volumes.0.emptyDir + # - template.0.volumes.0.gcs + properties: + - name: 'medium' + type: Enum + description: |- + The different types of medium supported for EmptyDir. + default_value: "MEMORY" + enum_values: + - 'MEMORY' + - name: 'sizeLimit' + type: String + description: |- + Limit on the storage usable by this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. This field's values are of the 'Quantity' k8s type: https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/quantity/. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir. + - name: 'gcs' + type: NestedObject + description: |- + Cloud Storage bucket mounted as a volume using GCSFuse. This feature is only supported in the gen2 execution environment. + # exactly_one_of: + # - template.0.volumes.0.secret + # - template.0.volumes.0.cloudSqlInstance + # - template.0.volumes.0.emptyDir + # - template.0.volumes.0.gcs + properties: + - name: 'bucket' + type: String + description: GCS Bucket name + required: true + - name: 'readOnly' + type: Boolean + description: If true, mount the GCS bucket as read-only + required: false + - name: 'nfs' + type: NestedObject + description: Represents an NFS mount. + properties: + - name: 'server' + type: String + description: Hostname or IP address of the NFS server + required: true + - name: 'path' + type: String + description: Path that is exported by the NFS server. + required: true + - name: 'readOnly' + type: Boolean + description: If true, mount the NFS volume as read only + required: false + - name: 'executionEnvironment' + type: Enum + description: |- + The sandbox environment to host this Revision. + enum_values: + - 'EXECUTION_ENVIRONMENT_GEN1' + - 'EXECUTION_ENVIRONMENT_GEN2' + - name: 'encryptionKey' + type: String + description: |- + A reference to a customer managed encryption key (CMEK) to use to encrypt this container image. For more information, go to https://cloud.google.com/run/docs/securing/using-cmek + - name: 'maxInstanceRequestConcurrency' + type: Integer + description: |- + Sets the maximum number of requests that each serving instance can receive. + If not specified or 0, defaults to 80 when requested CPU >= 1 and defaults to 1 when requested CPU < 1. + default_from_api: true + - name: 'sessionAffinity' + type: Boolean + description: |- + Enables session affinity. For more information, go to https://cloud.google.com/run/docs/configuring/session-affinity + - name: 'serviceMesh' + type: NestedObject + description: |- + Enables Cloud Service Mesh for this Revision. + min_version: 'beta' + properties: + - name: 'mesh' + type: String + description: |- + The Mesh resource name. For more information see https://cloud.google.com/service-mesh/docs/reference/network-services/rest/v1/projects.locations.meshes#resource:-mesh. + - name: 'nodeSelector' + type: NestedObject + description: Node Selector describes the hardware requirements of the resources. + min_version: 'beta' + properties: + - name: 'accelerator' + type: String + description: + The GPU to attach to an instance. See https://cloud.google.com/run/docs/configuring/services/gpu for configuring GPU. + required: true + - name: 'traffic' + type: Array + description: |- + Specifies how to distribute traffic over a collection of Revisions belonging to the Service. If traffic is empty or not provided, defaults to 100% traffic to the latest Ready Revision. + default_from_api: true + item_type: + type: NestedObject + properties: + - name: 'type' + type: Enum + description: | + The allocation type for this traffic target. + enum_values: + - 'TRAFFIC_TARGET_ALLOCATION_TYPE_LATEST' + - 'TRAFFIC_TARGET_ALLOCATION_TYPE_REVISION' + - name: 'revision' + type: String + description: | + Revision to which to send this portion of traffic, if traffic allocation is by revision. + - name: 'percent' + type: Integer + description: | + Specifies percent of the traffic to this Revision. This defaults to zero if unspecified. + default_from_api: true + - name: 'tag' + type: String + description: | + Indicates a string to be part of the URI to exclusively reference this target. + - name: 'observedGeneration' + type: String + description: | + The generation of this Service currently serving traffic. See comments in reconciling for additional information on reconciliation process in Cloud Run. Please note that unlike v1, this is an int64 value. As with most Google APIs, its JSON representation will be a string instead of an integer. + output: true + - name: 'terminalCondition' + type: NestedObject + description: | + The Condition of this Service, containing its readiness status, and detailed error information in case it did not reach a serving state. See comments in reconciling for additional information on reconciliation process in Cloud Run. + output: true + properties: + - name: 'type' + type: String + description: |- + type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready. + output: true + - name: 'state' + type: String + description: |- + State of the condition. + output: true + - name: 'message' + type: String + description: |- + Human readable message indicating details about the current status. + output: true + - name: 'lastTransitionTime' + type: Time + description: |- + Last time the condition transitioned from one status to another. + output: true + - name: 'severity' + type: String + description: |- + How to interpret failures of this condition, one of Error, Warning, Info + output: true + - name: 'reason' + type: String + description: |- + A common (service-level) reason for this condition. + output: true + - name: 'revisionReason' + type: String + description: |- + A reason for the revision condition. + output: true + - name: 'executionReason' + type: String + description: |- + A reason for the execution condition. + output: true + - name: 'conditions' + type: Array + description: |- + The Conditions of all other associated sub-resources. They contain additional diagnostics information in case the Service does not reach its Serving state. See comments in reconciling for additional information on reconciliation process in Cloud Run. + output: true + item_type: + type: NestedObject + properties: + - name: 'type' + type: String + description: |- + type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready. + output: true + - name: 'state' + type: String + description: |- + State of the condition. + output: true + - name: 'message' + type: String + description: |- + Human readable message indicating details about the current status. + output: true + - name: 'lastTransitionTime' + type: Time + description: |- + Last time the condition transitioned from one status to another. + + A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + output: true + - name: 'severity' + type: String + description: |- + How to interpret failures of this condition, one of Error, Warning, Info + output: true + - name: 'reason' + type: String + description: |- + A common (service-level) reason for this condition. + output: true + - name: 'revisionReason' + type: String + description: |- + A reason for the revision condition. + output: true + - name: 'executionReason' + type: String + description: |- + A reason for the execution condition. + output: true + - name: 'latestReadyRevision' + type: String + description: | + Name of the latest revision that is serving traffic. See comments in reconciling for additional information on reconciliation process in Cloud Run. + output: true + - name: 'latestCreatedRevision' + type: String + description: | + Name of the last created revision. See comments in reconciling for additional information on reconciliation process in Cloud Run. + output: true + - name: 'trafficStatuses' + type: Array + description: |- + Detailed status information for corresponding traffic targets. See comments in reconciling for additional information on reconciliation process in Cloud Run. + output: true + item_type: + type: NestedObject + properties: + - name: 'type' + type: String + description: |- + The allocation type for this traffic target. + output: true + - name: 'revision' + type: String + description: |- + Revision to which this traffic is sent. + output: true + - name: 'percent' + type: Integer + description: |- + Specifies percent of the traffic to this Revision. + output: true + - name: 'tag' + type: String + description: |- + Indicates the string used in the URI to exclusively reference this target. + output: true + - name: 'uri' + type: String + description: |- + Displays the target URI. + output: true + - name: 'uri' + type: String + description: | + The main URI in which this Service is serving traffic. + output: true + - name: 'reconciling' + type: Boolean + description: | + Returns true if the Service is currently being acted upon by the system to bring it into the desired state. + + When a new Service is created, or an existing one is updated, Cloud Run will asynchronously perform all necessary steps to bring the Service to the desired serving state. This process is called reconciliation. While reconciliation is in process, observedGeneration, latest_ready_revison, trafficStatuses, and uri will have transient values that might mismatch the intended state: Once reconciliation is over (and this field is false), there are two possible outcomes: reconciliation succeeded and the serving state matches the Service, or there was an error, and reconciliation failed. This state can be found in terminalCondition.state. + + If reconciliation succeeded, the following fields will match: traffic and trafficStatuses, observedGeneration and generation, latestReadyRevision and latestCreatedRevision. + + If reconciliation failed, trafficStatuses, observedGeneration, and latestReadyRevision will have the state of the last serving revision, or empty for newly created Services. Additional information on the failure can be found in terminalCondition and conditions. + output: true + - name: 'etag' + type: String + description: | + A system-generated fingerprint for this version of the resource. May be used to detect modification conflict during updates. + output: true diff --git a/mmv1/products/cloudrunv2/go_product.yaml b/mmv1/products/cloudrunv2/go_product.yaml new file mode 100644 index 000000000000..f565c2f94e2e --- /dev/null +++ b/mmv1/products/cloudrunv2/go_product.yaml @@ -0,0 +1,24 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'CloudRunV2' +display_name: 'Cloud Run (v2 API)' +versions: + - name: 'ga' + base_url: 'https://run.googleapis.com/v2/' + - name: 'beta' + base_url: 'https://run.googleapis.com/v2/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/cloudrunv2/product.yaml b/mmv1/products/cloudrunv2/product.yaml index 758fbefa5922..7bcd046c9a97 100644 --- a/mmv1/products/cloudrunv2/product.yaml +++ b/mmv1/products/cloudrunv2/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2022 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,20 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: CloudRunV2 +display_name: Cloud Run (v2 API) +scopes: + - https://www.googleapis.com/auth/cloud-platform +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://run.googleapis.com/v2/ + - !ruby/object:Api::Product::Version + name: beta + base_url: https://run.googleapis.com/v2/ +======= --- name: 'CloudRunV2' display_name: 'Cloud Run (v2 API)' @@ -21,3 +39,4 @@ versions: base_url: 'https://run.googleapis.com/v2/' scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/cloudscheduler/Job.yaml b/mmv1/products/cloudscheduler/Job.yaml index 8350da41d56d..d83d13d2794e 100644 --- a/mmv1/products/cloudscheduler/Job.yaml +++ b/mmv1/products/cloudscheduler/Job.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,12 +15,39 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Job' +base_url: projects/{{project}}/locations/{{region}}/jobs +self_link: projects/{{project}}/locations/{{region}}/jobs/{{name}} +update_verb: :PATCH +======= --- name: 'Job' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A scheduled job that can publish a PubSub message or an HTTP request every X interval of time, using a crontab format string. +<<<<<<< HEAD +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/scheduler/' + api: 'https://cloud.google.com/scheduler/docs/reference/rest/' +id_format: 'projects/{{project}}/locations/{{region}}/jobs/{{name}}' +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: templates/terraform/constants/scheduler.erb + encoder: templates/terraform/encoders/cloud_scheduler.go.erb + update_encoder: templates/terraform/update_encoder/cloud_scheduler.go.erb + post_create: templates/terraform/post_create/cloud_scheduler.go.erb + post_update: templates/terraform/post_update/cloud_scheduler.go.erb +custom_diff: [ + 'validateAuthHeaders', +] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'scheduler_job_pubsub' +======= references: guides: 'Official Documentation': 'https://cloud.google.com/scheduler/' @@ -40,10 +71,30 @@ custom_diff: - 'validateAuthHeaders' examples: - name: 'scheduler_job_pubsub' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'job' vars: job_name: 'test-job' topic_name: 'job-topic' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'scheduler_job_http' + primary_resource_id: 'job' + vars: + job_name: 'test-job' + - !ruby/object:Provider::Terraform::Examples + name: 'scheduler_job_paused' + primary_resource_id: 'job' + vars: + job_name: 'test-job' + - !ruby/object:Provider::Terraform::Examples + name: 'scheduler_job_app_engine' + primary_resource_id: 'job' + vars: + job_name: 'test-job' + - !ruby/object:Provider::Terraform::Examples + name: 'scheduler_job_oauth' +======= - name: 'scheduler_job_http' primary_resource_id: 'job' vars: @@ -57,17 +108,39 @@ examples: vars: job_name: 'test-job' - name: 'scheduler_job_oauth' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'job' vars: job_name: 'test-job' test_env_vars: +<<<<<<< HEAD + project_name: :PROJECT_NAME + region: :REGION + - !ruby/object:Provider::Terraform::Examples + name: 'scheduler_job_oidc' +======= project_name: 'PROJECT_NAME' region: 'REGION' - name: 'scheduler_job_oidc' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'job' vars: job_name: 'test-job' parameters: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'region' + description: | + Region where the scheduler job resides. If it is not provided, Terraform will use the provider default. + required: false + immutable: true + url_param_only: true + default_from_api: true + ignore_read: true +properties: + - !ruby/object:Api::Type::String + name: name +======= - name: 'region' type: String description: | @@ -80,18 +153,35 @@ parameters: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the job. required: true immutable: true +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/shortname_to_url.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + - !ruby/object:Api::Type::String + name: description +======= custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' custom_expand: 'templates/terraform/custom_expand/shortname_to_url.go.tmpl' - name: 'description' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A human-readable description for the job. This string must not contain more than 500 characters. required: false +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: schedule + description: | + Describes the schedule on which the job will be executed. + required: false + - !ruby/object:Api::Type::String + name: timeZone +======= - name: 'schedule' type: String description: | @@ -99,10 +189,21 @@ properties: required: false - name: 'timeZone' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the time zone to be used in interpreting schedule. The value of this field must be a time zone name from the tz database. required: false +<<<<<<< HEAD + default_value: 'Etc/UTC' + - !ruby/object:Api::Type::String + name: state + description: | + State of the job. + output: true + - !ruby/object:Api::Type::Boolean + name: paused +======= default_value: "Etc/UTC" - name: 'state' type: String @@ -111,13 +212,20 @@ properties: output: true - name: 'paused' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Sets the job to a paused state. Jobs default to being enabled when this property is not set. required: false default_from_api: true +<<<<<<< HEAD + custom_flatten: templates/terraform/custom_flatten/cloud_scheduler_paused.go.erb + - !ruby/object:Api::Type::String + name: attemptDeadline +======= custom_flatten: 'templates/terraform/custom_flatten/cloud_scheduler_paused.go.tmpl' - name: 'attemptDeadline' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The deadline for job attempts. If the request handler does not respond by this deadline then the request is cancelled and the attempt is marked as a DEADLINE_EXCEEDED failure. The failed attempt can be viewed in @@ -128,23 +236,46 @@ properties: * **Note**: For PubSub targets, this field is ignored - setting it will introduce an unresolvable diff. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s" required: false +<<<<<<< HEAD + default_value: '180s' + diff_suppress_func: 'tpgresource.EmptyOrDefaultStringSuppress("180s")' + - !ruby/object:Api::Type::NestedObject + name: retryConfig +======= diff_suppress_func: 'tpgresource.EmptyOrDefaultStringSuppress("180s")' default_value: "180s" - name: 'retryConfig' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | By default, if a job does not complete successfully, meaning that an acknowledgement is not received from the handler, then it will be retried with exponential backoff according to the settings required: false properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: retryCount +======= - name: 'retryCount' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The number of attempts that the system will make to run a job using the exponential backoff procedure described by maxDoublings. Values greater than 5 and negative values are not allowed. required: false +<<<<<<< HEAD + at_least_one_of: + - retry_config.0.retry_count + - retry_config.0.max_retry_duration + - retry_config.0.min_backoff_duration + - retry_config.0.max_backoff_duration + - retry_config.0.max_doublings + default_from_api: true + - !ruby/object:Api::Type::String + name: maxRetryDuration +======= default_from_api: true at_least_one_of: - 'retry_config.0.retry_count' @@ -154,11 +285,23 @@ properties: - 'retry_config.0.max_doublings' - name: 'maxRetryDuration' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The time limit for retrying a failed job, measured from time when an execution was first attempted. If specified with retryCount, the job will be retried until both limits are reached. A duration in seconds with up to nine fractional digits, terminated by 's'. required: false +<<<<<<< HEAD + at_least_one_of: + - retry_config.0.retry_count + - retry_config.0.max_retry_duration + - retry_config.0.min_backoff_duration + - retry_config.0.max_backoff_duration + - retry_config.0.max_doublings + default_from_api: true + - !ruby/object:Api::Type::String + name: minBackoffDuration +======= default_from_api: true at_least_one_of: - 'retry_config.0.retry_count' @@ -168,10 +311,22 @@ properties: - 'retry_config.0.max_doublings' - name: 'minBackoffDuration' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The minimum amount of time to wait before retrying a job after it fails. A duration in seconds with up to nine fractional digits, terminated by 's'. required: false +<<<<<<< HEAD + at_least_one_of: + - retry_config.0.retry_count + - retry_config.0.max_retry_duration + - retry_config.0.min_backoff_duration + - retry_config.0.max_backoff_duration + - retry_config.0.max_doublings + default_from_api: true + - !ruby/object:Api::Type::String + name: maxBackoffDuration +======= default_from_api: true at_least_one_of: - 'retry_config.0.retry_count' @@ -181,10 +336,22 @@ properties: - 'retry_config.0.max_doublings' - name: 'maxBackoffDuration' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The maximum amount of time to wait before retrying a job after it fails. A duration in seconds with up to nine fractional digits, terminated by 's'. required: false +<<<<<<< HEAD + at_least_one_of: + - retry_config.0.retry_count + - retry_config.0.max_retry_duration + - retry_config.0.min_backoff_duration + - retry_config.0.max_backoff_duration + - retry_config.0.max_doublings + default_from_api: true + - !ruby/object:Api::Type::Integer + name: maxDoublings +======= default_from_api: true at_least_one_of: - 'retry_config.0.retry_count' @@ -194,12 +361,24 @@ properties: - 'retry_config.0.max_doublings' - name: 'maxDoublings' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The time between retries will double maxDoublings times. A job's retry interval starts at minBackoffDuration, then doubles maxDoublings times, then increases linearly, and finally retries retries at intervals of maxBackoffDuration up to retryCount times. required: false +<<<<<<< HEAD + at_least_one_of: + - retry_config.0.retry_count + - retry_config.0.max_retry_duration + - retry_config.0.min_backoff_duration + - retry_config.0.max_backoff_duration + - retry_config.0.max_doublings + default_from_api: true + - !ruby/object:Api::Type::NestedObject + name: pubsubTarget +======= default_from_api: true at_least_one_of: - 'retry_config.0.retry_count' @@ -209,46 +388,123 @@ properties: - 'retry_config.0.max_doublings' - name: 'pubsubTarget' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Pub/Sub target If the job providers a Pub/Sub target the cron will publish a message to the provided topic exactly_one_of: +<<<<<<< HEAD + - pubsub_target + - http_target + - app_engine_http_target + properties: + - !ruby/object:Api::Type::String + name: topicName +======= - 'pubsub_target' - 'http_target' - 'app_engine_http_target' properties: - name: 'topicName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The full resource name for the Cloud Pub/Sub topic to which messages will be published when a job is delivered. ~>**NOTE:** The topic name must be in the same format as required by PubSub's PublishRequest.name, e.g. `projects/my-project/topics/my-topic`. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: data +======= - name: 'data' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The message payload for PubsubMessage. Pubsub message must contain either non-empty data, or at least one attribute. A base64-encoded string. required: false +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + function: 'verify.ValidateBase64String' + - !ruby/object:Api::Type::KeyValuePairs + name: attributes +======= validation: function: 'verify.ValidateBase64String' - name: 'attributes' type: KeyValuePairs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Attributes for PubsubMessage. Pubsub message must contain either non-empty data, or at least one attribute. required: false +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: appEngineHttpTarget +======= - name: 'appEngineHttpTarget' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | App Engine HTTP target. If the job providers a App Engine HTTP target the cron will send a request to the service instance exactly_one_of: +<<<<<<< HEAD + - pubsub_target + - http_target + - app_engine_http_target + properties: + - !ruby/object:Api::Type::String + name: httpMethod + description: | + Which HTTP method to use for the request. + required: false + - !ruby/object:Api::Type::NestedObject + name: appEngineRouting + description: | + App Engine Routing setting for the job. + required: false + custom_flatten: templates/terraform/custom_flatten/cloudscheduler_job_appenginerouting.go.erb + properties: + - !ruby/object:Api::Type::String + name: service + description: | + App service. + By default, the job is sent to the service which is the default service when the job is attempted. + at_least_one_of: + - app_engine_http_target.0.app_engine_routing.0.service + - app_engine_http_target.0.app_engine_routing.0.version + - app_engine_http_target.0.app_engine_routing.0.instance + required: false + - !ruby/object:Api::Type::String + name: version + description: | + App version. + By default, the job is sent to the version which is the default version when the job is attempted. + at_least_one_of: + - app_engine_http_target.0.app_engine_routing.0.service + - app_engine_http_target.0.app_engine_routing.0.version + - app_engine_http_target.0.app_engine_routing.0.instance + required: false + - !ruby/object:Api::Type::String + name: instance + description: | + App instance. + By default, the job is sent to an instance which is available when the job is attempted. + at_least_one_of: + - app_engine_http_target.0.app_engine_routing.0.service + - app_engine_http_target.0.app_engine_routing.0.version + - app_engine_http_target.0.app_engine_routing.0.instance + required: false + - !ruby/object:Api::Type::String + name: relativeUri +======= - 'pubsub_target' - 'http_target' - 'app_engine_http_target' @@ -297,6 +553,7 @@ properties: - 'app_engine_http_target.0.app_engine_routing.0.instance' - name: 'relativeUri' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The relative URI. The relative URL must begin with "/" and must be a valid HTTP relative URL. @@ -304,8 +561,13 @@ properties: If the relative URL is empty, then the root path "/" will be used. No spaces are allowed, and the maximum length allowed is 2083 characters required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: body +======= - name: 'body' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | HTTP request body. A request body is allowed only if the HTTP method is POST or PUT. @@ -313,35 +575,68 @@ properties: A base64-encoded string. required: false +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + function: 'verify.ValidateBase64String' + - !ruby/object:Api::Type::KeyValuePairs + name: headers +======= validation: function: 'verify.ValidateBase64String' - name: 'headers' type: KeyValuePairs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | HTTP request headers. This map contains the header field names and values. Headers can be set when the job is created. required: false +<<<<<<< HEAD + custom_flatten: 'templates/terraform/custom_flatten/http_headers.erb' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validateHttpHeaders()' + - !ruby/object:Api::Type::NestedObject + name: httpTarget +======= custom_flatten: 'templates/terraform/custom_flatten/http_headers.tmpl' validation: function: 'validateHttpHeaders()' - name: 'httpTarget' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | HTTP target. If the job providers a http_target the cron will send a request to the targeted url exactly_one_of: +<<<<<<< HEAD + - pubsub_target + - http_target + - app_engine_http_target + properties: + - !ruby/object:Api::Type::String + name: uri +======= - 'pubsub_target' - 'http_target' - 'app_engine_http_target' properties: - name: 'uri' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The full URI path that the request will be sent to. required: true diff_suppress_func: 'LastSlashDiffSuppress' +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: httpMethod + description: | + Which HTTP method to use for the request. + required: false + - !ruby/object:Api::Type::String + name: body +======= - name: 'httpMethod' type: String description: | @@ -349,6 +644,7 @@ properties: required: false - name: 'body' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | HTTP request body. A request body is allowed only if the HTTP method is POST, PUT, or PATCH. @@ -356,24 +652,54 @@ properties: A base64-encoded string. required: false +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + function: 'verify.ValidateBase64String' + - !ruby/object:Api::Type::KeyValuePairs + name: headers +======= validation: function: 'verify.ValidateBase64String' - name: 'headers' type: KeyValuePairs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This map contains the header field names and values. Repeated headers are not supported, but a header value can contain commas. required: false +<<<<<<< HEAD + custom_flatten: 'templates/terraform/custom_flatten/http_headers.erb' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validateHttpHeaders()' + - !ruby/object:Api::Type::NestedObject + name: 'oauthToken' +======= custom_flatten: 'templates/terraform/custom_flatten/http_headers.tmpl' validation: function: 'validateHttpHeaders()' - name: 'oauthToken' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Contains information needed for generating an OAuth token. This type of authorization should be used when sending requests to a GCP endpoint. diff_suppress_func: 'authHeaderDiffSuppress' properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: serviceAccountEmail + required: true + description: | + Service account email to be used for generating OAuth token. + The service account must be within the same project as the job. + - !ruby/object:Api::Type::String + name: scope + description: | + OAuth scope to be used for generating OAuth access token. If not specified, + "https://www.googleapis.com/auth/cloud-platform" will be used. + - !ruby/object:Api::Type::NestedObject + name: 'oidcToken' +======= - name: 'serviceAccountEmail' type: String description: | @@ -387,11 +713,22 @@ properties: "https://www.googleapis.com/auth/cloud-platform" will be used. - name: 'oidcToken' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Contains information needed for generating an OpenID Connect token. This type of authorization should be used when sending requests to third party endpoints or Cloud Run. diff_suppress_func: 'authHeaderDiffSuppress' properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: serviceAccountEmail + required: true + description: | + Service account email to be used for generating OAuth token. + The service account must be within the same project as the job. + - !ruby/object:Api::Type::String + name: audience +======= - name: 'serviceAccountEmail' type: String description: | @@ -400,6 +737,7 @@ properties: required: true - name: 'audience' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Audience to be used when generating OIDC token. If not specified, the URI specified in target will be used. diff --git a/mmv1/products/cloudscheduler/go_Job.yaml b/mmv1/products/cloudscheduler/go_Job.yaml new file mode 100644 index 000000000000..4644e7ab4b1a --- /dev/null +++ b/mmv1/products/cloudscheduler/go_Job.yaml @@ -0,0 +1,406 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Job' +description: | + A scheduled job that can publish a PubSub message or an HTTP request + every X interval of time, using a crontab format string. + +references: + guides: + 'Official Documentation': 'https://cloud.google.com/scheduler/' + api: 'https://cloud.google.com/scheduler/docs/reference/rest/' +docs: +id_format: 'projects/{{project}}/locations/{{region}}/jobs/{{name}}' +base_url: 'projects/{{project}}/locations/{{region}}/jobs' +self_link: 'projects/{{project}}/locations/{{region}}/jobs/{{name}}' +update_verb: 'PATCH' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + constants: 'templates/terraform/constants/go/scheduler.tmpl' + encoder: 'templates/terraform/encoders/go/cloud_scheduler.go.tmpl' + update_encoder: 'templates/terraform/update_encoder/go/cloud_scheduler.go.tmpl' + post_create: 'templates/terraform/post_create/go/cloud_scheduler.go.tmpl' + post_update: 'templates/terraform/post_update/go/cloud_scheduler.go.tmpl' +custom_diff: + - 'validateAuthHeaders' +examples: + - name: 'scheduler_job_pubsub' + primary_resource_id: 'job' + vars: + job_name: 'test-job' + topic_name: 'job-topic' + - name: 'scheduler_job_http' + primary_resource_id: 'job' + vars: + job_name: 'test-job' + - name: 'scheduler_job_paused' + primary_resource_id: 'job' + vars: + job_name: 'test-job' + - name: 'scheduler_job_app_engine' + primary_resource_id: 'job' + vars: + job_name: 'test-job' + - name: 'scheduler_job_oauth' + primary_resource_id: 'job' + vars: + job_name: 'test-job' + test_env_vars: + project_name: 'PROJECT_NAME' + region: 'REGION' + - name: 'scheduler_job_oidc' + primary_resource_id: 'job' + vars: + job_name: 'test-job' +parameters: + - name: 'region' + type: String + description: | + Region where the scheduler job resides. If it is not provided, Terraform will use the provider default. + url_param_only: true + required: false + immutable: true + ignore_read: true + default_from_api: true +properties: + - name: 'name' + type: String + description: | + The name of the job. + required: true + immutable: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/shortname_to_url.go.tmpl' + - name: 'description' + type: String + description: | + A human-readable description for the job. + This string must not contain more than 500 characters. + required: false + - name: 'schedule' + type: String + description: | + Describes the schedule on which the job will be executed. + required: false + - name: 'timeZone' + type: String + description: | + Specifies the time zone to be used in interpreting schedule. + The value of this field must be a time zone name from the tz database. + required: false + default_value: "Etc/UTC" + - name: 'state' + type: String + description: | + State of the job. + output: true + - name: 'paused' + type: Boolean + description: | + Sets the job to a paused state. Jobs default to being enabled when this property is not set. + required: false + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/go/cloud_scheduler_paused.go.tmpl' + - name: 'attemptDeadline' + type: String + description: | + The deadline for job attempts. If the request handler does not respond by this deadline then the request is + cancelled and the attempt is marked as a DEADLINE_EXCEEDED failure. The failed attempt can be viewed in + execution logs. Cloud Scheduler will retry the job according to the RetryConfig. + The allowed duration for this deadline is: + * For HTTP targets, between 15 seconds and 30 minutes. + * For App Engine HTTP targets, between 15 seconds and 24 hours. + * **Note**: For PubSub targets, this field is ignored - setting it will introduce an unresolvable diff. + A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s" + required: false + diff_suppress_func: 'tpgresource.EmptyOrDefaultStringSuppress("180s")' + default_value: "180s" + - name: 'retryConfig' + type: NestedObject + description: | + By default, if a job does not complete successfully, + meaning that an acknowledgement is not received from the handler, + then it will be retried with exponential backoff according to the settings + required: false + properties: + - name: 'retryCount' + type: Integer + description: | + The number of attempts that the system will make to run a + job using the exponential backoff procedure described by maxDoublings. + Values greater than 5 and negative values are not allowed. + required: false + default_from_api: true + at_least_one_of: + - 'retry_config.0.retry_count' + - 'retry_config.0.max_retry_duration' + - 'retry_config.0.min_backoff_duration' + - 'retry_config.0.max_backoff_duration' + - 'retry_config.0.max_doublings' + - name: 'maxRetryDuration' + type: String + description: | + The time limit for retrying a failed job, measured from time when an execution was first attempted. + If specified with retryCount, the job will be retried until both limits are reached. + A duration in seconds with up to nine fractional digits, terminated by 's'. + required: false + default_from_api: true + at_least_one_of: + - 'retry_config.0.retry_count' + - 'retry_config.0.max_retry_duration' + - 'retry_config.0.min_backoff_duration' + - 'retry_config.0.max_backoff_duration' + - 'retry_config.0.max_doublings' + - name: 'minBackoffDuration' + type: String + description: | + The minimum amount of time to wait before retrying a job after it fails. + A duration in seconds with up to nine fractional digits, terminated by 's'. + required: false + default_from_api: true + at_least_one_of: + - 'retry_config.0.retry_count' + - 'retry_config.0.max_retry_duration' + - 'retry_config.0.min_backoff_duration' + - 'retry_config.0.max_backoff_duration' + - 'retry_config.0.max_doublings' + - name: 'maxBackoffDuration' + type: String + description: | + The maximum amount of time to wait before retrying a job after it fails. + A duration in seconds with up to nine fractional digits, terminated by 's'. + required: false + default_from_api: true + at_least_one_of: + - 'retry_config.0.retry_count' + - 'retry_config.0.max_retry_duration' + - 'retry_config.0.min_backoff_duration' + - 'retry_config.0.max_backoff_duration' + - 'retry_config.0.max_doublings' + - name: 'maxDoublings' + type: Integer + description: | + The time between retries will double maxDoublings times. + A job's retry interval starts at minBackoffDuration, + then doubles maxDoublings times, then increases linearly, + and finally retries retries at intervals of maxBackoffDuration up to retryCount times. + required: false + default_from_api: true + at_least_one_of: + - 'retry_config.0.retry_count' + - 'retry_config.0.max_retry_duration' + - 'retry_config.0.min_backoff_duration' + - 'retry_config.0.max_backoff_duration' + - 'retry_config.0.max_doublings' + - name: 'pubsubTarget' + type: NestedObject + description: | + Pub/Sub target + If the job providers a Pub/Sub target the cron will publish + a message to the provided topic + exactly_one_of: + - 'pubsub_target' + - 'http_target' + - 'app_engine_http_target' + properties: + - name: 'topicName' + type: String + description: | + The full resource name for the Cloud Pub/Sub topic to which + messages will be published when a job is delivered. ~>**NOTE:** + The topic name must be in the same format as required by PubSub's + PublishRequest.name, e.g. `projects/my-project/topics/my-topic`. + required: true + - name: 'data' + type: String + description: | + The message payload for PubsubMessage. + Pubsub message must contain either non-empty data, or at least one attribute. + + A base64-encoded string. + required: false + validation: + function: 'verify.ValidateBase64String' + - name: 'attributes' + type: KeyValuePairs + description: | + Attributes for PubsubMessage. + Pubsub message must contain either non-empty data, or at least one attribute. + required: false + - name: 'appEngineHttpTarget' + type: NestedObject + description: | + App Engine HTTP target. + If the job providers a App Engine HTTP target the cron will + send a request to the service instance + exactly_one_of: + - 'pubsub_target' + - 'http_target' + - 'app_engine_http_target' + properties: + - name: 'httpMethod' + type: String + description: | + Which HTTP method to use for the request. + required: false + - name: 'appEngineRouting' + type: NestedObject + description: | + App Engine Routing setting for the job. + required: false + custom_flatten: 'templates/terraform/custom_flatten/go/cloudscheduler_job_appenginerouting.go.tmpl' + properties: + - name: 'service' + type: String + description: | + App service. + By default, the job is sent to the service which is the default service when the job is attempted. + required: false + at_least_one_of: + - 'app_engine_http_target.0.app_engine_routing.0.service' + - 'app_engine_http_target.0.app_engine_routing.0.version' + - 'app_engine_http_target.0.app_engine_routing.0.instance' + - name: 'version' + type: String + description: | + App version. + By default, the job is sent to the version which is the default version when the job is attempted. + required: false + at_least_one_of: + - 'app_engine_http_target.0.app_engine_routing.0.service' + - 'app_engine_http_target.0.app_engine_routing.0.version' + - 'app_engine_http_target.0.app_engine_routing.0.instance' + - name: 'instance' + type: String + description: | + App instance. + By default, the job is sent to an instance which is available when the job is attempted. + required: false + at_least_one_of: + - 'app_engine_http_target.0.app_engine_routing.0.service' + - 'app_engine_http_target.0.app_engine_routing.0.version' + - 'app_engine_http_target.0.app_engine_routing.0.instance' + - name: 'relativeUri' + type: String + description: | + The relative URI. + The relative URL must begin with "/" and must be a valid HTTP relative URL. + It can contain a path, query string arguments, and \# fragments. + If the relative URL is empty, then the root path "/" will be used. + No spaces are allowed, and the maximum length allowed is 2083 characters + required: true + - name: 'body' + type: String + description: | + HTTP request body. + A request body is allowed only if the HTTP method is POST or PUT. + It will result in invalid argument error to set a body on a job with an incompatible HttpMethod. + + A base64-encoded string. + required: false + validation: + function: 'verify.ValidateBase64String' + - name: 'headers' + type: KeyValuePairs + description: | + HTTP request headers. + This map contains the header field names and values. + Headers can be set when the job is created. + required: false + custom_flatten: 'templates/terraform/custom_flatten/go/http_headers.tmpl' + validation: + function: 'validateHttpHeaders()' + - name: 'httpTarget' + type: NestedObject + description: | + HTTP target. + If the job providers a http_target the cron will + send a request to the targeted url + exactly_one_of: + - 'pubsub_target' + - 'http_target' + - 'app_engine_http_target' + properties: + - name: 'uri' + type: String + description: | + The full URI path that the request will be sent to. + required: true + diff_suppress_func: 'LastSlashDiffSuppress' + - name: 'httpMethod' + type: String + description: | + Which HTTP method to use for the request. + required: false + - name: 'body' + type: String + description: | + HTTP request body. + A request body is allowed only if the HTTP method is POST, PUT, or PATCH. + It is an error to set body on a job with an incompatible HttpMethod. + + A base64-encoded string. + required: false + validation: + function: 'verify.ValidateBase64String' + - name: 'headers' + type: KeyValuePairs + description: | + This map contains the header field names and values. + Repeated headers are not supported, but a header value can contain commas. + required: false + custom_flatten: 'templates/terraform/custom_flatten/go/http_headers.tmpl' + validation: + function: 'validateHttpHeaders()' + - name: 'oauthToken' + type: NestedObject + description: | + Contains information needed for generating an OAuth token. + This type of authorization should be used when sending requests to a GCP endpoint. + diff_suppress_func: 'authHeaderDiffSuppress' + properties: + - name: 'serviceAccountEmail' + type: String + description: | + Service account email to be used for generating OAuth token. + The service account must be within the same project as the job. + required: true + - name: 'scope' + type: String + description: | + OAuth scope to be used for generating OAuth access token. If not specified, + "https://www.googleapis.com/auth/cloud-platform" will be used. + - name: 'oidcToken' + type: NestedObject + description: | + Contains information needed for generating an OpenID Connect token. + This type of authorization should be used when sending requests to third party endpoints or Cloud Run. + diff_suppress_func: 'authHeaderDiffSuppress' + properties: + - name: 'serviceAccountEmail' + type: String + description: | + Service account email to be used for generating OAuth token. + The service account must be within the same project as the job. + required: true + - name: 'audience' + type: String + description: | + Audience to be used when generating OIDC token. If not specified, + the URI specified in target will be used. diff --git a/mmv1/products/cloudscheduler/go_product.yaml b/mmv1/products/cloudscheduler/go_product.yaml new file mode 100644 index 000000000000..7ccc2903ab10 --- /dev/null +++ b/mmv1/products/cloudscheduler/go_product.yaml @@ -0,0 +1,22 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'CloudScheduler' +display_name: 'Cloud Scheduler' +versions: + - name: 'ga' + base_url: 'https://cloudscheduler.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/cloudscheduler/product.yaml b/mmv1/products/cloudscheduler/product.yaml index c3ccdfdadc09..bd8737eb6d4e 100644 --- a/mmv1/products/cloudscheduler/product.yaml +++ b/mmv1/products/cloudscheduler/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2018 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,17 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: CloudScheduler +display_name: Cloud Scheduler +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://cloudscheduler.googleapis.com/v1/ +scopes: + - https://www.googleapis.com/auth/cloud-platform +======= --- name: 'CloudScheduler' display_name: 'Cloud Scheduler' @@ -19,3 +34,4 @@ versions: base_url: 'https://cloudscheduler.googleapis.com/v1/' scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/cloudtasks/Queue.yaml b/mmv1/products/cloudtasks/Queue.yaml index 0170f4eabbe1..d5c7a78f401e 100644 --- a/mmv1/products/cloudtasks/Queue.yaml +++ b/mmv1/products/cloudtasks/Queue.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,36 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Queue' +base_url: projects/{{project}}/locations/{{location}}/queues +update_verb: :PATCH +update_mask: true +description: | + A named resource to which messages are sent by publishers. +iam_policy: !ruby/object:Api::Resource::IamPolicy + method_name_separator: ':' + parent_resource_attribute: 'name' + fetch_iam_policy_verb: :POST + import_format: + ['projects/{{project}}/locations/{{location}}/queues/{{name}}', '{{name}}'] +id_format: 'projects/{{project}}/locations/{{location}}/queues/{{name}}' +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: 'templates/terraform/constants/cloud_tasks_retry_config_custom_diff.go.erb' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'queue_basic' + primary_resource_id: 'default' + primary_resource_name: "fmt.Sprintf(\"tf-test-cloud-tasks-queue-test%s\", + context[\"\ + random_suffix\"])" + vars: + name: 'cloud-tasks-queue-test' + - !ruby/object:Provider::Terraform::Examples + name: 'cloud_tasks_queue_advanced' + primary_resource_id: 'advanced_configuration' +======= --- name: 'Queue' description: | @@ -44,19 +78,56 @@ examples: primary_resource_id: 'advanced_configuration' vars: name: 'instance-name' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 ignore_read_extra: - 'app_engine_routing_override.0.service' - 'app_engine_routing_override.0.version' - 'app_engine_routing_override.0.instance' +<<<<<<< HEAD + vars: + name: 'instance-name' + - !ruby/object:Provider::Terraform::Examples + name: 'cloud_tasks_queue_http_target_oidc' + primary_resource_id: 'http_target_oidc' + vars: + name: 'cloud-tasks-queue-http-target-oidc' + - !ruby/object:Provider::Terraform::Examples + name: 'cloud_tasks_queue_http_target_oauth' +======= - name: 'cloud_tasks_queue_http_target_oidc' primary_resource_id: 'http_target_oidc' vars: name: 'cloud-tasks-queue-http-target-oidc' - name: 'cloud_tasks_queue_http_target_oauth' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'http_target_oauth' vars: name: 'cloud-tasks-queue-http-target-oauth' parameters: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'location' + required: true + immutable: true + description: The location of the queue + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'name' + immutable: true + description: The queue name. + custom_flatten: templates/terraform/custom_flatten/name_from_self_link.erb + custom_expand: templates/terraform/custom_expand/qualify_queue_name.go.erb + - !ruby/object:Api::Type::NestedObject + name: 'appEngineRoutingOverride' + description: | + Overrides for task-level appEngineRouting. These settings apply only + to App Engine tasks in this queue + custom_flatten: templates/terraform/custom_flatten/cloudtasks_queue_appenginerouting.go.erb + properties: + - !ruby/object:Api::Type::String + name: 'service' +======= - name: 'location' type: String description: The location of the queue @@ -79,28 +150,48 @@ properties: properties: - name: 'service' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | App service. By default, the task is sent to the service which is the default service when the task is attempted. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'version' +======= - name: 'version' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | App version. By default, the task is sent to the version which is the default version when the task is attempted. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'instance' +======= - name: 'instance' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | App instance. By default, the task is sent to an instance which is available when the task is attempted. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'host' + output: true + description: The host that the task is sent to. + - !ruby/object:Api::Type::NestedObject + name: 'rateLimits' +======= - name: 'host' type: String description: The host that the task is sent to. output: true - name: 'rateLimits' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Rate limits for task dispatches. @@ -113,23 +204,39 @@ properties: smooth sudden large traffic spikes. default_from_api: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Double + name: 'maxDispatchesPerSecond' +======= - name: 'maxDispatchesPerSecond' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The maximum rate at which tasks are dispatched from this queue. If unspecified when the queue is created, Cloud Tasks will pick the default. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'maxConcurrentDispatches' +======= - name: 'maxConcurrentDispatches' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The maximum number of concurrent tasks that Cloud Tasks allows to be dispatched for this queue. After this threshold has been reached, Cloud Tasks stops dispatching tasks until the number of concurrent requests decreases. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'maxBurstSize' + output: true +======= - name: 'maxBurstSize' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The max burst size. @@ -137,6 +244,15 @@ properties: in the queue and the rate is high. This field allows the queue to have a high rate so processing starts shortly after a task is enqueued, but still limits resource usage when many tasks are enqueued in a short period of time. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'retryConfig' + description: Settings that determine the retry behavior. + default_from_api: true + properties: + - !ruby/object:Api::Type::Integer + name: 'maxAttempts' +======= output: true - name: 'retryConfig' type: NestedObject @@ -145,6 +261,7 @@ properties: properties: - name: 'maxAttempts' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Number of attempts per task. @@ -157,8 +274,13 @@ properties: -1 indicates unlimited attempts. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'maxRetryDuration' +======= - name: 'maxRetryDuration' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If positive, maxRetryDuration specifies the time limit for retrying a failed task, measured from when the task was first @@ -169,24 +291,39 @@ properties: If zero, then the task age is unlimited. default_from_api: true diff_suppress_func: 'suppressOmittedMaxDuration' +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'minBackoff' +======= - name: 'minBackoff' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A task will be scheduled for retry between minBackoff and maxBackoff duration after it fails, if the queue's RetryConfig specifies that the task should be retried. default_from_api: true diff_suppress_func: 'tpgresource.DurationDiffSuppress' +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'maxBackoff' +======= - name: 'maxBackoff' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A task will be scheduled for retry between minBackoff and maxBackoff duration after it fails, if the queue's RetryConfig specifies that the task should be retried. default_from_api: true diff_suppress_func: 'tpgresource.DurationDiffSuppress' +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'maxDoublings' +======= - name: 'maxDoublings' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The time between retries will double maxDoublings times. @@ -194,6 +331,16 @@ properties: then increases linearly, and finally retries retries at intervals of maxBackoff up to maxAttempts times. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'stackdriverLoggingConfig' + description: | + Configuration options for writing logs to Stackdriver Logging. + properties: + - !ruby/object:Api::Type::Double + name: 'samplingRatio' + required: true +======= - name: 'stackdriverLoggingConfig' type: NestedObject description: | @@ -201,10 +348,19 @@ properties: properties: - name: 'samplingRatio' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the fraction of operations to write to Stackdriver Logging. This field may contain any value between 0.0 and 1.0, inclusive. 0.0 is the default and means that no operations are logged. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'httpTarget' + description: Modifies HTTP target for HTTP tasks. + properties: + - !ruby/object:Api::Type::Enum + name: 'httpMethod' +======= required: true - name: 'httpTarget' type: NestedObject @@ -212,11 +368,26 @@ properties: properties: - name: 'httpMethod' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The HTTP method to use for the request. When specified, it overrides HttpRequest for the task. Note that if the value is set to GET the body of the task will be ignored at execution time. +<<<<<<< HEAD + values: + - HTTP_METHOD_UNSPECIFIED + - POST + - GET + - HEAD + - PUT + - DELETE + - PATCH + - OPTIONS + default_from_api: true + - !ruby/object:Api::Type::NestedObject + name: 'uriOverride' +======= default_from_api: true enum_values: - 'HTTP_METHOD_UNSPECIFIED' @@ -229,23 +400,38 @@ properties: - 'OPTIONS' - name: 'uriOverride' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | URI override. When specified, overrides the execution URI for all the tasks in the queue. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'scheme' +======= - name: 'scheme' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Scheme override. When specified, the task URI scheme is replaced by the provided value (HTTP or HTTPS). +<<<<<<< HEAD + values: + - 'HTTP' + - 'HTTPS' + default_from_api: true + - !ruby/object:Api::Type::String + name: 'host' +======= default_from_api: true enum_values: - 'HTTP' - 'HTTPS' - name: 'host' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Host override. @@ -253,8 +439,13 @@ properties: For example, if the task URL is "https://www.google.com", and host value is set to "example.net", the overridden URI will be changed to "https://example.net". Host value cannot be an empty string (INVALID_ARGUMENT). +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'port' +======= - name: 'port' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Port override. @@ -262,41 +453,73 @@ properties: For instance, for a URI http://www.google.com/foo and port=123, the overridden URI becomes http://www.google.com:123/foo. Note that the port value must be a positive integer. Setting the port to 0 (Zero) clears the URI port. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'pathOverride' +======= - name: 'pathOverride' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | URI path. When specified, replaces the existing path of the task URL. Setting the path value to an empty string clears the URI path segment. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'path' + description: The URI path (e.g., /users/1234). Default is an empty string. + default_from_api: true + - !ruby/object:Api::Type::NestedObject + name: 'queryOverride' +======= - name: 'path' type: String description: The URI path (e.g., /users/1234). Default is an empty string. default_from_api: true - name: 'queryOverride' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | URI query. When specified, replaces the query part of the task URI. Setting the query value to an empty string clears the URI query segment. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'queryParams' + description: The query parameters (e.g., qparam1=123&qparam2=456). Default is an empty string. + default_from_api: true + - !ruby/object:Api::Type::Enum + name: 'uriOverrideEnforceMode' +======= - name: 'queryParams' type: String description: The query parameters (e.g., qparam1=123&qparam2=456). Default is an empty string. default_from_api: true - name: 'uriOverrideEnforceMode' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | URI Override Enforce Mode When specified, determines the Target UriOverride mode. If not specified, it defaults to ALWAYS. +<<<<<<< HEAD + values: + - ALWAYS + - IF_NOT_EXISTS + default_from_api: true + - !ruby/object:Api::Type::Array + name: 'headerOverrides' +======= default_from_api: true enum_values: - 'ALWAYS' - 'IF_NOT_EXISTS' - name: 'headerOverrides' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | HTTP target headers. @@ -309,15 +532,34 @@ properties: Headers which can have multiple values (according to RFC2616) can be specified using comma-separated values. The size of the headers must be less than 80KB. Queue-level headers to override headers of all the tasks in the queue. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::NestedObject + name: 'header' +======= item_type: type: NestedObject properties: - name: 'header' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Header embodying a key and a value. required: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'key' + required: true + description: The Key of the header. + - !ruby/object:Api::Type::String + name: 'value' + required: true + description: The Value of the header. + - !ruby/object:Api::Type::NestedObject + name: 'oauthToken' +======= - name: 'key' type: String description: The Key of the header. @@ -328,46 +570,76 @@ properties: required: true - name: 'oauthToken' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If specified, an OAuth token is generated and attached as the Authorization header in the HTTP request. This type of authorization should generally be used only when calling Google APIs hosted on *.googleapis.com. Note that both the service account email and the scope MUST be specified when using the queue-level authorization override. conflicts: +<<<<<<< HEAD + - 'oidcToken' + properties: + - !ruby/object:Api::Type::String + name: 'serviceAccountEmail' +======= - oidcToken properties: - name: 'serviceAccountEmail' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Service account email to be used for generating OAuth token. The service account must be within the same project as the queue. The caller must have iam.serviceAccounts.actAs permission for the service account. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'scope' +======= - name: 'scope' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | OAuth scope to be used for generating OAuth access token. If not specified, "https://www.googleapis.com/auth/cloud-platform" will be used. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'oidcToken' +======= - name: 'oidcToken' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If specified, an OIDC token is generated and attached as an Authorization header in the HTTP request. This type of authorization can be used for many scenarios, including calling Cloud Run, or endpoints where you intend to validate the token yourself. Note that both the service account email and the audience MUST be specified when using the queue-level authorization override. conflicts: +<<<<<<< HEAD + - 'oauthToken' + properties: + - !ruby/object:Api::Type::String + name: 'serviceAccountEmail' +======= - oauthToken properties: - name: 'serviceAccountEmail' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Service account email to be used for generating OIDC token. The service account must be within the same project as the queue. The caller must have iam.serviceAccounts.actAs permission for the service account. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'audience' +======= - name: 'audience' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Audience to be used when generating OIDC token. If not specified, the URI specified in target will be used. default_from_api: true diff --git a/mmv1/products/cloudtasks/go_Queue.yaml b/mmv1/products/cloudtasks/go_Queue.yaml new file mode 100644 index 000000000000..870d58be1384 --- /dev/null +++ b/mmv1/products/cloudtasks/go_Queue.yaml @@ -0,0 +1,374 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Queue' +description: | + A named resource to which messages are sent by publishers. +docs: +id_format: 'projects/{{project}}/locations/{{location}}/queues/{{name}}' +base_url: 'projects/{{project}}/locations/{{location}}/queues' +update_verb: 'PATCH' +update_mask: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: + method_name_separator: ':' + fetch_iam_policy_verb: 'POST' + parent_resource_attribute: 'name' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/{{location}}/queues/{{name}}' + - '{{name}}' +custom_code: + constants: 'templates/terraform/constants/go/cloud_tasks_retry_config_custom_diff.go.tmpl' +examples: + - name: 'queue_basic' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-cloud-tasks-queue-test%s", context["random_suffix"])' + vars: + name: 'cloud-tasks-queue-test' + - name: 'cloud_tasks_queue_advanced' + primary_resource_id: 'advanced_configuration' + vars: + name: 'instance-name' + ignore_read_extra: + - 'app_engine_routing_override.0.service' + - 'app_engine_routing_override.0.version' + - 'app_engine_routing_override.0.instance' + - name: 'cloud_tasks_queue_http_target_oidc' + primary_resource_id: 'http_target_oidc' + vars: + name: 'cloud-tasks-queue-http-target-oidc' + - name: 'cloud_tasks_queue_http_target_oauth' + primary_resource_id: 'http_target_oauth' + vars: + name: 'cloud-tasks-queue-http-target-oauth' +parameters: + - name: 'location' + type: String + description: The location of the queue + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: The queue name. + immutable: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/qualify_queue_name.go.tmpl' + - name: 'appEngineRoutingOverride' + type: NestedObject + description: | + Overrides for task-level appEngineRouting. These settings apply only + to App Engine tasks in this queue + custom_flatten: 'templates/terraform/custom_flatten/go/cloudtasks_queue_appenginerouting.go.tmpl' + properties: + - name: 'service' + type: String + description: | + App service. + + By default, the task is sent to the service which is the default service when the task is attempted. + - name: 'version' + type: String + description: | + App version. + + By default, the task is sent to the version which is the default version when the task is attempted. + - name: 'instance' + type: String + description: | + App instance. + + By default, the task is sent to an instance which is available when the task is attempted. + - name: 'host' + type: String + description: The host that the task is sent to. + output: true + - name: 'rateLimits' + type: NestedObject + description: | + Rate limits for task dispatches. + + The queue's actual dispatch rate is the result of: + + * Number of tasks in the queue + * User-specified throttling: rateLimits, retryConfig, and the queue's state. + * System throttling due to 429 (Too Many Requests) or 503 (Service + Unavailable) responses from the worker, high error rates, or to + smooth sudden large traffic spikes. + default_from_api: true + properties: + - name: 'maxDispatchesPerSecond' + type: Double + description: | + The maximum rate at which tasks are dispatched from this queue. + + If unspecified when the queue is created, Cloud Tasks will pick the default. + default_from_api: true + - name: 'maxConcurrentDispatches' + type: Integer + description: | + The maximum number of concurrent tasks that Cloud Tasks allows to + be dispatched for this queue. After this threshold has been + reached, Cloud Tasks stops dispatching tasks until the number of + concurrent requests decreases. + default_from_api: true + - name: 'maxBurstSize' + type: Integer + description: | + The max burst size. + + Max burst size limits how fast tasks in queue are processed when many tasks are + in the queue and the rate is high. This field allows the queue to have a high + rate so processing starts shortly after a task is enqueued, but still limits + resource usage when many tasks are enqueued in a short period of time. + output: true + - name: 'retryConfig' + type: NestedObject + description: Settings that determine the retry behavior. + default_from_api: true + properties: + - name: 'maxAttempts' + type: Integer + description: | + Number of attempts per task. + + Cloud Tasks will attempt the task maxAttempts times (that is, if + the first attempt fails, then there will be maxAttempts - 1 + retries). Must be >= -1. + + If unspecified when the queue is created, Cloud Tasks will pick + the default. + + -1 indicates unlimited attempts. + default_from_api: true + - name: 'maxRetryDuration' + type: String + description: | + If positive, maxRetryDuration specifies the time limit for + retrying a failed task, measured from when the task was first + attempted. Once maxRetryDuration time has passed and the task has + been attempted maxAttempts times, no further attempts will be + made and the task will be deleted. + + If zero, then the task age is unlimited. + default_from_api: true + diff_suppress_func: 'suppressOmittedMaxDuration' + - name: 'minBackoff' + type: String + description: | + A task will be scheduled for retry between minBackoff and + maxBackoff duration after it fails, if the queue's RetryConfig + specifies that the task should be retried. + default_from_api: true + diff_suppress_func: 'tpgresource.DurationDiffSuppress' + - name: 'maxBackoff' + type: String + description: | + A task will be scheduled for retry between minBackoff and + maxBackoff duration after it fails, if the queue's RetryConfig + specifies that the task should be retried. + default_from_api: true + diff_suppress_func: 'tpgresource.DurationDiffSuppress' + - name: 'maxDoublings' + type: Integer + description: | + The time between retries will double maxDoublings times. + + A task's retry interval starts at minBackoff, then doubles maxDoublings times, + then increases linearly, and finally retries retries at intervals of maxBackoff + up to maxAttempts times. + default_from_api: true + - name: 'stackdriverLoggingConfig' + type: NestedObject + description: | + Configuration options for writing logs to Stackdriver Logging. + properties: + - name: 'samplingRatio' + type: Double + description: | + Specifies the fraction of operations to write to Stackdriver Logging. + This field may contain any value between 0.0 and 1.0, inclusive. 0.0 is the + default and means that no operations are logged. + required: true + - name: 'httpTarget' + type: NestedObject + description: Modifies HTTP target for HTTP tasks. + properties: + - name: 'httpMethod' + type: Enum + description: | + The HTTP method to use for the request. + + When specified, it overrides HttpRequest for the task. + Note that if the value is set to GET the body of the task will be ignored at execution time. + default_from_api: true + enum_values: + - 'HTTP_METHOD_UNSPECIFIED' + - 'POST' + - 'GET' + - 'HEAD' + - 'PUT' + - 'DELETE' + - 'PATCH' + - 'OPTIONS' + - name: 'uriOverride' + type: NestedObject + description: | + URI override. + + When specified, overrides the execution URI for all the tasks in the queue. + properties: + - name: 'scheme' + type: Enum + description: | + Scheme override. + + When specified, the task URI scheme is replaced by the provided value (HTTP or HTTPS). + default_from_api: true + enum_values: + - 'HTTP' + - 'HTTPS' + - name: 'host' + type: String + description: | + Host override. + + When specified, replaces the host part of the task URL. + For example, if the task URL is "https://www.google.com", and host value + is set to "example.net", the overridden URI will be changed to "https://example.net". + Host value cannot be an empty string (INVALID_ARGUMENT). + - name: 'port' + type: String + description: | + Port override. + + When specified, replaces the port part of the task URI. + For instance, for a URI http://www.google.com/foo and port=123, the overridden URI becomes http://www.google.com:123/foo. + Note that the port value must be a positive integer. + Setting the port to 0 (Zero) clears the URI port. + - name: 'pathOverride' + type: NestedObject + description: | + URI path. + + When specified, replaces the existing path of the task URL. + Setting the path value to an empty string clears the URI path segment. + properties: + - name: 'path' + type: String + description: The URI path (e.g., /users/1234). Default is an empty string. + default_from_api: true + - name: 'queryOverride' + type: NestedObject + description: | + URI query. + + When specified, replaces the query part of the task URI. Setting the query value to an empty string clears the URI query segment. + properties: + - name: 'queryParams' + type: String + description: The query parameters (e.g., qparam1=123&qparam2=456). Default is an empty string. + default_from_api: true + - name: 'uriOverrideEnforceMode' + type: Enum + description: | + URI Override Enforce Mode + + When specified, determines the Target UriOverride mode. If not specified, it defaults to ALWAYS. + default_from_api: true + enum_values: + - 'ALWAYS' + - 'IF_NOT_EXISTS' + - name: 'headerOverrides' + type: Array + description: | + HTTP target headers. + + This map contains the header field names and values. + Headers will be set when running the CreateTask and/or BufferTask. + + These headers represent a subset of the headers that will be configured for the task's HTTP request. + Some HTTP request headers will be ignored or replaced. + + Headers which can have multiple values (according to RFC2616) can be specified using comma-separated values. + + The size of the headers must be less than 80KB. Queue-level headers to override headers of all the tasks in the queue. + item_type: + type: NestedObject + properties: + - name: 'header' + type: NestedObject + description: | + Header embodying a key and a value. + required: true + properties: + - name: 'key' + type: String + description: The Key of the header. + required: true + - name: 'value' + type: String + description: The Value of the header. + required: true + - name: 'oauthToken' + type: NestedObject + description: | + If specified, an OAuth token is generated and attached as the Authorization header in the HTTP request. + + This type of authorization should generally be used only when calling Google APIs hosted on *.googleapis.com. + Note that both the service account email and the scope MUST be specified when using the queue-level authorization override. + conflicts: + - oidcToken + properties: + - name: 'serviceAccountEmail' + type: String + description: | + Service account email to be used for generating OAuth token. + The service account must be within the same project as the queue. + The caller must have iam.serviceAccounts.actAs permission for the service account. + required: true + - name: 'scope' + type: String + description: | + OAuth scope to be used for generating OAuth access token. + If not specified, "https://www.googleapis.com/auth/cloud-platform" will be used. + default_from_api: true + - name: 'oidcToken' + type: NestedObject + description: | + If specified, an OIDC token is generated and attached as an Authorization header in the HTTP request. + + This type of authorization can be used for many scenarios, including calling Cloud Run, or endpoints where you intend to validate the token yourself. + Note that both the service account email and the audience MUST be specified when using the queue-level authorization override. + conflicts: + - oauthToken + properties: + - name: 'serviceAccountEmail' + type: String + description: | + Service account email to be used for generating OIDC token. + The service account must be within the same project as the queue. + The caller must have iam.serviceAccounts.actAs permission for the service account. + required: true + - name: 'audience' + type: String + description: | + Audience to be used when generating OIDC token. If not specified, the URI specified in target will be used. + default_from_api: true diff --git a/mmv1/products/cloudtasks/go_product.yaml b/mmv1/products/cloudtasks/go_product.yaml new file mode 100644 index 000000000000..a9b433bcb3ab --- /dev/null +++ b/mmv1/products/cloudtasks/go_product.yaml @@ -0,0 +1,22 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'CloudTasks' +display_name: 'Cloud Tasks' +versions: + - name: 'ga' + base_url: 'https://cloudtasks.googleapis.com/v2/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/cloudtasks/product.yaml b/mmv1/products/cloudtasks/product.yaml index ae300a15d493..a169419580d3 100644 --- a/mmv1/products/cloudtasks/product.yaml +++ b/mmv1/products/cloudtasks/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2017 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,17 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: CloudTasks +display_name: Cloud Tasks +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://cloudtasks.googleapis.com/v2/ +scopes: + - https://www.googleapis.com/auth/cloud-platform +======= --- name: 'CloudTasks' display_name: 'Cloud Tasks' @@ -19,3 +34,4 @@ versions: base_url: 'https://cloudtasks.googleapis.com/v2/' scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/composer/UserWorkloadsConfigMap.yaml b/mmv1/products/composer/UserWorkloadsConfigMap.yaml index 9835430077f0..d2deadbf3b08 100644 --- a/mmv1/products/composer/UserWorkloadsConfigMap.yaml +++ b/mmv1/products/composer/UserWorkloadsConfigMap.yaml @@ -11,11 +11,74 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +======= --- +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 name: 'UserWorkloadsConfigMap' description: | User workloads ConfigMap used by Airflow tasks that run with Kubernetes Executor or KubernetesPodOperator. Intended for Composer 3 Environments. +<<<<<<< HEAD +references: !ruby/object:Api::Resource::ReferenceLinks + # TODO: add v1 reference when this is moved to ga + api: https://cloud.google.com/composer/docs/reference/rest/v1beta1/projects.locations.environments.userWorkloadsConfigMaps + +min_version: beta + +base_url: projects/{{project}}/locations/{{region}}/environments/{{environment}}/userWorkloadsConfigMaps +self_link: projects/{{project}}/locations/{{region}}/environments/{{environment}}/userWorkloadsConfigMaps/{{name}} + +# Overrides one or more timeouts, in minutes. All timeouts default to 20. +timeouts: !ruby/object:Api::Timeouts + insert_minutes: 1 + update_minutes: 1 + delete_minutes: 1 + +examples: + - !ruby/object:Provider::Terraform::Examples + name: "composer_user_workloads_config_map_basic" + primary_resource_id: "config_map" + vars: + environment_name: "test-environment" + config_map_name: "test-config-map" + +parameters: + - !ruby/object:Api::Type::String + name: 'region' + immutable: true + default_from_api: true + url_param_only: true + description: | + The location or Compute Engine region for the environment. + - !ruby/object:Api::Type::String + name: 'environment' + required: true + immutable: true + url_param_only: true + validation: !ruby/object:Provider::Terraform::Validation + function: 'verify.ValidateGCEName' + description: | + Environment where the Kubernetes ConfigMap will be stored and used. +properties: + - !ruby/object:Api::Type::String + name: 'name' + required: true + immutable: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + custom_expand: 'templates/terraform/custom_expand/shortname_to_url.go.erb' + validation: !ruby/object:Provider::Terraform::Validation + function: 'verify.ValidateGCEName' + description: | + Name of the Kubernetes ConfigMap. + - !ruby/object:Api::Type::KeyValuePairs + name: 'data' + immutable: false + description: | + The "data" field of Kubernetes ConfigMap, organized in key-value pairs. + For details see: https://kubernetes.io/docs/concepts/configuration/configmap/ +======= min_version: 'beta' references: guides: @@ -74,3 +137,4 @@ properties: For details see: https://kubernetes.io/docs/concepts/configuration/configmap/ min_version: 'beta' immutable: false +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/composer/go_UserWorkloadsConfigMap.yaml b/mmv1/products/composer/go_UserWorkloadsConfigMap.yaml new file mode 100644 index 000000000000..2a47b1003352 --- /dev/null +++ b/mmv1/products/composer/go_UserWorkloadsConfigMap.yaml @@ -0,0 +1,77 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'UserWorkloadsConfigMap' +description: | + User workloads ConfigMap used by Airflow tasks that run with Kubernetes Executor or KubernetesPodOperator. + Intended for Composer 3 Environments. +min_version: 'beta' +references: + guides: + # TODO: add v1 reference when this is moved to ga + api: 'https://cloud.google.com/composer/docs/reference/rest/v1beta1/projects.locations.environments.userWorkloadsConfigMaps' +docs: +base_url: 'projects/{{project}}/locations/{{region}}/environments/{{environment}}/userWorkloadsConfigMaps' +self_link: 'projects/{{project}}/locations/{{region}}/environments/{{environment}}/userWorkloadsConfigMaps/{{name}}' +# Overrides one or more timeouts, in minutes. All timeouts default to 20. +timeouts: + insert_minutes: 1 + update_minutes: 1 + delete_minutes: 1 +custom_code: +examples: + - name: 'composer_user_workloads_config_map_basic' + primary_resource_id: 'config_map' + vars: + environment_name: 'test-environment' + config_map_name: 'test-config-map' +parameters: + - name: 'region' + type: String + description: | + The location or Compute Engine region for the environment. + min_version: 'beta' + url_param_only: true + immutable: true + default_from_api: true + - name: 'environment' + type: String + description: | + Environment where the Kubernetes ConfigMap will be stored and used. + min_version: 'beta' + url_param_only: true + required: true + immutable: true + validation: + function: 'verify.ValidateGCEName' +properties: + - name: 'name' + type: String + description: | + Name of the Kubernetes ConfigMap. + min_version: 'beta' + required: true + immutable: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/shortname_to_url.go.tmpl' + validation: + function: 'verify.ValidateGCEName' + - name: 'data' + type: KeyValuePairs + description: | + The "data" field of Kubernetes ConfigMap, organized in key-value pairs. + For details see: https://kubernetes.io/docs/concepts/configuration/configmap/ + min_version: 'beta' + immutable: false diff --git a/mmv1/products/composer/go_product.yaml b/mmv1/products/composer/go_product.yaml new file mode 100644 index 000000000000..b31aa785cd7c --- /dev/null +++ b/mmv1/products/composer/go_product.yaml @@ -0,0 +1,24 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Composer' +display_name: 'Cloud Composer' +versions: + - name: 'ga' + base_url: 'https://composer.googleapis.com/v1/' + - name: 'beta' + base_url: 'https://composer.googleapis.com/v1beta1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/composer/product.yaml b/mmv1/products/composer/product.yaml index 228454423590..34d48915cb71 100644 --- a/mmv1/products/composer/product.yaml +++ b/mmv1/products/composer/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2022 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,7 +15,29 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: Composer +display_name: Cloud Composer +scopes: + - https://www.googleapis.com/auth/cloud-platform +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://composer.googleapis.com/v1/ + - !ruby/object:Api::Product::Version + name: beta + base_url: https://composer.googleapis.com/v1beta1/ +======= +# Warning: This is a temporary file, and should not be edited directly --- +<<<<<<<< HEAD:mmv1/products/cloudquotas/go_product.yaml +name: 'CloudQuotas' +display_name: 'Cloud Quotas' +versions: + - name: 'ga' + base_url: 'https://cloudquotas.googleapis.com/v1/' +======== name: 'Composer' display_name: 'Cloud Composer' versions: @@ -19,5 +45,7 @@ versions: base_url: 'https://composer.googleapis.com/v1/' - name: 'beta' base_url: 'https://composer.googleapis.com/v1beta1/' +>>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856:mmv1/products/composer/product.yaml scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/Address.yaml b/mmv1/products/compute/Address.yaml index a65b502166f7..d22ad69205f1 100644 --- a/mmv1/products/compute/Address.yaml +++ b/mmv1/products/compute/Address.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,9 +15,19 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Address' +kind: 'compute#address' +base_url: projects/{{project}}/regions/{{region}}/addresses +collection_url_key: 'items' +has_self_link: true +immutable: true +======= --- name: 'Address' kind: 'compute#address' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Represents an Address resource. @@ -28,11 +42,43 @@ description: | the instance is assigned a new internal IP address, either by Compute Engine or by you. External IP addresses can be either ephemeral or static. +<<<<<<< HEAD +references: !ruby/object:Api::Resource::ReferenceLinks +======= references: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 guides: 'Reserving a Static External IP Address': 'https://cloud.google.com/compute/docs/instances-and-network' 'Reserving a Static Internal IP Address': 'https://cloud.google.com/compute/docs/ip-addresses/reserve-static-internal-ip-address' api: 'https://cloud.google.com/compute/docs/reference/beta/addresses' +<<<<<<< HEAD +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'address_basic' + primary_resource_id: 'ip_address' + vars: + address_name: 'my-address' + - !ruby/object:Provider::Terraform::Examples + name: 'address_with_subnetwork' +======= docs: base_url: 'projects/{{project}}/regions/{{region}}/addresses' has_self_link: true @@ -64,11 +110,28 @@ examples: vars: address_name: 'my-address' - name: 'address_with_subnetwork' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'internal_with_subnet_and_address' vars: address_name: 'my-internal-address' network_name: 'my-network' subnetwork_name: 'my-subnet' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'address_with_gce_endpoint' + primary_resource_id: 'internal_with_gce_endpoint' + vars: + address_name: 'my-internal-address-' + - !ruby/object:Provider::Terraform::Examples + name: 'address_with_shared_loadbalancer_vip' + primary_resource_id: 'internal_with_shared_loadbalancer_vip' + vars: + address_name: 'my-internal-address' + skip_docs: true # It is almost identical to internal_with_gce_endpoint + # TODO(rileykarson): Remove this example when instance is supported + - !ruby/object:Provider::Terraform::Examples + name: 'instance_with_ip' +======= - name: 'address_with_gce_endpoint' primary_resource_id: 'internal_with_gce_endpoint' vars: @@ -81,23 +144,46 @@ examples: exclude_docs: true # TODO(rileykarson): Remove this example when instance is supported - name: 'instance_with_ip' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'static' vars: address_name: 'ipv4-address' instance_name: 'vm-instance' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'compute_address_ipsec_interconnect' +======= - name: 'compute_address_ipsec_interconnect' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'ipsec-interconnect-address' vars: address_name: 'test-address' network_name: 'test-network' +<<<<<<< HEAD +custom_code: !ruby/object:Provider::Terraform::CustomCode + post_create: templates/terraform/post_create/labels.erb +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'region' + resource: 'Region' + imports: 'name' +======= parameters: - name: 'region' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The Region in which the created address should reside. If it is not provided, the provider region is used. required: false default_from_api: true +<<<<<<< HEAD + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::String + name: 'address' +======= custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Region' @@ -105,11 +191,33 @@ parameters: properties: - name: 'address' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The static external IP address represented by this resource. The IP address must be inside the specified subnetwork, if any. Set by the API if undefined. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'addressType' + description: | + The type of address to reserve. + Note: if you set this argument's value as `INTERNAL` you need to leave the `network_tier` argument unset in that resource block. + values: + - :INTERNAL + - :EXTERNAL + default_value: :EXTERNAL + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb' + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::String + name: 'description' + description: 'An optional description of this resource.' + - !ruby/object:Api::Type::String + name: 'name' +======= - name: 'addressType' type: Enum description: | @@ -129,6 +237,7 @@ properties: description: 'An optional description of this resource.' - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters @@ -137,10 +246,17 @@ properties: following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + regex: '^(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?)$' + - !ruby/object:Api::Type::String + name: 'purpose' +======= validation: regex: '^(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?)$' - name: 'purpose' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The purpose of this resource, which can be one of the following values. @@ -162,24 +278,65 @@ properties: This should only be set when using an Internal address. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'networkTier' +======= - name: 'networkTier' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The networking tier used for configuring this address. If this field is not specified, it is assumed to be PREMIUM. This argument should not be used when configuring Internal addresses, because [network tier cannot be set for internal traffic; it's always Premium](https://cloud.google.com/network-tiers/docs/overview). +<<<<<<< HEAD + values: + - :PREMIUM + - :STANDARD + default_from_api: true + - !ruby/object:Api::Type::ResourceRef + name: 'subnetwork' + resource: 'Subnetwork' + imports: 'selfLink' +======= default_from_api: true enum_values: - 'PREMIUM' - 'STANDARD' - name: 'subnetwork' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The URL of the subnetwork in which to reserve the address. If an IP address is specified, it must be within the subnetwork's IP range. This field can only be used with INTERNAL type with GCE_ENDPOINT/DNS_RESOLVER purposes. default_from_api: true +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Array + name: 'users' + description: 'The URLs of the resources that are using this address.' + item_type: Api::Type::String + output: true + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: | + Labels to apply to this address. A list of key->value pairs. + update_verb: :POST + update_url: 'projects/{{project}}/regions/{{region}}/addresses/{{name}}/setLabels' + - !ruby/object:Api::Type::Fingerprint + name: 'labelFingerprint' + description: | + The fingerprint used for optimistic locking of this resource. Used + internally during updates. + update_url: 'projects/{{project}}/regions/{{region}}/addresses/{{name}}/setLabels' + update_verb: :POST + - !ruby/object:Api::Type::ResourceRef + name: 'network' + resource: 'Network' + imports: 'selfLink' +======= custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Subnetwork' imports: 'selfLink' @@ -206,10 +363,29 @@ properties: key_expander: '' - name: 'network' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The URL of the network in which to reserve the address. This field can only be used with INTERNAL type with the VPC_PEERING and IPSEC_INTERCONNECT purposes. +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Integer + name: prefixLength + description: | + The prefix length if the resource represents an IP range. + default_from_api: true + - !ruby/object:Api::Type::Enum + name: 'ipVersion' + description: | + The IP Version that will be used by this address. The default value is `IPV4`. + values: + - :IPV4 + - :IPV6 + diff_suppress_func: 'tpgresource.EmptyOrDefaultStringSuppress("IPV4")' + - !ruby/object:Api::Type::Enum + name: 'ipv6EndpointType' +======= custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Network' imports: 'selfLink' @@ -228,10 +404,17 @@ properties: - 'IPV6' - name: 'ipv6EndpointType' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The endpoint type of this address, which should be VM or NETLB. This is used for deciding which type of endpoint this address can be used after the external IPv6 address reservation. +<<<<<<< HEAD + values: + - :VM + - :NETLB +======= enum_values: - 'VM' - 'NETLB' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/Autoscaler.yaml b/mmv1/products/compute/Autoscaler.yaml index b8dadbe531b0..68f8d4394e77 100644 --- a/mmv1/products/compute/Autoscaler.yaml +++ b/mmv1/products/compute/Autoscaler.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,15 +15,52 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Autoscaler' +kind: 'compute#autoscaler' +base_url: projects/{{project}}/zones/{{zone}}/autoscalers +update_url: projects/{{project}}/zones/{{zone}}/autoscalers?autoscaler={{name}} +collection_url_key: 'items' +has_self_link: true +======= --- name: 'Autoscaler' kind: 'compute#autoscaler' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Represents an Autoscaler resource. Autoscalers allow you to automatically scale virtual machine instances in managed instance groups according to an autoscaling policy that you define. +<<<<<<< HEAD +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Autoscaling Groups of Instances': 'https://cloud.google.com/compute/docs/autoscaler/' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/autoscalers' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'autoscaler_single_instance' +======= references: guides: 'Autoscaling Groups of Instances': 'https://cloud.google.com/compute/docs/autoscaler/' @@ -50,24 +91,40 @@ collection_url_key: 'items' custom_code: examples: - name: 'autoscaler_single_instance' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' min_version: 'beta' vars: autoscaler_name: 'my-autoscaler' instance_template_name: 'my-instance-template' target_pool_name: 'my-target-pool' +<<<<<<< HEAD + igm_name: + 'my-igm' +======= igm_name: 'my-igm' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Add test_vars_overrides and oics_vars_overrides to fix the failing test, # which is caused by upgradting terraform-plugin-sdk to 2.24.0. provider_name: 'google-beta' provider_alias: '' test_vars_overrides: +<<<<<<< HEAD + provider_name: '"google-beta.us-central1"' + provider_alias: '"alias = \"us-central1\""' + oics_vars_overrides: + provider_name: 'google-beta' + provider_alias: '' + - !ruby/object:Provider::Terraform::Examples + name: 'autoscaler_basic' +======= 'provider_name': '"google-beta.us-central1"' 'provider_alias': '"alias = \"us-central1\""' oics_vars_overrides: 'provider_name': 'google-beta' 'provider_alias': '' - name: 'autoscaler_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'foobar' vars: autoscaler_name: 'my-autoscaler' @@ -75,14 +132,31 @@ examples: target_pool_name: 'my-target-pool' igm_name: 'my-igm' parameters: +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: 'zone' + resource: 'Zone' + imports: 'name' +======= - name: 'zone' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | URL of the zone where the instance group resides. required: false immutable: true ignore_read: true default_from_api: true +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::String + name: 'name' +======= custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Zone' imports: 'name' @@ -93,6 +167,7 @@ properties: output: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. The name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the @@ -101,6 +176,16 @@ properties: character, which cannot be a dash. required: true immutable: true +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + function: 'verify.ValidateGCEName' + - !ruby/object:Api::Type::String + name: 'description' + description: | + An optional description of this resource. + - !ruby/object:Api::Type::NestedObject + name: 'autoscalingPolicy' +======= validation: function: 'verify.ValidateGCEName' - name: 'description' @@ -109,6 +194,7 @@ properties: An optional description of this resource. - name: 'autoscalingPolicy' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The configuration parameters for the autoscaling algorithm. You can define one or more of the policies for an autoscaler: cpuUtilization, @@ -118,28 +204,50 @@ properties: on cpuUtilization to 0.6 or 60%. required: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'minReplicas' + api_name: minNumReplicas +======= - name: 'minReplicas' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The minimum number of replicas that the autoscaler can scale down to. This cannot be less than 0. If not provided, autoscaler will choose a default value depending on maximum number of instances allowed. +<<<<<<< HEAD + send_empty_value: true + required: true + - !ruby/object:Api::Type::Integer + name: 'maxReplicas' + api_name: maxNumReplicas +======= api_name: minNumReplicas required: true send_empty_value: true - name: 'maxReplicas' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The maximum number of instances that the autoscaler can scale up to. This is required when creating or updating an autoscaler. The maximum number of replicas should not be lower than minimal number of replicas. +<<<<<<< HEAD + send_empty_value: true + required: true + - !ruby/object:Api::Type::Integer + name: 'cooldownPeriod' + api_name: 'coolDownPeriodSec' +======= api_name: maxNumReplicas required: true send_empty_value: true - name: 'cooldownPeriod' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The number of seconds that the autoscaler should wait before it starts collecting information from a new instance. This prevents @@ -151,6 +259,55 @@ properties: numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process. +<<<<<<< HEAD + default_value: 60 + - !ruby/object:Api::Type::String + name: 'mode' + default_value: 'ON' + description: | + Defines operating mode for this policy. + - !ruby/object:Api::Type::NestedObject + name: 'scaleDownControl' + min_version: beta + description: | + Defines scale down controls to reduce the risk of response latency + and outages due to abrupt scale-in events + required: false + default_from_api: true + properties: + - !ruby/object:Api::Type::NestedObject + name: 'maxScaledDownReplicas' + at_least_one_of: + - autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas + - autoscaling_policy.0.scale_down_control.0.time_window_sec + properties: + - !ruby/object:Api::Type::Integer + name: 'fixed' + at_least_one_of: + - autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.fixed + - autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.percent + description: | + Specifies a fixed number of VM instances. This must be a positive + integer. + - !ruby/object:Api::Type::Integer + name: 'percent' + at_least_one_of: + - autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.fixed + - autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.percent + description: | + Specifies a percentage of instances between 0 to 100%, inclusive. + For example, specify 80 for 80%. + - !ruby/object:Api::Type::Integer + name: 'timeWindowSec' + at_least_one_of: + - autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas + - autoscaling_policy.0.scale_down_control.0.time_window_sec + description: | + How long back autoscaling should look when computing recommendations + to include directives regarding slower scale down, as described above. + - !ruby/object:Api::Type::NestedObject + name: 'scaleInControl' +======= api_name: coolDownPeriodSec default_value: 60 - name: 'mode' @@ -199,10 +356,45 @@ properties: - 'autoscaling_policy.0.scale_down_control.0.time_window_sec' - name: 'scaleInControl' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Defines scale in controls to reduce the risk of response latency and outages due to abrupt scale-in events properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'maxScaledInReplicas' + at_least_one_of: + - autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas + - autoscaling_policy.0.scale_in_control.0.time_window_sec + properties: + - !ruby/object:Api::Type::Integer + name: 'fixed' + at_least_one_of: + - autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.fixed + - autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.percent + description: | + Specifies a fixed number of VM instances. This must be a positive + integer. + - !ruby/object:Api::Type::Integer + name: 'percent' + at_least_one_of: + - autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.fixed + - autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.percent + description: | + Specifies a percentage of instances between 0 to 100%, inclusive. + For example, specify 80 for 80%. + - !ruby/object:Api::Type::Integer + name: 'timeWindowSec' + at_least_one_of: + - autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas + - autoscaling_policy.0.scale_in_control.0.time_window_sec + description: | + How long back autoscaling should look when computing recommendations + to include directives regarding slower scale down, as described above. + - !ruby/object:Api::Type::NestedObject + name: 'cpuUtilization' +======= - name: 'maxScaledInReplicas' type: NestedObject at_least_one_of: @@ -235,14 +427,22 @@ properties: - 'autoscaling_policy.0.scale_in_control.0.time_window_sec' - name: 'cpuUtilization' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group. default_from_api: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Double + name: 'target' + api_name: 'utilizationTarget' + required: true +======= - name: 'target' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The target CPU utilization that the autoscaler should maintain. Must be a float value in the range (0, 1]. If not specified, the @@ -257,16 +457,35 @@ properties: scales up until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'predictiveMethod' + default_value: NONE +======= api_name: utilizationTarget required: true - name: 'predictiveMethod' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: - NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. - OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand. +<<<<<<< HEAD + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb' + - !ruby/object:Api::Type::Array + name: 'metric' + api_name: 'customMetricUtilizations' + description: | + Configuration parameters of autoscaling based on a custom metric. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + api_name: 'metric' +======= custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' default_value: "NONE" - name: 'metric' @@ -279,15 +498,23 @@ properties: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE. +<<<<<<< HEAD + required: true + - !ruby/object:Api::Type::Double + name: 'singleInstanceAssignment' + min_version: beta +======= api_name: metric required: true - name: 'singleInstanceAssignment' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to @@ -305,9 +532,15 @@ properties: latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead. +<<<<<<< HEAD + - !ruby/object:Api::Type::Double + name: 'target' + api_name: utilizationTarget +======= min_version: 'beta' - name: 'target' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The target value of the metric that autoscaler should maintain. This must be a positive value. A utilization @@ -318,6 +551,20 @@ properties: www.googleapis.com/compute/instance/network/received_bytes_count. The autoscaler will work to keep this value constant for each of the instances. +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'type' + api_name: 'utilizationTargetType' + description: | + Defines how target utilization value is expressed for a + Stackdriver Monitoring metric. + values: + - :GAUGE + - :DELTA_PER_SECOND + - :DELTA_PER_MINUTE + - !ruby/object:Api::Type::String + name: 'filter' +======= api_name: utilizationTarget - name: 'type' type: Enum @@ -331,6 +578,7 @@ properties: - 'DELTA_PER_MINUTE' - name: 'filter' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A filter string to be used as the filter string for a Stackdriver Monitoring TimeSeries.list API call. @@ -364,6 +612,19 @@ properties: (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value. +<<<<<<< HEAD + min_version: beta + default_value: 'resource.type = gce_instance' + - !ruby/object:Api::Type::NestedObject + name: 'loadBalancingUtilization' + description: | + Configuration parameters of autoscaling based on a load balancer. + properties: + - !ruby/object:Api::Type::Double + name: 'target' + api_name: utilizationTarget + required: true +======= min_version: 'beta' default_value: "resource.type = gce_instance" - name: 'loadBalancingUtilization' @@ -373,10 +634,25 @@ properties: properties: - name: 'target' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Fraction of backend capacity utilization (set in HTTP(s) load balancing configuration) that autoscaler should maintain. Must be a positive float value. If not defined, the default is 0.8. +<<<<<<< HEAD + - !ruby/object:Api::Type::Map + name: 'scalingSchedules' + description: | + Scaling schedules defined for an autoscaler. Multiple schedules can be set on an autoscaler and they can overlap. + key_name: name + key_description: | + A name for the schedule. + value_type: !ruby/object:Api::Type::NestedObject + name: scalingSchedule + properties: + - !ruby/object:Api::Type::Integer + name: 'minRequiredReplicas' +======= api_name: utilizationTarget required: true - name: 'scalingSchedules' @@ -392,10 +668,45 @@ properties: properties: - name: 'minRequiredReplicas' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Minimum number of VM instances that autoscaler will recommend in time intervals starting according to schedule. required: true send_empty_value: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'schedule' + description: | + The start timestamps of time intervals when this scaling schedule should provide a scaling signal. This field uses the extended cron format (with an optional year field). + required: true + - !ruby/object:Api::Type::String + name: 'timeZone' + default_value: UTC + description: | + The time zone to be used when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. + - !ruby/object:Api::Type::Integer + name: 'durationSec' + description: | + The duration of time intervals (in seconds) for which this scaling schedule will be running. The minimum allowed value is 300. + required: true + - !ruby/object:Api::Type::Boolean + name: 'disabled' + description: | + A boolean value that specifies if a scaling schedule can influence autoscaler recommendations. If set to true, then a scaling schedule has no effect. + default_value: false + - !ruby/object:Api::Type::String + name: 'description' + description: | + A description of a scaling schedule. + - !ruby/object:Api::Type::ResourceRef + name: 'target' + resource: 'InstanceGroupManager' + imports: 'selfLink' + description: | + URL of the managed instance group that this autoscaler will scale. + required: true + custom_expand: 'templates/terraform/custom_expand/compute_full_url.erb' +======= - name: 'schedule' type: String description: | @@ -428,3 +739,4 @@ properties: custom_expand: 'templates/terraform/custom_expand/compute_full_url.tmpl' resource: 'InstanceGroupManager' imports: 'selfLink' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/BackendBucket.yaml b/mmv1/products/compute/BackendBucket.yaml index 400b44bf1986..4001eb5faf66 100644 --- a/mmv1/products/compute/BackendBucket.yaml +++ b/mmv1/products/compute/BackendBucket.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,9 +15,18 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'BackendBucket' +kind: 'compute#backendBucket' +base_url: projects/{{project}}/global/backendBuckets +collection_url_key: 'items' +has_self_link: true +======= --- name: 'BackendBucket' kind: 'compute#backendBucket' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Backend buckets allow you to use Google Cloud Storage buckets with HTTP(S) load balancing. @@ -22,6 +35,54 @@ description: | backend bucket rather than a backend service. It can send requests for static content to a Cloud Storage bucket and requests for dynamic content to a virtual machine instance. +<<<<<<< HEAD +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Using a Cloud Storage bucket as a load balancer backend': 'https://cloud.google.com/compute/docs/load-balancing/http/backend-bucket' + api: 'https://cloud.google.com/compute/docs/reference/v1/backendBuckets' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +iam_policy: !ruby/object:Api::Resource::IamPolicy + min_version: beta + parent_resource_attribute: 'name' + import_format: + ['projects/{{project}}/global/backendBuckets/{{name}}', '{{name}}'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'backend_bucket_basic' + primary_resource_id: 'image_backend' + primary_resource_name: "fmt.Sprintf(\"tf-test-image-backend-bucket%s\", + context[\"\ + random_suffix\"])" + vars: + backend_bucket_name: 'image-backend-bucket' + bucket_name: 'image-store-bucket' + - !ruby/object:Provider::Terraform::Examples + name: 'backend_bucket_full' + primary_resource_id: 'image_backend_full' + skip_docs: true + vars: + backend_bucket_name: 'image-backend-bucket-full' + bucket_name: 'image-store-bucket-full' + - !ruby/object:Provider::Terraform::Examples + name: 'backend_bucket_security_policy' +======= references: guides: 'Using a Cloud Storage bucket as a load balancer backend': 'https://cloud.google.com/compute/docs/load-balancing/http/backend-bucket' @@ -73,10 +134,26 @@ examples: bucket_name: 'image-store-bucket-full' exclude_docs: true - name: 'backend_bucket_security_policy' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'image_backend' vars: backend_bucket_name: 'image-backend-bucket' bucket_name: 'image-store-bucket' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'backend_bucket_query_string_whitelist' + primary_resource_id: 'image_backend' + vars: + backend_bucket_name: 'image-backend-bucket' + - !ruby/object:Provider::Terraform::Examples + name: 'backend_bucket_include_http_headers' + primary_resource_id: 'image_backend' + vars: + backend_bucket_name: 'image-backend-bucket' + - !ruby/object:Provider::Terraform::Examples + name: 'external_cdn_lb_with_backend_bucket' + primary_resource_type: 'google_compute_backend_bucket' +======= - name: 'backend_bucket_query_string_whitelist' primary_resource_id: 'image_backend' vars: @@ -86,6 +163,7 @@ examples: vars: backend_bucket_name: 'image-backend-bucket' - name: 'external_cdn_lb_with_backend_bucket' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: my_bucket: 'my-bucket' @@ -97,6 +175,47 @@ examples: http_lb_proxy: 'http-lb-proxy' http_lb: 'http-lb' cat_backend_bucket: 'cat-backend-bucket' +<<<<<<< HEAD + skip_docs: true + - !ruby/object:Provider::Terraform::Examples + name: 'backend_bucket_bypass_cache' + primary_resource_id: 'image_backend' + skip_docs: true + vars: + backend_bucket_name: 'image-backend-bucket' + bucket_name: 'image-store-bucket' + - !ruby/object:Provider::Terraform::Examples + name: 'backend_bucket_coalescing' + primary_resource_id: 'image_backend' + skip_docs: true + vars: + backend_bucket_name: 'image-backend-bucket' + bucket_name: 'image-store-bucket' +custom_code: !ruby/object:Provider::Terraform::CustomCode + encoder: 'templates/terraform/encoders/compute_backend_bucket.go.erb' + post_create: 'templates/terraform/post_create/compute_backend_bucket_security_policy.go.erb' + post_update: 'templates/terraform/post_create/compute_backend_bucket_security_policy.go.erb' +properties: + - !ruby/object:Api::Type::String + name: 'bucketName' + description: 'Cloud Storage bucket name.' + required: true + - !ruby/object:Api::Type::NestedObject + name: 'cdnPolicy' + description: 'Cloud CDN configuration for this Backend Bucket.' + default_from_api: true + properties: + - !ruby/object:Api::Type::NestedObject + name: 'cacheKeyPolicy' + description: 'The CacheKeyPolicy for this CdnPolicy.' + properties: + - !ruby/object:Api::Type::Array + send_empty_value: true + name: 'queryStringWhitelist' + at_least_one_of: + - cdn_policy.0.cache_key_policy.0.query_string_whitelist + - cdn_policy.0.cache_key_policy.0.include_http_headers +======= exclude_docs: true - name: 'backend_bucket_bypass_cache' primary_resource_id: 'image_backend' @@ -127,10 +246,26 @@ properties: properties: - name: 'queryStringWhitelist' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Names of query string parameters to include in cache keys. Default parameters are always included. '&' and '=' will be percent encoded and not treated as delimiters. +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + send_empty_value: true + name: 'includeHttpHeaders' + at_least_one_of: + - cdn_policy.0.cache_key_policy.0.query_string_whitelist + - cdn_policy.0.cache_key_policy.0.include_http_headers + description: | + Allows HTTP request headers (by name) to be used in the + cache key. + item_type: Api::Type::String + - !ruby/object:Api::Type::Integer + name: 'signedUrlCacheMaxAgeSec' +======= send_empty_value: true at_least_one_of: - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' @@ -150,6 +285,7 @@ properties: type: String - name: 'signedUrlCacheMaxAgeSec' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Maximum number of seconds the response to a signed URL request will be considered fresh. After this time period, @@ -160,13 +296,27 @@ properties: max-age=[TTL]" header, regardless of any existing Cache-Control header. The actual headers served in responses will not be altered. send_empty_value: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'defaultTtl' +======= - name: 'defaultTtl' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). default_from_api: true send_empty_value: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'maxTtl' + description: | + Specifies the maximum allowed TTL for cached content served by this origin. + default_from_api: true + - !ruby/object:Api::Type::Integer + name: 'clientTtl' +======= - name: 'maxTtl' type: Integer description: | @@ -174,10 +324,33 @@ properties: default_from_api: true - name: 'clientTtl' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the maximum allowed TTL for cached content served by this origin. default_from_api: true send_empty_value: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'negativeCaching' + send_empty_value: true + description: | + Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. + default_from_api: true + - !ruby/object:Api::Type::Array + name: 'negativeCachingPolicy' + description: | + Sets a cache TTL for the specified HTTP status code. negativeCaching must be enabled to configure negativeCachingPolicy. + Omitting the policy and leaving negativeCaching enabled will use Cloud CDN's default cache TTLs. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Integer + name: 'code' + description: | + The HTTP status code to define a TTL against. Only HTTP status codes 300, 301, 308, 404, 405, 410, 421, 451 and 501 + can be specified as values, and you cannot specify a status code more than once. + - !ruby/object:Api::Type::Integer + name: 'ttl' +======= - name: 'negativeCaching' type: Boolean description: | @@ -199,10 +372,76 @@ properties: can be specified as values, and you cannot specify a status code more than once. - name: 'ttl' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The TTL (in seconds) for which to cache responses with the corresponding status code. The maximum allowed value is 1800s (30 minutes), noting that infrequently accessed objects may be evicted from the cache before the defined TTL. send_empty_value: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'cacheMode' + description: | + Specifies the cache setting for all responses from this backend. + The possible values are: USE_ORIGIN_HEADERS, FORCE_CACHE_ALL and CACHE_ALL_STATIC + values: + - :USE_ORIGIN_HEADERS + - :FORCE_CACHE_ALL + - :CACHE_ALL_STATIC + default_from_api: true + - !ruby/object:Api::Type::Integer + name: 'serveWhileStale' + send_empty_value: true + description: | + Serve existing content from the cache (if available) when revalidating content with the origin, or when an error is encountered when refreshing the cache. + default_from_api: true + - !ruby/object:Api::Type::Boolean + name: 'requestCoalescing' + send_empty_value: true + description: | + If true then Cloud CDN will combine multiple concurrent cache fill requests into a small number of requests to the origin. + - !ruby/object:Api::Type::Array + name: 'bypassCacheOnRequestHeaders' + description: | + Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings. + max_size: 5 + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'headerName' + description: | + The header field name to match on when bypassing cache. Values are case-insensitive. + - !ruby/object:Api::Type::Enum + name: 'compressionMode' + description: | + Compress text responses using Brotli or gzip compression, based on the client's Accept-Encoding header. + values: + - :AUTOMATIC + - :DISABLED + - !ruby/object:Api::Type::String + name: 'edgeSecurityPolicy' + description: | + The security policy associated with this backend bucket. + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - !ruby/object:Api::Type::Array + name: 'customResponseHeaders' + description: | + Headers that the HTTP/S load balancer should add to proxied responses. + item_type: Api::Type::String + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::String + name: 'description' + description: | + An optional textual description of the resource; provided by the + client when the resource is created. + - !ruby/object:Api::Type::Boolean + name: 'enableCdn' + description: 'If true, enable Cloud CDN for this BackendBucket.' + - !ruby/object:Api::Type::String + name: 'name' +======= - name: 'cacheMode' type: Enum description: | @@ -268,6 +507,7 @@ properties: description: 'If true, enable Cloud CDN for this BackendBucket.' - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -276,7 +516,13 @@ properties: the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. +<<<<<<< HEAD + immutable: true + required: true + validation: !ruby/object:Provider::Terraform::Validation +======= required: true immutable: true validation: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 regex: '^(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?)$' diff --git a/mmv1/products/compute/BackendBucketSignedUrlKey.yaml b/mmv1/products/compute/BackendBucketSignedUrlKey.yaml index 860df8a14ba9..64d7fef07b0d 100644 --- a/mmv1/products/compute/BackendBucketSignedUrlKey.yaml +++ b/mmv1/products/compute/BackendBucketSignedUrlKey.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,21 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'BackendBucketSignedUrlKey' +kind: 'compute#BackendBucketSignedUrlKey' +immutable: true +base_url: projects/{{project}}/global/backendBuckets/{{backend_bucket}} +create_url: projects/{{project}}/global/backendBuckets/{{backend_bucket}}/addSignedUrlKey +create_verb: :POST +delete_url: projects/{{project}}/global/backendBuckets/{{backend_bucket}}/deleteSignedUrlKey?keyName={{name}} +delete_verb: :POST +self_link: projects/{{project}}/global/backendBuckets/{{backend_bucket}} +identity: + - name +nested_query: !ruby/object:Api::Resource::NestedQuery +======= --- name: 'BackendBucketSignedUrlKey' kind: 'compute#BackendBucketSignedUrlKey' @@ -50,30 +69,89 @@ async: identity: - name nested_query: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 keys: - cdnPolicy - signedUrlKeyNames is_list_of_ids: true +<<<<<<< HEAD +description: | + A key for signing Cloud CDN signed URLs for BackendBuckets. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Using Signed URLs': 'https://cloud.google.com/cdn/docs/using-signed-urls/' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/backendBuckets' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +exclude_import: true +exclude_tgc: true +mutex: signedUrlKey/{{project}}/backendBuckets/{{backend_bucket}}/ +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'backend_bucket_signed_url_key' + external_providers: ["random", "time"] +======= modify_by_patch: false custom_code: exclude_tgc: true examples: - name: 'backend_bucket_signed_url_key' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'backend_key' vars: key_name: 'test-key' backend_name: 'test-signed-backend-bucket' bucket_name: 'test-storage-bucket' +<<<<<<< HEAD + skip_test: true +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'backendBucket' + resource: 'BackendBucket' + imports: 'name' +======= external_providers: ["random", "time"] exclude_test: true parameters: - name: 'backendBucket' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The backend bucket this signed URL key belongs. required: true immutable: true ignore_read: true +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::String + name: 'name' + api_name: 'keyName' + description: | + Name of the signed URL key. + required: true + immutable: true + validation: !ruby/object:Provider::Terraform::Validation + regex: '^(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?)$' + - !ruby/object:Api::Type::String + name: 'keyValue' +======= custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'BackendBucket' imports: 'name' @@ -89,10 +167,16 @@ properties: regex: '^(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?)$' - name: 'keyValue' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | 128-bit key value used for signing the URL. The key value must be a valid RFC 4648 Section 5 base64url encoded string. required: true immutable: true +<<<<<<< HEAD + sensitive: true + ignore_read: true +======= ignore_read: true sensitive: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/BackendService.yaml b/mmv1/products/compute/BackendService.yaml index 0b1597f1ffac..ab757c37b433 100644 --- a/mmv1/products/compute/BackendService.yaml +++ b/mmv1/products/compute/BackendService.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,9 +15,18 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'BackendService' +kind: 'compute#backendService' +base_url: projects/{{project}}/global/backendServices +collection_url_key: 'items' +has_self_link: true +======= --- name: 'BackendService' kind: 'compute#backendService' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A Backend Service defines a group of virtual machines that will serve traffic for load balancing. This resource is a global backend service, @@ -21,6 +34,47 @@ description: | For managed internal load balancing, use a regional backend service instead. Currently self-managed internal load balancing is only available in beta. +<<<<<<< HEAD +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/compute/docs/load-balancing/http/backend-service' + api: 'https://cloud.google.com/compute/docs/reference/v1/backendServices' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'backend_service_basic' + primary_resource_id: 'default' + primary_resource_name: "fmt.Sprintf(\"tf-test-backend-service%s\", + context[\"\ + random_suffix\"])" + vars: + backend_service_name: 'backend-service' + http_health_check_name: 'health-check' + - !ruby/object:Provider::Terraform::Examples + name: 'backend_service_external_iap' + primary_resource_id: 'default' + vars: + backend_service_name: 'tf-test-backend-service-external' + - !ruby/object:Provider::Terraform::Examples + name: 'backend_service_cache_simple' +======= references: guides: 'Official Documentation': 'https://cloud.google.com/compute/docs/load-balancing/http/backend-service' @@ -72,10 +126,25 @@ examples: vars: backend_service_name: 'tf-test-backend-service-external' - name: 'backend_service_cache_simple' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: backend_service_name: 'backend-service' http_health_check_name: 'health-check' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'backend_service_cache_include_http_headers' + primary_resource_id: 'default' + vars: + backend_service_name: 'backend-service' + - !ruby/object:Provider::Terraform::Examples + name: 'backend_service_cache_include_named_cookies' + primary_resource_id: 'default' + vars: + backend_service_name: 'backend-service' + - !ruby/object:Provider::Terraform::Examples + name: 'backend_service_cache' +======= - name: 'backend_service_cache_include_http_headers' primary_resource_id: 'default' vars: @@ -85,15 +154,46 @@ examples: vars: backend_service_name: 'backend-service' - name: 'backend_service_cache' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: backend_service_name: 'backend-service' http_health_check_name: 'health-check' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'backend_service_cache_bypass_cache_on_request_headers' +======= - name: 'backend_service_cache_bypass_cache_on_request_headers' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: backend_service_name: 'backend-service' http_health_check_name: 'health-check' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'backend_service_traffic_director_round_robin' + min_version: beta + primary_resource_id: 'default' + vars: + backend_service_name: 'backend-service' + health_check_name: 'health-check' + - !ruby/object:Provider::Terraform::Examples + name: 'backend_service_traffic_director_ring_hash' + min_version: beta + primary_resource_id: 'default' + vars: + backend_service_name: 'backend-service' + health_check_name: 'health-check' + - !ruby/object:Provider::Terraform::Examples + name: 'backend_service_network_endpoint' + min_version: beta + primary_resource_id: 'default' + vars: + backend_service_name: 'backend-service' + neg_name: 'network-endpoint' + - !ruby/object:Provider::Terraform::Examples + name: 'backend_service_external_managed' +======= - name: 'backend_service_traffic_director_round_robin' primary_resource_id: 'default' min_version: 'beta' @@ -113,14 +213,35 @@ examples: backend_service_name: 'backend-service' neg_name: 'network-endpoint' - name: 'backend_service_external_managed' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: backend_service_name: 'backend-service' health_check_name: 'health-check' +<<<<<<< HEAD +iam_policy: !ruby/object:Api::Resource::IamPolicy + method_name_separator: '/' + fetch_iam_policy_verb: :GET + min_version: beta + iam_conditions_request_type: :QUERY_PARAM + parent_resource_attribute: 'name' + allowed_iam_role: 'roles/compute.admin' +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: 'templates/terraform/constants/backend_service.go.erb' + encoder: 'templates/terraform/encoders/backend_service.go.erb' + decoder: 'templates/terraform/decoders/backend_service.go.erb' + post_create: 'templates/terraform/post_create/compute_backend_service_security_policy.go.erb' + post_update: 'templates/terraform/post_create/compute_backend_service_security_policy.go.erb' +schema_version: 1 +properties: + - !ruby/object:Api::Type::Integer + name: 'affinityCookieTtlSec' +======= parameters: properties: - name: 'affinityCookieTtlSec' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Lifetime of cookies in seconds if session_affinity is GENERATED_COOKIE. If set to 0, the cookie is non-persistent and lasts @@ -128,6 +249,24 @@ properties: maximum allowed value for TTL is one day. When the load balancing scheme is INTERNAL, this field is not used. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'backend' + api_name: 'backends' + is_set: true + set_hash_func: 'resourceGoogleComputeBackendServiceBackendHash' + description: | + The set of backends that serve this BackendService. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Enum + name: 'balancingMode' + default_value: :UTILIZATION + values: + - :UTILIZATION + - :RATE + - :CONNECTION +======= - name: 'backend' type: Array description: | @@ -140,6 +279,7 @@ properties: properties: - name: 'balancingMode' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the balancing mode for this backend. @@ -149,6 +289,12 @@ properties: See the [Backend Services Overview](https://cloud.google.com/load-balancing/docs/backend-service#balancing-mode) for an explanation of load balancing modes. +<<<<<<< HEAD + - !ruby/object:Api::Type::Double + name: 'capacityScaler' + send_empty_value: true + default_value: 1.0 +======= default_value: "UTILIZATION" enum_values: - 'UTILIZATION' @@ -156,6 +302,7 @@ properties: - 'CONNECTION' - name: 'capacityScaler' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A multiplier applied to the group's maximum servicing capacity (based on UTILIZATION, RATE or CONNECTION). @@ -164,6 +311,15 @@ properties: of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available Capacity. Valid range is [0.0,1.0]. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'description' + description: | + An optional description of this resource. + Provide this property when you create the resource. + - !ruby/object:Api::Type::String + name: 'group' +======= send_empty_value: true default_value: 1.0 - name: 'description' @@ -173,6 +329,7 @@ properties: Provide this property when you create the resource. - name: 'group' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The fully-qualified URL of an Instance Group or Network Endpoint Group resource. In case of instance group this defines the list @@ -192,10 +349,18 @@ properties: Group resource using the fully-qualified URL, rather than a partial URL. required: true +<<<<<<< HEAD + custom_flatten: templates/terraform/custom_flatten/guard_self_link.go.erb + diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' + - !ruby/object:Api::Type::Integer + name: 'maxConnections' + default_from_api: true +======= diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' custom_flatten: 'templates/terraform/custom_flatten/guard_self_link.go.tmpl' - name: 'maxConnections' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The max number of simultaneous connections for the group. Can be used with either CONNECTION or UTILIZATION balancing modes. @@ -203,9 +368,15 @@ properties: For CONNECTION mode, either maxConnections or one of maxConnectionsPerInstance or maxConnectionsPerEndpoint, as appropriate for group type, must be set. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'maxConnectionsPerInstance' + default_from_api: true +======= default_from_api: true - name: 'maxConnectionsPerInstance' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The max number of simultaneous connections that a single backend instance can handle. This is used to calculate the @@ -214,9 +385,15 @@ properties: For CONNECTION mode, either maxConnections or maxConnectionsPerInstance must be set. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'maxConnectionsPerEndpoint' + default_from_api: true +======= default_from_api: true - name: 'maxConnectionsPerEndpoint' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The max number of simultaneous connections that a single backend network endpoint can handle. This is used to calculate the @@ -225,9 +402,15 @@ properties: For CONNECTION mode, either maxConnections or maxConnectionsPerEndpoint must be set. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'maxRate' + default_from_api: true +======= default_from_api: true - name: 'maxRate' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The max requests per second (RPS) of the group. @@ -235,22 +418,44 @@ properties: but required if RATE mode. For RATE mode, either maxRate or one of maxRatePerInstance or maxRatePerEndpoint, as appropriate for group type, must be set. +<<<<<<< HEAD + - !ruby/object:Api::Type::Double + name: 'maxRatePerInstance' + default_from_api: true +======= default_from_api: true - name: 'maxRatePerInstance' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The max requests per second (RPS) that a single backend instance can handle. This is used to calculate the capacity of the group. Can be used in either balancing mode. For RATE mode, either maxRate or maxRatePerInstance must be set. +<<<<<<< HEAD + - !ruby/object:Api::Type::Double + name: 'maxRatePerEndpoint' + default_from_api: true +======= default_from_api: true - name: 'maxRatePerEndpoint' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The max requests per second (RPS) that a single backend network endpoint can handle. This is used to calculate the capacity of the group. Can be used in either balancing mode. For RATE mode, either maxRate or maxRatePerEndpoint must be set. +<<<<<<< HEAD + - !ruby/object:Api::Type::Double + name: 'maxUtilization' + default_from_api: true + description: | + Used when balancingMode is UTILIZATION. This ratio defines the + CPU utilization target for the group. Valid range is [0.0, 1.0]. + - !ruby/object:Api::Type::NestedObject + name: 'circuitBreakers' +======= default_from_api: true - name: 'maxUtilization' type: Double @@ -260,10 +465,34 @@ properties: default_from_api: true - name: 'circuitBreakers' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Settings controlling the volume of connections to a backend service. This field is applicable only when the load_balancing_scheme is set to INTERNAL_SELF_MANAGED. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'connectTimeout' + min_version: beta + at_least_one_of: + - circuit_breakers.0.connect_timeout + - circuit_breakers.0.max_requests_per_connection + - circuit_breakers.0.max_connections + - circuit_breakers.0.max_pending_requests + - circuit_breakers.0.max_requests + - circuit_breakers.0.max_retries + description: | + The timeout for new network connections to hosts. + properties: + - !ruby/object:Api::Type::Integer + name: 'seconds' + required: true + description: | + Span of time at a resolution of a second. + Must be from 0 to 315,576,000,000 inclusive. + - !ruby/object:Api::Type::Integer + name: 'nanos' +======= - name: 'connectTimeout' type: NestedObject description: | @@ -285,18 +514,94 @@ properties: required: true - name: 'nanos' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'maxRequestsPerConnection' + at_least_one_of: + - circuit_breakers.0.connect_timeout + - circuit_breakers.0.max_requests_per_connection + - circuit_breakers.0.max_connections + - circuit_breakers.0.max_pending_requests + - circuit_breakers.0.max_requests + - circuit_breakers.0.max_retries +======= - name: 'maxRequestsPerConnection' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Maximum requests for a single backend connection. This parameter is respected by both the HTTP/1.1 and HTTP/2 implementations. If not specified, there is no limit. Setting this parameter to 1 will effectively disable keep alive. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'maxConnections' + default_value: 1024 + at_least_one_of: + - circuit_breakers.0.connect_timeout + - circuit_breakers.0.max_requests_per_connection + - circuit_breakers.0.max_connections + - circuit_breakers.0.max_pending_requests + - circuit_breakers.0.max_requests + - circuit_breakers.0.max_retries + description: | + The maximum number of connections to the backend cluster. + Defaults to 1024. + - !ruby/object:Api::Type::Integer + name: 'maxPendingRequests' + default_value: 1024 + at_least_one_of: + - circuit_breakers.0.connect_timeout + - circuit_breakers.0.max_requests_per_connection + - circuit_breakers.0.max_connections + - circuit_breakers.0.max_pending_requests + - circuit_breakers.0.max_requests + - circuit_breakers.0.max_retries + description: | + The maximum number of pending requests to the backend cluster. + Defaults to 1024. + - !ruby/object:Api::Type::Integer + name: 'maxRequests' + default_value: 1024 + at_least_one_of: + - circuit_breakers.0.connect_timeout + - circuit_breakers.0.max_requests_per_connection + - circuit_breakers.0.max_connections + - circuit_breakers.0.max_pending_requests + - circuit_breakers.0.max_requests + - circuit_breakers.0.max_retries + description: | + The maximum number of parallel requests to the backend cluster. + Defaults to 1024. + - !ruby/object:Api::Type::Integer + name: 'maxRetries' + default_value: 3 + at_least_one_of: + - circuit_breakers.0.connect_timeout + - circuit_breakers.0.max_requests_per_connection + - circuit_breakers.0.max_connections + - circuit_breakers.0.max_pending_requests + - circuit_breakers.0.max_requests + - circuit_breakers.0.max_retries + description: | + The maximum number of parallel retries to the backend cluster. + Defaults to 3. + - !ruby/object:Api::Type::Enum + name: 'compressionMode' + description: | + Compress text responses using Brotli or gzip compression, based on the client's Accept-Encoding header. + values: + - :AUTOMATIC + - :DISABLED + - !ruby/object:Api::Type::NestedObject + name: 'consistentHash' +======= at_least_one_of: - 'circuit_breakers.0.connect_timeout' - 'circuit_breakers.0.max_requests_per_connection' @@ -365,6 +670,7 @@ properties: - 'DISABLED' - name: 'consistentHash' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing @@ -375,13 +681,42 @@ properties: INTERNAL_SELF_MANAGED. This field is only applicable when locality_lb_policy is set to MAGLEV or RING_HASH. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'httpCookie' + at_least_one_of: + - consistent_hash.0.http_cookie + - consistent_hash.0.http_header_name + - consistent_hash.0.minimum_ring_size +======= - name: 'httpCookie' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE. +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::NestedObject + name: 'ttl' + at_least_one_of: + - consistent_hash.0.http_cookie.0.ttl + - consistent_hash.0.http_cookie.0.name + - consistent_hash.0.http_cookie.0.path + description: | + Lifetime of the cookie. + properties: + - !ruby/object:Api::Type::Integer + name: 'seconds' + required: true + description: | + Span of time at a resolution of a second. + Must be from 0 to 315,576,000,000 inclusive. + - !ruby/object:Api::Type::Integer + name: 'nanos' +======= at_least_one_of: - 'consistent_hash.0.http_cookie' - 'consistent_hash.0.http_header_name' @@ -404,11 +739,46 @@ properties: required: true - name: 'nanos' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'name' + at_least_one_of: + - consistent_hash.0.http_cookie.0.ttl + - consistent_hash.0.http_cookie.0.name + - consistent_hash.0.http_cookie.0.path + description: | + Name of the cookie. + - !ruby/object:Api::Type::String + name: 'path' + at_least_one_of: + - consistent_hash.0.http_cookie.0.ttl + - consistent_hash.0.http_cookie.0.name + - consistent_hash.0.http_cookie.0.path + description: | + Path to set for the cookie. + - !ruby/object:Api::Type::String + name: 'httpHeaderName' + at_least_one_of: + - consistent_hash.0.http_cookie + - consistent_hash.0.http_header_name + - consistent_hash.0.minimum_ring_size + description: | + The hash based on the value of the specified header field. + This field is applicable if the sessionAffinity is set to HEADER_FIELD. + - !ruby/object:Api::Type::Integer + name: 'minimumRingSize' + default_value: 1024 + at_least_one_of: + - consistent_hash.0.http_cookie + - consistent_hash.0.http_header_name + - consistent_hash.0.minimum_ring_size +======= - name: 'name' type: String description: | @@ -436,6 +806,7 @@ properties: - 'consistent_hash.0.minimum_ring_size' - name: 'minimumRingSize' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The minimum number of virtual nodes to use for the hash ring. Larger ring sizes result in more granular load @@ -443,6 +814,57 @@ properties: is larger than the ring size, each host will be assigned a single virtual node. Defaults to 1024. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'cdnPolicy' + description: 'Cloud CDN configuration for this BackendService.' + default_from_api: true + properties: + - !ruby/object:Api::Type::NestedObject + name: 'cacheKeyPolicy' + description: 'The CacheKeyPolicy for this CdnPolicy.' + at_least_one_of: + - cdn_policy.0.cache_key_policy + - cdn_policy.0.signed_url_cache_max_age_sec + properties: + - !ruby/object:Api::Type::Boolean + name: 'includeHost' + send_empty_value: true + at_least_one_of: + - cdn_policy.0.cache_key_policy.0.include_host + - cdn_policy.0.cache_key_policy.0.include_protocol + - cdn_policy.0.cache_key_policy.0.include_query_string + - cdn_policy.0.cache_key_policy.0.query_string_blacklist + - cdn_policy.0.cache_key_policy.0.query_string_whitelist + - cdn_policy.0.cache_key_policy.0.include_http_headers + - cdn_policy.0.cache_key_policy.0.include_named_cookies + description: | + If true requests to different hosts will be cached separately. + - !ruby/object:Api::Type::Boolean + name: 'includeProtocol' + send_empty_value: true + at_least_one_of: + - cdn_policy.0.cache_key_policy.0.include_host + - cdn_policy.0.cache_key_policy.0.include_protocol + - cdn_policy.0.cache_key_policy.0.include_query_string + - cdn_policy.0.cache_key_policy.0.query_string_blacklist + - cdn_policy.0.cache_key_policy.0.query_string_whitelist + - cdn_policy.0.cache_key_policy.0.include_http_headers + - cdn_policy.0.cache_key_policy.0.include_named_cookies + description: | + If true, http and https requests will be cached separately. + - !ruby/object:Api::Type::Boolean + name: 'includeQueryString' + send_empty_value: true + at_least_one_of: + - cdn_policy.0.cache_key_policy.0.include_host + - cdn_policy.0.cache_key_policy.0.include_protocol + - cdn_policy.0.cache_key_policy.0.include_query_string + - cdn_policy.0.cache_key_policy.0.query_string_blacklist + - cdn_policy.0.cache_key_policy.0.query_string_whitelist + - cdn_policy.0.cache_key_policy.0.include_http_headers + - cdn_policy.0.cache_key_policy.0.include_named_cookies +======= at_least_one_of: - 'consistent_hash.0.http_cookie' - 'consistent_hash.0.http_header_name' @@ -488,6 +910,7 @@ properties: - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' - name: 'includeQueryString' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If true, include query string parameters in the cache key according to query_string_whitelist and @@ -496,6 +919,19 @@ properties: If false, the query string will be excluded from the cache key entirely. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'queryStringBlacklist' + send_empty_value: true + at_least_one_of: + - cdn_policy.0.cache_key_policy.0.include_host + - cdn_policy.0.cache_key_policy.0.include_protocol + - cdn_policy.0.cache_key_policy.0.include_query_string + - cdn_policy.0.cache_key_policy.0.query_string_blacklist + - cdn_policy.0.cache_key_policy.0.query_string_whitelist + - cdn_policy.0.cache_key_policy.0.include_http_headers + - cdn_policy.0.cache_key_policy.0.include_named_cookies +======= send_empty_value: true at_least_one_of: - 'cdn_policy.0.cache_key_policy.0.include_host' @@ -507,6 +943,7 @@ properties: - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' - name: 'queryStringBlacklist' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Names of query string parameters to exclude in cache keys. @@ -515,6 +952,20 @@ properties: '&' and '=' will be percent encoded and not treated as delimiters. is_set: true +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + send_empty_value: true + name: 'queryStringWhitelist' + at_least_one_of: + - cdn_policy.0.cache_key_policy.0.include_host + - cdn_policy.0.cache_key_policy.0.include_protocol + - cdn_policy.0.cache_key_policy.0.include_query_string + - cdn_policy.0.cache_key_policy.0.query_string_blacklist + - cdn_policy.0.cache_key_policy.0.query_string_whitelist + - cdn_policy.0.cache_key_policy.0.include_http_headers + - cdn_policy.0.cache_key_policy.0.include_named_cookies +======= send_empty_value: true at_least_one_of: - 'cdn_policy.0.cache_key_policy.0.include_host' @@ -528,6 +979,7 @@ properties: type: String - name: 'queryStringWhitelist' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Names of query string parameters to include in cache keys. @@ -536,6 +988,44 @@ properties: '&' and '=' will be percent encoded and not treated as delimiters. is_set: true +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'includeHttpHeaders' + send_empty_value: true + at_least_one_of: + - cdn_policy.0.cache_key_policy.0.include_host + - cdn_policy.0.cache_key_policy.0.include_protocol + - cdn_policy.0.cache_key_policy.0.include_query_string + - cdn_policy.0.cache_key_policy.0.query_string_blacklist + - cdn_policy.0.cache_key_policy.0.query_string_whitelist + - cdn_policy.0.cache_key_policy.0.include_http_headers + - cdn_policy.0.cache_key_policy.0.include_named_cookies + description: | + Allows HTTP request headers (by name) to be used in the + cache key. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'includeNamedCookies' + send_empty_value: true + at_least_one_of: + - cdn_policy.0.cache_key_policy.0.include_host + - cdn_policy.0.cache_key_policy.0.include_protocol + - cdn_policy.0.cache_key_policy.0.include_query_string + - cdn_policy.0.cache_key_policy.0.query_string_blacklist + - cdn_policy.0.cache_key_policy.0.query_string_whitelist + - cdn_policy.0.cache_key_policy.0.include_http_headers + - cdn_policy.0.cache_key_policy.0.include_named_cookies + description: | + Names of cookies to include in cache keys. + item_type: Api::Type::String + - !ruby/object:Api::Type::Integer + name: 'signedUrlCacheMaxAgeSec' + default_value: 3600 + at_least_one_of: + - cdn_policy.0.cache_key_policy + - cdn_policy.0.signed_url_cache_max_age_sec +======= send_empty_value: true at_least_one_of: - 'cdn_policy.0.cache_key_policy.0.include_host' @@ -580,6 +1070,7 @@ properties: type: String - name: 'signedUrlCacheMaxAgeSec' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Maximum number of seconds the response to a signed URL request will be considered fresh, defaults to 1hr (3600s). After this @@ -591,16 +1082,53 @@ properties: "Cache-Control: public, max-age=[TTL]" header, regardless of any existing Cache-Control header. The actual headers served in responses will not be altered. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'defaultTtl' +======= at_least_one_of: - 'cdn_policy.0.cache_key_policy' - 'cdn_policy.0.signed_url_cache_max_age_sec' default_value: 3600 - name: 'defaultTtl' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'maxTtl' + description: | + Specifies the maximum allowed TTL for cached content served by this origin. + default_from_api: true + - !ruby/object:Api::Type::Integer + name: 'clientTtl' + description: | + Specifies the maximum allowed TTL for cached content served by this origin. + default_from_api: true + - !ruby/object:Api::Type::Boolean + name: 'negativeCaching' + send_empty_value: true + description: | + Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. + default_from_api: true + - !ruby/object:Api::Type::Array + name: 'negativeCachingPolicy' + description: | + Sets a cache TTL for the specified HTTP status code. negativeCaching must be enabled to configure negativeCachingPolicy. + Omitting the policy and leaving negativeCaching enabled will use Cloud CDN's default cache TTLs. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Integer + name: 'code' + description: | + The HTTP status code to define a TTL against. Only HTTP status codes 300, 301, 308, 404, 405, 410, 421, 451 and 501 + can be specified as values, and you cannot specify a status code more than once. + - !ruby/object:Api::Type::Integer + name: 'ttl' +======= - name: 'maxTtl' type: Integer description: | @@ -632,10 +1160,43 @@ properties: can be specified as values, and you cannot specify a status code more than once. - name: 'ttl' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The TTL (in seconds) for which to cache responses with the corresponding status code. The maximum allowed value is 1800s (30 minutes), noting that infrequently accessed objects may be evicted from the cache before the defined TTL. send_empty_value: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'cacheMode' + description: | + Specifies the cache setting for all responses from this backend. + The possible values are: USE_ORIGIN_HEADERS, FORCE_CACHE_ALL and CACHE_ALL_STATIC + values: + - :USE_ORIGIN_HEADERS + - :FORCE_CACHE_ALL + - :CACHE_ALL_STATIC + default_from_api: true + - !ruby/object:Api::Type::Integer + name: 'serveWhileStale' + send_empty_value: true + description: | + Serve existing content from the cache (if available) when revalidating content with the origin, or when an error is encountered when refreshing the cache. + default_from_api: true + - !ruby/object:Api::Type::Array + name: 'bypassCacheOnRequestHeaders' + description: | + Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. + The cache is bypassed for all cdnPolicy.cacheMode settings. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'headerName' + required: true + description: | + The header field name to match on when bypassing cache. Values are case-insensitive. + - !ruby/object:Api::Type::NestedObject + name: 'connectionDraining' +======= - name: 'cacheMode' type: Enum description: | @@ -667,10 +1228,27 @@ properties: required: true - name: 'connectionDraining' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Settings for connection draining flatten_object: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'connection_draining_timeout_sec' + api_name: 'drainingTimeoutSec' + default_value: 300 + description: | + Time for which instance will be drained (not accept new + connections, but still work to finish started). + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: | + Creation timestamp in RFC3339 text format. + output: true + - !ruby/object:Api::Type::Array + name: 'customRequestHeaders' +======= - name: 'connection_draining_timeout_sec' type: Integer description: | @@ -685,18 +1263,46 @@ properties: output: true - name: 'customRequestHeaders' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Headers that the HTTP/S load balancer should add to proxied requests. is_set: true +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'customResponseHeaders' +======= item_type: type: String - name: 'customResponseHeaders' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Headers that the HTTP/S load balancer should add to proxied responses. is_set: true +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Fingerprint + name: 'fingerprint' + output: true + description: | + Fingerprint of this resource. A hash of the contents stored in this + object. This field is used in optimistic locking. + - !ruby/object:Api::Type::String + name: 'description' + description: | + An optional description of this resource. + - !ruby/object:Api::Type::Boolean + name: 'enableCDN' + description: | + If true, enable Cloud CDN for this BackendService. + - !ruby/object:Api::Type::Array + name: 'healthChecks' + min_size: 1 + max_size: 1 +======= item_type: type: String - name: 'fingerprint' @@ -715,6 +1321,7 @@ properties: If true, enable Cloud CDN for this BackendService. - name: 'healthChecks' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The set of URLs to the HttpHealthCheck or HttpsHealthCheck resource for health checking this BackendService. Currently at most one health @@ -726,6 +1333,19 @@ properties: For internal load balancing, a URL to a HealthCheck resource must be specified instead. is_set: true set_hash_func: 'tpgresource.SelfLinkRelativePathHash' +<<<<<<< HEAD + custom_flatten: templates/terraform/custom_flatten/guard_self_link_array.go.erb + item_type: Api::Type::String + - !ruby/object:Api::Type::Integer + name: 'generated_id' + api_name: 'id' + description: + 'The unique identifier for the resource. This identifier is defined by the + server.' + output: true + - !ruby/object:Api::Type::NestedObject + name: 'iap' +======= custom_flatten: 'templates/terraform/custom_flatten/guard_self_link_array.go.tmpl' item_type: type: String @@ -740,10 +1360,37 @@ properties: output: true - name: 'iap' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: Settings for enabling Cloud Identity Aware Proxy default_from_api: true send_empty_value: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'enabled' + required: true + description: Whether the serving infrastructure will authenticate and authorize all incoming requests. + - !ruby/object:Api::Type::String + name: 'oauth2ClientId' + description: | + OAuth2 Client ID for IAP + - !ruby/object:Api::Type::String + name: 'oauth2ClientSecret' + description: | + OAuth2 Client Secret for IAP + send_empty_value: true + ignore_read: true + sensitive: true + - !ruby/object:Api::Type::String + name: 'oauth2ClientSecretSha256' + output: true + description: | + OAuth2 Client Secret SHA-256 for IAP + sensitive: true + - !ruby/object:Api::Type::Enum + name: 'loadBalancingScheme' + immutable: true +======= - name: 'enabled' type: Boolean description: Whether the serving infrastructure will authenticate and authorize all incoming requests. @@ -767,11 +1414,33 @@ properties: output: true - name: 'loadBalancingScheme' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates whether the backend service will be used with internal or external load balancing. A backend service created for one type of load balancing cannot be used with the other. For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service). +<<<<<<< HEAD + default_value: :EXTERNAL + # If you're modifying this value, it probably means Global ILB is now + # an option. If that's the case, all of the documentation is based on + # this resource supporting external load balancing only. + values: + - :EXTERNAL + - :INTERNAL_SELF_MANAGED + - :INTERNAL_MANAGED + - :EXTERNAL_MANAGED + - !ruby/object:Api::Type::Enum + name: 'localityLbPolicy' + values: + - :ROUND_ROBIN + - :LEAST_REQUEST + - :RING_HASH + - :RANDOM + - :ORIGINAL_DESTINATION + - :MAGLEV + - :WEIGHTED_MAGLEV +======= immutable: true default_value: "EXTERNAL" # If you're modifying this value, it probably means Global ILB is now @@ -784,6 +1453,7 @@ properties: - 'EXTERNAL_MANAGED' - name: 'localityLbPolicy' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The load balancing algorithm used within the scope of the locality. The possible values are: @@ -841,6 +1511,10 @@ properties: Only ROUND_ROBIN and RING_HASH are supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validate_for_proxyless field set to true. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'localityLbPolicies' +======= enum_values: - 'ROUND_ROBIN' - 'LEAST_REQUEST' @@ -851,6 +1525,7 @@ properties: - 'WEIGHTED_MAGLEV' - name: 'localityLbPolicies' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of locality load balancing policies to be used in order of preference. Either the policy or the customPolicy field should be set. @@ -859,6 +1534,32 @@ properties: localityLbPolicies is only supported when the BackendService is referenced by a URL Map that is referenced by a target gRPC proxy that has the validateForProxyless field set to true. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + name: 'localityLbPolicyConfig' + description: | + Container for either a built-in LB policy supported by gRPC or Envoy or + a custom one implemented by the end user. + properties: + - !ruby/object:Api::Type::NestedObject + name: 'policy' + exactly_one_of: + - policy + - customPolicy + description: | + The configuration for a built-in load balancing policy. + properties: + - !ruby/object:Api::Type::Enum + name: 'name' + required: true + values: + - :ROUND_ROBIN + - :LEAST_REQUEST + - :RING_HASH + - :RANDOM + - :ORIGINAL_DESTINATION + - :MAGLEV +======= item_type: description: | Container for either a built-in LB policy supported by gRPC or Envoy or @@ -875,6 +1576,7 @@ properties: properties: - name: 'name' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of a locality load balancer policy to be used. The value should be one of the predefined ones as supported by localityLbPolicy, @@ -911,6 +1613,20 @@ properties: Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, refer to https://ai.google/research/pubs/pub44824 +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'customPolicy' + exactly_one_of: + - policy + - customPolicy + description: | + The configuration for a custom policy implemented by the user and + deployed with the client. + properties: + - !ruby/object:Api::Type::String + name: 'name' + required: true +======= required: true enum_values: - 'ROUND_ROBIN' @@ -930,6 +1646,7 @@ properties: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Identifies the custom policy. @@ -940,6 +1657,17 @@ properties: Note that specifying the same custom policy more than once for a backend is not a valid configuration and will be rejected. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'data' + description: | + An optional, arbitrary JSON object with configuration data, understood + by a locally installed custom policy implementation. + - !ruby/object:Api::Type::String + name: 'name' + required: true + immutable: true +======= required: true - name: 'data' type: String @@ -948,6 +1676,7 @@ properties: by a locally installed custom policy implementation. - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -956,21 +1685,54 @@ properties: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'outlierDetection' +======= required: true immutable: true - name: 'outlierDetection' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Settings controlling eviction of unhealthy hosts from the load balancing pool. Applicable backend service types can be a global backend service with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL_MANAGED. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'baseEjectionTime' + at_least_one_of: + - outlier_detection.0.base_ejection_time + - outlier_detection.0.consecutive_errors + - outlier_detection.0.consecutive_gateway_failure + - outlier_detection.0.enforcing_consecutive_errors + - outlier_detection.0.enforcing_consecutive_gateway_failure + - outlier_detection.0.enforcing_success_rate + - outlier_detection.0.interval + - outlier_detection.0.max_ejection_percent + - outlier_detection.0.success_rate_minimum_hosts + - outlier_detection.0.success_rate_request_volume + - outlier_detection.0.success_rate_stdev_factor +======= - name: 'baseEjectionTime' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The base time that a host is ejected for. The real time is equal to the base time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s. +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::Integer + name: 'seconds' + required: true + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 + inclusive. + - !ruby/object:Api::Type::Integer + name: 'nanos' +======= at_least_one_of: - 'outlier_detection.0.base_ejection_time' - 'outlier_detection.0.consecutive_errors' @@ -992,16 +1754,50 @@ properties: required: true - name: 'nanos' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'consecutiveErrors' + at_least_one_of: + - outlier_detection.0.base_ejection_time + - outlier_detection.0.consecutive_errors + - outlier_detection.0.consecutive_gateway_failure + - outlier_detection.0.enforcing_consecutive_errors + - outlier_detection.0.enforcing_consecutive_gateway_failure + - outlier_detection.0.enforcing_success_rate + - outlier_detection.0.interval + - outlier_detection.0.max_ejection_percent + - outlier_detection.0.success_rate_minimum_hosts + - outlier_detection.0.success_rate_request_volume + - outlier_detection.0.success_rate_stdev_factor +======= - name: 'consecutiveErrors' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Number of errors before a host is ejected from the connection pool. When the backend host is accessed over HTTP, a 5xx return code qualifies as an error. Defaults to 5. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'consecutiveGatewayFailure' + at_least_one_of: + - outlier_detection.0.base_ejection_time + - outlier_detection.0.consecutive_errors + - outlier_detection.0.consecutive_gateway_failure + - outlier_detection.0.enforcing_consecutive_errors + - outlier_detection.0.enforcing_consecutive_gateway_failure + - outlier_detection.0.enforcing_success_rate + - outlier_detection.0.interval + - outlier_detection.0.max_ejection_percent + - outlier_detection.0.success_rate_minimum_hosts + - outlier_detection.0.success_rate_request_volume + - outlier_detection.0.success_rate_stdev_factor +======= at_least_one_of: - 'outlier_detection.0.base_ejection_time' - 'outlier_detection.0.consecutive_errors' @@ -1016,10 +1812,27 @@ properties: - 'outlier_detection.0.success_rate_stdev_factor' - name: 'consecutiveGatewayFailure' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The number of consecutive gateway failures (502, 503, 504 status or connection errors that are mapped to one of those status codes) before a consecutive gateway failure ejection occurs. Defaults to 5. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'enforcingConsecutiveErrors' + at_least_one_of: + - outlier_detection.0.base_ejection_time + - outlier_detection.0.consecutive_errors + - outlier_detection.0.consecutive_gateway_failure + - outlier_detection.0.enforcing_consecutive_errors + - outlier_detection.0.enforcing_consecutive_gateway_failure + - outlier_detection.0.enforcing_success_rate + - outlier_detection.0.interval + - outlier_detection.0.max_ejection_percent + - outlier_detection.0.success_rate_minimum_hosts + - outlier_detection.0.success_rate_request_volume + - outlier_detection.0.success_rate_stdev_factor +======= at_least_one_of: - 'outlier_detection.0.base_ejection_time' - 'outlier_detection.0.consecutive_errors' @@ -1034,10 +1847,27 @@ properties: - 'outlier_detection.0.success_rate_stdev_factor' - name: 'enforcingConsecutiveErrors' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The percentage chance that a host will be actually ejected when an outlier status is detected through consecutive 5xx. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'enforcingConsecutiveGatewayFailure' + at_least_one_of: + - outlier_detection.0.base_ejection_time + - outlier_detection.0.consecutive_errors + - outlier_detection.0.consecutive_gateway_failure + - outlier_detection.0.enforcing_consecutive_errors + - outlier_detection.0.enforcing_consecutive_gateway_failure + - outlier_detection.0.enforcing_success_rate + - outlier_detection.0.interval + - outlier_detection.0.max_ejection_percent + - outlier_detection.0.success_rate_minimum_hosts + - outlier_detection.0.success_rate_request_volume + - outlier_detection.0.success_rate_stdev_factor +======= at_least_one_of: - 'outlier_detection.0.base_ejection_time' - 'outlier_detection.0.consecutive_errors' @@ -1052,10 +1882,27 @@ properties: - 'outlier_detection.0.success_rate_stdev_factor' - name: 'enforcingConsecutiveGatewayFailure' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The percentage chance that a host will be actually ejected when an outlier status is detected through consecutive gateway failures. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 0. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'enforcingSuccessRate' + at_least_one_of: + - outlier_detection.0.base_ejection_time + - outlier_detection.0.consecutive_errors + - outlier_detection.0.consecutive_gateway_failure + - outlier_detection.0.enforcing_consecutive_errors + - outlier_detection.0.enforcing_consecutive_gateway_failure + - outlier_detection.0.enforcing_success_rate + - outlier_detection.0.interval + - outlier_detection.0.max_ejection_percent + - outlier_detection.0.success_rate_minimum_hosts + - outlier_detection.0.success_rate_request_volume + - outlier_detection.0.success_rate_stdev_factor +======= at_least_one_of: - 'outlier_detection.0.base_ejection_time' - 'outlier_detection.0.consecutive_errors' @@ -1070,10 +1917,39 @@ properties: - 'outlier_detection.0.success_rate_stdev_factor' - name: 'enforcingSuccessRate' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The percentage chance that a host will be actually ejected when an outlier status is detected through success rate statistics. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'interval' + at_least_one_of: + - outlier_detection.0.base_ejection_time + - outlier_detection.0.consecutive_errors + - outlier_detection.0.consecutive_gateway_failure + - outlier_detection.0.enforcing_consecutive_errors + - outlier_detection.0.enforcing_consecutive_gateway_failure + - outlier_detection.0.enforcing_success_rate + - outlier_detection.0.interval + - outlier_detection.0.max_ejection_percent + - outlier_detection.0.success_rate_minimum_hosts + - outlier_detection.0.success_rate_request_volume + - outlier_detection.0.success_rate_stdev_factor + description: | + Time interval between ejection sweep analysis. This can result in both new + ejections as well as hosts being returned to service. Defaults to 10 seconds. + properties: + - !ruby/object:Api::Type::Integer + name: 'seconds' + required: true + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 + inclusive. + - !ruby/object:Api::Type::Integer + name: 'nanos' +======= at_least_one_of: - 'outlier_detection.0.base_ejection_time' - 'outlier_detection.0.consecutive_errors' @@ -1112,10 +1988,44 @@ properties: required: true - name: 'nanos' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'maxEjectionPercent' + at_least_one_of: + - outlier_detection.0.base_ejection_time + - outlier_detection.0.consecutive_errors + - outlier_detection.0.consecutive_gateway_failure + - outlier_detection.0.enforcing_consecutive_errors + - outlier_detection.0.enforcing_consecutive_gateway_failure + - outlier_detection.0.enforcing_success_rate + - outlier_detection.0.interval + - outlier_detection.0.max_ejection_percent + - outlier_detection.0.success_rate_minimum_hosts + - outlier_detection.0.success_rate_request_volume + - outlier_detection.0.success_rate_stdev_factor + description: | + Maximum percentage of hosts in the load balancing pool for the backend service + that can be ejected. Defaults to 10%. + - !ruby/object:Api::Type::Integer + name: 'successRateMinimumHosts' + at_least_one_of: + - outlier_detection.0.base_ejection_time + - outlier_detection.0.consecutive_errors + - outlier_detection.0.consecutive_gateway_failure + - outlier_detection.0.enforcing_consecutive_errors + - outlier_detection.0.enforcing_consecutive_gateway_failure + - outlier_detection.0.enforcing_success_rate + - outlier_detection.0.interval + - outlier_detection.0.max_ejection_percent + - outlier_detection.0.success_rate_minimum_hosts + - outlier_detection.0.success_rate_request_volume + - outlier_detection.0.success_rate_stdev_factor +======= - name: 'maxEjectionPercent' type: Integer description: | @@ -1135,11 +2045,28 @@ properties: - 'outlier_detection.0.success_rate_stdev_factor' - name: 'successRateMinimumHosts' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The number of hosts in a cluster that must have enough request volume to detect success rate outliers. If the number of hosts is less than this setting, outlier detection via success rate statistics is not performed for any host in the cluster. Defaults to 5. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'successRateRequestVolume' + at_least_one_of: + - outlier_detection.0.base_ejection_time + - outlier_detection.0.consecutive_errors + - outlier_detection.0.consecutive_gateway_failure + - outlier_detection.0.enforcing_consecutive_errors + - outlier_detection.0.enforcing_consecutive_gateway_failure + - outlier_detection.0.enforcing_success_rate + - outlier_detection.0.interval + - outlier_detection.0.max_ejection_percent + - outlier_detection.0.success_rate_minimum_hosts + - outlier_detection.0.success_rate_request_volume + - outlier_detection.0.success_rate_stdev_factor +======= at_least_one_of: - 'outlier_detection.0.base_ejection_time' - 'outlier_detection.0.consecutive_errors' @@ -1154,12 +2081,29 @@ properties: - 'outlier_detection.0.success_rate_stdev_factor' - name: 'successRateRequestVolume' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'successRateStdevFactor' + at_least_one_of: + - outlier_detection.0.base_ejection_time + - outlier_detection.0.consecutive_errors + - outlier_detection.0.consecutive_gateway_failure + - outlier_detection.0.enforcing_consecutive_errors + - outlier_detection.0.enforcing_consecutive_gateway_failure + - outlier_detection.0.enforcing_success_rate + - outlier_detection.0.interval + - outlier_detection.0.max_ejection_percent + - outlier_detection.0.success_rate_minimum_hosts + - outlier_detection.0.success_rate_request_volume + - outlier_detection.0.success_rate_stdev_factor +======= at_least_one_of: - 'outlier_detection.0.base_ejection_time' - 'outlier_detection.0.consecutive_errors' @@ -1174,6 +2118,7 @@ properties: - 'outlier_detection.0.success_rate_stdev_factor' - name: 'successRateStdevFactor' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success @@ -1181,6 +2126,11 @@ properties: success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900. +<<<<<<< HEAD + # 'port' is deprecated + - !ruby/object:Api::Type::String + name: 'portName' +======= at_least_one_of: - 'outlier_detection.0.base_ejection_time' - 'outlier_detection.0.consecutive_errors' @@ -1196,19 +2146,49 @@ properties: # 'port' is deprecated - name: 'portName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of backend port. The same name should appear in the instance groups referenced by this service. Required when the load balancing scheme is EXTERNAL. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'protocol' +======= - name: 'protocol' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The protocol this BackendService uses to communicate with backends. The default is HTTP. **NOTE**: HTTP2 is only valid for beta HTTP/2 load balancer types and may result in errors if used with the GA API. **NOTE**: With protocol “UNSPECIFIED”, the backend service can be used by Layer 4 Internal Load Balancing or Network Load Balancing with TCP/UDP/L3_DEFAULT Forwarding Rule protocol. +<<<<<<< HEAD + values: + - :HTTP + - :HTTPS + - :HTTP2 + - :TCP + - :SSL + - :GRPC + - :UNSPECIFIED + # TODO: make a ResourceRef to Security Policy + default_from_api: true + - !ruby/object:Api::Type::String + name: 'securityPolicy' + description: | + The security policy associated with this backend service. + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - !ruby/object:Api::Type::String + name: 'edgeSecurityPolicy' + description: | + The resource URL for the edge security policy associated with this backend service. + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - !ruby/object:Api::Type::NestedObject + name: 'securitySettings' +======= # TODO: make a ResourceRef to Security Policy default_from_api: true enum_values: @@ -1231,35 +2211,93 @@ properties: diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - name: 'securitySettings' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The security settings that apply to this backend service. This field is applicable to either a regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED; or a global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: 'clientTlsPolicy' + resource: 'ClientTlsPolicy' + imports: 'name' +======= - name: 'clientTlsPolicy' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | ClientTlsPolicy is a resource that specifies how a client should authenticate connections to backends of a service. This resource itself does not affect configuration unless it is attached to a backend service resource. diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'subjectAltNames' +======= resource: 'ClientTlsPolicy' imports: 'name' - name: 'subjectAltNames' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of alternate names to verify the subject identity in the certificate. If specified, the client will verify that the server certificate's subject alt name matches one of the specified values. +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::NestedObject + name: 'awsV4Authentication' +======= item_type: type: String - name: 'awsV4Authentication' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The configuration needed to generate a signature for access to private storage buckets that support AWS's Signature Version 4 for authentication. Allowed only for INTERNET_IP_PORT and INTERNET_FQDN_PORT NEG backends. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'accessKeyId' + description: | + The identifier of an access key used for s3 bucket authentication. + - !ruby/object:Api::Type::String + name: 'accessKey' + ignore_read: true + sensitive: true + send_empty_value: true + description: | + The access key used for s3 bucket authentication. + Required for updating or creating a backend that uses AWS v4 signature authentication, but will not be returned as part of the configuration when queried with a REST API GET request. + - !ruby/object:Api::Type::String + name: 'accessKeyVersion' + description: | + The optional version identifier for the access key. You can use this to keep track of different iterations of your access key. + - !ruby/object:Api::Type::String + name: 'originRegion' + description: | + The name of the cloud region of your origin. This is a free-form field with the name of the region your cloud uses to host your origin. + For example, "us-east-1" for AWS or "us-ashburn-1" for OCI. + - !ruby/object:Api::Type::Enum + name: 'sessionAffinity' + description: | + Type of session affinity to use. The default is NONE. Session affinity is + not applicable if the protocol is UDP. + values: + - :NONE + - :CLIENT_IP + - :CLIENT_IP_PORT_PROTO + - :CLIENT_IP_PROTO + - :GENERATED_COOKIE + - :HEADER_FIELD + - :HTTP_COOKIE + default_from_api: true + - !ruby/object:Api::Type::Integer + name: 'timeoutSec' +======= - name: 'accessKeyId' type: String description: | @@ -1297,19 +2335,40 @@ properties: - 'HTTP_COOKIE' - name: 'timeoutSec' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The backend service timeout has a different meaning depending on the type of load balancer. For more information see, [Backend service settings](https://cloud.google.com/compute/docs/reference/rest/v1/backendServices). The default is 30 seconds. The full range of timeout values allowed goes from 1 through 2,147,483,647 seconds. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'logConfig' +======= - name: 'logConfig' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver. default_from_api: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'enable' + at_least_one_of: + - log_config.0.enable + - log_config.0.sample_rate + description: | + Whether to enable logging for the load balancer traffic served by this backend service. + send_empty_value: true + - !ruby/object:Api::Type::Double + name: 'sampleRate' + at_least_one_of: + - log_config.0.enable + - log_config.0.sample_rate +======= - name: 'enable' type: Boolean description: | @@ -1320,11 +2379,18 @@ properties: - 'log_config.0.sample_rate' - name: 'sampleRate' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0. +<<<<<<< HEAD + default_value: 1.0 + diff_suppress_func: 'suppressWhenDisabled' + - !ruby/object:Api::Type::String + name: 'serviceLbPolicy' +======= at_least_one_of: - 'log_config.0.enable' - 'log_config.0.sample_rate' @@ -1332,6 +2398,7 @@ properties: default_value: 1.0 - name: 'serviceLbPolicy' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | URL to networkservices.ServiceLbPolicy resource. Can only be set if load balancing scheme is EXTERNAL, EXTERNAL_MANAGED, INTERNAL_MANAGED or INTERNAL_SELF_MANAGED and the scope is global. diff --git a/mmv1/products/compute/BackendServiceSignedUrlKey.yaml b/mmv1/products/compute/BackendServiceSignedUrlKey.yaml index b19dc02e4b55..f6cbdb8c75ee 100644 --- a/mmv1/products/compute/BackendServiceSignedUrlKey.yaml +++ b/mmv1/products/compute/BackendServiceSignedUrlKey.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,21 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'BackendServiceSignedUrlKey' +kind: 'compute#BackendServiceSignedUrlKey' +immutable: true +base_url: projects/{{project}}/global/backendServices/{{backend_service}} +create_url: projects/{{project}}/global/backendServices/{{backend_service}}/addSignedUrlKey +create_verb: :POST +delete_url: projects/{{project}}/global/backendServices/{{backend_service}}/deleteSignedUrlKey?keyName={{name}} +delete_verb: :POST +self_link: projects/{{project}}/global/backendServices/{{backend_service}} +identity: + - name +nested_query: !ruby/object:Api::Resource::NestedQuery +======= --- name: 'BackendServiceSignedUrlKey' kind: 'compute#BackendServiceSignedUrlKey' @@ -50,30 +69,89 @@ async: identity: - name nested_query: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 keys: - cdnPolicy - signedUrlKeyNames is_list_of_ids: true +<<<<<<< HEAD +description: | + A key for signing Cloud CDN signed URLs for Backend Services. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Using Signed URLs': 'https://cloud.google.com/cdn/docs/using-signed-urls/' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/backendServices' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +exclude_import: true +exclude_tgc: true +mutex: signedUrlKey/{{project}}/backendServices/{{backend_service}}/ +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'backend_service_signed_url_key' + external_providers: ["random", "time"] +======= modify_by_patch: false custom_code: exclude_tgc: true examples: - name: 'backend_service_signed_url_key' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'backend_key' vars: key_name: 'test-key' backend_name: 'my-backend-service' igm_name: 'my-webservers' +<<<<<<< HEAD + skip_test: true +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'backendService' + resource: 'BackendService' + imports: 'name' +======= external_providers: ["random", "time"] exclude_test: true parameters: - name: 'backendService' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The backend service this signed URL key belongs. required: true immutable: true ignore_read: true +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::String + name: 'name' + api_name: 'keyName' + description: | + Name of the signed URL key. + required: true + immutable: true + validation: !ruby/object:Provider::Terraform::Validation + regex: '^(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?)$' + - !ruby/object:Api::Type::String + name: 'keyValue' +======= custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'BackendService' imports: 'name' @@ -89,10 +167,16 @@ properties: regex: '^(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?)$' - name: 'keyValue' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | 128-bit key value used for signing the URL. The key value must be a valid RFC 4648 Section 5 base64url encoded string. required: true immutable: true +<<<<<<< HEAD + sensitive: true + ignore_read: true +======= ignore_read: true sensitive: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/Disk.yaml b/mmv1/products/compute/Disk.yaml index 1e2e8ba7b787..b1cc736225bd 100644 --- a/mmv1/products/compute/Disk.yaml +++ b/mmv1/products/compute/Disk.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,9 +15,19 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Disk' +kind: 'compute#disk' +immutable: true +base_url: projects/{{project}}/zones/{{zone}}/disks +collection_url_key: 'items' +has_self_link: true +======= --- name: 'Disk' kind: 'compute#disk' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Persistent disks are durable storage devices that function similarly to the physical disks in a desktop or a server. Compute Engine manages the @@ -30,6 +44,96 @@ description: | Add a persistent disk to your instance when you need reliable and affordable storage with consistent performance characteristics. +<<<<<<< HEAD +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Adding a persistent disk': 'https://cloud.google.com/compute/docs/disks/add-persistent-disk' + api: 'https://cloud.google.com/compute/docs/reference/v1/disks' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +custom_code: !ruby/object:Provider::Terraform::CustomCode + pre_delete: templates/terraform/pre_delete/detach_disk.erb + constants: templates/terraform/constants/disk.erb + encoder: templates/terraform/encoders/disk.erb + decoder: templates/terraform/decoders/disk.erb + update_encoder: templates/terraform/update_encoder/hyper_disk.go.erb +custom_diff: [ + 'customdiff.ForceNewIfChange("size", IsDiskShrinkage)', + 'hyperDiskIopsUpdateDiffSupress', +] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'disk_basic' + primary_resource_id: 'default' + primary_resource_name: "fmt.Sprintf(\"tf-test-test-disk%s\", + context[\"random_suffix\"\ + ])" + vars: + disk_name: 'test-disk' + - !ruby/object:Provider::Terraform::Examples + name: 'disk_async' + primary_resource_id: 'primary' + primary_resource_name: "fmt.Sprintf(\"tf-test-test-disk%s\", + context[\"random_suffix\"\ + ])" + vars: + disk_name: 'async-test-disk' + secondary_disk_name: 'async-secondary-test-disk' + - !ruby/object:Provider::Terraform::Examples + name: 'disk_features' + primary_resource_id: 'default' + primary_resource_name: "fmt.Sprintf(\"tf-test-test-disk%s\", + context[\"random_suffix\"\ + ])" + vars: + disk_name: 'test-disk-features' +iam_policy: !ruby/object:Api::Resource::IamPolicy + method_name_separator: '/' + fetch_iam_policy_verb: :GET + parent_resource_attribute: 'name' + import_format: + ['projects/{{project}}/zones/{{zone}}/disks/{{name}}', '{{name}}'] + base_url: projects/{{project}}/zones/{{zone}}/disks/{{name}} +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'zone' + resource: 'Zone' + imports: 'name' + description: 'A reference to the zone where the disk resides.' + required: false + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::NestedObject + name: 'sourceImageEncryptionKey' + description: | + The customer-supplied encryption key of the source image. Required if + the source image is protected by a customer-supplied encryption key. + properties: + - !ruby/object:Api::Type::String + name: 'rawKey' + description: | + Specifies a 256-bit customer-supplied encryption key, encoded in + RFC 4648 base64 to either encrypt or decrypt this resource. + - !ruby/object:Api::Type::String + name: 'sha256' +======= references: guides: 'Adding a persistent disk': 'https://cloud.google.com/compute/docs/disks/add-persistent-disk' @@ -114,19 +218,37 @@ parameters: RFC 4648 base64 to either encrypt or decrypt this resource. - name: 'sha256' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource. output: true # TODO(chrisst) Change to ResourceRef once KMS is in Magic Modules +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'kmsKeySelfLink' + api_name: 'kmsKeyName' +======= - name: 'kmsKeySelfLink' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The self link of the encryption key used to encrypt the disk. Also called KmsKeyName in the cloud console. Your project's Compute Engine System service account (`service-{{PROJECT_NUMBER}}@compute-system.iam.gserviceaccount.com`) must have `roles/cloudkms.cryptoKeyEncrypterDecrypter` to use this feature. See https://cloud.google.com/compute/docs/disks/customer-managed-encryption#encrypt_a_new_persistent_disk_with_your_own_keys +<<<<<<< HEAD + diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' + - !ruby/object:Api::Type::String + name: 'kmsKeyServiceAccount' + description: | + The service account used for the encryption request for the given KMS key. + If absent, the Compute Engine Service Agent service account is used. + immutable: true + - !ruby/object:Api::Type::String + name: 'sourceImageId' +======= api_name: kmsKeyName diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - name: 'kmsKeyServiceAccount' @@ -136,6 +258,7 @@ parameters: If absent, the Compute Engine Service Agent service account is used. - name: 'sourceImageId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent @@ -143,8 +266,13 @@ parameters: that was later deleted and recreated under the same name, the source image ID would identify the exact version of the image that was used. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'diskEncryptionKey' +======= - name: 'diskEncryptionKey' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Encrypts the disk using a customer-supplied encryption key. @@ -158,35 +286,72 @@ parameters: If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::String + name: 'rawKey' +======= immutable: true properties: - name: 'rawKey' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. sensitive: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'rsaEncryptedKey' +======= - name: 'rsaEncryptedKey' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. sensitive: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'sha256' +======= - name: 'sha256' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource. output: true +<<<<<<< HEAD + # TODO(chrisst) Change to ResourceRef once KMS is in Magic Modules + - !ruby/object:Api::Type::String + name: 'kmsKeySelfLink' + api_name: 'kmsKeyName' +======= - name: 'kmsKeySelfLink' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The self link of the encryption key used to encrypt the disk. Also called KmsKeyName in the cloud console. Your project's Compute Engine System service account (`service-{{PROJECT_NUMBER}}@compute-system.iam.gserviceaccount.com`) must have `roles/cloudkms.cryptoKeyEncrypterDecrypter` to use this feature. See https://cloud.google.com/compute/docs/disks/customer-managed-encryption#encrypt_a_new_persistent_disk_with_your_own_keys +<<<<<<< HEAD + diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' + - !ruby/object:Api::Type::String + name: 'kmsKeyServiceAccount' + description: | + The service account used for the encryption request for the given KMS key. + If absent, the Compute Engine Service Agent service account is used. + immutable: true + - !ruby/object:Api::Type::ResourceRef + name: 'snapshot' + api_name: 'sourceSnapshot' + resource: 'Snapshot' + imports: 'selfLink' +======= api_name: kmsKeyName diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - name: 'kmsKeyServiceAccount' @@ -196,6 +361,7 @@ parameters: If absent, the Compute Engine Service Agent service account is used. - name: 'snapshot' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. If the snapshot is in another @@ -206,40 +372,74 @@ parameters: * `projects/project/global/snapshots/snapshot` * `global/snapshots/snapshot` * `snapshot` +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::NestedObject + name: 'sourceSnapshotEncryptionKey' +======= api_name: sourceSnapshot custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Snapshot' imports: 'selfLink' - name: 'sourceSnapshotEncryptionKey' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key. +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::String + name: 'rawKey' +======= immutable: true properties: - name: 'rawKey' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. # TODO(chrisst) Change to ResourceRef once KMS is in Magic Modules +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'kmsKeySelfLink' + api_name: 'kmsKeyName' +======= - name: 'kmsKeySelfLink' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The self link of the encryption key used to encrypt the disk. Also called KmsKeyName in the cloud console. Your project's Compute Engine System service account (`service-{{PROJECT_NUMBER}}@compute-system.iam.gserviceaccount.com`) must have `roles/cloudkms.cryptoKeyEncrypterDecrypter` to use this feature. See https://cloud.google.com/compute/docs/disks/customer-managed-encryption#encrypt_a_new_persistent_disk_with_your_own_keys +<<<<<<< HEAD + diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' + - !ruby/object:Api::Type::String + name: 'sha256' +======= api_name: kmsKeyName diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - name: 'sha256' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'kmsKeyServiceAccount' + description: | + The service account used for the encryption request for the given KMS key. + If absent, the Compute Engine Service Agent service account is used. + immutable: true + - !ruby/object:Api::Type::String + name: 'sourceSnapshotId' +======= - name: 'kmsKeyServiceAccount' type: String description: | @@ -247,6 +447,7 @@ parameters: If absent, the Compute Engine Service Agent service account is used. - name: 'sourceSnapshotId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent @@ -256,6 +457,40 @@ parameters: used. output: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Fingerprint + name: 'labelFingerprint' + description: | + The fingerprint used for optimistic locking of this resource. Used + internally during updates. + update_url: 'projects/{{project}}/zones/{{zone}}/disks/{{name}}/setLabels' + update_verb: :POST + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::String + name: 'description' + description: | + An optional description of this resource. Provide this property when + you create the resource. + - !ruby/object:Api::Type::Time + name: 'lastAttachTimestamp' + description: 'Last attach timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::Time + name: 'lastDetachTimestamp' + description: 'Last detach timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: | + Labels to apply to this disk. A list of key->value pairs. + update_verb: :POST + update_url: 'projects/{{project}}/zones/{{zone}}/disks/{{name}}/setLabels' + - !ruby/object:Api::Type::String + name: 'name' +======= - name: 'labelFingerprint' type: Fingerprint description: | @@ -290,6 +525,7 @@ properties: update_verb: 'POST' - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -298,10 +534,19 @@ properties: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. +<<<<<<< HEAD + immutable: true + required: true + - !ruby/object:Api::Type::Integer + name: 'size' + api_name: sizeGb + default_from_api: true +======= required: true immutable: true - name: 'size' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Size of the persistent disk, specified in GB. You can specify this field when creating a persistent disk using the `image` or @@ -316,6 +561,24 @@ properties: if upsizing is detected but recreates the disk if downsizing is requested. You can add `lifecycle.prevent_destroy` in the config to prevent destroying and recreating. +<<<<<<< HEAD + update_verb: :POST + update_url: 'projects/{{project}}/zones/{{zone}}/disks/{{name}}/resize' + - !ruby/object:Api::Type::Array + name: 'users' + description: | + Links to the users of the disk (attached instances) in form: + project/zones/zone/instances/instance + item_type: !ruby/object:Api::Type::ResourceRef + name: 'user' + resource: 'Instance' + imports: 'selfLink' + description: 'A reference to a user of this disk' + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' + output: true + - !ruby/object:Api::Type::Integer + name: 'physicalBlockSizeBytes' +======= api_name: sizeGb default_from_api: true update_url: 'projects/{{project}}/zones/{{zone}}/disks/{{name}}/resize' @@ -335,6 +598,7 @@ properties: imports: 'selfLink' - name: 'physicalBlockSizeBytes' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Physical block size of the persistent disk, in bytes. If not present in a request, a default value is used. Currently supported sizes @@ -342,19 +606,37 @@ properties: If an unsupported value is requested, the error message will list the supported values for the caller's project. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'interface' +======= - name: 'interface' type: String description: | Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 min_version: 'beta' # interface is removed using url_param_only to preserve schema definition # and prevent sending or reading in API requests url_param_only: true +<<<<<<< HEAD + default_value: 'SCSI' + deprecation_message: >- + `interface` is deprecated and will be removed in a future major release. + This field is no longer used and can be safely removed from your configurations; + disk interfaces are automatically determined on attachment. + description: | + Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI. + diff_suppress_func: AlwaysDiffSuppress + - !ruby/object:Api::Type::String + name: 'sourceDisk' +======= diff_suppress_func: 'AlwaysDiffSuppress' default_value: "SCSI" deprecation_message: '`interface` is deprecated and will be removed in a future major release. This field is no longer used and can be safely removed from your configurations; disk interfaces are automatically determined on attachment.' - name: 'sourceDisk' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: @@ -366,13 +648,41 @@ properties: * zones/{zone}/disks/{disk} * regions/{region}/disks/{disk} diff_suppress_func: 'sourceDiskDiffSupress' +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'sourceDiskId' +======= - name: 'sourceDiskId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The ID value of the disk used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given disk name. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'DiskId' + description: | + The unique identifier for the resource. This identifier is defined by the server. + output: true + api_name: id + - !ruby/object:Api::Type::ResourceRef + name: 'type' + resource: 'DiskType' + imports: 'selfLink' + diff_suppress_func: 'tpgresource.CompareResourceNames' + description: | + URL of the disk type resource describing which disk type to use to + create the disk. Provide this when creating the disk. + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + default_value: 'pd-standard' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::String + name: 'image' + api_name: 'sourceImage' + diff_suppress_func: 'DiskImageDiffSuppress' +======= - name: 'DiskId' type: String description: | @@ -392,6 +702,7 @@ properties: imports: 'selfLink' - name: 'image' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The image from which to initialize this disk. This can be one of: the image's `self_link`, `projects/{project}/global/images/{image}`, @@ -402,11 +713,18 @@ properties: [google_compute_image data source](/docs/providers/google/d/compute_image.html). For instance, the image `centos-6-v20180104` includes its family name `centos-6`. These images can be referred by family name here. +<<<<<<< HEAD + immutable: true + - !ruby/object:Api::Type::Array + name: 'resourcePolicies' + min_version: beta +======= api_name: sourceImage immutable: true diff_suppress_func: 'DiskImageDiffSuppress' - name: 'resourcePolicies' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Resource policies applied to this disk for automatic snapshot creations. @@ -415,6 +733,19 @@ properties: one at a time. Use [`google_compute_disk_resource_policy_attachment`](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_disk_resource_policy_attachment) to allow for updating the resource policy attached to the disk. +<<<<<<< HEAD + default_from_api: true + item_type: !ruby/object:Api::Type::ResourceRef + name: 'resourcePolicy' + resource: 'ResourcePolicy' + imports: 'selfLink' + description: + 'A resource policy applied to this disk for automatic snapshot + creations.' + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Boolean + name: 'enableConfidentialCompute' +======= min_version: 'beta' default_from_api: true custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.tmpl' @@ -428,11 +759,21 @@ properties: imports: 'selfLink' - name: 'enableConfidentialCompute' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Whether this disk is using confidential compute mode. Note: Only supported on hyperdisk skus, disk_encryption_key is required when setting to true required: false default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'multiWriter' + description: | + Indicates whether or not the disk can be read/write attached to more than one instance. + min_version: beta + - !ruby/object:Api::Type::Integer + name: 'provisionedIops' +======= - name: 'multiWriter' type: Boolean description: | @@ -440,21 +781,71 @@ properties: min_version: 'beta' - name: 'provisionedIops' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates how many IOPS must be provisioned for the disk. Note: Updating currently is only supported by hyperdisk skus without the need to delete and recreate the disk, hyperdisk allows for an update of IOPS every 4 hours. To update your hyperdisk more frequently, you'll need to manually delete and recreate it required: false default_from_api: true +<<<<<<< HEAD + update_verb: :PATCH + update_url: 'projects/{{project}}/zones/{{zone}}/disks/{{name}}?paths=provisionedIops' + - !ruby/object:Api::Type::Integer + name: 'provisionedThroughput' +======= update_url: 'projects/{{project}}/zones/{{zone}}/disks/{{name}}?paths=provisionedIops' update_verb: 'PATCH' - name: 'provisionedThroughput' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates how much Throughput must be provisioned for the disk. Note: Updating currently is only supported by hyperdisk skus without the need to delete and recreate the disk, hyperdisk allows for an update of Throughput every 4 hours. To update your hyperdisk more frequently, you'll need to manually delete and recreate it default_from_api: true +<<<<<<< HEAD + update_verb: :PATCH + update_url: 'projects/{{project}}/zones/{{zone}}/disks/{{name}}?paths=provisionedThroughput' + - !ruby/object:Api::Type::NestedObject + name: 'asyncPrimaryDisk' + properties: + - !ruby/object:Api::Type::String + name: 'disk' + description: | + Primary disk for asynchronous disk replication. + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' + - !ruby/object:Api::Type::Array + name: 'guestOsFeatures' + description: | + A list of features to enable on the guest operating system. + Applicable only for bootable disks. + default_from_api: true + is_set: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'type' + required: true + description: | + The type of supported feature. Read [Enabling guest operating system features](https://cloud.google.com/compute/docs/images/create-delete-deprecate-private-images#guest-os-features) to see a list of available options. + - !ruby/object:Api::Type::Array + name: 'licenses' + description: Any applicable license URI. + default_from_api: true + immutable: true + item_type: !ruby/object:Api::Type::ResourceRef + name: 'license' + description: 'An applicable license URI' + resource: 'License' + imports: 'selfLink' + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::String + name: 'storagePool' + required: false + immutable: true +======= update_url: 'projects/{{project}}/zones/{{zone}}/disks/{{name}}?paths=provisionedThroughput' update_verb: 'PATCH' - name: 'asyncPrimaryDisk' @@ -495,25 +886,41 @@ properties: imports: 'selfLink' - name: 'storagePool' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The URL of the storage pool in which the new disk is created. For example: * https://www.googleapis.com/compute/v1/projects/{project}/zones/{zone}/storagePools/{storagePool} * /projects/{project}/zones/{zone}/storagePools/{storagePool} +<<<<<<< HEAD + diff_suppress_func: 'tpgresource.CompareResourceNames' + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + - !ruby/object:Api::Type::String + name: 'accessMode' + required: false + immutable: false +======= required: false immutable: true diff_suppress_func: 'tpgresource.CompareResourceNames' custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' - name: 'accessMode' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The accessMode of the disk. For example: * READ_WRITE_SINGLE * READ_WRITE_MANY * READ_ONLY_SINGLE +<<<<<<< HEAD + default_from_api: true + update_verb: :PATCH + update_url: 'projects/{{project}}/zones/{{zone}}/disks/{{name}}?paths=accessMode' +======= required: false immutable: false default_from_api: true update_url: 'projects/{{project}}/zones/{{zone}}/disks/{{name}}?paths=accessMode' update_verb: 'PATCH' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/DiskResourcePolicyAttachment.yaml b/mmv1/products/compute/DiskResourcePolicyAttachment.yaml index 8f088c140896..46fca67ccd95 100644 --- a/mmv1/products/compute/DiskResourcePolicyAttachment.yaml +++ b/mmv1/products/compute/DiskResourcePolicyAttachment.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,13 +15,54 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'DiskResourcePolicyAttachment' +immutable: true +base_url: projects/{{project}}/zones/{{zone}}/disks/{{disk}} +create_verb: :POST +create_url: projects/{{project}}/zones/{{zone}}/disks/{{disk}}/addResourcePolicies +delete_verb: :POST +delete_url: projects/{{project}}/zones/{{zone}}/disks/{{disk}}/removeResourcePolicies +self_link: projects/{{project}}/zones/{{zone}}/disks/{{disk}} +nested_query: !ruby/object:Api::Resource::NestedQuery + keys: + - resourcePolicies + is_list_of_ids: true +identity: + - name +======= --- name: 'DiskResourcePolicyAttachment' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Adds existing resource policies to a disk. You can only add one policy which will be applied to this disk for scheduling snapshot creation. ~> **Note:** This resource does not support regional disks (`google_compute_region_disk`). For regional disks, please refer to [`google_compute_region_disk_resource_policy_attachment`](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_region_disk_resource_policy_attachment) +<<<<<<< HEAD +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'disk_resource_policy_attachment_basic' +======= docs: id_format: '{{project}}/{{zone}}/{{disk}}/{{name}}' base_url: 'projects/{{project}}/zones/{{zone}}/disks/{{disk}}' @@ -57,10 +102,39 @@ custom_code: pre_delete: 'templates/terraform/pre_delete/compute_disk_resource_policies_attachment.go.tmpl' examples: - name: 'disk_resource_policy_attachment_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'attachment' vars: disk_name: 'my-disk' policy_name: 'my-resource-policy' +<<<<<<< HEAD +id_format: '{{project}}/{{zone}}/{{disk}}/{{name}}' +custom_code: !ruby/object:Provider::Terraform::CustomCode + encoder: templates/terraform/encoders/compute_disk_resource_policies_attachment.go.erb + decoder: templates/terraform/decoders/compute_disk_resource_policies_attachment.go.erb + pre_delete: templates/terraform/pre_delete/compute_disk_resource_policies_attachment.go.erb +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'disk' + resource: 'Disk' + imports: 'name' + description: | + The name of the disk in which the resource policies are attached to. + required: true + url_param_only: true + - !ruby/object:Api::Type::ResourceRef + name: 'zone' + resource: 'Zone' + imports: 'name' + description: 'A reference to the zone where the disk resides.' + required: false + url_param_only: true + ignore_read: true + default_from_api: true +properties: + - !ruby/object:Api::Type::String + name: 'name' +======= parameters: - name: 'disk' type: ResourceRef @@ -82,6 +156,7 @@ parameters: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The resource policy to be attached to the disk for scheduling snapshot creation. Do not specify the self link. diff --git a/mmv1/products/compute/DiskType.yaml b/mmv1/products/compute/DiskType.yaml index a9dfe0d19ab9..3571f1b65f7e 100644 --- a/mmv1/products/compute/DiskType.yaml +++ b/mmv1/products/compute/DiskType.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,9 +15,17 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'DiskType' +kind: 'compute#diskType' +base_url: projects/{{project}}/zones/{{zone}}/diskTypes +collection_url_key: 'items' +======= --- name: 'DiskType' kind: 'compute#diskType' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # TODO(nelsonjr): Search all documentation for references of using URL (like # the description below) and replace with the proper reference to the # corresponding type. @@ -21,12 +33,43 @@ description: | Represents a DiskType resource. A DiskType resource represents the type of disk to use, such as a pd-ssd, pd-balanced or pd-standard. To reference a disk type, use the disk type's full or partial URL. +<<<<<<< HEAD +======= exclude: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # TODO(nelsonjr): Temporarily make DiskType virtual so no tests gets # triggered for create. Implement support for read only objects, and delete # the virtual tag # | readonly: true readonly: true +<<<<<<< HEAD +has_self_link: true +exclude: true +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'zone' + resource: 'Zone' + imports: 'name' + description: 'A reference to the zone where the disk type resides.' + required: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::Integer + name: 'defaultDiskSizeGb' + description: 'Server-defined default disk size in GB.' + output: true + - !ruby/object:Api::Type::NestedObject + name: 'deprecated' + description: 'The deprecation status associated with this disk type.' + output: true + properties: + - !ruby/object:Api::Type::Time + name: 'deleted' +======= docs: base_url: 'projects/{{project}}/zones/{{zone}}/diskTypes' has_self_link: true @@ -60,31 +103,52 @@ properties: properties: - name: 'deleted' type: Time +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional RFC3339 timestamp on or after which the deprecation state of this resource will be changed to DELETED. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Time + name: 'deprecated' +======= - name: 'deprecated' type: Time +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional RFC3339 timestamp on or after which the deprecation state of this resource will be changed to DEPRECATED. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Time + name: 'obsolete' +======= - name: 'obsolete' type: Time +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional RFC3339 timestamp on or after which the deprecation state of this resource will be changed to OBSOLETE. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'replacement' +======= - name: 'replacement' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The URL of the suggested replacement for a deprecated resource. The suggested replacement resource must be the same kind of resource as the deprecated resource. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'state' +======= - name: 'state' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The deprecation state of this resource. This can be DEPRECATED, OBSOLETE, or DELETED. Operations which create a new resource using a @@ -92,6 +156,26 @@ properties: indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error. +<<<<<<< HEAD + values: + - :DEPRECATED + - :OBSOLETE + - :DELETED + output: true + - !ruby/object:Api::Type::String + name: 'description' + description: 'An optional description of this resource.' + output: true + - !ruby/object:Api::Type::Integer + name: 'id' + description: 'The unique identifier for the resource.' + output: true + - !ruby/object:Api::Type::String + name: 'name' + description: 'Name of the resource.' + - !ruby/object:Api::Type::String + name: 'validDiskSize' +======= output: true enum_values: - 'DEPRECATED' @@ -110,6 +194,7 @@ properties: description: 'Name of the resource.' - name: 'validDiskSize' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional textual description of the valid disk size, such as "10GB-10TB". diff --git a/mmv1/products/compute/ExternalVpnGateway.yaml b/mmv1/products/compute/ExternalVpnGateway.yaml index 5f5c69ef9546..8ee5eb21460b 100644 --- a/mmv1/products/compute/ExternalVpnGateway.yaml +++ b/mmv1/products/compute/ExternalVpnGateway.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,44 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'ExternalVpnGateway' +kind: 'compute#externalVpnGateway' +base_url: projects/{{project}}/global/externalVpnGateways +collection_url_key: 'items' +immutable: true +has_self_link: true +description: | + Represents a VPN gateway managed outside of GCP. +references: !ruby/object:Api::Resource::ReferenceLinks + api: https://cloud.google.com/compute/docs/reference/rest/v1/externalVpnGateways +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'external_vpn_gateway' + primary_resource_id: + 'external_gateway' + # Multiple fine-grained resources + skip_vcr: true +======= --- name: 'ExternalVpnGateway' kind: 'compute#externalVpnGateway' @@ -46,12 +88,39 @@ custom_code: examples: - name: 'external_vpn_gateway' primary_resource_id: 'external_gateway' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: ha_vpn_gateway_name: 'ha-vpn' network_name: 'network-1' external_gateway_name: 'external-gateway' global_address_name: 'global-address' router_name: 'ha-vpn-router1' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + skip_docs: true + name: 'only_external_vpn_gateway_full' + primary_resource_id: 'external_gateway' + vars: + external_gateway_name: 'external-gateway' +properties: + - !ruby/object:Api::Type::String + name: 'description' + description: 'An optional description of this resource.' + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: 'Labels for the external VPN gateway resource.' + update_verb: :POST + update_url: 'projects/{{project}}/global/externalVpnGateways/{{name}}/setLabels' + - !ruby/object:Api::Type::Fingerprint + name: 'labelFingerprint' + description: | + The fingerprint used for optimistic locking of this resource. Used + internally during updates. + update_url: 'projects/{{project}}/global/externalVpnGateways/{{name}}/setLabels' + update_verb: :POST + - !ruby/object:Api::Type::String + name: 'name' +======= # Multiple fine-grained resources skip_vcr: true - name: 'only_external_vpn_gateway_full' @@ -80,6 +149,7 @@ properties: key_expander: '' - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -89,6 +159,26 @@ properties: characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'redundancyType' + description: | + Indicates the redundancy type of this external VPN gateway + values: + - :FOUR_IPS_REDUNDANCY + - :SINGLE_IP_INTERNALLY_REDUNDANT + - :TWO_IPS_REDUNDANCY + - !ruby/object:Api::Type::Array + name: 'interface' + api_name: 'interfaces' + description: | + A list of interfaces on this external VPN gateway. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Integer + name: 'id' + send_empty_value: true +======= - name: 'redundancyType' type: Enum description: | @@ -107,15 +197,21 @@ properties: properties: - name: 'id' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The numeric ID for this interface. Allowed values are based on the redundancy type of this external VPN gateway * `0 - SINGLE_IP_INTERNALLY_REDUNDANT` * `0, 1 - TWO_IPS_REDUNDANCY` * `0, 1, 2, 3 - FOUR_IPS_REDUNDANCY` +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'ipAddress' +======= send_empty_value: true - name: 'ipAddress' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | IP address of the interface in the external VPN gateway. Only IPv4 is supported. This IP address can be either from diff --git a/mmv1/products/compute/Firewall.yaml b/mmv1/products/compute/Firewall.yaml index c048c0a918e2..2932a8229839 100644 --- a/mmv1/products/compute/Firewall.yaml +++ b/mmv1/products/compute/Firewall.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,9 +15,23 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Firewall' +kind: 'compute#firewall' +base_url: projects/{{project}}/global/firewalls +collection_url_key: 'items' +update_verb: :PATCH +has_self_link: true +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/vpc/docs/firewalls' + api: 'https://cloud.google.com/compute/docs/reference/v1/firewalls' +======= --- name: 'Firewall' kind: 'compute#firewall' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Each network has its own firewall controlling access to and from the instances. @@ -27,6 +45,33 @@ description: | outgoing traffic and a default "deny" for incoming traffic. For all networks except the default network, you must create any firewall rules you need. +<<<<<<< HEAD +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +docs: !ruby/object:Provider::Terraform::Docs + optional_properties: | + * `enable_logging` - (Optional, Deprecated) This field denotes whether to enable logging for a particular firewall rule. + If logging is enabled, logs will be exported to Stackdriver. Deprecated in favor of `log_config` +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'firewall_basic' +======= references: guides: 'Official Documentation': 'https://cloud.google.com/vpc/docs/firewalls' @@ -67,28 +112,66 @@ schema_version: 1 migrate_state: 'resourceComputeFirewallMigrateState' examples: - name: 'firewall_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: firewall_name: 'test-firewall' network_name: 'test-network' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'firewall_with_target_tags' +======= - name: 'firewall_with_target_tags' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'rules' vars: firewall_name: 'my-firewall-rule' test_env_vars: +<<<<<<< HEAD + project: :PROJECT_NAME +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: templates/terraform/constants/firewall.erb + extra_schema_entry: templates/terraform/extra_schema_entry/firewall.erb +custom_diff: [ + 'resourceComputeFirewallEnableLoggingCustomizeDiff', + 'resourceComputeFirewallSourceFieldsCustomizeDiff', +] +migrate_state: 'resourceComputeFirewallMigrateState' +schema_version: 1 +======= project: 'PROJECT_NAME' parameters: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 properties: # TODO(nelsonjr): [nice to have] Make the format here simpler to use, in # the form of # 22/tcp, [12345-23456]/tcp. It requires a conversion # function to the # final JSON format expected by the API for this # proposal to work. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'allow' + api_name: 'allowed' + is_set: true + set_hash_func: 'resourceComputeFirewallRuleHash' +======= - name: 'allow' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection. +<<<<<<< HEAD + exactly_one_of: + - allow + - deny + item_type: !ruby/object:Api::Type::NestedObject + properties: + # IPProtocol has to be string, instead of Enum because user can + # specify the protocol by number as well. + - !ruby/object:Api::Type::String + name: 'protocol' +======= api_name: allowed is_set: true exactly_one_of: @@ -102,16 +185,26 @@ properties: # specify the protocol by number as well. - name: 'protocol' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, sctp, ipip, all), or the IP protocol number. +<<<<<<< HEAD + api_name: 'IPProtocol' + required: true + diff_suppress_func: 'tpgresource.CaseDiffSuppress' + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'ports' +======= api_name: IPProtocol required: true diff_suppress_func: 'tpgresource.CaseDiffSuppress' - name: 'ports' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be @@ -120,6 +213,29 @@ properties: Example inputs include: [22], [80, 443], and ["12345-12349"]. +<<<<<<< HEAD + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::Array + name: 'deny' + api_name: 'denied' + is_set: true + set_hash_func: 'resourceComputeFirewallRuleHash' + exactly_one_of: + - allow + - deny + description: | + The list of DENY rules specified by this firewall. Each rule specifies + a protocol and port-range tuple that describes a denied connection. + item_type: !ruby/object:Api::Type::NestedObject + properties: + # IPProtocol has to be string, instead of Enum because user can + # specify the protocol by number as well. + - !ruby/object:Api::Type::String + name: 'protocol' +======= item_type: type: String - name: 'creationTimestamp' @@ -144,16 +260,26 @@ properties: # specify the protocol by number as well. - name: 'protocol' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, sctp, ipip, all), or the IP protocol number. +<<<<<<< HEAD + api_name: 'IPProtocol' + diff_suppress_func: 'tpgresource.CaseDiffSuppress' + required: true + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'ports' +======= api_name: IPProtocol required: true diff_suppress_func: 'tpgresource.CaseDiffSuppress' - name: 'ports' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be @@ -162,30 +288,55 @@ properties: Example inputs include: [22], [80, 443], and ["12345-12349"]. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'description' +======= item_type: type: String - name: 'description' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional description of this resource. Provide this property when you create the resource. send_empty_value: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'destinationRanges' +======= - name: 'destinationRanges' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If destination ranges are specified, the firewall will apply only to traffic that has destination IP address in these ranges. These ranges must be expressed in CIDR format. IPv4 or IPv6 ranges are supported. is_set: true default_from_api: true +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Enum + name: 'direction' +======= item_type: type: String - name: 'direction' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Direction of traffic to which this firewall applies; default is INGRESS. Note: For INGRESS traffic, one of `source_ranges`, `source_tags` or `source_service_accounts` is required. +<<<<<<< HEAD + values: + - :INGRESS + - :EGRESS + default_from_api: true + immutable: true + - !ruby/object:Api::Type::Boolean + name: 'disabled' +======= immutable: true default_from_api: true enum_values: @@ -193,18 +344,42 @@ properties: - 'EGRESS' - name: 'disabled' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Denotes whether the firewall rule is disabled, i.e not applied to the network it is associated with. When set to true, the firewall rule is not enforced and the network behaves as if it did not exist. If this is unspecified, the firewall rule will be enabled. send_empty_value: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'logConfig' +======= - name: 'logConfig' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This field denotes the logging options for a particular firewall rule. If defined, logging is enabled, and logs will be exported to Cloud Logging. send_empty_value: true +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/firewall_log_config.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/firewall_log_config.go.erb' + diff_suppress_func: 'diffSuppressEnableLogging' + properties: + - !ruby/object:Api::Type::Enum + name: 'metadata' + description: | + This field denotes whether to include or exclude metadata for firewall logs. + values: + - :EXCLUDE_ALL_METADATA + - :INCLUDE_ALL_METADATA + required: true + - !ruby/object:Api::Type::String + name: 'name' + required: true + immutable: true +======= diff_suppress_func: 'diffSuppressEnableLogging' custom_flatten: 'templates/terraform/custom_flatten/firewall_log_config.go.tmpl' custom_expand: 'templates/terraform/custom_expand/firewall_log_config.go.tmpl' @@ -219,6 +394,7 @@ properties: - 'INCLUDE_ALL_METADATA' - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -227,6 +403,20 @@ properties: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + function: 'verify.ValidateGCEName' + - !ruby/object:Api::Type::ResourceRef + name: 'network' + resource: 'Network' + imports: 'selfLink' + required: true + description: | + The name or self_link of the network to attach this firewall to. + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Integer + name: 'priority' +======= required: true immutable: true validation: @@ -241,6 +431,7 @@ properties: imports: 'selfLink' - name: 'priority' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Priority for this rule. This is an integer between 0 and 65535, both inclusive. When not specified, the value assumed is 1000. Relative @@ -248,12 +439,21 @@ properties: priority implies higher precedence (eg, a rule with priority 0 has higher precedence than a rule with priority 1). DENY rules take precedence over ALLOW rules having equal priority. +<<<<<<< HEAD + default_value: 1000 + send_empty_value: true + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.IntBetween(0, 65535)' + - !ruby/object:Api::Type::Array + name: 'sourceRanges' +======= send_empty_value: true validation: function: 'validation.IntBetween(0, 65535)' default_value: 1000 - name: 'sourceRanges' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If source ranges are specified, the firewall will apply only to traffic that has source IP address in these ranges. These ranges must @@ -266,10 +466,16 @@ properties: `source_ranges`, `source_tags` or `source_service_accounts` is required. is_set: true diff_suppress_func: 'diffSuppressSourceRanges' +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'sourceServiceAccounts' +======= item_type: type: String - name: 'sourceServiceAccounts' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If source service accounts are specified, the firewall will apply only to traffic originating from an instance with a service account in this @@ -283,6 +489,16 @@ properties: properties for the firewall to apply. sourceServiceAccounts cannot be used at the same time as sourceTags or targetTags. For INGRESS traffic, one of `source_ranges`, `source_tags` or `source_service_accounts` is required. +<<<<<<< HEAD + max_size: 10 + conflicts: + - source_tags + - target_tags + is_set: true + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'sourceTags' +======= is_set: true conflicts: - source_tags @@ -292,6 +508,7 @@ properties: max_size: 10 - name: 'sourceTags' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If source tags are specified, the firewall will apply only to traffic with source IP that belongs to a tag listed in source tags. Source @@ -303,6 +520,15 @@ properties: a tag listed in the sourceTags property. The connection does not need to match both properties for the firewall to apply. For INGRESS traffic, one of `source_ranges`, `source_tags` or `source_service_accounts` is required. +<<<<<<< HEAD + conflicts: + - source_service_accounts + - target_service_accounts + is_set: true + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'targetServiceAccounts' +======= is_set: true conflicts: - source_service_accounts @@ -311,6 +537,7 @@ properties: type: String - name: 'targetServiceAccounts' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of service accounts indicating sets of instances located in the network that may make network connections as specified in allowed[]. @@ -318,6 +545,16 @@ properties: sourceTags. If neither targetServiceAccounts nor targetTags are specified, the firewall rule applies to all instances on the specified network. +<<<<<<< HEAD + max_size: 10 + conflicts: + - source_tags + - target_tags + is_set: true + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'targetTags' +======= is_set: true conflicts: - source_tags @@ -327,14 +564,23 @@ properties: max_size: 10 - name: 'targetTags' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of instance tags indicating sets of instances located in the network that may make network connections as specified in allowed[]. If no targetTags are specified, the firewall rule applies to all instances on the specified network. +<<<<<<< HEAD + conflicts: + - source_service_accounts + - target_service_accounts + is_set: true + item_type: Api::Type::String +======= is_set: true conflicts: - source_service_accounts - target_service_accounts item_type: type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/FirewallPolicyWithRules.yaml b/mmv1/products/compute/FirewallPolicyWithRules.yaml index 2af81138de81..b37d590dc079 100644 --- a/mmv1/products/compute/FirewallPolicyWithRules.yaml +++ b/mmv1/products/compute/FirewallPolicyWithRules.yaml @@ -1,5 +1,9 @@ # Copyright 2024 Google Inc. +<<<<<<< HEAD +# Licensed under the Apache License, Version 2.0 (the License); +======= # Licensed under the Apache License, Version 2.0 (the "License"); +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # @@ -11,6 +15,23 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: FirewallPolicyWithRules +min_version: beta +base_url: 'locations/global/firewallPolicies?parentId={{parent}}' +self_link: 'locations/global/firewallPolicies/{{policy_id}}' +create_url: 'locations/global/firewallPolicies?parentId={{parent}}' +update_verb: :PATCH +description: | + The Compute FirewallPolicy with rules resource. It declaratively manges all + rules in the firewall policy. +id_format: 'locations/global/firewallPolicies/{{policy_id}}' +import_format: ['locations/global/firewallPolicies/{{policy_id}}'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'compute_firewall_policy_with_rules_full' +======= --- name: 'FirewallPolicyWithRules' description: | @@ -39,6 +60,7 @@ custom_code: post_update: 'templates/terraform/post_update/resource_compute_firewall_policy_with_rules.go.tmpl' examples: - name: 'compute_firewall_policy_with_rules_full' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'firewall-policy-with-rules' vars: policy_name: 'tf-fw-org-policy-with-rules' @@ -46,6 +68,61 @@ examples: security_profile_group_name: 'tf-security-profile-group' security_profile_name: 'tf-security-profile' test_env_vars: +<<<<<<< HEAD + org_id: :ORG_ID +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: templates/terraform/constants/resource_compute_firewall_policy_with_rules.go.erb + encoder: templates/terraform/encoders/resource_compute_firewall_policy_with_rules.go.erb + update_encoder: templates/terraform/update_encoder/resource_compute_firewall_policy_with_rules.go.erb + decoder: templates/terraform/decoders/resource_compute_firewall_policy_with_rules.go.erb + post_create: templates/terraform/post_create/resource_compute_firewall_policy_with_rules.go.erb + post_update: templates/terraform/post_update/resource_compute_firewall_policy_with_rules.go.erb + post_delete: templates/terraform/post_delete/resource_compute_firewall_policy_with_rules.go.erb +parameters: + - !ruby/object:Api::Type::String + name: parent + description: | + The parent of this FirewallPolicy in the Cloud Resource Hierarchy. + Format: organizations/{organization_id} or folders/{folder_id} + required: true + immutable: true +properties: + - !ruby/object:Api::Type::String + name: creationTimestamp + description: Creation timestamp in RFC3339 text format. + output: true + - !ruby/object:Api::Type::String + name: shortName + description: A textual name of the security policy. + immutable: true + required: true + - !ruby/object:Api::Type::String + name: policyId + description: The unique identifier for the resource. This identifier is defined by the server. + output: true + api_name: id + - !ruby/object:Api::Type::String + name: description + description: An optional description of this resource. + - !ruby/object:Api::Type::Array + name: 'rule' + api_name: 'rules' + description: A list of firewall policy rules. + required: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'description' + description: | + A description of the rule. + - !ruby/object:Api::Type::String + name: 'ruleName' + description: | + An optional name for the rule. This field is not a unique identifier + and can be updated. + - !ruby/object:Api::Type::Integer + name: 'priority' +======= org_id: 'ORG_ID' parameters: - name: 'parent' @@ -100,10 +177,60 @@ properties: min_version: 'beta' - name: 'priority' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An integer indicating the priority of a rule in the list. The priority must be a value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority. +<<<<<<< HEAD + required: true + - !ruby/object:Api::Type::NestedObject + name: 'match' + description: + A match condition that incoming traffic is evaluated against. If it + evaluates to true, the corresponding 'action' is enforced. + required: true + properties: + - !ruby/object:Api::Type::Array + name: 'srcIpRanges' + description: | + Source IP address range in CIDR format. Required for + INGRESS rules. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'destIpRanges' + description: | + Destination IP address range in CIDR format. Required for + EGRESS rules. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'srcAddressGroups' + description: | + Address groups which should be matched against the traffic source. + Maximum number of source address groups is 10. + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'destAddressGroups' + description: | + Address groups which should be matched against the traffic destination. + Maximum number of destination address groups is 10. + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'srcFqdns' + description: | + Fully Qualified Domain Name (FQDN) which should be matched against + traffic source. Maximum number of source fqdn allowed is 100. + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'destFqdns' + description: | + Fully Qualified Domain Name (FQDN) which should be matched against + traffic destination. Maximum number of destination fqdn allowed is 100. + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'srcRegionCodes' +======= min_version: 'beta' required: true - name: 'match' @@ -164,21 +291,52 @@ properties: type: String - name: 'srcRegionCodes' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'destRegionCodes' +======= min_version: 'beta' item_type: type: String - name: 'destRegionCodes' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of destination region codes allowed is 5000. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'srcThreatIntelligences' + description: | + Names of Network Threat Intelligence lists. + The IPs in these lists will be matched against traffic source. + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'destThreatIntelligences' + description: | + Names of Network Threat Intelligence lists. + The IPs in these lists will be matched against traffic destination. + - !ruby/object:Api::Type::Array + name: 'layer4Config' + api_name: 'layer4Configs' + description: | + Pairs of IP protocols and ports that the rule should match. + required: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'ipProtocol' +======= min_version: 'beta' item_type: type: String @@ -210,16 +368,24 @@ properties: properties: - name: 'ipProtocol' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number. +<<<<<<< HEAD + required: true + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'ports' +======= min_version: 'beta' required: true - name: 'ports' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be @@ -227,6 +393,23 @@ properties: applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'action' + description: | + The Action to perform when the client connection triggers the rule. Can currently be either + "allow", "deny", "apply_security_profile_group" or "goto_next". + required: true + - !ruby/object:Api::Type::Enum + name: 'direction' + description: | + The direction in which this rule applies. If unspecified an INGRESS rule is created. + values: + - :INGRESS + - :EGRESS + - !ruby/object:Api::Type::Boolean + name: 'enableLogging' +======= min_version: 'beta' item_type: type: String @@ -247,10 +430,22 @@ properties: - 'EGRESS' - name: 'enableLogging' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. +<<<<<<< HEAD + send_empty_value: true + - !ruby/object:Api::Type::Array + name: 'targetServiceAccounts' + description: | + A list of service accounts indicating the sets of + instances that are applied with this rule. + item_type: Api::Type::String + - !ruby/object:Api::Type::String + name: 'securityProfileGroup' +======= min_version: 'beta' send_empty_value: true - name: 'targetServiceAccounts' @@ -263,11 +458,22 @@ properties: type: String - name: 'securityProfileGroup' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A fully-qualified URL of a SecurityProfile resource instance. Example: https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group Must be specified if action is 'apply_security_profile_group'. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'tlsInspect' + description: | + Boolean flag indicating if the traffic should be TLS decrypted. + It can be set only if action = 'apply_security_profile_group' and cannot be set for other actions. + - !ruby/object:Api::Type::Array + name: 'targetResources' + item_type: Api::Type::String +======= min_version: 'beta' - name: 'tlsInspect' type: Boolean @@ -277,21 +483,49 @@ properties: min_version: 'beta' - name: 'targetResources' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'disabled' +======= min_version: 'beta' item_type: type: String - name: 'disabled' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Denotes whether the firewall policy rule is disabled. When set to true, the firewall policy rule is not enforced and traffic behaves as if it did not exist. If this is unspecified, the firewall policy rule will be enabled. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'predefinedRules' + description: A list of pre-define firewall policy rules. + output: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'description' + output: true + description: | + A description of the rule. + - !ruby/object:Api::Type::String + name: 'ruleName' + output: true + description: | + An optional name for the rule. This field is not a unique identifier + and can be updated. + - !ruby/object:Api::Type::Integer + name: 'priority' + output: true +======= min_version: 'beta' - name: 'predefinedRules' type: Array @@ -316,10 +550,66 @@ properties: output: true - name: 'priority' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An integer indicating the priority of a rule in the list. The priority must be a value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'match' + output: true + description: + A match condition that incoming traffic is evaluated against. If it + evaluates to true, the corresponding 'action' is enforced. + properties: + - !ruby/object:Api::Type::Array + name: 'srcIpRanges' + output: true + description: | + Source IP address range in CIDR format. Required for + INGRESS rules. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'destIpRanges' + output: true + description: | + Destination IP address range in CIDR format. Required for + EGRESS rules. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'srcAddressGroups' + output: true + description: | + Address groups which should be matched against the traffic source. + Maximum number of source address groups is 10. + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'destAddressGroups' + output: true + description: | + Address groups which should be matched against the traffic destination. + Maximum number of destination address groups is 10. + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'srcFqdns' + output: true + description: | + Fully Qualified Domain Name (FQDN) which should be matched against + traffic source. Maximum number of source fqdn allowed is 100. + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'destFqdns' + output: true + description: | + Fully Qualified Domain Name (FQDN) which should be matched against + traffic destination. Maximum number of destination fqdn allowed is 100. + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'srcRegionCodes' + output: true +======= min_version: 'beta' output: true - name: 'match' @@ -386,22 +676,57 @@ properties: type: String - name: 'srcRegionCodes' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'destRegionCodes' + output: true +======= min_version: 'beta' output: true item_type: type: String - name: 'destRegionCodes' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of destination region codes allowed is 5000. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'srcThreatIntelligences' + output: true + description: | + Names of Network Threat Intelligence lists. + The IPs in these lists will be matched against traffic source. + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'destThreatIntelligences' + output: true + description: | + Names of Network Threat Intelligence lists. + The IPs in these lists will be matched against traffic destination. + - !ruby/object:Api::Type::Array + name: 'layer4Config' + api_name: 'layer4Configs' + output: true + description: | + Pairs of IP protocols and ports that the rule should match. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'ipProtocol' + output: true +======= min_version: 'beta' output: true item_type: @@ -436,16 +761,24 @@ properties: properties: - name: 'ipProtocol' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'ports' + output: true +======= min_version: 'beta' output: true - name: 'ports' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be @@ -453,6 +786,25 @@ properties: applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'action' + output: true + description: | + The Action to perform when the client connection triggers the rule. Can currently be either + "allow", "deny", "apply_security_profile_group" or "goto_next". + - !ruby/object:Api::Type::Enum + name: 'direction' + output: true + description: | + The direction in which this rule applies. If unspecified an INGRESS rule is created. + values: + - :INGRESS + - :EGRESS + - !ruby/object:Api::Type::Boolean + name: 'enableLogging' + output: true +======= min_version: 'beta' output: true item_type: @@ -475,10 +827,23 @@ properties: - 'EGRESS' - name: 'enableLogging' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'targetServiceAccounts' + output: true + description: | + A list of service accounts indicating the sets of + instances that are applied with this rule. + item_type: Api::Type::String + - !ruby/object:Api::Type::String + name: 'securityProfileGroup' + output: true +======= min_version: 'beta' output: true - name: 'targetServiceAccounts' @@ -492,11 +857,24 @@ properties: type: String - name: 'securityProfileGroup' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A fully-qualified URL of a SecurityProfile resource instance. Example: https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group Must be specified if action is 'apply_security_profile_group'. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'tlsInspect' + output: true + description: | + Boolean flag indicating if the traffic should be TLS decrypted. + It can be set only if action = 'apply_security_profile_group' and cannot be set for other actions. + - !ruby/object:Api::Type::Array + name: 'targetResources' + output: true + item_type: Api::Type::String +======= min_version: 'beta' output: true - name: 'tlsInspect' @@ -508,22 +886,46 @@ properties: output: true - name: 'targetResources' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'disabled' + output: true +======= min_version: 'beta' output: true item_type: type: String - name: 'disabled' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Denotes whether the firewall policy rule is disabled. When set to true, the firewall policy rule is not enforced and traffic behaves as if it did not exist. If this is unspecified, the firewall policy rule will be enabled. +<<<<<<< HEAD + - !ruby/object:Api::Type::Fingerprint + name: fingerprint + description: Fingerprint of the resource. This field is used internally during updates of this resource. + output: true + - !ruby/object:Api::Type::String + name: selfLink + description: Server-defined URL for the resource. + output: true + - !ruby/object:Api::Type::String + name: selfLinkWithId + description: Server-defined URL for this resource with the resource id. + output: true + - !ruby/object:Api::Type::Integer + name: ruleTupleCount + description: Total count of all firewall policy rule tuples. A firewall policy can not exceed a set number of tuples. +======= min_version: 'beta' output: true - name: 'fingerprint' @@ -545,4 +947,5 @@ properties: type: Integer description: Total count of all firewall policy rule tuples. A firewall policy can not exceed a set number of tuples. min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 output: true diff --git a/mmv1/products/compute/ForwardingRule.yaml b/mmv1/products/compute/ForwardingRule.yaml index 5dfc75b43ed6..18e8a82f90e7 100644 --- a/mmv1/products/compute/ForwardingRule.yaml +++ b/mmv1/products/compute/ForwardingRule.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,13 +15,54 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'ForwardingRule' +kind: 'compute#forwardingRule' +base_url: projects/{{project}}/regions/{{region}}/forwardingRules +collection_url_key: 'items' +has_self_link: true +# Has a separate endpoint for labels +skip_attribution_label: true +======= --- name: 'ForwardingRule' kind: 'compute#forwardingRule' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A ForwardingRule resource. A ForwardingRule resource specifies which pool of target virtual machines to forward a packet to if it matches the given [IPAddress, IPProtocol, portRange] tuple. +<<<<<<< HEAD +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/compute/docs/load-balancing/network/forwarding-rules' + api: 'https://cloud.google.com/compute/docs/reference/v1/forwardingRules' +immutable: true +legacy_long_form_project: true +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'internal_http_lb_with_mig_backend' + primary_resource_id: 'google_compute_forwarding_rule' +======= # Has a separate endpoint for labels exclude_attribution_label: true references: @@ -58,6 +103,7 @@ examples: - name: 'internal_http_lb_with_mig_backend' primary_resource_id: 'google_compute_forwarding_rule' min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: ilb_network_name: 'l7-ilb-network' proxy_subnet_name: 'l7-ilb-proxy-subnet' @@ -72,12 +118,22 @@ examples: fw_allow_iap_hc_name: 'l7-ilb-fw-allow-iap-hc' fw_allow_ilb_to_backends_name: 'l7-ilb-fw-allow-ilb-to-backends' vm_test_name: 'l7-ilb-test-vm' +<<<<<<< HEAD + min_version: beta + ignore_read_extra: + - 'port_range' + - 'target' + - !ruby/object:Provider::Terraform::Examples + name: 'internal_tcp_udp_lb_with_mig_backend' + primary_resource_id: 'google_compute_forwarding_rule' +======= ignore_read_extra: - 'port_range' - 'target' - name: 'internal_tcp_udp_lb_with_mig_backend' primary_resource_id: 'google_compute_forwarding_rule' min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: ilb_network_name: 'l4-ilb-network' backend_subnet_name: 'l4-ilb-subnet' @@ -90,22 +146,42 @@ examples: fw_allow_ilb_to_backends_name: 'l4-ilb-fw-allow-ilb-to-backends' fw_allow_ilb_ssh_name: 'l4-ilb-fw-ssh' vm_test_name: 'l4-ilb-test-vm' +<<<<<<< HEAD + min_version: beta + - !ruby/object:Provider::Terraform::Examples + name: 'forwarding_rule_externallb' + primary_resource_id: 'default' +======= - name: 'forwarding_rule_externallb' primary_resource_id: 'default' min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: forwarding_rule_name: 'website-forwarding-rule' backend_name: 'website-backend' network_name: 'website-net' +<<<<<<< HEAD + min_version: beta + ignore_read_extra: + - 'port_range' + - !ruby/object:Provider::Terraform::Examples + name: 'forwarding_rule_global_internallb' +======= ignore_read_extra: - 'port_range' - name: 'forwarding_rule_global_internallb' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: forwarding_rule_name: 'website-forwarding-rule' backend_name: 'website-backend' network_name: 'website-net' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'forwarding_rule_basic' +======= - name: 'forwarding_rule_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: forwarding_rule_name: 'website-forwarding-rule' @@ -113,14 +189,26 @@ examples: ignore_read_extra: - 'port_range' - 'target' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'forwarding_rule_l3_default' + primary_resource_id: 'fwd_rule' +======= - name: 'forwarding_rule_l3_default' primary_resource_id: 'fwd_rule' min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: forwarding_rule_name: 'l3-forwarding-rule' service_name: 'service' health_check_name: 'health-check' +<<<<<<< HEAD + min_version: beta + - !ruby/object:Provider::Terraform::Examples + name: 'forwarding_rule_internallb' +======= - name: 'forwarding_rule_internallb' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: forwarding_rule_name: 'website-forwarding-rule' @@ -129,9 +217,16 @@ examples: ignore_read_extra: - 'port_range' - 'target' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'forwarding_rule_http_lb' + min_version: 'beta' + primary_resource_id: 'default' +======= - name: 'forwarding_rule_http_lb' primary_resource_id: 'default' min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: forwarding_rule_name: 'website-forwarding-rule' region_target_http_proxy_name: 'website-proxy' @@ -144,9 +239,16 @@ examples: ignore_read_extra: - 'port_range' - 'target' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'forwarding_rule_regional_http_xlb' + min_version: 'beta' + primary_resource_id: 'default' +======= - name: 'forwarding_rule_regional_http_xlb' primary_resource_id: 'default' min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: forwarding_rule_name: 'website-forwarding-rule' region_target_http_proxy_name: 'website-proxy' @@ -161,7 +263,12 @@ examples: - 'port_range' - 'target' - 'ip_address' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'forwarding_rule_vpc_psc' +======= - name: 'forwarding_rule_vpc_psc' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: forwarding_rule_name: 'psc-endpoint' @@ -177,7 +284,12 @@ examples: - 'port_range' - 'target' - 'ip_address' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'forwarding_rule_vpc_psc_no_automate_dns' +======= - name: 'forwarding_rule_vpc_psc_no_automate_dns' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: forwarding_rule_name: 'psc-endpoint' @@ -193,13 +305,49 @@ examples: - 'port_range' - 'target' - 'ip_address' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'forwarding_rule_regional_steering' +======= - name: 'forwarding_rule_regional_steering' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'steering' vars: forwarding_rule_name: 'steering-rule' ip_name: 'website-ip' backend_name: 'service-backend' external_forwarding_rule_name: 'external-forwarding-rule' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: "forwarding_rule_internallb_ipv6" + primary_resource_id: "default" + vars: + forwarding_rule_name: "ilb-ipv6-forwarding-rule" + backend_name: "ilb-ipv6-backend" + network_name: "net-ipv6" + subnet_name: "subnet-internal-ipv6" + ignore_read_extra: + - "port_range" + - "target" +custom_code: !ruby/object:Provider::Terraform::CustomCode + pre_create: templates/terraform/pre_create/compute_forwarding_rule.go.erb + post_create: templates/terraform/post_create/labels.erb + constants: 'templates/terraform/constants/compute_forwarding_rule.go.erb' +custom_diff: [ + 'forwardingRuleCustomizeDiff', +] +virtual_fields: + - !ruby/object:Api::Type::Boolean + name: recreate_closed_psc + description: + This is used in PSC consumer ForwardingRule to make terraform recreate the ForwardingRule when the status is closed + default_value: false +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'region' + resource: 'Region' + imports: 'name' +======= - name: 'forwarding_rule_internallb_ipv6' primary_resource_id: 'default' vars: @@ -219,12 +367,24 @@ virtual_fields: parameters: - name: 'region' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A reference to the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. required: false default_from_api: true +<<<<<<< HEAD + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::Boolean + name: 'isMirroringCollector' +======= custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Region' @@ -236,6 +396,7 @@ properties: output: true - name: 'isMirroringCollector' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this @@ -244,30 +405,54 @@ properties: This can only be set to true for load balancers that have their `loadBalancingScheme` set to `INTERNAL`. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'forwardingRuleId' +======= - name: 'forwardingRuleId' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The unique identifier number for the resource. This identifier is defined by the server. api_name: id output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'pscConnectionId' + description: 'The PSC connection id of the PSC Forwarding Rule.' + output: true + - !ruby/object:Api::Type::String + name: 'pscConnectionStatus' +======= - name: 'pscConnectionId' type: String description: 'The PSC connection id of the PSC Forwarding Rule.' output: true - name: 'pscConnectionStatus' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: 'The PSC connection status of the PSC Forwarding Rule. Possible values: `STATUS_UNSPECIFIED`, `PENDING`, `ACCEPTED`, `REJECTED`, `CLOSED`' output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'description' +======= - name: 'description' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional description of this resource. Provide this property when you create the resource. # This is a multi-resource resource reference (Address, GlobalAddress) +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'IPAddress' +======= - name: 'IPAddress' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | IP address for which this forwarding rule accepts traffic. When a client sends traffic to this IP address, the forwarding rule directs the traffic @@ -308,9 +493,15 @@ properties: When reading an `IPAddress`, the API always returns the IP address number. default_from_api: true +<<<<<<< HEAD + diff_suppress_func: InternalIpDiffSuppress + - !ruby/object:Api::Type::Enum + name: 'IPProtocol' +======= diff_suppress_func: 'InternalIpDiffSuppress' - name: 'IPProtocol' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The IP protocol to which this rule applies. @@ -326,6 +517,24 @@ properties: A Forwarding Rule with protocol L3_DEFAULT can attach with target instance or backend service with UNSPECIFIED protocol. A forwarding rule with "L3_DEFAULT" IPProtocal cannot be attached to a backend service with TCP or UDP. +<<<<<<< HEAD + values: + - :TCP + - :UDP + - :ESP + - :AH + - :SCTP + - :ICMP + - :L3_DEFAULT + diff_suppress_func: 'tpgresource.CaseDiffSuppress' + default_from_api: true + # This is a multi-resource resource reference (BackendService (global), RegionBackendService) + # We have custom expands that manage this. + - !ruby/object:Api::Type::ResourceRef + name: 'backendService' + resource: 'BackendService' + imports: 'selfLink' +======= default_from_api: true diff_suppress_func: 'tpgresource.CaseDiffSuppress' enum_values: @@ -340,21 +549,38 @@ properties: # We have custom expands that manage this. - name: 'backendService' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Identifies the backend service to which the forwarding rule sends traffic. Required for Internal TCP/UDP Load Balancing and Network Load Balancing; must be omitted for all other load balancer types. +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/self_link_from_name.erb' + - !ruby/object:Api::Type::Enum + name: 'loadBalancingScheme' +======= custom_expand: 'templates/terraform/custom_expand/self_link_from_name.tmpl' resource: 'BackendService' imports: 'selfLink' - name: 'loadBalancingScheme' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the forwarding rule type. For more information about forwarding rules, refer to [Forwarding rule concepts](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts). +<<<<<<< HEAD + values: + - :EXTERNAL + - :EXTERNAL_MANAGED + - :INTERNAL + - :INTERNAL_MANAGED + default_value: :EXTERNAL + - !ruby/object:Api::Type::String + name: 'name' +======= default_value: "EXTERNAL" enum_values: - 'EXTERNAL' @@ -363,6 +589,7 @@ properties: - 'INTERNAL_MANAGED' - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -378,8 +605,15 @@ properties: APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: 'network' + resource: 'Network' + imports: 'selfLink' +======= - name: 'network' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This field is not used for external load balancing. @@ -396,11 +630,17 @@ properties: # manifest input from a single value to a range of form NN-NN. The API # accepts a single value, e.g. '80', but the API stores and returns # '80-80'. This causes idempotency false positive. +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::String + name: 'portRange' +======= custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Network' imports: 'selfLink' - name: 'portRange' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The `ports`, `portRange`, and `allPorts` fields are mutually exclusive. Only packets addressed to ports in the specified range will be forwarded @@ -426,10 +666,18 @@ properties: cannot have overlapping `portRange`s. @pattern: \d+(?:-\d+)? +<<<<<<< HEAD + diff_suppress_func: PortRangeDiffSuppress + default_from_api: true + - !ruby/object:Api::Type::Array + name: 'ports' + max_size: 5 +======= default_from_api: true diff_suppress_func: 'PortRangeDiffSuppress' - name: 'ports' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The `ports`, `portRange`, and `allPorts` fields are mutually exclusive. Only packets addressed to ports in the specified range will be forwarded @@ -454,12 +702,21 @@ properties: @pattern: \d+(?:-\d+)? is_set: true +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/set_to_list.erb' + item_type: Api::Type::String + - !ruby/object:Api::Type::ResourceRef + name: 'subnetwork' + resource: 'Subnetwork' + imports: 'selfLink' +======= custom_expand: 'templates/terraform/custom_expand/set_to_list.tmpl' item_type: type: String max_size: 5 - name: 'subnetwork' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule, used in internal load balancing and @@ -472,11 +729,17 @@ properties: # TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, # TargetInstance) default_from_api: true +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::String + name: 'target' +======= custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Subnetwork' imports: 'selfLink' - name: 'target' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The URL of the target resource to receive the matched traffic. For regional forwarding rules, this target must be in the same region as the @@ -490,6 +753,21 @@ properties: * `all-apis` - [All supported Google APIs](https://cloud.google.com/vpc/docs/private-service-connect#supported-apis). For Private Service Connect forwarding rules that forward traffic to managed services, the target must be a service attachment. +<<<<<<< HEAD + update_verb: :POST + update_url: 'projects/{{project}}/regions/{{region}}/forwardingRules/{{name}}/setTarget' + diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' + custom_expand: 'templates/terraform/custom_expand/self_link_from_name.erb' + - !ruby/object:Api::Type::Fingerprint + name: 'labelFingerprint' + description: | + The fingerprint used for optimistic locking of this resource. Used + internally during updates. + update_url: 'projects/{{project}}/regions/{{region}}/forwardingRules/{{name}}/setLabels' + update_verb: :POST + - !ruby/object:Api::Type::Boolean + name: 'allowGlobalAccess' +======= update_url: 'projects/{{project}}/regions/{{region}}/forwardingRules/{{name}}/setTarget' update_verb: 'POST' diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' @@ -505,6 +783,7 @@ properties: key_expander: '' - name: 'allowGlobalAccess' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This field is used along with the `backend_service` field for internal load balancing or with the `target` field for internal @@ -516,6 +795,18 @@ properties: Otherwise only allows access from clients in the same region as the internal load balancer. send_empty_value: true +<<<<<<< HEAD + update_verb: :PATCH + update_url: projects/{{project}}/regions/{{region}}/forwardingRules/{{name}} + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: | + Labels to apply to this forwarding rule. A list of key->value pairs. + update_verb: :POST + update_url: 'projects/{{project}}/regions/{{region}}/forwardingRules/{{name}}/setLabels' + - !ruby/object:Api::Type::Boolean + name: 'allPorts' +======= update_url: 'projects/{{project}}/regions/{{region}}/forwardingRules/{{name}}' update_verb: 'PATCH' - name: 'labels' @@ -526,6 +817,7 @@ properties: update_verb: 'POST' - name: 'allPorts' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The `ports`, `portRange`, and `allPorts` fields are mutually exclusive. Only packets addressed to ports in the specified range will be forwarded @@ -542,8 +834,13 @@ properties: first fragment) to be forwarded to the backends configured with this forwarding rule. The L3_DEFAULT protocol requires `allPorts` be set to true. +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'networkTier' +======= - name: 'networkTier' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This signifies the networking tier used for configuring this load balancer and can only take the following values: @@ -556,6 +853,15 @@ properties: If this field is not specified, it is assumed to be `PREMIUM`. If `IPAddress` is specified, this value must be equal to the networkTier of the Address. +<<<<<<< HEAD + values: + - :PREMIUM + - :STANDARD + immutable: true + default_from_api: true + - !ruby/object:Api::Type::Array + name: 'serviceDirectoryRegistrations' +======= immutable: true default_from_api: true enum_values: @@ -563,10 +869,21 @@ properties: - 'STANDARD' - name: 'serviceDirectoryRegistrations' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource. +<<<<<<< HEAD + min_size: 0 + max_size: 1 + immutable: true + default_from_api: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'namespace' +======= immutable: true default_from_api: true item_type: @@ -574,10 +891,20 @@ properties: properties: - name: 'namespace' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Service Directory namespace to register the forwarding rule under. immutable: true default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'service' + description: | + Service Directory service to register the forwarding rule under. + immutable: true + - !ruby/object:Api::Type::String + name: 'serviceLabel' +======= - name: 'service' type: String description: | @@ -587,6 +914,7 @@ properties: max_size: 1 - name: 'serviceLabel' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional prefix to the service name for this Forwarding Rule. If specified, will be the first label of the fully qualified service @@ -600,17 +928,29 @@ properties: character, which cannot be a dash. This field is only used for INTERNAL load balancing. +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + function: 'verify.ValidateGCEName' + - !ruby/object:Api::Type::String + name: 'serviceName' +======= validation: function: 'verify.ValidateGCEName' - name: 'serviceName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The internal fully qualified service name for this Forwarding Rule. This field is only used for INTERNAL load balancing. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: sourceIpRanges +======= - name: 'sourceIpRanges' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. @@ -619,10 +959,16 @@ properties: is EXTERNAL. Each sourceIpRange entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24). immutable: true +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::String + name: baseForwardingRule +======= item_type: type: String - name: 'baseForwardingRule' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: '[Output Only] The URL for the corresponding base Forwarding Rule. By base Forwarding Rule, we mean the Forwarding Rule that has the same IP address, @@ -630,12 +976,33 @@ properties: sourceIPRanges specified. Always empty if the current Forwarding Rule does not have sourceIPRanges specified.' output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: allowPscGlobalAccess +======= - name: 'allowPscGlobalAccess' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: This is used in PSC consumer ForwardingRule to control whether the PSC endpoint can be accessed from another region. send_empty_value: true +<<<<<<< HEAD + update_verb: :PATCH + update_url: projects/{{project}}/regions/{{region}}/forwardingRules/{{name}} + update_id: 'allowPscGlobalAccess' + fingerprint_name: 'fingerprint' + - !ruby/object:Api::Type::Boolean + name: noAutomateDnsZone + description: + This is used in PSC consumer ForwardingRule to control whether it should try to auto-generate a DNS zone or not. + Non-PSC forwarding rules do not use this field. + send_empty_value: true + immutable: true + ignore_read: true + - !ruby/object:Api::Type::Enum + name: 'ipVersion' +======= update_url: 'projects/{{project}}/regions/{{region}}/forwardingRules/{{name}}' update_verb: 'PATCH' update_id: 'allowPscGlobalAccess' @@ -650,13 +1017,22 @@ properties: send_empty_value: true - name: 'ipVersion' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The IP address version that will be used by this forwarding rule. Valid options are IPV4 and IPV6. If not set, the IPv4 address will be used by default. +<<<<<<< HEAD + values: + - :IPV4 + - :IPV6 + immutable: true + default_from_api: true +======= immutable: true default_from_api: true enum_values: - 'IPV4' - 'IPV6' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/GlobalAddress.yaml b/mmv1/products/compute/GlobalAddress.yaml index 89679209a73c..c5ac7eee7be3 100644 --- a/mmv1/products/compute/GlobalAddress.yaml +++ b/mmv1/products/compute/GlobalAddress.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,59 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'GlobalAddress' +kind: 'compute#address' +base_url: projects/{{project}}/global/addresses +collection_url_key: 'items' +has_self_link: true +description: | + Represents a Global Address resource. Global addresses are used for + HTTP(S) load balancing. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Reserving a Static External IP Address': 'https://cloud.google.com/compute/docs/ip-addresses/reserve-static-external-ip-address' + api: 'https://cloud.google.com/compute/docs/reference/v1/globalAddresses' +immutable: true +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'global_address_basic' + primary_resource_id: 'default' + vars: + global_address_name: 'global-appserver-ip' + - !ruby/object:Provider::Terraform::Examples + name: 'global_address_private_services_connect' + min_version: beta + primary_resource_id: 'default' + vars: + global_address_name: 'global-psconnect-ip' + network_name: 'my-network-name' +custom_code: !ruby/object:Provider::Terraform::CustomCode + post_create: templates/terraform/post_create/labels.erb + pre_create: templates/terraform/pre_create/compute_global_address.go.erb +properties: + - !ruby/object:Api::Type::String + name: 'address' +======= --- name: 'GlobalAddress' kind: 'compute#address' @@ -62,11 +119,25 @@ parameters: properties: - name: 'address' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The IP address or beginning of the address range represented by this resource. This can be supplied as an input to reserve a specific address or omitted to allow GCP to choose a valid one for you. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: | + Creation timestamp in RFC3339 text format. + output: true + - !ruby/object:Api::Type::String + name: 'description' + description: | + An optional description of this resource. + - !ruby/object:Api::Type::String + name: 'name' +======= - name: 'creationTimestamp' type: Time description: | @@ -78,6 +149,7 @@ properties: An optional description of this resource. - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -87,6 +159,31 @@ properties: characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: | + Labels to apply to this address. A list of key->value pairs. + update_verb: :POST + update_url: 'projects/{{project}}/global/addresses/{{name}}/setLabels' + - !ruby/object:Api::Type::Fingerprint + name: 'labelFingerprint' + description: | + The fingerprint used for optimistic locking of this resource. Used + internally during updates. + update_url: 'projects/{{project}}/global/addresses/{{name}}/setLabels' + update_verb: :POST + - !ruby/object:Api::Type::Enum + name: 'ipVersion' + description: | + The IP Version that will be used by this address. The default value is `IPV4`. + values: + - :IPV4 + - :IPV6 + diff_suppress_func: 'tpgresource.EmptyOrDefaultStringSuppress("IPV4")' + - !ruby/object:Api::Type::Integer + name: 'prefixLength' +======= - name: 'labels' type: KeyValueLabels description: | @@ -112,6 +209,7 @@ properties: - 'IPV6' - name: 'prefixLength' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The prefix length of the IP range. If not present, it means the address field is a single IP address. @@ -119,13 +217,27 @@ properties: This field is not applicable to addresses with addressType=INTERNAL when purpose=PRIVATE_SERVICE_CONNECT default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'addressType' +======= - name: 'addressType' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The type of the address to reserve. * EXTERNAL indicates public/external single IP address. * INTERNAL indicates internal IP ranges belonging to some network. +<<<<<<< HEAD + values: + - :EXTERNAL + - :INTERNAL + default_value: :EXTERNAL + diff_suppress_func: 'tpgresource.EmptyOrDefaultStringSuppress("EXTERNAL")' + - !ruby/object:Api::Type::String + name: 'purpose' +======= diff_suppress_func: 'tpgresource.EmptyOrDefaultStringSuppress("EXTERNAL")' default_value: "EXTERNAL" enum_values: @@ -133,20 +245,32 @@ properties: - 'INTERNAL' - name: 'purpose' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The purpose of the resource. Possible values include: * VPC_PEERING - for peer networks * PRIVATE_SERVICE_CONNECT - for ([Beta](https://terraform.io/docs/providers/google/guides/provider_versions.html) only) Private Service Connect networks +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: 'network' + resource: 'Network' + imports: 'selfLink' +======= - name: 'network' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The URL of the network in which to reserve the IP range. The IP range must be in RFC1918 space. The network cannot be deleted if there are any reserved IP ranges referring to it. This should only be set when using an Internal address. +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +======= custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Network' imports: 'selfLink' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/GlobalForwardingRule.yaml b/mmv1/products/compute/GlobalForwardingRule.yaml index 3c816753c7e2..6f88e2c8cab7 100644 --- a/mmv1/products/compute/GlobalForwardingRule.yaml +++ b/mmv1/products/compute/GlobalForwardingRule.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,9 +15,22 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'GlobalForwardingRule' +kind: 'compute#forwardingRule' +base_url: projects/{{project}}/global/forwardingRules +immutable: true +has_self_link: true +# Has a separate endpoint for labels +skip_attribution_label: true +legacy_long_form_project: true +collection_url_key: 'items' +======= --- name: 'GlobalForwardingRule' kind: 'compute#forwardingRule' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Represents a GlobalForwardingRule resource. Global forwarding rules are used to forward traffic to the correct load balancer for HTTP load @@ -21,6 +38,31 @@ description: | balancing. For more information, see https://cloud.google.com/compute/docs/load-balancing/http/ +<<<<<<< HEAD +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'external_ssl_proxy_lb_mig_backend' + primary_resource_id: 'default' + skip_test: true +======= # Has a separate endpoint for labels exclude_attribution_label: true docs: @@ -52,6 +94,7 @@ legacy_long_form_project: true examples: - name: 'external_ssl_proxy_lb_mig_backend' primary_resource_id: 'default' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: ssl_proxy_xlb_network: 'ssl-proxy-xlb-network' ssl_proxy_xlb_subnet: 'ssl-proxy-xlb-subnet' @@ -68,10 +111,16 @@ examples: - 'port_range' - 'target' - 'ip_address' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'external_tcp_proxy_lb_mig_backend' + primary_resource_id: 'default' +======= exclude_test: true - name: 'external_tcp_proxy_lb_mig_backend' primary_resource_id: 'default' min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: tcp_proxy_xlb_network: 'tcp-proxy-xlb-network' tcp_proxy_xlb_subnet: 'tcp-proxy-xlb-subnet' @@ -83,13 +132,23 @@ examples: tcp_proxy_xlb_mig_template: 'tcp-proxy-xlb-mig-template' tcp_proxy_xlb_mig1: 'tcp-proxy-xlb-mig1' tcp_proxy_xlb_fw_allow_hc: 'tcp-proxy-xlb-fw-allow-hc' +<<<<<<< HEAD + min_version: beta +======= +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 ignore_read_extra: - 'port_range' - 'target' - 'ip_address' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'external_http_lb_mig_backend_custom_header' + primary_resource_id: 'default' +======= - name: 'external_http_lb_mig_backend_custom_header' primary_resource_id: 'default' min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: xlb_network_name: 'l7-xlb-network' backend_subnet_name: 'l7-xlb-subnet' @@ -102,11 +161,20 @@ examples: hc_name: 'l7-xlb-hc' mig_name: 'l7-xlb-mig1' fw_allow_hc_name: 'l7-xlb-fw-allow-hc' +<<<<<<< HEAD + min_version: beta +======= +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 ignore_read_extra: - 'port_range' - 'target' - 'ip_address' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'global_forwarding_rule_http' +======= - name: 'global_forwarding_rule_http' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: forwarding_rule_name: 'global-rule' @@ -115,9 +183,16 @@ examples: ignore_read_extra: - 'port_range' - 'target' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'global_forwarding_rule_internal' + min_version: beta + primary_resource_id: 'default' +======= - name: 'global_forwarding_rule_internal' primary_resource_id: 'default' min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: forwarding_rule_name: 'global-rule' http_proxy_name: 'target-proxy' @@ -126,7 +201,12 @@ examples: ignore_read_extra: - 'port_range' - 'target' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'global_forwarding_rule_external_managed' +======= - name: 'global_forwarding_rule_external_managed' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: forwarding_rule_name: 'global-rule' @@ -135,7 +215,12 @@ examples: ignore_read_extra: - 'port_range' - 'target' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'global_forwarding_rule_hybrid' +======= - name: 'global_forwarding_rule_hybrid' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: forwarding_rule_name: 'global-rule' @@ -153,9 +238,15 @@ examples: ignore_read_extra: - 'port_range' - 'target' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'global_internal_http_lb_with_mig_backend' + primary_resource_id: 'google_compute_forwarding_rule' +======= - name: 'global_internal_http_lb_with_mig_backend' primary_resource_id: 'google_compute_forwarding_rule' min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: gilb_network_name: 'l7-gilb-network' proxy_subnet_name: 'l7-gilb-proxy-subnet' @@ -170,30 +261,65 @@ examples: fw_allow_iap_hc_name: 'l7-gilb-fw-allow-iap-hc' fw_allow_gilb_to_backends_name: 'l7-gilb-fw-allow-gilb-to-backends' vm_test_name: 'l7-gilb-test-vm' +<<<<<<< HEAD + min_version: beta + ignore_read_extra: + - 'port_range' + - 'target' + - !ruby/object:Provider::Terraform::Examples + name: 'private_service_connect_google_apis' + min_version: beta + primary_resource_id: 'default' +======= ignore_read_extra: - 'port_range' - 'target' - name: 'private_service_connect_google_apis' primary_resource_id: 'default' min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: network_name: 'my-network' subnetwork_name: 'my-subnetwork' global_address_name: 'global-psconnect-ip' forwarding_rule_name: 'globalrule' test_env_vars: +<<<<<<< HEAD + project: :PROJECT_NAME + ignore_read_extra: + - 'ip_address' + - !ruby/object:Provider::Terraform::Examples + name: 'private_service_connect_google_apis_no_automate_dns' + min_version: beta + primary_resource_id: 'default' +======= project: 'PROJECT_NAME' ignore_read_extra: - 'ip_address' - name: 'private_service_connect_google_apis_no_automate_dns' primary_resource_id: 'default' min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: network_name: 'my-network' subnetwork_name: 'my-subnetwork' global_address_name: 'global-psconnect-ip' forwarding_rule_name: 'globalrule' test_env_vars: +<<<<<<< HEAD + project: :PROJECT_NAME + ignore_read_extra: + - 'ip_address' +custom_code: !ruby/object:Provider::Terraform::CustomCode + post_create: templates/terraform/post_create/labels.erb +properties: + - !ruby/object:Api::Type::String + name: 'pscConnectionId' + description: 'The PSC connection id of the PSC Forwarding Rule.' + output: true + - !ruby/object:Api::Type::String + name: 'pscConnectionStatus' +======= project: 'PROJECT_NAME' ignore_read_extra: - 'ip_address' @@ -205,18 +331,29 @@ properties: output: true - name: 'pscConnectionStatus' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: 'The PSC connection status of the PSC Forwarding Rule. Possible values: `STATUS_UNSPECIFIED`, `PENDING`, `ACCEPTED`, `REJECTED`, `CLOSED`' output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'description' +======= - name: 'description' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional description of this resource. Provide this property when you create the resource. # This is a multi-resource resource reference (Address, GlobalAddress) +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'IPAddress' +======= - name: 'IPAddress' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | IP address for which this forwarding rule accepts traffic. When a client sends traffic to this IP address, the forwarding rule directs the traffic @@ -257,9 +394,15 @@ properties: When reading an `IPAddress`, the API always returns the IP address number. default_from_api: true +<<<<<<< HEAD + diff_suppress_func: InternalIpDiffSuppress + - !ruby/object:Api::Type::Enum + name: 'IPProtocol' +======= diff_suppress_func: 'InternalIpDiffSuppress' - name: 'IPProtocol' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The IP protocol to which this rule applies. @@ -271,6 +414,39 @@ properties: The valid IP protocols are different for different load balancing products as described in [Load balancing features](https://cloud.google.com/load-balancing/docs/features#protocols_from_the_load_balancer_to_the_backends). +<<<<<<< HEAD + values: + - :TCP + - :UDP + - :ESP + - :AH + - :SCTP + - :ICMP + diff_suppress_func: 'tpgresource.CaseDiffSuppress' + default_from_api: true + - !ruby/object:Api::Type::Enum + name: 'ipVersion' + description: | + The IP Version that will be used by this global forwarding rule. + values: + - :IPV4 + - :IPV6 + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: | + Labels to apply to this forwarding rule. A list of key->value pairs. + update_verb: :POST + update_url: 'projects/{{project}}/global/forwardingRules/{{name}}/setLabels' + - !ruby/object:Api::Type::Fingerprint + name: 'labelFingerprint' + description: | + The fingerprint used for optimistic locking of this resource. Used + internally during updates. + update_url: 'projects/{{project}}/global/forwardingRules/{{name}}/setLabels' + update_verb: :POST + - !ruby/object:Api::Type::Enum + name: 'loadBalancingScheme' +======= default_from_api: true diff_suppress_func: 'tpgresource.CaseDiffSuppress' enum_values: @@ -304,11 +480,22 @@ properties: key_expander: '' - name: 'loadBalancingScheme' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the forwarding rule type. For more information about forwarding rules, refer to [Forwarding rule concepts](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts). +<<<<<<< HEAD + default_value: :EXTERNAL + values: + - :EXTERNAL + - :EXTERNAL_MANAGED + - :INTERNAL_MANAGED + - :INTERNAL_SELF_MANAGED + - !ruby/object:Api::Type::Array + name: 'metadataFilters' +======= default_value: "EXTERNAL" enum_values: - 'EXTERNAL' @@ -317,6 +504,7 @@ properties: - 'INTERNAL_SELF_MANAGED' - name: 'metadataFilters' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set xDS compliant clients. In their xDS @@ -335,11 +523,18 @@ properties: metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Enum + name: 'filterMatchCriteria' +======= item_type: type: NestedObject properties: - name: 'filterMatchCriteria' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. @@ -349,36 +544,64 @@ properties: MATCH_ALL - All filterLabels must have matching labels in the provided metadata. required: true +<<<<<<< HEAD + values: + - :MATCH_ANY + - :MATCH_ALL + - !ruby/object:Api::Type::Array + name: 'filterLabels' +======= enum_values: - 'MATCH_ANY' - 'MATCH_ALL' - name: 'filterLabels' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries. +<<<<<<< HEAD + min_size: 1 + max_size: 64 + required: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' +======= required: true item_type: type: NestedObject properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the metadata label. The length must be between 1 and 1024 characters, inclusive. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'value' +======= - name: 'value' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The value that the label must match. The value has a maximum length of 1024 characters. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'name' +======= min_size: 1 max_size: 64 - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -394,8 +617,15 @@ properties: APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: 'network' + resource: 'Network' + imports: 'selfLink' +======= - name: 'network' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This field is not used for external load balancing. @@ -412,11 +642,17 @@ properties: # manifest input from a single value to a range of form NN-NN. The API # accepts a single value, e.g. '80', but the API stores and returns # '80-80'. This causes idempotency false positive. +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::String + name: 'portRange' +======= custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Network' imports: 'selfLink' - name: 'portRange' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The `portRange` field has the following limitations: * It requires that the forwarding rule `IPProtocol` be TCP, UDP, or SCTP, @@ -438,12 +674,23 @@ properties: cannot have overlapping `portRange`s. @pattern: \d+(?:-\d+)? +<<<<<<< HEAD + diff_suppress_func: PortRangeDiffSuppress + # This is a multi-resource resource reference (TargetHttp(s)Proxy, + # TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, + # TargetInstance) + - !ruby/object:Api::Type::ResourceRef + name: 'subnetwork' + resource: 'Subnetwork' + imports: 'selfLink' +======= diff_suppress_func: 'PortRangeDiffSuppress' # This is a multi-resource resource reference (TargetHttp(s)Proxy, # TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, # TargetInstance) - name: 'subnetwork' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule, used in internal load balancing and @@ -456,11 +703,18 @@ properties: # TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, # TargetInstance) default_from_api: true +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::String + name: 'target' + required: true +======= custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Subnetwork' imports: 'selfLink' - name: 'target' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The URL of the target resource to receive the matched traffic. For regional forwarding rules, this target must be in the same region as the @@ -474,16 +728,34 @@ properties: * `all-apis` - [All supported Google APIs](https://cloud.google.com/vpc/docs/private-service-connect#supported-apis). For Private Service Connect forwarding rules that forward traffic to managed services, the target must be a service attachment. +<<<<<<< HEAD + update_verb: :POST + update_url: 'projects/{{project}}/global/forwardingRules/{{name}}/setTarget' + diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' + - !ruby/object:Api::Type::Array + name: 'serviceDirectoryRegistrations' +======= required: true update_url: 'projects/{{project}}/global/forwardingRules/{{name}}/setTarget' update_verb: 'POST' diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - name: 'serviceDirectoryRegistrations' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource. +<<<<<<< HEAD + min_size: 0 + max_size: 1 + immutable: true + default_from_api: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'namespace' +======= immutable: true default_from_api: true item_type: @@ -491,18 +763,47 @@ properties: properties: - name: 'namespace' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Service Directory namespace to register the forwarding rule under. immutable: true default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'serviceDirectoryRegion' +======= - name: 'serviceDirectoryRegion' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | [Optional] Service Directory region to register this global forwarding rule under. Default to "us-central1". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region. immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: sourceIpRanges + description: If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. Note that a Forwarding Rule can only have up to 64 source IP ranges, and this field can only be used with a regional Forwarding Rule whose scheme is EXTERNAL. Each sourceIpRange entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24). + immutable: true + item_type: Api::Type::String + - !ruby/object:Api::Type::String + name: baseForwardingRule + description: '[Output Only] The URL for the corresponding base Forwarding Rule. By base Forwarding Rule, we mean the Forwarding Rule that has the same IP address, protocol, and port settings with the current Forwarding Rule, but without sourceIPRanges specified. Always empty if the current Forwarding Rule does not have sourceIPRanges specified.' + output: true + - !ruby/object:Api::Type::Boolean + name: allowPscGlobalAccess + description: This is used in PSC consumer ForwardingRule to control whether the PSC endpoint can be accessed from another region. + min_version: beta + - !ruby/object:Api::Type::Boolean + name: noAutomateDnsZone + description: + This is used in PSC consumer ForwardingRule to control whether it should try to auto-generate a DNS zone or not. + Non-PSC forwarding rules do not use this field. + send_empty_value: true + immutable: true + ignore_read: true +======= min_size: 0 max_size: 1 - name: 'sourceIpRanges' @@ -527,3 +828,4 @@ properties: immutable: true ignore_read: true send_empty_value: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/GlobalNetworkEndpoint.yaml b/mmv1/products/compute/GlobalNetworkEndpoint.yaml index 2f267d0fd921..755e01e19304 100644 --- a/mmv1/products/compute/GlobalNetworkEndpoint.yaml +++ b/mmv1/products/compute/GlobalNetworkEndpoint.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,13 +15,29 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'GlobalNetworkEndpoint' +kind: 'compute#networkEndpoint' +base_url: 'projects/{{project}}/global/networkEndpointGroups/{{global_network_endpoint_group}}' +======= --- name: 'GlobalNetworkEndpoint' kind: 'compute#networkEndpoint' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A Global Network endpoint represents a IP address and port combination that exists outside of GCP. **NOTE**: Global network endpoints cannot be created outside of a global network endpoint group. +<<<<<<< HEAD +immutable: true +create_verb: :POST +create_url: projects/{{project}}/global/networkEndpointGroups/{{global_network_endpoint_group}}/attachNetworkEndpoints +delete_verb: :POST +delete_url: projects/{{project}}/global/networkEndpointGroups/{{global_network_endpoint_group}}/detachNetworkEndpoints +read_verb: :POST +self_link: projects/{{project}}/global/networkEndpointGroups/{{global_network_endpoint_group}}/listNetworkEndpoints +======= references: guides: 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/' @@ -50,10 +70,46 @@ async: error: path: 'error/errors' message: 'message' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 identity: - ipAddress - fqdn - port +<<<<<<< HEAD +nested_query: !ruby/object:Api::Resource::NestedQuery + keys: + - items +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/' + api: 'https://cloud.google.com/compute/docs/reference/rest/beta/networkEndpointGroups' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +id_format: '{{project}}/{{global_network_endpoint_group}}/{{ip_address}}/{{fqdn}}/{{port}}' +mutex: networkEndpoint/{{project}}/{{global_network_endpoint_group}} +exclude_tgc: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'global_network_endpoint' + primary_resource_id: + 'default-endpoint' +======= nested_query: keys: - items @@ -70,10 +126,53 @@ examples: primary_resource_id: 'default-endpoint' vars: neg_name: 'my-lb-neg' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Fine-grained resource need different autogenerated tests, as # we need to check destroy during a test step where the parent resource # still exists, rather than during CheckDestroy (when read returns # nothing because the parent resource has then also been destroyed) +<<<<<<< HEAD + skip_test: true + vars: + neg_name: 'my-lb-neg' +custom_code: !ruby/object:Provider::Terraform::CustomCode + pre_delete: templates/terraform/pre_delete/compute_global_network_endpoint.go.erb + decoder: templates/terraform/decoders/network_endpoint.go.erb + encoder: templates/terraform/encoders/compute_global_network_endpoint.go.erb + custom_import: templates/terraform/custom_import/compute_global_network_endpoint.go.erb +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'globalNetworkEndpointGroup' + resource: 'GlobalNetworkEndpointGroup' + imports: 'name' + description: | + The global network endpoint group this endpoint is part of. + required: true + url_param_only: true + ignore_read: true + diff_suppress_func: tpgresource.CompareResourceNames +properties: + - !ruby/object:Api::Type::Integer + name: 'port' + description: | + Port number of the external endpoint. + required: true + custom_flatten: templates/terraform/custom_flatten/float64_to_int.go.erb + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.IntAtLeast(1)' + - !ruby/object:Api::Type::String + name: 'ipAddress' + description: | + IPv4 address external endpoint. + - !ruby/object:Api::Type::String + name: 'fqdn' + at_least_one_of: + - fqdn + - ip_address + description: | + Fully qualified domain name of network endpoint. + This can only be specified when network_endpoint_type of the NEG is INTERNET_FQDN_PORT. +======= exclude_test: true parameters: - name: 'globalNetworkEndpointGroup' @@ -107,3 +206,4 @@ properties: at_least_one_of: - 'fqdn' - 'ip_address' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/GlobalNetworkEndpointGroup.yaml b/mmv1/products/compute/GlobalNetworkEndpointGroup.yaml index d3d7af7da059..4385e3f7a39f 100644 --- a/mmv1/products/compute/GlobalNetworkEndpointGroup.yaml +++ b/mmv1/products/compute/GlobalNetworkEndpointGroup.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,9 +15,23 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'GlobalNetworkEndpointGroup' +kind: 'compute#networkEndpointGroup' +base_url: 'projects/{{project}}/global/networkEndpointGroups' +immutable: true +has_self_link: true +collection_url_key: 'items' +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/internet-neg-concepts' + api: 'https://cloud.google.com/compute/docs/reference/rest/beta/networkEndpointGroups' +======= --- name: 'GlobalNetworkEndpointGroup' kind: 'compute#networkEndpointGroup' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A global network endpoint group contains endpoints that reside outside of Google Cloud. Currently a global network endpoint group can only support a single endpoint. @@ -21,6 +39,40 @@ description: | Recreating a global network endpoint group that's in use by another resource will give a `resourceInUseByAnotherResource` error. Use `lifecycle.create_before_destroy` to avoid this type of error. +<<<<<<< HEAD +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'global_network_endpoint_group' + primary_resource_id: 'neg' + vars: + neg_name: 'my-lb-neg' + - !ruby/object:Provider::Terraform::Examples + name: 'global_network_endpoint_group_ip_address' + primary_resource_id: 'neg' + vars: + neg_name: 'my-lb-neg' +properties: + - !ruby/object:Api::Type::String + name: 'name' +======= references: guides: 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/internet-neg-concepts' @@ -62,6 +114,7 @@ parameters: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -71,6 +124,25 @@ properties: characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + function: 'verify.ValidateGCEName' + - !ruby/object:Api::Type::String + name: 'description' + description: | + An optional description of this resource. Provide this property when + you create the resource. + - !ruby/object:Api::Type::Enum + name: 'networkEndpointType' + required: true + description: | + Type of network endpoints in this network endpoint group. + values: + - :INTERNET_IP_PORT + - :INTERNET_FQDN_PORT + - !ruby/object:Api::Type::Integer + name: 'defaultPort' +======= validation: function: 'verify.ValidateGCEName' - name: 'description' @@ -88,6 +160,7 @@ properties: - 'INTERNET_FQDN_PORT' - name: 'defaultPort' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The default port used if the port number is not specified in the network endpoint. diff --git a/mmv1/products/compute/HaVpnGateway.yaml b/mmv1/products/compute/HaVpnGateway.yaml index 1c12ffc5d8f1..72d37a9b2e08 100644 --- a/mmv1/products/compute/HaVpnGateway.yaml +++ b/mmv1/products/compute/HaVpnGateway.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,13 +15,51 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'HaVpnGateway' +kind: 'compute#vpnGateway' +base_url: projects/{{project}}/regions/{{region}}/vpnGateways +collection_url_key: 'items' +immutable: true +has_self_link: true +======= --- name: 'HaVpnGateway' kind: 'compute#vpnGateway' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Represents a VPN gateway running in GCP. This virtual device is managed by Google, but used only by you. This type of VPN Gateway allows for the creation of VPN solutions with higher availability than classic Target VPN Gateways. +<<<<<<< HEAD +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Choosing a VPN': https://cloud.google.com/vpn/docs/how-to/choosing-a-vpn + 'Cloud VPN Overview': 'https://cloud.google.com/vpn/docs/concepts/overview' + api: https://cloud.google.com/compute/docs/reference/rest/v1/vpnGateways +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'ha_vpn_gateway_basic' +======= references: guides: 'Choosing a VPN': 'https://cloud.google.com/vpn/docs/how-to/choosing-a-vpn' @@ -49,17 +91,34 @@ collection_url_key: 'items' custom_code: examples: - name: 'ha_vpn_gateway_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'ha_gateway1' vars: ha_vpn_gateway1_name: 'ha-vpn-1' network1_name: 'network1' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'ha_vpn_gateway_ipv6' +======= - name: 'ha_vpn_gateway_ipv6' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'ha_gateway1' vars: ha_vpn_gateway1_name: 'ha-vpn-1' network1_name: 'network1' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'ha_vpn_gateway_gcp_to_gcp' + primary_resource_id: + 'ha_gateway1' + # Multiple fine-grained resources + skip_vcr: true + skip_test: true + skip_docs: true +======= - name: 'ha_vpn_gateway_gcp_to_gcp' primary_resource_id: 'ha_gateway1' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: ha_vpn_gateway1_name: 'ha-vpn-1' network1_name: 'network1' @@ -67,12 +126,21 @@ examples: ha_vpn_gateway2_name: 'ha-vpn-2' network2_name: 'network2' router2_name: 'ha-vpn-router2' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'compute_ha_vpn_gateway_encrypted_interconnect' + primary_resource_id: + 'vpn-gateway' + # TODO: https://github.com/hashicorp/terraform-provider-google/issues/11504 + skip_test: true +======= exclude_test: true exclude_docs: true # Multiple fine-grained resources skip_vcr: true - name: 'compute_ha_vpn_gateway_encrypted_interconnect' primary_resource_id: 'vpn-gateway' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: ha_vpn_gateway_name: 'test-ha-vpngw' interconnect_attachment1_name: 'test-interconnect-attachment1' @@ -81,15 +149,34 @@ examples: address2_name: 'test-address2' router_name: 'test-router' network_name: 'test-network' +<<<<<<< HEAD +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'region' + resource: 'Region' + imports: 'name' +======= # TODO: https://github.com/hashicorp/terraform-provider-google/issues/11504 exclude_test: true parameters: - name: 'region' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The region this gateway should sit in. required: false default_from_api: true +<<<<<<< HEAD + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::String + name: 'description' + description: 'An optional description of this resource.' + immutable: true + - !ruby/object:Api::Type::String + name: 'name' +======= custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Region' @@ -101,6 +188,7 @@ properties: immutable: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -111,14 +199,66 @@ properties: character, which cannot be a dash. required: true immutable: true +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + function: 'verify.ValidateGCEName' + - !ruby/object:Api::Type::ResourceRef + name: 'network' + resource: 'Network' + imports: 'selfLink' +======= validation: function: 'verify.ValidateGCEName' - name: 'network' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The network this VPN gateway is accepting traffic for. required: true immutable: true +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Enum + name: 'stackType' + description: | + The stack type for this VPN gateway to identify the IP protocols that are enabled. + If not specified, IPV4_ONLY will be used. + default_value: :IPV4_ONLY + values: + - :IPV4_ONLY + - :IPV4_IPV6 + - :IPV6_ONLY + immutable: true + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb' + - !ruby/object:Api::Type::Enum + name: 'gatewayIpVersion' + description: | + The IP family of the gateway IPs for the HA-VPN gateway interfaces. If not specified, IPV4 will be used. + default_value: :IPV4 + values: + - :IPV4 + - :IPV6 + immutable: true + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb' + - !ruby/object:Api::Type::Array + name: 'vpnInterfaces' + description: | + A list of interfaces on this VPN gateway. + default_from_api: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Integer + name: 'id' + description: 'The numeric ID of this VPN gateway interface.' + - !ruby/object:Api::Type::String + name: 'ipAddress' + description: 'The external IP address for this VPN gateway interface.' + output: true + - !ruby/object:Api::Type::ResourceRef + name: 'interconnectAttachment' + resource: 'InterconnectAttachment' + imports: 'selfLink' +======= custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Network' imports: 'selfLink' @@ -161,6 +301,7 @@ properties: output: true - name: 'interconnectAttachment' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | URL of the interconnect attachment resource. When the value of this field is present, the VPN Gateway will be used for @@ -169,7 +310,12 @@ properties: specified interconnect attachment resource. Not currently available publicly. +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + immutable: true +======= immutable: true custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'InterconnectAttachment' imports: 'selfLink' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/HealthCheck.yaml b/mmv1/products/compute/HealthCheck.yaml index 7b5c40e635b3..8aec622e032d 100644 --- a/mmv1/products/compute/HealthCheck.yaml +++ b/mmv1/products/compute/HealthCheck.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,9 +15,22 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'HealthCheck' +kind: 'compute#healthCheck' +base_url: projects/{{project}}/global/healthChecks +collection_url_key: 'items' +has_self_link: true +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/health-checks' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/healthChecks' +======= --- name: 'HealthCheck' kind: 'compute#healthCheck' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Health Checks determine whether instances are responsive and able to do work. They are an important part of a comprehensive load balancing configuration, @@ -30,6 +47,117 @@ description: | ~>**NOTE**: Legacy HTTP(S) health checks must be used for target pool-based network load balancers. See the [official guide](https://cloud.google.com/load-balancing/docs/health-check-concepts#selecting_hc) for choosing a type of health check. +<<<<<<< HEAD +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'health_check_tcp' + primary_resource_id: 'tcp-health-check' + vars: + health_check_name: 'tcp-health-check' + - !ruby/object:Provider::Terraform::Examples + name: 'health_check_tcp_full' + primary_resource_id: 'tcp-health-check' + vars: + health_check_name: 'tcp-health-check' + - !ruby/object:Provider::Terraform::Examples + name: 'health_check_ssl' + primary_resource_id: 'ssl-health-check' + vars: + health_check_name: 'ssl-health-check' + - !ruby/object:Provider::Terraform::Examples + name: 'health_check_ssl_full' + primary_resource_id: 'ssl-health-check' + vars: + health_check_name: 'ssl-health-check' + - !ruby/object:Provider::Terraform::Examples + name: 'health_check_http' + primary_resource_id: 'http-health-check' + vars: + health_check_name: 'http-health-check' + - !ruby/object:Provider::Terraform::Examples + name: 'health_check_http_full' + primary_resource_id: 'http-health-check' + vars: + health_check_name: 'http-health-check' + - !ruby/object:Provider::Terraform::Examples + name: 'health_check_https' + primary_resource_id: 'https-health-check' + vars: + health_check_name: 'https-health-check' + - !ruby/object:Provider::Terraform::Examples + name: 'health_check_https_full' + primary_resource_id: 'https-health-check' + vars: + health_check_name: 'https-health-check' + - !ruby/object:Provider::Terraform::Examples + name: 'health_check_http2' + primary_resource_id: 'http2-health-check' + vars: + health_check_name: 'http2-health-check' + - !ruby/object:Provider::Terraform::Examples + name: 'health_check_http2_full' + primary_resource_id: 'http2-health-check' + vars: + health_check_name: 'http2-health-check' + - !ruby/object:Provider::Terraform::Examples + name: 'health_check_grpc' + primary_resource_id: 'grpc-health-check' + vars: + health_check_name: 'grpc-health-check' + - !ruby/object:Provider::Terraform::Examples + name: 'health_check_grpc_full' + primary_resource_id: 'grpc-health-check' + vars: + health_check_name: 'grpc-health-check' + - !ruby/object:Provider::Terraform::Examples + name: 'health_check_with_logging' + primary_resource_id: 'health-check-with-logging' + min_version: beta + vars: + health_check_name: 'tcp-health-check' + - !ruby/object:Provider::Terraform::Examples + name: 'compute_health_check_http_source_regions' + primary_resource_id: 'http-health-check-with-source-regions' + vars: + health_check_name: 'http-health-check' + - !ruby/object:Provider::Terraform::Examples + name: 'compute_health_check_https_source_regions' + primary_resource_id: 'https-health-check-with-source-regions' + vars: + health_check_name: 'https-health-check' + - !ruby/object:Provider::Terraform::Examples + name: 'compute_health_check_tcp_source_regions' + primary_resource_id: 'tcp-health-check-with-source-regions' + vars: + health_check_name: 'tcp-health-check' +custom_code: !ruby/object:Provider::Terraform::CustomCode + encoder: templates/terraform/encoders/health_check_type.erb + constants: templates/terraform/constants/health_check.erb +custom_diff: [ + 'healthCheckCustomizeDiff', +] +properties: + - !ruby/object:Api::Type::Integer + name: 'checkIntervalSec' +======= references: guides: 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/health-checks' @@ -131,28 +259,50 @@ parameters: properties: - name: 'checkIntervalSec' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | How often (in seconds) to send a health check. The default value is 5 seconds. default_value: 5 +<<<<<<< HEAD + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::String + name: 'description' +======= - name: 'creationTimestamp' type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - name: 'description' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional description of this resource. Provide this property when you create the resource. send_empty_value: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'healthyThreshold' +======= - name: 'healthyThreshold' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2. default_value: 2 +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'name' + required: true + immutable: true +======= - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -161,17 +311,30 @@ properties: the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'timeoutSec' +======= required: true immutable: true - name: 'timeoutSec' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec. default_value: 5 +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'sourceRegions' + item_type: Api::Type::String + min_size: 3 + max_size: 3 +======= - name: 'sourceRegions' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The list of cloud regions from which health checks are performed. If any regions are specified, then exactly 3 regions should be specified. @@ -190,16 +353,55 @@ properties: * The health check cannot be used with BackendService nor with managed instance group auto-healing. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'unhealthyThreshold' +======= item_type: type: String min_size: 3 max_size: 3 - name: 'unhealthyThreshold' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2. default_value: 2 +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'type' + description: |- + The type of the health check. One of HTTP, HTTPS, TCP, or SSL. + values: + - :TCP + - :SSL + - :HTTP + - :HTTPS + - :HTTP2 + output: true + - !ruby/object:Api::Type::NestedObject + name: 'httpHealthCheck' + exactly_one_of: + - http_health_check + - https_health_check + - http2_health_check + - tcp_health_check + - ssl_health_check + - grpc_health_check + diff_suppress_func: 'portDiffSuppress' + properties: + - !ruby/object:Api::Type::String + name: 'host' + at_least_one_of: + - http_health_check.0.host + - http_health_check.0.request_path + - http_health_check.0.response + - http_health_check.0.port + - http_health_check.0.port_name + - http_health_check.0.proxy_header + - http_health_check.0.port_specification +======= - name: 'type' type: Enum description: |- @@ -224,10 +426,37 @@ properties: properties: - name: 'host' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The value of the host header in the HTTP health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'requestPath' + at_least_one_of: + - http_health_check.0.host + - http_health_check.0.request_path + - http_health_check.0.response + - http_health_check.0.port + - http_health_check.0.port_name + - http_health_check.0.proxy_header + - http_health_check.0.port_specification + description: | + The request path of the HTTP health check request. + The default value is /. + default_value: '/' + - !ruby/object:Api::Type::String + name: 'response' + at_least_one_of: + - http_health_check.0.host + - http_health_check.0.request_path + - http_health_check.0.response + - http_health_check.0.port + - http_health_check.0.port_name + - http_health_check.0.proxy_header + - http_health_check.0.port_specification +======= at_least_one_of: - 'http_health_check.0.host' - 'http_health_check.0.request_path' @@ -252,10 +481,66 @@ properties: default_value: "/" - name: 'response' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'port' + at_least_one_of: + - http_health_check.0.host + - http_health_check.0.request_path + - http_health_check.0.response + - http_health_check.0.port + - http_health_check.0.port_name + - http_health_check.0.proxy_header + - http_health_check.0.port_specification + description: | + The TCP port number for the HTTP health check request. + The default value is 80. + - !ruby/object:Api::Type::String + name: 'portName' + at_least_one_of: + - http_health_check.0.host + - http_health_check.0.request_path + - http_health_check.0.response + - http_health_check.0.port + - http_health_check.0.port_name + - http_health_check.0.proxy_header + - http_health_check.0.port_specification + description: | + Port name as defined in InstanceGroup#NamedPort#name. If both port and + port_name are defined, port takes precedence. + - !ruby/object:Api::Type::Enum + name: 'proxyHeader' + at_least_one_of: + - http_health_check.0.host + - http_health_check.0.request_path + - http_health_check.0.response + - http_health_check.0.port + - http_health_check.0.port_name + - http_health_check.0.proxy_header + - http_health_check.0.port_specification + description: | + Specifies the type of proxy header to append before sending data to the + backend. + values: + - :NONE + - :PROXY_V1 + default_value: :NONE + - !ruby/object:Api::Type::Enum + name: 'portSpecification' + at_least_one_of: + - http_health_check.0.host + - http_health_check.0.request_path + - http_health_check.0.response + - http_health_check.0.port + - http_health_check.0.port_name + - http_health_check.0.proxy_header + - http_health_check.0.port_specification +======= at_least_one_of: - 'http_health_check.0.host' - 'http_health_check.0.request_path' @@ -309,6 +594,7 @@ properties: - 'PROXY_V1' - name: 'portSpecification' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies how port is selected for health checking, can be one of the following values: @@ -324,6 +610,33 @@ properties: If not specified, HTTP health check follows behavior specified in `port` and `portName` fields. +<<<<<<< HEAD + values: + - :USE_FIXED_PORT + - :USE_NAMED_PORT + - :USE_SERVING_PORT + - !ruby/object:Api::Type::NestedObject + name: 'httpsHealthCheck' + exactly_one_of: + - http_health_check + - https_health_check + - http2_health_check + - tcp_health_check + - ssl_health_check + - grpc_health_check + diff_suppress_func: 'portDiffSuppress' + properties: + - !ruby/object:Api::Type::String + name: 'host' + at_least_one_of: + - https_health_check.0.host + - https_health_check.0.request_path + - https_health_check.0.response + - https_health_check.0.port + - https_health_check.0.port_name + - https_health_check.0.proxy_header + - https_health_check.0.port_specification +======= at_least_one_of: - 'http_health_check.0.host' - 'http_health_check.0.request_path' @@ -349,10 +662,37 @@ properties: properties: - name: 'host' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The value of the host header in the HTTPS health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'requestPath' + at_least_one_of: + - https_health_check.0.host + - https_health_check.0.request_path + - https_health_check.0.response + - https_health_check.0.port + - https_health_check.0.port_name + - https_health_check.0.proxy_header + - https_health_check.0.port_specification + description: | + The request path of the HTTPS health check request. + The default value is /. + default_value: '/' + - !ruby/object:Api::Type::String + name: 'response' + at_least_one_of: + - https_health_check.0.host + - https_health_check.0.request_path + - https_health_check.0.response + - https_health_check.0.port + - https_health_check.0.port_name + - https_health_check.0.proxy_header + - https_health_check.0.port_specification +======= at_least_one_of: - 'https_health_check.0.host' - 'https_health_check.0.request_path' @@ -377,10 +717,66 @@ properties: default_value: "/" - name: 'response' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'port' + at_least_one_of: + - https_health_check.0.host + - https_health_check.0.request_path + - https_health_check.0.response + - https_health_check.0.port + - https_health_check.0.port_name + - https_health_check.0.proxy_header + - https_health_check.0.port_specification + description: | + The TCP port number for the HTTPS health check request. + The default value is 443. + - !ruby/object:Api::Type::String + name: 'portName' + at_least_one_of: + - https_health_check.0.host + - https_health_check.0.request_path + - https_health_check.0.response + - https_health_check.0.port + - https_health_check.0.port_name + - https_health_check.0.proxy_header + - https_health_check.0.port_specification + description: | + Port name as defined in InstanceGroup#NamedPort#name. If both port and + port_name are defined, port takes precedence. + - !ruby/object:Api::Type::Enum + name: 'proxyHeader' + at_least_one_of: + - https_health_check.0.host + - https_health_check.0.request_path + - https_health_check.0.response + - https_health_check.0.port + - https_health_check.0.port_name + - https_health_check.0.proxy_header + - https_health_check.0.port_specification + description: | + Specifies the type of proxy header to append before sending data to the + backend. + values: + - :NONE + - :PROXY_V1 + default_value: :NONE + - !ruby/object:Api::Type::Enum + name: 'portSpecification' + at_least_one_of: + - https_health_check.0.host + - https_health_check.0.request_path + - https_health_check.0.response + - https_health_check.0.port + - https_health_check.0.port_name + - https_health_check.0.proxy_header + - https_health_check.0.port_specification +======= at_least_one_of: - 'https_health_check.0.host' - 'https_health_check.0.request_path' @@ -434,6 +830,7 @@ properties: - 'PROXY_V1' - name: 'portSpecification' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies how port is selected for health checking, can be one of the following values: @@ -449,6 +846,32 @@ properties: If not specified, HTTPS health check follows behavior specified in `port` and `portName` fields. +<<<<<<< HEAD + values: + - :USE_FIXED_PORT + - :USE_NAMED_PORT + - :USE_SERVING_PORT + - !ruby/object:Api::Type::NestedObject + name: 'tcpHealthCheck' + exactly_one_of: + - http_health_check + - https_health_check + - http2_health_check + - tcp_health_check + - ssl_health_check + - grpc_health_check + diff_suppress_func: 'portDiffSuppress' + properties: + - !ruby/object:Api::Type::String + name: 'request' + at_least_one_of: + - tcp_health_check.0.request + - tcp_health_check.0.response + - tcp_health_check.0.port + - tcp_health_check.0.port_name + - tcp_health_check.0.proxy_header + - tcp_health_check.0.port_specification +======= at_least_one_of: - 'https_health_check.0.host' - 'https_health_check.0.request_path' @@ -474,11 +897,23 @@ properties: properties: - name: 'request' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'response' + at_least_one_of: + - tcp_health_check.0.request + - tcp_health_check.0.response + - tcp_health_check.0.port + - tcp_health_check.0.port_name + - tcp_health_check.0.proxy_header + - tcp_health_check.0.port_specification +======= at_least_one_of: - 'tcp_health_check.0.request' - 'tcp_health_check.0.response' @@ -488,10 +923,62 @@ properties: - 'tcp_health_check.0.port_specification' - name: 'response' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'port' + at_least_one_of: + - tcp_health_check.0.request + - tcp_health_check.0.response + - tcp_health_check.0.port + - tcp_health_check.0.port_name + - tcp_health_check.0.proxy_header + - tcp_health_check.0.port_specification + description: | + The TCP port number for the TCP health check request. + The default value is 443. + - !ruby/object:Api::Type::String + name: 'portName' + at_least_one_of: + - tcp_health_check.0.request + - tcp_health_check.0.response + - tcp_health_check.0.port + - tcp_health_check.0.port_name + - tcp_health_check.0.proxy_header + - tcp_health_check.0.port_specification + description: | + Port name as defined in InstanceGroup#NamedPort#name. If both port and + port_name are defined, port takes precedence. + - !ruby/object:Api::Type::Enum + name: 'proxyHeader' + at_least_one_of: + - tcp_health_check.0.request + - tcp_health_check.0.response + - tcp_health_check.0.port + - tcp_health_check.0.port_name + - tcp_health_check.0.proxy_header + - tcp_health_check.0.port_specification + description: | + Specifies the type of proxy header to append before sending data to the + backend. + values: + - :NONE + - :PROXY_V1 + default_value: :NONE + - !ruby/object:Api::Type::Enum + name: 'portSpecification' + at_least_one_of: + - tcp_health_check.0.request + - tcp_health_check.0.response + - tcp_health_check.0.port + - tcp_health_check.0.port_name + - tcp_health_check.0.proxy_header + - tcp_health_check.0.port_specification +======= at_least_one_of: - 'tcp_health_check.0.request' - 'tcp_health_check.0.response' @@ -541,6 +1028,7 @@ properties: - 'PROXY_V1' - name: 'portSpecification' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies how port is selected for health checking, can be one of the following values: @@ -556,6 +1044,32 @@ properties: If not specified, TCP health check follows behavior specified in `port` and `portName` fields. +<<<<<<< HEAD + values: + - :USE_FIXED_PORT + - :USE_NAMED_PORT + - :USE_SERVING_PORT + - !ruby/object:Api::Type::NestedObject + name: 'sslHealthCheck' + exactly_one_of: + - http_health_check + - https_health_check + - http2_health_check + - tcp_health_check + - ssl_health_check + - grpc_health_check + diff_suppress_func: 'portDiffSuppress' + properties: + - !ruby/object:Api::Type::String + name: 'request' + at_least_one_of: + - ssl_health_check.0.request + - ssl_health_check.0.response + - ssl_health_check.0.port + - ssl_health_check.0.port_name + - ssl_health_check.0.proxy_header + - ssl_health_check.0.port_specification +======= at_least_one_of: - 'tcp_health_check.0.request' - 'tcp_health_check.0.response' @@ -580,11 +1094,23 @@ properties: properties: - name: 'request' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'response' + at_least_one_of: + - ssl_health_check.0.request + - ssl_health_check.0.response + - ssl_health_check.0.port + - ssl_health_check.0.port_name + - ssl_health_check.0.proxy_header + - ssl_health_check.0.port_specification +======= at_least_one_of: - 'ssl_health_check.0.request' - 'ssl_health_check.0.response' @@ -594,10 +1120,62 @@ properties: - 'ssl_health_check.0.port_specification' - name: 'response' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'port' + at_least_one_of: + - ssl_health_check.0.request + - ssl_health_check.0.response + - ssl_health_check.0.port + - ssl_health_check.0.port_name + - ssl_health_check.0.proxy_header + - ssl_health_check.0.port_specification + description: | + The TCP port number for the SSL health check request. + The default value is 443. + - !ruby/object:Api::Type::String + name: 'portName' + at_least_one_of: + - ssl_health_check.0.request + - ssl_health_check.0.response + - ssl_health_check.0.port + - ssl_health_check.0.port_name + - ssl_health_check.0.proxy_header + - ssl_health_check.0.port_specification + description: | + Port name as defined in InstanceGroup#NamedPort#name. If both port and + port_name are defined, port takes precedence. + - !ruby/object:Api::Type::Enum + name: 'proxyHeader' + at_least_one_of: + - ssl_health_check.0.request + - ssl_health_check.0.response + - ssl_health_check.0.port + - ssl_health_check.0.port_name + - ssl_health_check.0.proxy_header + - ssl_health_check.0.port_specification + description: | + Specifies the type of proxy header to append before sending data to the + backend. + values: + - :NONE + - :PROXY_V1 + default_value: :NONE + - !ruby/object:Api::Type::Enum + name: 'portSpecification' + at_least_one_of: + - ssl_health_check.0.request + - ssl_health_check.0.response + - ssl_health_check.0.port + - ssl_health_check.0.port_name + - ssl_health_check.0.proxy_header + - ssl_health_check.0.port_specification +======= at_least_one_of: - 'ssl_health_check.0.request' - 'ssl_health_check.0.response' @@ -647,6 +1225,7 @@ properties: - 'PROXY_V1' - name: 'portSpecification' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies how port is selected for health checking, can be one of the following values: @@ -662,6 +1241,33 @@ properties: If not specified, SSL health check follows behavior specified in `port` and `portName` fields. +<<<<<<< HEAD + values: + - :USE_FIXED_PORT + - :USE_NAMED_PORT + - :USE_SERVING_PORT + - !ruby/object:Api::Type::NestedObject + name: 'http2HealthCheck' + exactly_one_of: + - http_health_check + - https_health_check + - http2_health_check + - tcp_health_check + - ssl_health_check + - grpc_health_check + diff_suppress_func: 'portDiffSuppress' + properties: + - !ruby/object:Api::Type::String + name: 'host' + at_least_one_of: + - http2_health_check.0.host + - http2_health_check.0.request_path + - http2_health_check.0.response + - http2_health_check.0.port + - http2_health_check.0.port_name + - http2_health_check.0.proxy_header + - http2_health_check.0.port_specification +======= at_least_one_of: - 'ssl_health_check.0.request' - 'ssl_health_check.0.response' @@ -686,10 +1292,37 @@ properties: properties: - name: 'host' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The value of the host header in the HTTP2 health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'requestPath' + at_least_one_of: + - http2_health_check.0.host + - http2_health_check.0.request_path + - http2_health_check.0.response + - http2_health_check.0.port + - http2_health_check.0.port_name + - http2_health_check.0.proxy_header + - http2_health_check.0.port_specification + description: | + The request path of the HTTP2 health check request. + The default value is /. + default_value: '/' + - !ruby/object:Api::Type::String + name: 'response' + at_least_one_of: + - http2_health_check.0.host + - http2_health_check.0.request_path + - http2_health_check.0.response + - http2_health_check.0.port + - http2_health_check.0.port_name + - http2_health_check.0.proxy_header + - http2_health_check.0.port_specification +======= at_least_one_of: - 'http2_health_check.0.host' - 'http2_health_check.0.request_path' @@ -714,10 +1347,66 @@ properties: default_value: "/" - name: 'response' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'port' + at_least_one_of: + - http2_health_check.0.host + - http2_health_check.0.request_path + - http2_health_check.0.response + - http2_health_check.0.port + - http2_health_check.0.port_name + - http2_health_check.0.proxy_header + - http2_health_check.0.port_specification + description: | + The TCP port number for the HTTP2 health check request. + The default value is 443. + - !ruby/object:Api::Type::String + name: 'portName' + at_least_one_of: + - http2_health_check.0.host + - http2_health_check.0.request_path + - http2_health_check.0.response + - http2_health_check.0.port + - http2_health_check.0.port_name + - http2_health_check.0.proxy_header + - http2_health_check.0.port_specification + description: | + Port name as defined in InstanceGroup#NamedPort#name. If both port and + port_name are defined, port takes precedence. + - !ruby/object:Api::Type::Enum + name: 'proxyHeader' + at_least_one_of: + - http2_health_check.0.host + - http2_health_check.0.request_path + - http2_health_check.0.response + - http2_health_check.0.port + - http2_health_check.0.port_name + - http2_health_check.0.proxy_header + - http2_health_check.0.port_specification + description: | + Specifies the type of proxy header to append before sending data to the + backend. + values: + - :NONE + - :PROXY_V1 + default_value: :NONE + - !ruby/object:Api::Type::Enum + name: 'portSpecification' + at_least_one_of: + - http2_health_check.0.host + - http2_health_check.0.request_path + - http2_health_check.0.response + - http2_health_check.0.port + - http2_health_check.0.port_name + - http2_health_check.0.proxy_header + - http2_health_check.0.port_specification +======= at_least_one_of: - 'http2_health_check.0.host' - 'http2_health_check.0.request_path' @@ -771,6 +1460,7 @@ properties: - 'PROXY_V1' - name: 'portSpecification' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies how port is selected for health checking, can be one of the following values: @@ -786,6 +1476,30 @@ properties: If not specified, HTTP2 health check follows behavior specified in `port` and `portName` fields. +<<<<<<< HEAD + values: + - :USE_FIXED_PORT + - :USE_NAMED_PORT + - :USE_SERVING_PORT + - !ruby/object:Api::Type::NestedObject + name: 'grpcHealthCheck' + exactly_one_of: + - http_health_check + - https_health_check + - http2_health_check + - tcp_health_check + - ssl_health_check + - grpc_health_check + diff_suppress_func: 'portDiffSuppress' + properties: + - !ruby/object:Api::Type::Integer + name: 'port' + at_least_one_of: + - grpc_health_check.0.port + - grpc_health_check.0.port_name + - grpc_health_check.0.port_specification + - grpc_health_check.0.grpc_service_name +======= at_least_one_of: - 'http2_health_check.0.host' - 'http2_health_check.0.request_path' @@ -811,10 +1525,30 @@ properties: properties: - name: 'port' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The port number for the health check request. Must be specified if portName and portSpecification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'portName' + at_least_one_of: + - grpc_health_check.0.port + - grpc_health_check.0.port_name + - grpc_health_check.0.port_specification + - grpc_health_check.0.grpc_service_name + description: | + Port name as defined in InstanceGroup#NamedPort#name. If both port and + port_name are defined, port takes precedence. + - !ruby/object:Api::Type::Enum + name: 'portSpecification' + at_least_one_of: + - grpc_health_check.0.port + - grpc_health_check.0.port_name + - grpc_health_check.0.port_specification + - grpc_health_check.0.grpc_service_name +======= at_least_one_of: - 'grpc_health_check.0.port' - 'grpc_health_check.0.port_name' @@ -832,6 +1566,7 @@ properties: - 'grpc_health_check.0.grpc_service_name' - name: 'portSpecification' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies how port is selected for health checking, can be one of the following values: @@ -847,6 +1582,19 @@ properties: If not specified, gRPC health check follows behavior specified in `port` and `portName` fields. +<<<<<<< HEAD + values: + - :USE_FIXED_PORT + - :USE_NAMED_PORT + - :USE_SERVING_PORT + - !ruby/object:Api::Type::String + name: 'grpcServiceName' + at_least_one_of: + - grpc_health_check.0.port + - grpc_health_check.0.port_name + - grpc_health_check.0.port_specification + - grpc_health_check.0.grpc_service_name +======= at_least_one_of: - 'grpc_health_check.0.port' - 'grpc_health_check.0.port_name' @@ -858,12 +1606,24 @@ properties: - 'USE_SERVING_PORT' - name: 'grpcServiceName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The gRPC service name for the health check. The value of grpcServiceName has the following meanings by convention: - Empty serviceName means the overall status of all services at the backend. - Non-empty serviceName means the health of that gRPC service, as defined by the owner of the service. The grpcServiceName can only be ASCII. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'logConfig' + description: | + Configure logging on this health check. + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/health_check_log_config.go.erb' + properties: + - !ruby/object:Api::Type::Boolean + name: 'enable' +======= at_least_one_of: - 'grpc_health_check.0.port' - 'grpc_health_check.0.port_name' @@ -878,6 +1638,7 @@ properties: properties: - name: 'enable' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates whether or not to export logs. This is false by default, which means no health check logging will be done. diff --git a/mmv1/products/compute/HttpHealthCheck.yaml b/mmv1/products/compute/HttpHealthCheck.yaml index 7621f6547b61..22da31800b39 100644 --- a/mmv1/products/compute/HttpHealthCheck.yaml +++ b/mmv1/products/compute/HttpHealthCheck.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,9 +15,18 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'HttpHealthCheck' +kind: 'compute#httpHealthCheck' +base_url: projects/{{project}}/global/httpHealthChecks +collection_url_key: 'items' +has_self_link: true +======= --- name: 'HttpHealthCheck' kind: 'compute#httpHealthCheck' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An HttpHealthCheck resource. This resource defines a template for how individual VMs should be checked for health, via HTTP. @@ -23,6 +36,39 @@ description: | should be preferred for all uses except [Network Load Balancers](https://cloud.google.com/compute/docs/load-balancing/network/) which still require the legacy version. +<<<<<<< HEAD +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Adding Health Checks': 'https://cloud.google.com/compute/docs/load-balancing/health-checks#legacy_health_checks' + api: 'https://cloud.google.com/compute/docs/reference/v1/httpHealthChecks' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'http_health_check_basic' + primary_resource_id: 'default' + vars: + http_health_check_name: 'authentication-health-check' +properties: + - !ruby/object:Api::Type::Integer + name: 'checkIntervalSec' +======= references: guides: 'Adding Health Checks': 'https://cloud.google.com/compute/docs/load-balancing/health-checks#legacy_health_checks' @@ -59,10 +105,24 @@ parameters: properties: - name: 'checkIntervalSec' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | How often (in seconds) to send a health check. The default value is 5 seconds. default_value: 5 +<<<<<<< HEAD + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::String + name: 'description' + description: | + An optional description of this resource. Provide this property when + you create the resource. + - !ruby/object:Api::Type::Integer + name: 'healthyThreshold' +======= - name: 'creationTimestamp' type: Time description: 'Creation timestamp in RFC3339 text format.' @@ -74,18 +134,29 @@ properties: you create the resource. - name: 'healthyThreshold' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2. default_value: 2 +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'host' +======= - name: 'host' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The value of the host header in the HTTP health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'name' +======= - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -96,12 +167,27 @@ properties: last character, which cannot be a dash. required: true immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'port' +======= - name: 'port' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The TCP port number for the HTTP health check request. The default value is 80. default_value: 80 +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'requestPath' + description: | + The request path of the HTTP health check request. + The default value is /. + default_value: '/' + - !ruby/object:Api::Type::Integer + name: 'timeoutSec' +======= - name: 'requestPath' type: String description: | @@ -110,13 +196,19 @@ properties: default_value: "/" - name: 'timeoutSec' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec. default_value: 5 +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'unhealthyThreshold' +======= - name: 'unhealthyThreshold' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2. diff --git a/mmv1/products/compute/HttpsHealthCheck.yaml b/mmv1/products/compute/HttpsHealthCheck.yaml index 7b43e3ea112c..bc2adbe170e0 100644 --- a/mmv1/products/compute/HttpsHealthCheck.yaml +++ b/mmv1/products/compute/HttpsHealthCheck.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,9 +15,18 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'HttpsHealthCheck' +kind: 'compute#httpsHealthCheck' +base_url: projects/{{project}}/global/httpsHealthChecks +collection_url_key: 'items' +has_self_link: true +======= --- name: 'HttpsHealthCheck' kind: 'compute#httpsHealthCheck' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An HttpsHealthCheck resource. This resource defines a template for how individual VMs should be checked for health, via HTTPS. @@ -23,6 +36,39 @@ description: | should be preferred for all uses except [Network Load Balancers](https://cloud.google.com/compute/docs/load-balancing/network/) which still require the legacy version. +<<<<<<< HEAD +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Adding Health Checks': 'https://cloud.google.com/compute/docs/load-balancing/health-checks#legacy_health_checks' + api: 'https://cloud.google.com/compute/docs/reference/v1/httpsHealthChecks' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'https_health_check_basic' + primary_resource_id: 'default' + vars: + https_health_check_name: 'authentication-health-check' +properties: + - !ruby/object:Api::Type::Integer + name: 'checkIntervalSec' +======= references: guides: 'Adding Health Checks': 'https://cloud.google.com/compute/docs/load-balancing/health-checks#legacy_health_checks' @@ -59,10 +105,24 @@ parameters: properties: - name: 'checkIntervalSec' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | How often (in seconds) to send a health check. The default value is 5 seconds. default_value: 5 +<<<<<<< HEAD + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::String + name: 'description' + description: | + An optional description of this resource. Provide this property when + you create the resource. + - !ruby/object:Api::Type::Integer + name: 'healthyThreshold' +======= - name: 'creationTimestamp' type: Time description: 'Creation timestamp in RFC3339 text format.' @@ -74,18 +134,29 @@ properties: you create the resource. - name: 'healthyThreshold' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2. default_value: 2 +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'host' +======= - name: 'host' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The value of the host header in the HTTPS health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'name' +======= - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -96,12 +167,27 @@ properties: last character, which cannot be a dash. required: true immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'port' +======= - name: 'port' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The TCP port number for the HTTPS health check request. The default value is 443. default_value: 443 +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'requestPath' + description: | + The request path of the HTTPS health check request. + The default value is /. + default_value: '/' + - !ruby/object:Api::Type::Integer + name: 'timeoutSec' +======= - name: 'requestPath' type: String description: | @@ -110,13 +196,19 @@ properties: default_value: "/" - name: 'timeoutSec' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec. default_value: 5 +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'unhealthyThreshold' +======= - name: 'unhealthyThreshold' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2. diff --git a/mmv1/products/compute/Image.yaml b/mmv1/products/compute/Image.yaml index 46036e51e7ff..e3d10125bd0f 100644 --- a/mmv1/products/compute/Image.yaml +++ b/mmv1/products/compute/Image.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,9 +15,23 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Image' +kind: 'compute#image' +base_url: projects/{{project}}/global/images +immutable: true +has_self_link: true +collection_url_key: 'items' +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/compute/docs/images' + api: 'https://cloud.google.com/compute/docs/reference/v1/images' +======= --- name: 'Image' kind: 'compute#image' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Represents an Image resource. @@ -31,6 +49,54 @@ description: | images are available only to your project. You can create a custom image from root persistent disks and other images. Then, use the custom image to create an instance. +<<<<<<< HEAD +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +iam_policy: !ruby/object:Api::Resource::IamPolicy + allowed_iam_role: 'roles/compute.imageUser' + parent_resource_attribute: 'image' + iam_conditions_request_type: :QUERY_PARAM +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'image_basic' + primary_resource_id: 'example' + vars: + image_name: 'example-image' + primary_resource_name: "fmt.Sprintf(\"tf-test-example-image%s\", + context[\"random_suffix\"\ + ])" + - !ruby/object:Provider::Terraform::Examples + name: 'image_guest_os' + primary_resource_id: 'example' + vars: + image_name: 'example-image' + - !ruby/object:Provider::Terraform::Examples + name: 'image_basic_storage_location' + primary_resource_id: 'example' + vars: + image_name: 'example-sl-image' + primary_resource_name: + 'fmt.Sprintf("tf-test-sl-example-image%s", context["random_suffix"])' +properties: + - !ruby/object:Api::Type::Integer + name: 'archiveSizeBytes' +======= references: guides: 'Official Documentation': 'https://cloud.google.com/compute/docs/images' @@ -83,10 +149,24 @@ parameters: properties: - name: 'archiveSizeBytes' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Size of the image tar.gz archive stored in Google Cloud Storage (in bytes). output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::String + name: 'description' + description: | + An optional description of this resource. Provide this property when + you create the resource. + - !ruby/object:Api::Type::Array + name: 'storageLocations' +======= - name: 'creationTimestamp' type: Time description: 'Creation timestamp in RFC3339 text format.' @@ -98,28 +178,72 @@ properties: you create the resource. - name: 'storageLocations' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Cloud Storage bucket storage location of the image (regional or multi-regional). Reference link: https://cloud.google.com/compute/docs/reference/rest/v1/images +<<<<<<< HEAD + item_type: Api::Type::String + default_from_api: true + - !ruby/object:Api::Type::Integer + name: 'diskSizeGb' +======= default_from_api: true item_type: type: String - name: 'diskSizeGb' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Size of the image when restored onto a persistent disk (in GB). # TODO(alexstephen): Build family support. # Families use a different API default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'family' +======= - name: 'family' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the image family to which this image belongs. You can create disks by specifying an image family instead of a specific image name. The image family always returns its latest image that is not deprecated. The name of the image family must comply with RFC1035. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'guestOsFeatures' + description: | + A list of features to enable on the guest operating system. + Applicable only for bootable images. + default_from_api: true + is_set: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Enum + name: 'type' + required: true + description: | + The type of supported feature. Read [Enabling guest operating system features](https://cloud.google.com/compute/docs/images/create-delete-deprecate-private-images#guest-os-features) to see a list of available options. + values: + - :MULTI_IP_SUBNET + - :SECURE_BOOT + - :SEV_CAPABLE + - :UEFI_COMPATIBLE + - :VIRTIO_SCSI_MULTIQUEUE + - :WINDOWS + - :GVNIC + - :SEV_LIVE_MIGRATABLE + - :SEV_SNP_CAPABLE + - :SUSPEND_RESUME_COMPATIBLE + - :TDX_CAPABLE + - :SEV_LIVE_MIGRATABLE_V2 + - !ruby/object:Api::Type::NestedObject + name: 'imageEncryptionKey' +======= - name: 'guestOsFeatures' type: Array description: | @@ -150,6 +274,7 @@ properties: - 'SEV_LIVE_MIGRATABLE_V2' - name: 'imageEncryptionKey' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Encrypts the image using a customer-supplied encryption key. @@ -157,6 +282,18 @@ properties: provide the same key if you use the image later (e.g. to create a disk from the image) properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'kmsKeySelfLink' + api_name: 'kmsKeyName' + description: | + The self link of the encryption key that is stored in Google Cloud + KMS. + custom_flatten: 'templates/terraform/custom_flatten/image_kms_key_name.go.erb' + diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' + - !ruby/object:Api::Type::String + name: 'kmsKeyServiceAccount' +======= - name: 'kmsKeySelfLink' type: String description: | @@ -167,10 +304,37 @@ properties: custom_flatten: 'templates/terraform/custom_flatten/image_kms_key_name.go.tmpl' - name: 'kmsKeyServiceAccount' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used. +<<<<<<< HEAD + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: Labels to apply to this Image. + update_verb: :POST + update_url: 'projects/{{project}}/global/images/{{name}}/setLabels' + - !ruby/object:Api::Type::Fingerprint + name: 'labelFingerprint' + description: | + The fingerprint used for optimistic locking of this resource. Used + internally during updates. + update_url: 'projects/{{project}}/global/images/{{name}}/setLabels' + update_verb: :POST + - !ruby/object:Api::Type::Array + name: 'licenses' + description: Any applicable license URI. + default_from_api: true + item_type: !ruby/object:Api::Type::ResourceRef + name: 'license' + description: 'An applicable license URI' + resource: 'License' + imports: 'selfLink' + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::String + name: 'name' +======= - name: 'labels' type: KeyValueLabels description: Labels to apply to this Image. @@ -198,6 +362,7 @@ properties: imports: 'selfLink' - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -207,6 +372,15 @@ properties: characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'rawDisk' + description: The parameters of the raw disk image. + ignore_read: true + properties: + - !ruby/object:Api::Type::Enum + name: 'containerType' +======= - name: 'rawDisk' type: NestedObject description: The parameters of the raw disk image. @@ -214,11 +388,27 @@ properties: properties: - name: 'containerType' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The format used to encode and transmit the block device, which should be TAR. This is just a container and transmission format and not a runtime format. Provided by the client when the disk image is created. +<<<<<<< HEAD + values: + - :TAR + default_value: :TAR + - !ruby/object:Api::Type::String + name: 'sha1' + api_name: 'sha1Checksum' + description: | + An optional SHA1 checksum of the disk image before unpackaging. + This is provided by the client when the disk image is created. + # TODO(alexstephen): Figure out cross-module ResourceRefs + - !ruby/object:Api::Type::String + name: 'source' + required: true +======= default_value: "TAR" enum_values: - 'TAR' @@ -231,22 +421,36 @@ properties: # TODO(alexstephen): Figure out cross-module ResourceRefs - name: 'source' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The full Google Cloud Storage URL where disk storage is stored You must provide either this property or the sourceDisk property but not both. +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: 'sourceDisk' +======= required: true - name: 'sourceDisk' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The source disk to create this image based on. You must provide either this property or the rawDisk.source property but not both to create an image. +<<<<<<< HEAD + resource: 'Disk' + imports: 'selfLink' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::ResourceRef + name: 'sourceImage' +======= custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Disk' imports: 'selfLink' - name: 'sourceImage' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | URL of the source image used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: @@ -255,11 +459,19 @@ properties: * This property * The rawDisk.source URL * The sourceDisk URL +<<<<<<< HEAD + resource: 'Image' + imports: 'selfLink' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::ResourceRef + name: 'sourceSnapshot' +======= custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Image' imports: 'selfLink' - name: 'sourceSnapshot' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | URL of the source snapshot used to create this image. @@ -270,6 +482,13 @@ properties: * The sourceImage URL * The rawDisk.source URL * The sourceDisk URL +<<<<<<< HEAD + resource: 'Snapshot' + imports: 'selfLink' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +# State is not applicable for state convergence. +======= custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Snapshot' imports: 'selfLink' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/Instance.yaml b/mmv1/products/compute/Instance.yaml index 6b3677d92cee..99fed4002aeb 100644 --- a/mmv1/products/compute/Instance.yaml +++ b/mmv1/products/compute/Instance.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,60 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Instance' +kind: 'compute#instance' +base_url: projects/{{project}}/zones/{{zone}}/instances +collection_url_key: 'items' +immutable: true +has_self_link: true +description: | + An instance is a virtual machine (VM) hosted on Google's infrastructure. +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +iam_policy: !ruby/object:Api::Resource::IamPolicy + allowed_iam_role: 'roles/compute.osLogin' + parent_resource_attribute: 'instance_name' + iam_conditions_request_type: :QUERY_PARAM +exclude_resource: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'instance_basic' + primary_resource_id: 'default' + vars: + instance_name: 'my-instance' + primary_resource_name: "fmt.Sprintf(\"tf-test-my-instance%s\", + context[\"random_suffix\"\ + ])" +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'zone' + resource: 'Zone' + imports: 'name' + description: 'A reference to the zone where the machine resides.' + required: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::Boolean + name: 'canIpForward' +======= --- name: 'Instance' kind: 'compute#instance' @@ -63,10 +121,30 @@ parameters: properties: - name: 'canIpForward' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'cpuPlatform' + description: The CPU platform used by this instance. + output: true + - !ruby/object:Api::Type::String + name: 'creationTimestamp' + description: Creation timestamp in RFC3339 text format. + output: true + - !ruby/object:Api::Type::Boolean + name: 'deletionProtection' + description: Whether the resource should be protected against deletion. + # The code for this update is custom because MM doesn't support + # sending empty bodies + the new option as a request parameter. + update_verb: :POST + update_url: /projects/{{project}}/zones/{{zone}}/instances/{resourceId}/setDeletionProtection + - !ruby/object:Api::Type::Array + name: 'disks' +======= - name: 'cpuPlatform' type: String description: The CPU platform used by this instance. @@ -84,15 +162,23 @@ properties: update_verb: 'POST' - name: 'disks' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An array of disks that are associated with the instances that are created from this template. immutable: true +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Boolean + name: 'autoDelete' +======= item_type: type: NestedObject properties: - name: 'autoDelete' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from @@ -101,6 +187,15 @@ properties: Tip: Disks should be set to autoDelete=true so that leftover disks are not left behind on machine deletion. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'boot' + description: | + Indicates that this is a boot disk. The virtual machine will + use the first partition of the disk for its root filesystem. + - !ruby/object:Api::Type::String + name: 'deviceName' +======= - name: 'boot' type: Boolean description: | @@ -108,47 +203,78 @@ properties: use the first partition of the disk for its root filesystem. - name: 'deviceName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'diskEncryptionKey' +======= - name: 'diskEncryptionKey' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Encrypts or decrypts a disk using a customer-supplied encryption key. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'rawKey' +======= - name: 'rawKey' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'rsaEncryptedKey' +======= - name: 'rsaEncryptedKey' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'sha256' +======= - name: 'sha256' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'index' +======= - name: 'index' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Assigns a zero-based index to this disk, where 0 is reserved for the boot disk. For example, if you have many disks attached to an instance, each disk would have a unique index number. If not specified, the server will choose an appropriate value. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'initializeParams' +======= - name: 'initializeParams' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization @@ -156,6 +282,19 @@ properties: the new instance. immutable: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'diskName' + description: | + Specifies the disk name. If not specified, the default + is to use the name of the instance. + - !ruby/object:Api::Type::Integer + name: 'diskSizeGb' + description: Specifies the size of the disk in base-2 GB. + # diskStorageType - deprecated + - !ruby/object:Api::Type::ResourceRef + name: 'diskType' +======= - name: 'diskName' type: String description: | @@ -167,23 +306,37 @@ properties: # diskStorageType - deprecated - name: 'diskType' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Reference to a disk type. Specifies the disk type to use to create the instance. If not specified, the default is pd-standard. +<<<<<<< HEAD + resource: 'DiskType' + imports: 'selfLink' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::String + name: 'sourceImage' +======= custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'DiskType' imports: 'selfLink' - name: 'sourceImage' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or disks.source is required. To create a disk with one of the public operating system images, specify the image by its family name. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'provisionedIops' +======= - name: 'provisionedIops' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates how many IOPS to provision for the disk. This sets the number of I/O operations per second that the @@ -192,8 +345,13 @@ properties: delete and recreate the disk, hyperdisk allows for an update of IOPS every 4 hours. To update your hyperdisk more frequently, you'll need to manually delete and recreate it. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'provisionedThroughput' +======= - name: 'provisionedThroughput' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates how much throughput to provision for the disk. This sets the number of throughput mb per second that @@ -202,14 +360,24 @@ properties: to delete and recreate the disk, hyperdisk allows for an update of throughput every 4 hours. To update your hyperdisk more frequently, you'll need to manually delete and recreate it. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'enableConfidentialCompute' +======= - name: 'enableConfidentialCompute' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Whether this disk is using confidential compute mode. Note: Only supported on hyperdisk skus, disk_encryption_key is required when setting to true. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'sourceImageEncryptionKey' +======= - name: 'sourceImageEncryptionKey' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The customer-supplied encryption key of the source image. Required if the source image is protected by a @@ -220,36 +388,68 @@ properties: instances in a managed instance group if the source images are encrypted with your own keys. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'rawKey' +======= - name: 'rawKey' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'sha256' +======= - name: 'sha256' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'storagePool' + required: false + immutable: true +======= - name: 'storagePool' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The URL of the storage pool in which the new disk is created. For example: * https://www.googleapis.com/compute/v1/projects/{project}/zones/{zone}/storagePools/{storagePool} * /projects/{project}/zones/{zone}/storagePools/{storagePool} +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'interface' +======= required: false immutable: true - name: 'interface' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI. Persistent disks must always use SCSI and the request will fail if you attempt to attach a persistent disk in any other format than SCSI. +<<<<<<< HEAD + values: + - :SCSI + - :NVME + # Ignoring kind - It's a constant and we don't need it. + # TODO(alexstephen): Place in licenses - it's a Array of + # ResourceRefs + - !ruby/object:Api::Type::Enum + name: 'mode' +======= enum_values: - 'SCSI' - 'NVME' @@ -258,16 +458,28 @@ properties: # ResourceRefs - name: 'mode' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If not specified, the default is to attach the disk in READ_WRITE mode. +<<<<<<< HEAD + values: + - :READ_WRITE + - :READ_ONLY + # This is the name, not selfLink of a disk. + - !ruby/object:Api::Type::ResourceRef + name: 'source' + resource: 'Disk' + imports: 'selfLink' +======= enum_values: - 'READ_WRITE' - 'READ_ONLY' # This is the name, not selfLink of a disk. - name: 'source' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Reference to a disk. When creating a new instance, one of initializeParams.sourceImage or disks.source is required. @@ -275,6 +487,31 @@ properties: If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Enum + name: 'type' + description: | + Specifies the type of the disk, either SCRATCH or + PERSISTENT. If not specified, the default is PERSISTENT. + values: + - :SCRATCH + - :PERSISTENT + - !ruby/object:Api::Type::Array + name: 'licenses' + description: 'Any applicable publicly visible licenses.' + item_type: Api::Type::String + output: true + - !ruby/object:Api::Type::Array + name: 'guestAccelerators' + description: | + List of the type and count of accelerator cards attached to the + instance + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Integer + name: 'acceleratorCount' +======= custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Disk' imports: 'selfLink' @@ -302,11 +539,21 @@ properties: properties: - name: 'acceleratorCount' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The number of the guest accelerator cards exposed to this instance. # TODO(alexstephen): Change to ResourceRef once AcceleratorType is # created. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'acceleratorType' + description: | + Full or partial URL of the accelerator type resource to expose + to this instance. + - !ruby/object:Api::Type::String + name: 'hostname' +======= - name: 'acceleratorType' type: String description: | @@ -314,18 +561,39 @@ properties: to this instance. - name: 'hostname' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The hostname of the instance to be created. The specified hostname must be RFC1035 compliant. If hostname is not specified, the default hostname is [INSTANCE_NAME].c.[PROJECT_ID].internal when using the global DNS, and [INSTANCE_NAME].[ZONE].c.[PROJECT_ID].internal when using zonal DNS. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'id' +======= - name: 'id' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The unique identifier for the resource. This identifier is defined by the server. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Fingerprint + name: 'labelFingerprint' + description: | + The fingerprint used for optimistic locking of this resource. Used + internally during updates. + update_url: 'projects/{{project}}/zones/{{zone}}/instances/{{name}}/setLabels' + update_verb: :POST + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: | + Labels to apply to this instance. A list of key->value pairs. + update_verb: :POST + update_url: 'projects/{{project}}/zones/{{zone}}/instances/{{name}}/setLabels' +======= - name: 'labelFingerprint' type: Fingerprint description: | @@ -341,6 +609,7 @@ properties: Labels to apply to this instance. A list of key->value pairs. update_url: 'projects/{{project}}/zones/{{zone}}/instances/{{name}}/setLabels' update_verb: 'POST' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # TODO(nelsonjr): Implement updating metadata *after* resource is created. # Expose instance 'metadata' as a simple name/value pair hash. However the API @@ -361,12 +630,35 @@ properties: # adding the 'fingerprint' of the last metadata to allow update. # # To comply with the API please add an encoder: and decoder: to the provider. +<<<<<<< HEAD + - !ruby/object:Api::Type::KeyValuePairs + name: 'metadata' +======= - name: 'metadata' type: KeyValuePairs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The metadata key/value pairs to assign to instances that are created from this template. These pairs can consist of custom metadata or predefined keys. +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: 'machineType' + resource: 'MachineType' + imports: 'selfLink' + description: 'A reference to a machine type which defines VM kind.' + update_url: projects/{{project}}/zones/{{zone}}/instances/{{name}}/setMachineType + update_verb: :POST + # TODO(alexstephen): Add metadata + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::String + name: 'minCpuPlatform' + description: | + Specifies a minimum CPU platform for the VM instance. Applicable + values are the friendly names of CPU platforms + - !ruby/object:Api::Type::String + name: 'name' +======= - name: 'machineType' type: ResourceRef description: 'A reference to a machine type which defines VM kind.' @@ -383,6 +675,7 @@ properties: values are the friendly names of CPU platforms - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, @@ -392,37 +685,64 @@ properties: lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'networkInterfaces' +======= - name: 'networkInterfaces' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An array of configurations for this interface. This specifies how this interface is configured to interact with other network services, such as connecting to the internet. Only one network interface is supported per instance. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Array + name: 'accessConfigs' +======= item_type: type: NestedObject properties: - name: 'accessConfigs' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An array of configurations for this interface. Currently, only one access config, ONE_TO_ONE_NAT, is supported. If there are no accessConfigs specified, then this instance will have no external internet access. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + # 'kind' is not needed for object convergence + - !ruby/object:Api::Type::String + name: 'name' +======= item_type: type: NestedObject properties: # 'kind' is not needed for object convergence - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of this access configuration. The default and recommended name is External NAT but you can use any arbitrary string you would like. For example, My external IP or Network Access. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: 'natIP' + resource: 'Address' + imports: 'address' +======= - name: 'natIP' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Reference to an address. An external IP address associated with this instance. @@ -431,6 +751,19 @@ properties: from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance. +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Enum + name: 'type' + description: | + The type of configuration. The default and only option is + ONE_TO_ONE_NAT. + values: + - :ONE_TO_ONE_NAT + required: true + - !ruby/object:Api::Type::Boolean + name: 'setPublicPtr' +======= custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Address' imports: 'address' @@ -444,18 +777,29 @@ properties: - 'ONE_TO_ONE_NAT' - name: 'setPublicPtr' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies whether a public DNS PTR record should be created to map the external IP address of the instance to a DNS domain name. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'publicPtrDomainName' +======= - name: 'publicPtrDomainName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The DNS domain name for the public PTR record. You can set this field only if the setPublicPtr field is enabled. +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'networkTier' +======= - name: 'networkTier' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This signifies the networking tier used for configuring this access configuration. If an AccessConfig is @@ -464,20 +808,35 @@ properties: AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP. +<<<<<<< HEAD + values: + - :PREMIUM + - :STANDARD + - !ruby/object:Api::Type::Array + name: 'aliasIpRanges' +======= enum_values: - 'PREMIUM' - 'STANDARD' - name: 'aliasIpRanges' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An array of alias IP ranges for this network interface. Can only be specified for network interfaces on subnet-mode networks. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'ipCidrRange' +======= item_type: type: NestedObject properties: - name: 'ipCidrRange' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The IP CIDR range represented by this alias IP range. This IP CIDR range must belong to the specified @@ -485,50 +844,89 @@ properties: system or used by other network interfaces. This range may be a single IP address (e.g. 10.2.3.4), a netmask (e.g. /24) or a CIDR format string (e.g. 10.1.2.0/24). +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'subnetworkRangeName' +======= - name: 'subnetworkRangeName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Optional subnetwork secondary range name specifying the secondary range from which to allocate the IP CIDR range for this alias IP range. If left unspecified, the primary range of the subnetwork will be used. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'internalIpv6PrefixLength' + description: | + The prefix length of the primary internal IPv6 range. + - !ruby/object:Api::Type::String + name: 'ipv6Address' +======= - name: 'internalIpv6PrefixLength' type: String description: | The prefix length of the primary internal IPv6 range. - name: 'ipv6Address' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An IPv6 internal network address for this network interface. If not specified, Google Cloud will automatically assign an internal IPv6 address from the instance's subnetwork. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'name' +======= - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the network interface, generated by the server. For network devices, these are eth0, eth1, etc output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: 'network' + resource: 'Network' + imports: 'selfLink' +======= - name: 'network' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the title of an existing network. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::String + name: 'networkIP' +======= custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Network' imports: 'selfLink' - name: 'networkIP' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An IPv4 internal network address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system. +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: 'subnetwork' + resource: 'Subnetwork' + imports: 'selfLink' +======= - name: 'subnetwork' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Reference to a VPC network. If the network resource is in legacy mode, do not @@ -537,6 +935,22 @@ properties: the network is in custom subnet mode, then this field should be specified. # networkInterfaces.kind is not necessary for convergence. +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::ResourceRef + name: 'networkAttachment' + resource: 'networkAttachment' + imports: 'selfLink' + description: | + The URL of the network attachment that this interface should connect to in the following format: + projects/{projectNumber}/regions/{region_name}/networkAttachments/{network_attachment_name}. + - !ruby/object:Api::Type::NestedObject + name: 'scheduling' + description: Sets the scheduling options for this instance. + properties: + - !ruby/object:Api::Type::Boolean + name: 'automaticRestart' +======= custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Subnetwork' imports: 'selfLink' @@ -553,31 +967,87 @@ properties: properties: - name: 'automaticRestart' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'onHostMaintenance' +======= - name: 'onHostMaintenance' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Defines the maintenance behavior for this instance. For standard instances, the default behavior is MIGRATE. For preemptible instances, the default and only possible behavior is TERMINATE. For more information, see Setting Instance Scheduling Options. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'preemptible' +======= - name: 'preemptible' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Defines whether the instance is preemptible. This can only be set during instance creation, it cannot be set or changed after the instance has been created. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'serviceAccounts' +======= - name: 'serviceAccounts' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'email' + description: Email address of the service account. + - !ruby/object:Api::Type::Array + name: scopes + description: | + The list of scopes to be made available for this service + account. + item_type: Api::Type::String + - !ruby/object:Api::Type::NestedObject + name: 'shieldedInstanceConfig' + description: + Configuration for various parameters related to shielded instances. + # The code for this update method is custom because MM does not support + # sending just the nested properties + update_verb: :PATCH + update_url: projects/{{project}}/instances/{{name}}/updateShieldedInstanceConfig + properties: + - !ruby/object:Api::Type::Boolean + name: 'enableSecureBoot' + description: Defines whether the instance has Secure Boot enabled. + update_verb: :PATCH + update_url: projects/{{project}}/instances/{{name}}/updateShieldedInstanceConfig + - !ruby/object:Api::Type::Boolean + name: 'enableVtpm' + description: Defines whether the instance has the vTPM enabled + update_verb: :PATCH + update_url: projects/{{project}}/instances/{{name}}/updateShieldedInstanceConfig + - !ruby/object:Api::Type::Boolean + name: 'enableIntegrityMonitoring' + description: + Defines whether the instance has integrity monitoring enabled. + update_verb: :PATCH + update_url: projects/{{project}}/instances/{{name}}/updateShieldedInstanceConfig + - !ruby/object:Api::Type::NestedObject + name: 'confidentialInstanceConfig' +======= item_type: type: NestedObject properties: @@ -618,10 +1088,22 @@ properties: update_verb: 'PATCH' - name: 'confidentialInstanceConfig' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: 'Configuration for confidential computing (requires setting the machine type to any of the n2d-* types and a boot disk of type pd-ssd).' properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'enableConfidentialCompute' + description: Enables confidential computing with AMD SEV. + at_least_one_of: + - confidential_instance_config.0.enable_confidential_compute + - confidential_instance_config.0.confidential_instance_type + deprecation_message: "`enableConfidentialCompute` is deprecated and will be removed in a future major release. Use `confidentialInstanceType: SEV` instead." + - !ruby/object:Api::Type::Enum + name: 'confidentialInstanceType' +======= - name: 'enableConfidentialCompute' type: Boolean description: Enables confidential computing with AMD SEV. @@ -631,11 +1113,23 @@ properties: deprecation_message: '`enableConfidentialCompute` is deprecated and will be removed in a future major release. Use `confidentialInstanceType: SEV` instead.' - name: 'confidentialInstanceType' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The confidential computing technology the instance uses. SEV is an AMD feature. TDX is an Intel feature. One of the following values is required: SEV, SEV_SNP, TDX. If SEV_SNP, min_cpu_platform = "AMD Milan" is currently required. TDX is only available in beta. +<<<<<<< HEAD + values: + - :SEV + - :SEV_SNP + - :TDX + at_least_one_of: + - confidential_instance_config.0.enable_confidential_compute + - confidential_instance_config.0.confidential_instance_type + - !ruby/object:Api::Type::Enum + name: 'status' +======= at_least_one_of: - 'confidential_instance_config.0.enable_confidential_compute' - 'confidential_instance_config.0.confidential_instance_type' @@ -645,6 +1139,7 @@ properties: - 'TDX' - name: 'status' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, @@ -656,6 +1151,22 @@ properties: # This is incorrect because you can make actions on the Instance (start, stop) # In an idempotent world, the best way to express these actions is to # change the status value. +<<<<<<< HEAD + values: + - :PROVISIONING + - :STAGING + - :RUNNING + - :STOPPING + - :SUSPENDING + - :SUSPENDED + - :TERMINATED + - !ruby/object:Api::Type::String + name: 'statusMessage' + description: An optional, human-readable explanation of the status. + output: true + - !ruby/object:Api::Type::NestedObject + name: 'tags' +======= enum_values: - 'PROVISIONING' - 'STAGING' @@ -670,6 +1181,7 @@ properties: output: true - name: 'tags' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of tags to apply to this instance. Tags are used to identify valid sources or targets for network firewalls and are specified by @@ -678,8 +1190,13 @@ properties: RFC1035. properties: # TODO(alexstephen) Investigate bytes type +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'fingerprint' +======= - name: 'fingerprint' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. @@ -687,6 +1204,14 @@ properties: changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'items' + description: | + An array of tags. Each tag must be 1-63 characters long, and + comply with RFC1035. + item_type: Api::Type::String +======= - name: 'items' type: Array description: | @@ -694,3 +1219,4 @@ properties: comply with RFC1035. item_type: type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/InstanceGroup.yaml b/mmv1/products/compute/InstanceGroup.yaml index 67c902e29936..b5286171d14a 100644 --- a/mmv1/products/compute/InstanceGroup.yaml +++ b/mmv1/products/compute/InstanceGroup.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,14 +15,60 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'InstanceGroup' +kind: 'compute#instanceGroup' +base_url: projects/{{project}}/zones/{{zone}}/instanceGroups +collection_url_key: 'items' +has_self_link: true +======= --- name: 'InstanceGroup' kind: 'compute#instanceGroup' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Represents an Instance Group resource. Instance groups are self-managed and can contain identical or different instances. Instance groups do not use an instance template. Unlike managed instance groups, you must create and add instances to an instance group manually. +<<<<<<< HEAD +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +immutable: true +exclude: true +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'zone' + resource: 'Zone' + imports: 'name' + description: 'A reference to the zone where the instance group resides.' + required: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::String + name: 'description' +======= exclude: true docs: base_url: 'projects/{{project}}/zones/{{zone}}/instanceGroups' @@ -59,10 +109,24 @@ properties: output: true - name: 'description' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional description of this resource. Provide this property when you create the resource. # 'fingerprint' not applicable to state convergence. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'id' + description: 'A unique identifier for this instance group.' + output: true + - !ruby/object:Api::Type::String + name: 'name' + description: | + The name of the instance group. + The name must be 1-63 characters long, and comply with RFC1035. + - !ruby/object:Api::Type::Array + name: 'namedPorts' +======= - name: 'id' type: Integer description: 'A unique identifier for this instance group.' @@ -74,6 +138,7 @@ properties: The name must be 1-63 characters long, and comply with RFC1035. - name: 'namedPorts' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Assigns a name to a port number. For example: {name: "http", port: 80}. @@ -85,6 +150,41 @@ properties: For example: [{name: "http", port: 80},{name: "http", port: 8080}] Named ports apply to all instances in this instance group. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + description: | + The name for this named port. + The name must be 1-63 characters long, and comply with RFC1035. + - !ruby/object:Api::Type::Integer + name: 'port' + description: | + The port number, which can be a value between 1 and 65535. + - !ruby/object:Api::Type::ResourceRef + name: 'network' + resource: 'Network' + imports: 'selfLink' + description: | + The network to which all instances in the instance group belong. + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::ResourceRef + name: 'region' + resource: 'Region' + imports: 'selfLink' + description: | + The region where the instance group is located + (for regional resources). + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::ResourceRef + name: 'subnetwork' + resource: 'Subnetwork' + imports: 'selfLink' + description: | + The subnetwork to which all instances in the instance group belong. + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +======= item_type: type: NestedObject properties: @@ -119,3 +219,4 @@ properties: custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Subnetwork' imports: 'selfLink' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/InstanceGroupManager.yaml b/mmv1/products/compute/InstanceGroupManager.yaml index ec957fa1924e..15dcea21b323 100644 --- a/mmv1/products/compute/InstanceGroupManager.yaml +++ b/mmv1/products/compute/InstanceGroupManager.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,9 +15,20 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'InstanceGroupManager' +kind: 'compute#instanceGroupManager' +base_url: projects/{{project}}/zones/{{zone}}/instanceGroupManagers +collection_url_key: 'items' +has_self_link: true +# Used as a resource reference +exclude: true +======= --- name: 'InstanceGroupManager' kind: 'compute#instanceGroupManager' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Creates a managed instance group using the information that you specify in the request. After the group is created, it schedules an action to create @@ -23,6 +38,37 @@ description: | verify the status of the individual instances. A managed instance group can have up to 1000 VM instances per group. +<<<<<<< HEAD +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'zone' + resource: 'Zone' + imports: 'name' + description: 'The zone the managed instance group resides.' + required: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::String + name: 'baseInstanceName' +======= # Used as a resource reference exclude: true docs: @@ -59,18 +105,34 @@ parameters: properties: - name: 'baseInstanceName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The base instance name to use for instances in this group. The value must be 1-58 characters long. Instances are named by appending a hyphen and a random four-character string to the base instance name. The base instance name must comply with RFC1035. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' +======= - name: 'creationTimestamp' type: Time +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The creation timestamp for this managed instance group in RFC3339 text format. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'currentActions' + description: | + The list of instance actions and the number of instances in this + managed instance group that are scheduled for each of those actions. + properties: + - !ruby/object:Api::Type::Integer + name: 'abandoning' +======= - name: 'currentActions' type: NestedObject description: | @@ -80,13 +142,19 @@ properties: properties: - name: 'abandoning' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'creating' +======= - name: 'creating' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the @@ -97,28 +165,48 @@ properties: populated; instead, the creatingWithoutRetries field will be populated. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'creatingWithoutRetries' +======= - name: 'creatingWithoutRetries' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'deleting' +======= - name: 'deleting' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'none' +======= - name: 'none' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The number of instances in the managed instance group that are running and have no scheduled actions. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'recreating' +======= - name: 'recreating' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The number of instances in the managed instance group that are scheduled to be recreated or are currently being being recreated. @@ -126,27 +214,60 @@ properties: and creates a new disk from the image that is defined in the instance template. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'refreshing' +======= - name: 'refreshing' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The number of instances in the managed instance group that are being reconfigured with properties that do not require a restart or a recreate action. For example, setting or removing target pools for the instance. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'restarting' +======= - name: 'restarting' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The number of instances in the managed instance group that are scheduled to be restarted or are currently being restarted. output: true +<<<<<<< HEAD + output: true + - !ruby/object:Api::Type::String + name: 'description' +======= - name: 'description' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional description of this resource. Provide this property when you create the resource. immutable: true # fingerprint ignored as it is an internal locking detail +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'id' + description: 'A unique identifier for this resource' + output: true + - !ruby/object:Api::Type::ResourceRef + name: 'instanceGroup' + resource: 'InstanceGroup' + imports: 'selfLink' + description: 'The instance group being managed' + output: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::ResourceRef + name: 'instanceTemplate' + resource: 'InstanceTemplate' + imports: 'selfLink' +======= - name: 'id' type: Integer description: 'A unique identifier for this resource' @@ -160,22 +281,51 @@ properties: imports: 'selfLink' - name: 'instanceTemplate' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group. required: true # kind is internal transport detail +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::String + name: 'name' +======= custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'InstanceTemplate' imports: 'selfLink' - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035. required: true # TODO(nelsonjr): Make namedPorts a NameValue(name[string], port[integer]) +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'namedPorts' + description: + Named ports configured for the Instance Groups complementary to this + Instance Group Manager. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + description: | + The name for this named port. The name must be 1-63 characters + long, and comply with RFC1035. + - !ruby/object:Api::Type::Integer + name: 'port' + description: + The port number, which can be a value between 1 and 65535. + - !ruby/object:Api::Type::ResourceRef + name: 'region' + resource: 'Region' + imports: 'selfLink' +======= - name: 'namedPorts' type: Array description: @@ -195,19 +345,36 @@ properties: The port number, which can be a value between 1 and 65535. - name: 'region' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The region this managed instance group resides (for regional resources). output: true +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Array + name: 'targetPools' +======= custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Region' imports: 'selfLink' - name: 'targetPools' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | TargetPool resources to which instances in the instanceGroup field are added. The target pools automatically apply to all of the instances in the managed instance group. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::ResourceRef + name: 'targetPool' + description: 'The targetPool to receive managed instances.' + resource: 'TargetPool' + imports: 'selfLink' + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Integer + name: 'targetSize' +======= custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.tmpl' item_type: name: 'targetPool' @@ -217,6 +384,7 @@ properties: imports: 'selfLink' - name: 'targetSize' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The target number of running instances for this managed instance group. Deleting or abandoning instances reduces this number. Resizing diff --git a/mmv1/products/compute/InstanceGroupMembership.yaml b/mmv1/products/compute/InstanceGroupMembership.yaml index 0236c91b9ec6..21cb153aaffe 100644 --- a/mmv1/products/compute/InstanceGroupMembership.yaml +++ b/mmv1/products/compute/InstanceGroupMembership.yaml @@ -11,9 +11,16 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'InstanceGroupMembership' +kind: 'compute#instanceGroup' +base_url: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{instance_group}}' +======= --- name: 'InstanceGroupMembership' kind: 'compute#instanceGroup' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Represents the Instance membership to the Instance Group. @@ -25,12 +32,55 @@ description: | Instance is recreated, it's removed from Instance Group and it's needed to perform `apply` twice. To avoid situations like this, please use this resource with the lifecycle `replace_triggered_by` method, with the passed Instance's ID. +<<<<<<< HEAD +immutable: true +create_verb: :POST +create_url: projects/{{project}}/zones/{{zone}}/instanceGroups/{{instance_group}}/addInstances +delete_verb: :POST +delete_url: projects/{{project}}/zones/{{zone}}/instanceGroups/{{instance_group}}/removeInstances +read_verb: :POST +self_link: projects/{{project}}/zones/{{zone}}/instanceGroups/{{instance_group}}/listInstances +identity: + - instance +nested_query: !ruby/object:Api::Resource::NestedQuery + keys: + - items +references: !ruby/object:Api::Resource::ReferenceLinks +======= references: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 guides: 'Add instances': 'https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroups/addInstances' 'Remove instances': 'https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroups/removeInstances' 'List instances': 'https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroups/listInstances' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroups' +<<<<<<< HEAD +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +id_format: '{{project}}/{{zone}}/{{instance_group}}/{{instance}}' +mutex: instanceGroups/{{project}}/zones/{{zone}}/{{instance_group}} +exclude_tgc: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'instance_group_membership' + skip_test: true +======= docs: id_format: '{{project}}/{{zone}}/{{instance_group}}/{{instance}}' base_url: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{instance_group}}' @@ -73,10 +123,44 @@ custom_code: exclude_tgc: true examples: - name: 'instance_group_membership' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: network_name: 'network' instance_group_name: 'instance-group' instance_name: 'instance' +<<<<<<< HEAD +custom_code: !ruby/object:Provider::Terraform::CustomCode + pre_delete: templates/terraform/pre_delete/compute_instance_group_membership.go.erb + custom_import: templates/terraform/custom_import/compute_instance_group_membership.go.erb + encoder: templates/terraform/encoders/compute_instance_group_membership.go.erb +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'zone' + resource: 'Zone' + imports: 'name' + description: 'A reference to the zone where the instance group resides.' + url_param_only: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::ResourceRef + name: 'instanceGroup' + resource: 'InstanceGroup' + imports: 'name' + description: | + Represents an Instance Group resource name that the instance belongs to. + required: true + url_param_only: true + ignore_read: true + diff_suppress_func: tpgresource.CompareResourceNames +properties: + - !ruby/object:Api::Type::ResourceRef + name: 'instance' + description: 'An instance being added to the InstanceGroup' + resource: 'Instance' + imports: 'selfLink' + required: true + custom_flatten: 'templates/terraform/custom_flatten/full_to_relative_path.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +======= exclude_test: true parameters: - name: 'zone' @@ -105,3 +189,4 @@ properties: custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Instance' imports: 'selfLink' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/InstanceGroupNamedPort.yaml b/mmv1/products/compute/InstanceGroupNamedPort.yaml index 73def1eff8cd..02d783b9e0f2 100644 --- a/mmv1/products/compute/InstanceGroupNamedPort.yaml +++ b/mmv1/products/compute/InstanceGroupNamedPort.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,13 +15,69 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'InstanceGroupNamedPort' +base_url: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}' +self_link: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}' +immutable: true +======= --- name: 'InstanceGroupNamedPort' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Mange the named ports setting for a managed instance group without managing the group as whole. This resource is primarily intended for use with GKE-generated groups that shouldn't otherwise be managed by other tools. +<<<<<<< HEAD +create_verb: :POST +create_url: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}/setNamedPorts' +delete_verb: :POST +delete_url: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}/setNamedPorts' +identity: + - port + - name +nested_query: !ruby/object:Api::Resource::NestedQuery + modify_by_patch: true + keys: + - namedPorts +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/compute/docs/instance-groups/' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroup' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +id_format: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}/{{port}}/{{name}}' +import_format: + [ + 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}/{{port}}/{{name}}', + ] +mutex: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'instance_group_named_port_gke' + primary_resource_id: + 'my_port' + # Multiple fine-grained resources + skip_vcr: true +======= references: guides: 'Official Documentation': 'https://cloud.google.com/compute/docs/instance-groups/' @@ -64,12 +124,51 @@ custom_code: examples: - name: 'instance_group_named_port_gke' primary_resource_id: 'my_port' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: network_name: 'container-network' subnetwork_name: 'container-subnetwork' gke_cluster_name: 'my-cluster' deletion_protection: 'true' test_vars_overrides: +<<<<<<< HEAD + deletion_protection: 'false' + oics_vars_overrides: + deletion_protection: 'false' +custom_code: !ruby/object:Provider::Terraform::CustomCode + encoder: 'templates/terraform/encoders/normalize_group.go.erb' +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'group' + resource: 'InstanceGroup' + imports: 'name' + required: true + url_param_only: true + description: | + The name of the instance group. + diff_suppress_func: 'tpgresource.CompareResourceNames' + - !ruby/object:Api::Type::ResourceRef + name: 'zone' + resource: 'Zone' + imports: 'name' + required: false + url_param_only: true + description: | + The zone of the instance group. + default_from_api: true + ignore_read: true +properties: + - !ruby/object:Api::Type::String + name: 'name' + required: true + description: | + The name for this named port. The name must be 1-63 characters + long, and comply with RFC1035. + - !ruby/object:Api::Type::Integer + name: 'port' + required: true + description: The port number, which can be a value between 1 and 65535. +======= 'deletion_protection': 'false' oics_vars_overrides: 'deletion_protection': 'false' @@ -106,3 +205,4 @@ properties: type: Integer description: The port number, which can be a value between 1 and 65535. required: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/InstanceSettings.yaml b/mmv1/products/compute/InstanceSettings.yaml index b702e25879ed..d18007adaf06 100644 --- a/mmv1/products/compute/InstanceSettings.yaml +++ b/mmv1/products/compute/InstanceSettings.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,71 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'InstanceSettings' +kind: 'compute#instanceSettings' +base_url: projects/{{project}}/zones/{{zone}}/instanceSettings +self_link: projects/{{project}}/zones/{{zone}}/instanceSettings +description: | + Represents an Instance Settings resource. Instance settings are centralized configuration parameters that allow users to configure the default values for specific VM parameters that are normally set using GCE instance API methods. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Update Instance Settings': 'https://cloud.google.com/compute/docs/metadata/setting-custom-metadata#set-custom-project-zonal-metadata' + api: 'https://cloud.google.com/compute/docs/reference/rest/beta/instanceSettings' +create_verb: :PATCH +create_url: 'projects/{{project}}/zones/{{zone}}/instanceSettings?update_mask=*' +update_verb: :PATCH +update_url: 'projects/{{project}}/zones/{{zone}}/instanceSettings?update_mask=*' +import_format: ['projects/{{project}}/zones/{{zone}}/instanceSettings'] +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'instance_settings_basic' + primary_resource_id: 'gce_instance_settings' +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_delete: templates/terraform/custom_delete/clear_instance_settings.go.erb + test_check_destroy: templates/terraform/custom_check_destroy/skip_delete_during_test.go.erb +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'zone' + resource: 'Zone' + imports: 'name' + description: 'A reference to the zone where the machine resides.' + required: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::Fingerprint + name: 'fingerprint' + description: | + The fingerprint used for optimistic locking of this resource. Used + internally during updates. + custom_expand: 'templates/terraform/custom_expand/compute_instance_settings_fingerprint.erb' + - !ruby/object:Api::Type::NestedObject + name: 'metadata' + description: | + The metadata key/value pairs assigned to all the instances in the corresponding scope. + properties: + - !ruby/object:Api::Type::KeyValuePairs + name: 'items' +======= --- name: 'InstanceSettings' kind: 'compute#instanceSettings' @@ -76,5 +145,6 @@ properties: properties: - name: 'items' type: KeyValuePairs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A metadata key/value items map. The total size of all keys and values must be less than 512KB diff --git a/mmv1/products/compute/Interconnect.yaml b/mmv1/products/compute/Interconnect.yaml index 308ec75e4fc3..c51773c1f445 100644 --- a/mmv1/products/compute/Interconnect.yaml +++ b/mmv1/products/compute/Interconnect.yaml @@ -11,12 +11,47 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +======= --- +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 name: 'Interconnect' kind: 'compute#Interconnect' description: | Represents an Interconnect resource. The Interconnect resource is a dedicated connection between Google's network and your on-premises network. +<<<<<<< HEAD +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Create a Dedicated Interconnect': 'https://cloud.google.com/network-connectivity/docs/interconnect/concepts/dedicated-overview' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/interconnects' +base_url: 'projects/{{project}}/global/interconnects' +self_link: 'projects/{{project}}/global/interconnects/{{name}}' +update_verb: :PATCH +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 10000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'compute_interconnect_basic' + skip_test: true +======= references: guides: 'Create a Dedicated Interconnect': 'https://cloud.google.com/network-connectivity/docs/interconnect/concepts/dedicated-overview' @@ -48,12 +83,36 @@ custom_code: post_create: 'templates/terraform/post_create/labels.tmpl' examples: - name: 'compute_interconnect_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'example-interconnect' vars: interconnect_name: 'example-interconnect' customer_name: 'example_customer' deletion_protection: 'true' test_vars_overrides: +<<<<<<< HEAD + deletion_protection: 'false' + - !ruby/object:Provider::Terraform::Examples + name: 'compute_interconnect_basic_test' + skip_docs: true + primary_resource_id: 'example-interconnect' + vars: + interconnect_name: 'example-interconnect' +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: templates/terraform/constants/interconnect.go.erb +properties: + - !ruby/object:Api::Type::String + name: 'description' + description: | + An optional description of this resource. Provide this property when you create the resource. + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: | + Creation timestamp in RFC3339 text format. + output: true + - !ruby/object:Api::Type::String + name: 'name' +======= 'deletion_protection': 'false' exclude_test: true - name: 'compute_interconnect_basic_test' @@ -74,6 +133,7 @@ properties: output: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters @@ -82,6 +142,20 @@ properties: lowercase letter, or digit, except the last character, which cannot be a dash. required: true immutable: true +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + regex: '^[a-z]([-a-z0-9]*[a-z0-9])?$' + - !ruby/object:Api::Type::ResourceRef + name: 'location' + description: | + URL of the InterconnectLocation object that represents where this connection is to be provisioned. + Specifies the location inside Google's Networks, should not be passed in case of cross-cloud interconnect. + resource: 'InterconnectLocations' + imports: 'selfLink' + immutable: true + - !ruby/object:Api::Type::Enum + name: 'linkType' +======= validation: regex: '^[a-z]([-a-z0-9]*[a-z0-9])?$' - name: 'location' @@ -94,11 +168,21 @@ properties: imports: 'selfLink' - name: 'linkType' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Type of link requested. Note that this field indicates the speed of each of the links in the bundle, not the speed of the entire bundle. Can take one of the following values: - LINK_TYPE_ETHERNET_10G_LR: A 10G Ethernet with LR optics. - LINK_TYPE_ETHERNET_100G_LR: A 100G Ethernet with LR optics. +<<<<<<< HEAD + values: + - :LINK_TYPE_ETHERNET_10G_LR + - :LINK_TYPE_ETHERNET_100G_LR + required: true + immutable: true + - !ruby/object:Api::Type::Integer + name: 'requestedLinkCount' +======= required: true immutable: true enum_values: @@ -106,17 +190,36 @@ properties: - 'LINK_TYPE_ETHERNET_100G_LR' - name: 'requestedLinkCount' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Target number of physical links in the link bundle, as requested by the customer. required: true immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'interconnectType' +======= - name: 'interconnectType' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Type of interconnect. Note that a value IT_PRIVATE has been deprecated in favor of DEDICATED. Can take one of the following values: - PARTNER: A partner-managed interconnection shared between customers though a partner. - DEDICATED: A dedicated physical interconnection with the customer. +<<<<<<< HEAD + values: + - :DEDICATED + - :PARTNER + - :IT_PRIVATE + required: true + immutable: true + diff_suppress_func: InterconnectTypeDiffSuppress + - !ruby/object:Api::Type::Boolean + name: 'adminEnabled' + send_empty_value: true + default_value: true +======= required: true immutable: true diff_suppress_func: 'InterconnectTypeDiffSuppress' @@ -126,29 +229,45 @@ properties: - 'IT_PRIVATE' - name: 'adminEnabled' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Administrative status of the interconnect. When this is set to true, the Interconnect is functional and can carry traffic. When set to false, no packets can be carried over the interconnect and no BGP routes are exchanged over it. By default, the status is set to true. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'nocContactEmail' +======= send_empty_value: true default_value: true - name: 'nocContactEmail' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Email address to contact the customer NOC for operations and maintenance notifications regarding this Interconnect. If specified, this will be used for notifications in addition to all other forms described, such as Cloud Monitoring logs alerting and Cloud Notifications. This field is required for users who sign up for Cloud Interconnect using workforce identity federation. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'customerName' +======= - name: 'customerName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Customer name, to put in the Letter of Authorization as the party authorized to request a crossconnect. This field is required for Dedicated and Partner Interconnect, should not be specified for cross-cloud interconnect. immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'operationalStatus' +======= - name: 'operationalStatus' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The current status of this Interconnect's functionality, which can take one of the following: - OS_ACTIVE: A valid Interconnect, which is turned up and is ready to use. Attachments may @@ -157,6 +276,26 @@ properties: provisioned on this Interconnect. - OS_UNDER_MAINTENANCE: An Interconnect that is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect. +<<<<<<< HEAD + values: + - :OS_ACTIVE + - :OS_UNPROVISIONED + - :OS_UNDER_MAINTENANCE + output: true + - !ruby/object:Api::Type::Integer + name: 'provisionedLinkCount' + description: | + Number of links actually provisioned in this interconnect. + output: true + - !ruby/object:Api::Type::Array + name: 'interconnectAttachments' + item_type: Api::Type::String + description: | + A list of the URLs of all InterconnectAttachments configured to use this Interconnect. + output: true + - !ruby/object:Api::Type::String + name: 'peerIpAddress' +======= output: true enum_values: - 'OS_ACTIVE' @@ -176,23 +315,55 @@ properties: type: String - name: 'peerIpAddress' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | IP address configured on the customer side of the Interconnect link. The customer should configure this IP address during turnup when prompted by Google NOC. This can be used only for ping tests. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'googleIpAddress' +======= - name: 'googleIpAddress' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | IP address configured on the Google side of the Interconnect link. This can be used only for ping tests. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'googleReferenceId' +======= - name: 'googleReferenceId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Google reference ID to be used when raising support tickets with Google or otherwise to debug backend connectivity issues. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'expectedOutages' + output: true + description: A list of outages expected for this Interconnect. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + Unique identifier for this outage notification. + - !ruby/object:Api::Type::String + name: 'description' + output: true + description: | + A description about the purpose of the outage. + - !ruby/object:Api::Type::Enum + name: 'source' + output: true +======= - name: 'expectedOutages' type: Array description: A list of outages expected for this Interconnect. @@ -212,15 +383,24 @@ properties: output: true - name: 'source' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The party that generated this notification. Note that the value of NSRC_GOOGLE has been deprecated in favor of GOOGLE. Can take the following value: - GOOGLE: this notification as generated by Google. +<<<<<<< HEAD + values: + - :GOOGLE + - !ruby/object:Api::Type::Enum + name: 'state' + output: true +======= output: true enum_values: - 'GOOGLE' - name: 'state' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | State of this notification. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values. Can take one of the following values: @@ -229,6 +409,15 @@ properties: - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. - COMPLETED: The outage associated with this notification is complete. +<<<<<<< HEAD + values: + - :ACTIVE + - :CANCELLED + - :COMPLETED + - !ruby/object:Api::Type::Enum + name: 'issueType' + output: true +======= output: true enum_values: - 'ACTIVE' @@ -236,6 +425,7 @@ properties: - 'COMPLETED' - name: 'issueType' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Form this outage is expected to take. Note that the versions of this enum prefixed with "IT_" have been deprecated in favor of the unprefixed values. Can take one of the @@ -244,6 +434,57 @@ properties: specified window. - PARTIAL_OUTAGE: Some circuits comprising the Interconnect as a whole should remain up, but with reduced bandwidth. +<<<<<<< HEAD + values: + - :OUTAGE + - :PARTIAL_OUTAGE + - !ruby/object:Api::Type::Array + name: 'affectedCircuits' + output: true + item_type: Api::Type::String + description: | + If issueType is IT_PARTIAL_OUTAGE, a list of the Google-side circuit IDs that will be + affected. + - !ruby/object:Api::Type::String + name: 'startTime' + output: true + description: | + Scheduled start time for the outage (milliseconds since Unix epoch). + - !ruby/object:Api::Type::String + name: 'endTime' + output: true + description: | + Scheduled end time for the outage (milliseconds since Unix epoch). + - !ruby/object:Api::Type::Array + name: 'circuitInfos' + output: true + description: A list of CircuitInfo objects, that describe the individual circuits in this LAG. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'googleCircuitId' + output: true + description: | + Google-assigned unique ID for this circuit. Assigned at circuit turn-up. + - !ruby/object:Api::Type::String + name: 'googleDemarcId' + output: true + description: | + Google-side demarc ID for this circuit. Assigned at circuit turn-up and provided by + Google to the customer in the LOA. + - !ruby/object:Api::Type::String + name: 'customerDemarcId' + output: true + description: | + Customer-side demarc ID for this circuit. + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: | + Labels for this resource. These can only be added or modified by the setLabels + method. Each label key/value pair must comply with RFC1035. Label values may be empty. + - !ruby/object:Api::Type::Fingerprint + name: 'labelFingerprint' +======= output: true enum_values: - 'OUTAGE' @@ -300,15 +541,21 @@ properties: type: Fingerprint update_url: 'projects/{{project}}/global/interconnects/{{name}}/setLabels' update_verb: 'POST' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A fingerprint for the labels being applied to this Interconnect, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'state' +======= output: true - name: 'state' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The current state of Interconnect functionality, which can take one of the following values: - ACTIVE: The Interconnect is valid, turned up and ready to use. @@ -317,6 +564,19 @@ properties: provisioned on this Interconnect. - UNDER_MAINTENANCE: The Interconnect is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect. +<<<<<<< HEAD + values: + - :ACTIVE + - :UNPROVISIONED + - :UNDER_MAINTENANCE + output: true + - !ruby/object:Api::Type::Boolean + name: 'satisfiesPzs' + description: Reserved for future use. + output: true + - !ruby/object:Api::Type::NestedObject + name: 'macsec' +======= output: true enum_values: - 'ACTIVE' @@ -328,57 +588,107 @@ properties: output: true - name: 'macsec' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Configuration that enables Media Access Control security (MACsec) on the Cloud Interconnect connection between Google and your on-premises router. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'preSharedKeys' +======= - name: 'preSharedKeys' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A keychain placeholder describing a set of named key objects along with their start times. A MACsec CKN/CAK is generated for each key in the key chain. Google router automatically picks the key with the most recent startTime when establishing or re-establishing a MACsec secure link. required: true +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + required: true +======= item_type: type: NestedObject properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A name for this pre-shared key. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + regex: '^[a-z]([-a-z0-9]*[a-z0-9])?$' + - !ruby/object:Api::Type::String + name: 'startTime' +======= required: true validation: regex: '^[a-z]([-a-z0-9]*[a-z0-9])?$' - name: 'startTime' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A RFC3339 timestamp on or after which the key is valid. startTime can be in the future. If the keychain has a single key, startTime can be omitted. If the keychain has multiple keys, startTime is mandatory for each key. The start times of keys must be in increasing order. The start times of two consecutive keys must be at least 6 hours apart. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'failOpen' +======= - name: 'failOpen' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If set to true, the Interconnect connection is configured with a should-secure MACsec security policy, that allows the Google router to fallback to cleartext traffic if the MKA session cannot be established. By default, the Interconnect connection is configured with a must-secure security policy that drops all traffic if the MKA session cannot be established with your router. +<<<<<<< HEAD + deprecation_message: >- + `failOpen` is deprecated and will be removed in a future major release. Use + other `failOpen` instead. + - !ruby/object:Api::Type::Boolean + name: 'failOpen' +======= deprecation_message: '`failOpen` is deprecated and will be removed in a future major release. Use other `failOpen` instead.' - name: 'failOpen' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If set to true, the Interconnect connection is configured with a should-secure MACsec security policy, that allows the Google router to fallback to cleartext traffic if the MKA session cannot be established. By default, the Interconnect connection is configured with a must-secure security policy that drops all traffic if the MKA session cannot be established with your router. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'macsecEnabled' + description: | + Enable or disable MACsec on this Interconnect connection. + MACsec enablement fails if the MACsec object is not specified. + - !ruby/object:Api::Type::String + name: 'remoteLocation' + immutable: true + description: | + Indicates that this is a Cross-Cloud Interconnect. This field specifies the location outside + of Google's network that the interconnect is connected to. + - !ruby/object:Api::Type::Array + name: 'requestedFeatures' + immutable: true +======= - name: 'macsecEnabled' type: Boolean description: | @@ -392,12 +702,24 @@ properties: immutable: true - name: 'requestedFeatures' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | interconnects.list of features requested for this Interconnect connection. Options: IF_MACSEC ( If specified then the connection is created on MACsec capable hardware ports. If not specified, the default value is false, which allocates non-MACsec capable ports first if available). Note that MACSEC is still technically allowed for compatibility reasons, but it does not work with the API, and will be removed in an upcoming major version. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::Enum + name: 'requestedFeatures' + description: | + interconnects.list of features requested for this Interconnect connection + values: + - :MACSEC + - :IF_MACSEC + - !ruby/object:Api::Type::Array + name: 'availableFeatures' +======= immutable: true item_type: type: Enum @@ -408,11 +730,16 @@ properties: - 'IF_MACSEC' - name: 'availableFeatures' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | interconnects.list of features available for this Interconnect connection. Can take the value: MACSEC. If present then the Interconnect connection is provisioned on MACsec capable hardware ports. If not present then the Interconnect connection is provisioned on non-MACsec capable ports and MACsec isn't supported and enabling MACsec fails). output: true +<<<<<<< HEAD + item_type: Api::Type::String +======= item_type: type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/InterconnectAttachment.yaml b/mmv1/products/compute/InterconnectAttachment.yaml index 2dc641ba7ced..5bdfe425d2d2 100644 --- a/mmv1/products/compute/InterconnectAttachment.yaml +++ b/mmv1/products/compute/InterconnectAttachment.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -10,6 +14,39 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'InterconnectAttachment' +kind: 'compute#interconnectAttachment' +base_url: 'projects/{{project}}/regions/{{region}}/interconnectAttachments' +collection_url_key: 'items' +update_verb: :PATCH +has_self_link: true +description: | + Represents an InterconnectAttachment (VLAN attachment) resource. For more + information, see Creating VLAN Attachments. +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'interconnect_attachment_basic' +======= --- name: 'InterconnectAttachment' @@ -46,26 +83,64 @@ custom_code: pre_delete: 'templates/terraform/pre_delete/interconnect_attachment.go.tmpl' examples: - name: 'interconnect_attachment_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'on_prem' vars: interconnect_attachment_name: 'on-prem-attachment' router_name: 'router-1' network_name: 'network-1' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'interconnect_attachment_dedicated' + skip_docs: true +======= - name: 'interconnect_attachment_dedicated' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'on_prem' vars: interconnect_name: 'interconenct-1' interconnect_attachment_name: 'on-prem-attachment' router_name: 'router-1' network_name: 'network-1' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'compute_interconnect_attachment_ipsec_encryption' +======= exclude_docs: true - name: 'compute_interconnect_attachment_ipsec_encryption' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'ipsec-encrypted-interconnect-attachment' vars: interconnect_attachment_name: 'test-interconnect-attachment' address_name: 'test-address' router_name: 'test-router' network_name: 'test-network' +<<<<<<< HEAD +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: templates/terraform/constants/interconnect_attachment.go.erb + post_create: templates/terraform/post_create/interconnect_attachment.go.erb + pre_delete: templates/terraform/pre_delete/interconnect_attachment.go.erb +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'region' + resource: 'Region' + imports: 'selfLink' + required: false + description: | + Region where the regional interconnect attachment resides. + default_from_api: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::Boolean + name: 'adminEnabled' + send_empty_value: true + default_value: true + description: | + Whether the VLAN attachment is enabled or disabled. When using + PARTNER type this will Pre-Activate the interconnect attachment + - !ruby/object:Api::Type::String + name: 'cloudRouterIpAddress' +======= parameters: - name: 'region' type: ResourceRef @@ -86,22 +161,50 @@ properties: default_value: true - name: 'cloudRouterIpAddress' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | IPv4 address + prefix length to be configured on Cloud Router Interface for this interconnect attachment. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'customerRouterIpAddress' +======= - name: 'customerRouterIpAddress' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | IPv4 address + prefix length to be configured on the customer router subinterface for this interconnect attachment. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'interconnect' + immutable: true +======= - name: 'interconnect' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | URL of the underlying Interconnect object that this attachment's traffic will traverse through. Required if type is DEDICATED, must not be set if type is PARTNER. +<<<<<<< HEAD + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - !ruby/object:Api::Type::String + name: 'description' + description: | + An optional description of this resource. + - !ruby/object:Api::Type::String + name: 'mtu' + description: | + Maximum Transmission Unit (MTU), in bytes, of packets passing through + this interconnect attachment. Currently, only 1440 and 1500 are allowed. If not specified, the value will default to 1440. + custom_flatten: templates/terraform/custom_flatten/float64_to_int_to_string.go.erb + default_from_api: true + - !ruby/object:Api::Type::Enum + name: 'bandwidth' +======= immutable: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - name: 'description' @@ -117,12 +220,32 @@ properties: custom_flatten: 'templates/terraform/custom_flatten/float64_to_int_to_string.go.tmpl' - name: 'bandwidth' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, Defaults to BPS_10G +<<<<<<< HEAD + values: + - :BPS_50M + - :BPS_100M + - :BPS_200M + - :BPS_300M + - :BPS_400M + - :BPS_500M + - :BPS_1G + - :BPS_2G + - :BPS_5G + - :BPS_10G + - :BPS_20G + - :BPS_50G + default_from_api: true + - !ruby/object:Api::Type::String + name: 'edgeAvailabilityDomain' + immutable: true +======= default_from_api: true enum_values: - 'BPS_50M' @@ -139,6 +262,7 @@ properties: - 'BPS_50G' - name: 'edgeAvailabilityDomain' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Desired availability domain for the attachment. Only available for type PARTNER, at creation time. For improved reliability, customers should @@ -146,35 +270,83 @@ properties: selected availability domain will be provided to the Partner via the pairing key so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY. +<<<<<<< HEAD + default_from_api: true + - !ruby/object:Api::Type::String + name: 'pairingKey' +======= immutable: true default_from_api: true - name: 'pairingKey' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | [Output only for type PARTNER. Not present for DEDICATED]. The opaque identifier of an PARTNER attachment used to initiate provisioning with a selected partner. Of the form "XXXXX/region/domain" output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'partnerAsn' +======= - name: 'partnerAsn' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | [Output only for type PARTNER. Not present for DEDICATED]. Optional BGP ASN for the router that should be supplied by a layer 3 Partner if they configured BGP on behalf of the customer. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'privateInterconnectInfo' +======= - name: 'privateInterconnectInfo' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Information specific to an InterconnectAttachment. This property is populated if the interconnect that this is attached to is of type DEDICATED. output: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: tag8021q +======= - name: 'tag8021q' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | 802.1q encapsulation tag to be used for traffic between Google and the customer, going to and from this network and region. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'type' + immutable: true + description: | + The type of InterconnectAttachment you wish to create. Defaults to + DEDICATED. + values: + - :DEDICATED + - :PARTNER + - :PARTNER_PROVIDER + default_from_api: true + - !ruby/object:Api::Type::Enum + name: 'state' + description: | + [Output Only] The current state of this attachment's functionality. + values: + - :ACTIVE + - :DEFUNCT + - :PARTNER_REQUEST_RECEIVED + - :PENDING_CUSTOMER + - :PENDING_PARTNER + - :STATE_UNSPECIFIED + output: true + - !ruby/object:Api::Type::String + name: 'googleReferenceId' +======= - name: 'type' type: Enum description: | @@ -200,12 +372,20 @@ properties: - 'STATE_UNSPECIFIED' - name: 'googleReferenceId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Google reference ID, to be used when raising support tickets with Google or otherwise to debug backend connectivity issues. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: 'router' + resource: 'Router' + imports: 'selfLink' +======= - name: 'router' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | URL of the cloud router to be used for dynamic routing. This router must be in the same region as this InterconnectAttachment. The InterconnectAttachment will @@ -214,6 +394,16 @@ properties: required: true immutable: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: | + Creation timestamp in RFC3339 text format. + output: true + - !ruby/object:Api::Type::String + name: 'name' +======= custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Router' imports: 'selfLink' @@ -224,6 +414,7 @@ properties: output: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the @@ -233,10 +424,18 @@ properties: letter, or digit, except the last character, which cannot be a dash. required: true immutable: true +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + regex: '^[a-z]([-a-z0-9]*[a-z0-9])?$' + - !ruby/object:Api::Type::Array + name: candidateSubnets + immutable: true +======= validation: regex: '^[a-z]([-a-z0-9]*[a-z0-9])?$' - name: 'candidateSubnets' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Up to 16 candidate prefixes that can be used to restrict the allocation of cloudRouterIpAddress and customerRouterIpAddress for this attachment. @@ -245,6 +444,19 @@ properties: an unused /29 from the supplied candidate prefix(es). The request will fail if all possible /29s are in use on Google's edge. If not supplied, Google will randomly select an unused /29 from all of link-local space. +<<<<<<< HEAD + ignore_read: true + item_type: Api::Type::String + - !ruby/object:Api::Type::Integer + name: vlanTag8021q + immutable: true + description: | + The IEEE 802.1Q VLAN tag for this attachment, in the range 2-4094. When + using PARTNER type this will be managed upstream. + default_from_api: true + - !ruby/object:Api::Type::Array + name: 'ipsecInternalAddresses' +======= immutable: true ignore_read: true item_type: @@ -258,6 +470,7 @@ properties: default_from_api: true - name: 'ipsecInternalAddresses' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | URL of addresses that have been reserved for the interconnect attachment, Used only for interconnect attachment that has the encryption option as @@ -275,6 +488,18 @@ properties: interconnect attachment, the HA VPN gateway's IP address will be allocated from regional external IP address pool. immutable: true +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::ResourceRef + name: 'ipsecInternalAddress' + resource: 'Address' + imports: 'selfLink' + description: | + URL of an address that has been reserved for the interconnect + attachment. + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Enum + name: 'encryption' +======= custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.tmpl' item_type: name: 'ipsecInternalAddress' @@ -286,6 +511,7 @@ properties: imports: 'selfLink' - name: 'encryption' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates the user-supplied encryption option of this interconnect attachment. Can only be specified at attachment creation for PARTNER or @@ -299,6 +525,15 @@ properties: such a VLAN attachment. To use HA VPN over Cloud Interconnect, the VLAN attachment must be created with this option. immutable: true +<<<<<<< HEAD + values: + - :NONE + - :IPSEC + default_value: :NONE + custom_flatten: templates/terraform/custom_flatten/default_if_empty.erb + - !ruby/object:Api::Type::Enum + name: 'stackType' +======= custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' default_value: "NONE" enum_values: @@ -306,29 +541,49 @@ properties: - 'IPSEC' - name: 'stackType' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The stack type for this interconnect attachment to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at interconnect attachments creation and update interconnect attachment operations. +<<<<<<< HEAD + values: + - :IPV4_IPV6 + - :IPV4_ONLY + default_from_api: true + - !ruby/object:Api::Type::String + name: 'cloudRouterIpv6Address' +======= default_from_api: true enum_values: - 'IPV4_IPV6' - 'IPV4_ONLY' - name: 'cloudRouterIpv6Address' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | IPv6 address + prefix length to be configured on Cloud Router Interface for this interconnect attachment. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'customerRouterIpv6Address' +======= - name: 'customerRouterIpv6Address' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | IPv6 address + prefix length to be configured on the customer router subinterface for this interconnect attachment. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'subnetLength' +======= - name: 'subnetLength' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29, except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a diff --git a/mmv1/products/compute/License.yaml b/mmv1/products/compute/License.yaml index a5c05f43a681..3a8ce2c14088 100644 --- a/mmv1/products/compute/License.yaml +++ b/mmv1/products/compute/License.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,15 +15,30 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'License' +kind: 'compute#license' +base_url: /projects/{{project}}/global/licenses +collection_url_key: 'items' +readonly: true +has_self_link: true +======= --- name: 'License' kind: 'compute#license' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A License resource represents a software license. Licenses are used to track software usage in images, persistent disks, snapshots, and virtual machine instances. # Used as a resource reference exclude: true +<<<<<<< HEAD +properties: + - !ruby/object:Api::Type::String + name: 'name' +======= readonly: true docs: base_url: '/projects/{{project}}/global/licenses' @@ -34,12 +53,18 @@ parameters: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. The name is 1-63 characters long and complies with RFC1035. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'chargesUseFee' +======= - name: 'chargesUseFee' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If true, the customer will be charged license fee for running software that contains this license on an instance. diff --git a/mmv1/products/compute/MachineImage.yaml b/mmv1/products/compute/MachineImage.yaml index 1e5ff5de1b54..fceb349012c2 100644 --- a/mmv1/products/compute/MachineImage.yaml +++ b/mmv1/products/compute/MachineImage.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,13 +15,66 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'MachineImage' +kind: 'compute#machineImage' +base_url: projects/{{project}}/global/machineImages +collection_url_key: 'items' +immutable: true +has_self_link: true +======= --- name: 'MachineImage' kind: 'compute#machineImage' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Represents a Machine Image resource. Machine images store all the configuration, metadata, permissions, and data from one or more disks required to create a Virtual machine (VM) instance. +<<<<<<< HEAD +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/compute/docs/machine-images' + api: 'https://cloud.google.com/compute/docs/reference/rest/beta/machineImages' +min_version: beta +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +iam_policy: !ruby/object:Api::Resource::IamPolicy + allowed_iam_role: 'roles/compute.admin' + parent_resource_attribute: 'machine_image' + iam_conditions_request_type: :QUERY_PARAM +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'machine_image_basic' + primary_resource_id: 'image' + primary_resource_name: + 'fmt.Sprintf("tf-test-my-image%s", context["random_suffix"])' + vars: + vm_name: 'my-vm' + image_name: 'my-image' + - !ruby/object:Provider::Terraform::Examples + name: 'compute_machine_image_kms' + primary_resource_id: 'image' + primary_resource_name: + 'fmt.Sprintf("tf-test-my-image%s", context["random_suffix"])' +======= min_version: 'beta' references: guides: @@ -62,12 +119,49 @@ examples: - name: 'compute_machine_image_kms' primary_resource_id: 'image' primary_resource_name: 'fmt.Sprintf("tf-test-my-image%s", context["random_suffix"])' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: vm_name: 'my-vm' image_name: 'my-image' key_name: 'key' keyring_name: 'keyring' test_vars_overrides: +<<<<<<< HEAD + policyChanged: + 'acctest.BootstrapPSARole(t, "service-", "compute-system", + "roles/cloudkms.cryptoKeyEncrypterDecrypter")' + +properties: + - !ruby/object:Api::Type::String + name: name + description: 'Name of the resource.' + required: true + - !ruby/object:Api::Type::String + name: description + description: 'A text description of the resource.' + - !ruby/object:Api::Type::ResourceRef + name: sourceInstance + description: + 'The source instance used to create the machine image. You can provide + this as a partial or full URL to the resource.' + resource: 'Instance' + imports: 'selfLink' + required: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Array + name: 'storageLocations' + description: | + The regional or multi-regional Cloud Storage bucket location where the machine image is stored. + item_type: Api::Type::String + output: true + - !ruby/object:Api::Type::Boolean + name: guestFlush + description: | + Specify this to create an application consistent machine image by informing the OS to prepare for the snapshot process. + Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS). + - !ruby/object:Api::Type::NestedObject + name: 'machineImageEncryptionKey' +======= 'policyChanged': 'acctest.BootstrapPSARole(t, "service-", "compute-system", "roles/cloudkms.cryptoKeyEncrypterDecrypter")' parameters: properties: @@ -106,12 +200,37 @@ properties: min_version: 'beta' - name: 'machineImageEncryptionKey' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Encrypts the machine image using a customer-supplied encryption key. After you encrypt a machine image with a customer-supplied key, you must provide the same key if you use the machine image later (e.g. to create a instance from the image) +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::String + name: 'rawKey' + description: | + Specifies a 256-bit customer-supplied encryption key, encoded in + RFC 4648 base64 to either encrypt or decrypt this resource. + - !ruby/object:Api::Type::String + name: 'sha256' + description: | + The RFC 4648 base64 encoded SHA-256 hash of the + customer-supplied encryption key that protects this resource. + output: true + - !ruby/object:Api::Type::String + name: 'kmsKeyName' + description: | + The name of the encryption key that is stored in Google Cloud KMS. + diff_suppress_func: tpgresource.CompareCryptoKeyVersions + - !ruby/object:Api::Type::String + name: 'kmsKeyServiceAccount' + description: | + The service account used for the encryption request for the given KMS key. + If absent, the Compute Engine Service Agent service account is used. +======= min_version: 'beta' properties: - name: 'rawKey' @@ -139,3 +258,4 @@ properties: The service account used for the encryption request for the given KMS key. If absent, the Compute Engine Service Agent service account is used. min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/MachineType.yaml b/mmv1/products/compute/MachineType.yaml index bcd1d421c889..47a0fb0d9dae 100644 --- a/mmv1/products/compute/MachineType.yaml +++ b/mmv1/products/compute/MachineType.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,14 +15,37 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'MachineType' +kind: 'compute#machineType' +base_url: projects/{{project}}/zones/{{zone}}/machineTypes +collection_url_key: 'items' +has_self_link: true +readonly: true +======= --- name: 'MachineType' kind: 'compute#machineType' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Represents a MachineType resource. Machine types determine the virtualized hardware specifications of your virtual machine instances, such as the amount of memory or number of virtual CPUs. exclude: true +<<<<<<< HEAD +properties: + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::NestedObject + name: 'deprecated' + description: 'The deprecation status associated with this machine type.' + properties: + - !ruby/object:Api::Type::Time + name: 'deleted' +======= readonly: true docs: base_url: 'projects/{{project}}/zones/{{zone}}/machineTypes' @@ -42,37 +69,58 @@ properties: properties: - name: 'deleted' type: Time +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DELETED. This is only informational and the status will not change unless the client explicitly changes it. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Time + name: 'deprecated' +======= - name: 'deprecated' type: Time +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DEPRECATED. This is only informational and the status will not change unless the client explicitly changes it. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Time + name: 'obsolete' +======= - name: 'obsolete' type: Time +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional RFC3339 timestamp on or after which the state of this resource is intended to change to OBSOLETE. This is only informational and the status will not change unless the client explicitly changes it. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'replacement' +======= - name: 'replacement' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The URL of the suggested replacement for a deprecated resource. The suggested replacement resource must be the same kind of resource as the deprecated resource. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'state' +======= - name: 'state' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The deprecation state of this resource. This can be DEPRECATED, OBSOLETE, or DELETED. Operations which create a new resource @@ -80,6 +128,29 @@ properties: warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error. +<<<<<<< HEAD + values: + - :DEPRECATED + - :OBSOLETE + - :DELETED + output: true + output: true + - !ruby/object:Api::Type::String + name: 'description' + description: 'An optional textual description of the resource.' + output: true + - !ruby/object:Api::Type::Integer + name: 'guestCpus' + description: | + The number of virtual CPUs that are available to the instance. + output: true + - !ruby/object:Api::Type::Integer + name: 'id' + description: 'The unique identifier for the resource.' + output: true + - !ruby/object:Api::Type::Boolean + name: 'isSharedCpu' +======= output: true enum_values: - 'DEPRECATED' @@ -100,10 +171,23 @@ properties: output: true - name: 'isSharedCpu' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Whether this machine type has a shared CPU. See Shared-core machine types for more information. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'maximumPersistentDisks' + description: 'Maximum persistent disks allowed.' + output: true + - !ruby/object:Api::Type::Integer + name: 'maximumPersistentDisksSizeGb' + description: 'Maximum total persistent disks size (GB) allowed.' + output: true + - !ruby/object:Api::Type::Integer + name: 'memoryMb' +======= - name: 'maximumPersistentDisks' type: Integer description: 'Maximum persistent disks allowed.' @@ -114,10 +198,23 @@ properties: output: true - name: 'memoryMb' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The amount of physical memory available to the instance, defined in MB. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'name' + description: 'Name of the resource.' + - !ruby/object:Api::Type::ResourceRef + name: 'zone' + resource: 'Zone' + imports: 'name' + description: 'The zone the machine type is defined.' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + required: true +======= - name: 'name' type: String description: 'Name of the resource.' @@ -128,3 +225,4 @@ properties: custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Zone' imports: 'name' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/ManagedSslCertificate.yaml b/mmv1/products/compute/ManagedSslCertificate.yaml index 20403b646bd0..da5eb4728238 100644 --- a/mmv1/products/compute/ManagedSslCertificate.yaml +++ b/mmv1/products/compute/ManagedSslCertificate.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,9 +15,23 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'ManagedSslCertificate' +kind: 'compute#sslCertificate' +base_url: projects/{{project}}/global/sslCertificates +collection_url_key: 'items' +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/ssl-certificates' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/sslCertificates' +immutable: true +has_self_link: true +======= --- name: 'ManagedSslCertificate' kind: 'compute#sslCertificate' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An SslCertificate resource, used for HTTPS load balancing. This resource represents a certificate for which the certificate secrets are created and @@ -21,11 +39,46 @@ description: | For a resource where you provide the key, see the SSL Certificate resource. +<<<<<<< HEAD +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + timeouts: !ruby/object:Api::Timeouts + insert_minutes: 30 + update_minutes: 30 + # Deletes can take 20-30 minutes to complete, since they depend + # on the provisioning process either succeeding or failing completely. + delete_minutes: 30 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +timeouts: !ruby/object:Api::Timeouts + insert_minutes: 30 + update_minutes: + 30 + # Deletes can take 20-30 minutes to complete, since they depend + # on the provisioning process either succeeding or failing completely. + delete_minutes: 30 +docs: !ruby/object:Provider::Terraform::Docs +======= references: guides: 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/ssl-certificates' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/sslCertificates' docs: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 warning: | This resource should be used with extreme caution! Provisioning an SSL certificate is complex. Ensure that you understand the lifecycle of a @@ -39,6 +92,13 @@ docs: certificates may entail some downtime while the certificate provisions. In conclusion: Be extremely cautious. +<<<<<<< HEAD +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: templates/terraform/constants/compute_managed_ssl_certificate.go.erb +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'managed_ssl_certificate_basic' +======= base_url: 'projects/{{project}}/global/sslCertificates' has_self_link: true immutable: true @@ -73,6 +133,7 @@ custom_code: constants: 'templates/terraform/constants/compute_managed_ssl_certificate.go.tmpl' examples: - name: 'managed_ssl_certificate_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: cert_name: 'test-cert' @@ -82,11 +143,33 @@ examples: dns_zone_name: 'dnszone' forwarding_rule_name: 'forwarding-rule' http_health_check_name: 'http-health-check' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'managed_ssl_certificate_recreation' +======= - name: 'managed_ssl_certificate_recreation' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'cert' external_providers: ["random", "time"] # Random provider skip_vcr: true +<<<<<<< HEAD +properties: + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::String + name: 'description' + description: 'An optional description of this resource.' + - !ruby/object:Api::Type::Integer + name: 'certificate_id' + api_name: 'id' + description: 'The unique identifier for the resource.' + output: true + - !ruby/object:Api::Type::String + name: 'name' +======= parameters: properties: - name: 'creationTimestamp' @@ -103,6 +186,7 @@ properties: output: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -113,12 +197,44 @@ properties: character, which cannot be a dash. These are in the same namespace as the managed SSL certificates. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'managed' +======= - name: 'managed' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Properties relevant to a managed certificate. These will be used if the certificate is managed (as indicated by a value of `MANAGED` in `type`). properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'domains' + description: | + Domains for which a managed SSL certificate will be valid. Currently, + there can be up to 100 domains in this list. + max_size: 100 + required: true + diff_suppress_func: 'AbsoluteDomainSuppress' + item_type: Api::Type::String + - !ruby/object:Api::Type::Enum + name: 'type' + description: | + Enum field whose value is always `MANAGED` - used to signal to the API + which type this is. + values: + - :MANAGED + default_value: :MANAGED + - !ruby/object:Api::Type::Array + name: 'subjectAlternativeNames' + description: | + Domains associated with the certificate via Subject Alternative Name. + item_type: Api::Type::String + output: true + - !ruby/object:Api::Type::Time + name: 'expireTime' +======= - name: 'domains' type: Array description: | @@ -146,6 +262,7 @@ properties: type: String - name: 'expireTime' type: Time +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Expire time of the certificate in RFC3339 text format. output: true diff --git a/mmv1/products/compute/Network.yaml b/mmv1/products/compute/Network.yaml index 88d33ff8a7df..0e1d57e6b0ae 100644 --- a/mmv1/products/compute/Network.yaml +++ b/mmv1/products/compute/Network.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,47 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Network' +kind: 'compute#network' +base_url: projects/{{project}}/global/networks +collection_url_key: 'items' +immutable: true +has_self_link: true +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/vpc/docs/vpc' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/networks' +description: | + Manages a VPC network or legacy network resource on GCP. +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'network_basic' + primary_resource_id: 'vpc_network' + vars: + network_name: 'vpc-network' + - !ruby/object:Provider::Terraform::Examples + name: 'network_custom_mtu' +======= --- name: 'Network' kind: 'compute#network' @@ -54,16 +99,41 @@ examples: vars: network_name: 'vpc-network' - name: 'network_custom_mtu' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'vpc_network' vars: network_name: 'vpc-network' test_env_vars: +<<<<<<< HEAD + project: :PROJECT_NAME + - !ruby/object:Provider::Terraform::Examples + name: 'network_custom_firewall_enforcement_order' +======= project: 'PROJECT_NAME' - name: 'network_custom_firewall_enforcement_order' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'vpc_network' vars: network_name: 'vpc-network' test_env_vars: +<<<<<<< HEAD + project: :PROJECT_NAME +virtual_fields: + - !ruby/object:Api::Type::Boolean + name: 'delete_default_routes_on_create' + default_value: false + description: | + If set to `true`, default routes (`0.0.0.0/0`) will be deleted + immediately after network creation. Defaults to `false`. +custom_code: !ruby/object:Provider::Terraform::CustomCode + decoder: templates/terraform/decoders/compute_network.go.erb + encoder: templates/terraform/encoders/compute_network.go.erb + update_encoder: templates/terraform/update_encoder/compute_network.go.erb + post_create: templates/terraform/post_create/compute_network_delete_default_route.erb +properties: + - !ruby/object:Api::Type::String + name: 'description' +======= project: 'PROJECT_NAME' virtual_fields: - name: 'delete_default_routes_on_create' @@ -76,10 +146,23 @@ parameters: properties: - name: 'description' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional description of this resource. The resource must be recreated to modify this field. immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'gateway_ipv4' + # We override this here so that the name is more aesthetic + api_name: 'gatewayIPv4' + output: true + description: | + The gateway address for default routing out of the network. This value + is selected by GCP. + - !ruby/object:Api::Type::String + name: 'name' +======= - name: 'gateway_ipv4' type: String description: | @@ -90,6 +173,7 @@ properties: output: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -98,6 +182,19 @@ properties: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. +<<<<<<< HEAD + immutable: true + required: true + validation: !ruby/object:Provider::Terraform::Validation + function: 'verify.ValidateGCEName' + - !ruby/object:Api::Type::String + name: 'numericId' + description: | + The unique identifier for the resource. This identifier is defined by the server. + output: true + - !ruby/object:Api::Type::Boolean + name: 'autoCreateSubnetworks' +======= required: true immutable: true validation: @@ -109,6 +206,7 @@ properties: output: true - name: 'autoCreateSubnetworks' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | When set to `true`, the network is created in "auto subnet mode" and it will create a subnet for each region automatically across the @@ -117,26 +215,54 @@ properties: When set to `false`, the network is created in "custom subnet mode" so the user can explicitly connect subnetwork resources. immutable: true +<<<<<<< HEAD + default_value: true + send_empty_value: true + conflicts: [] + - !ruby/object:Api::Type::NestedObject + name: 'routingConfig' + update_verb: :PATCH + update_url: projects/{{project}}/global/networks/{{name}} +======= send_empty_value: true default_value: true - name: 'routingConfig' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The network-level routing configuration for this network. Used by Cloud Router to determine what type of network-wide routing behavior to enforce. +<<<<<<< HEAD + flatten_object: true + properties: + - !ruby/object:Api::Type::Enum + name: 'routingMode' + required: false +======= update_url: 'projects/{{project}}/global/networks/{{name}}' update_verb: 'PATCH' flatten_object: true properties: - name: 'routingMode' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The network-wide routing mode to use. If set to `REGIONAL`, this network's cloud routers will only advertise routes with subnetworks of this network in the same region as the router. If set to `GLOBAL`, this network's cloud routers will advertise routes with all subnetworks of this network, across regions. +<<<<<<< HEAD + values: + - :REGIONAL + - :GLOBAL + update_verb: :PATCH + update_url: projects/{{project}}/global/networks/{{name}} + default_from_api: true + - !ruby/object:Api::Type::Integer + name: 'mtu' +======= required: false default_from_api: true update_url: 'projects/{{project}}/global/networks/{{name}}' @@ -146,6 +272,7 @@ properties: - 'GLOBAL' - name: 'mtu' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Maximum Transmission Unit in bytes. The default value is 1460 bytes. The minimum value for this field is 1300 and the maximum value is 8896 bytes (jumbo frames). @@ -154,14 +281,24 @@ properties: with varying MTUs. immutable: true default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'enableUlaInternalIpv6' +======= - name: 'enableUlaInternalIpv6' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Enable ULA internal ipv6 on this network. Enabling this feature will assign a /48 from google defined ULA prefix fd20::/20. immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'internalIpv6Range' +======= - name: 'internalIpv6Range' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | When enabling ula internal ipv6, caller optionally can specify the /48 range they want from the google defined ULA prefix fd20::/20. The input must be a @@ -170,6 +307,18 @@ properties: If the field is not speficied, then a /48 range will be randomly allocated from fd20::/20 and returned via this field. immutable: true default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'networkFirewallPolicyEnforcementOrder' + update_verb: :PATCH + update_url: projects/{{project}}/global/networks/{{name}} + description: | + Set the order that Firewall Rules and Firewall Policies are evaluated. + values: + - :BEFORE_CLASSIC_FIREWALL + - :AFTER_CLASSIC_FIREWALL + default_value: :AFTER_CLASSIC_FIREWALL +======= - name: 'networkFirewallPolicyEnforcementOrder' type: Enum description: | @@ -180,3 +329,4 @@ properties: enum_values: - 'BEFORE_CLASSIC_FIREWALL' - 'AFTER_CLASSIC_FIREWALL' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/NetworkAttachment.yaml b/mmv1/products/compute/NetworkAttachment.yaml index 6e1859398910..6903a84ba989 100644 --- a/mmv1/products/compute/NetworkAttachment.yaml +++ b/mmv1/products/compute/NetworkAttachment.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,11 +15,45 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +======= --- +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 name: 'NetworkAttachment' kind: 'compute#networkAttachment' description: | A network attachment is a resource that lets a producer Virtual Private Cloud (VPC) network initiate connections to a consumer VPC network through a Private Service Connect interface. +<<<<<<< HEAD +base_url: 'projects/{{project}}/regions/{{region}}/networkAttachments' +immutable: true +collection_url_key: 'items' +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/vpc/docs/about-network-attachments' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/networkAttachments' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'network_attachment_basic' +======= references: guides: 'Official Documentation': 'https://cloud.google.com/vpc/docs/about-network-attachments' @@ -45,6 +83,7 @@ collection_url_key: 'items' custom_code: examples: - name: 'network_attachment_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: resource_name: 'basic-network-attachment' @@ -53,17 +92,143 @@ examples: accepted_producer_project_name: 'prj-accepted' rejected_producer_project_name: 'prj-rejected' test_env_vars: +<<<<<<< HEAD + org_id: :ORG_ID + billing_account: :BILLING_ACCT + - !ruby/object:Provider::Terraform::Examples + name: 'network_attachment_instance_usage' + min_version: beta + primary_resource_id: 'default' +======= org_id: 'ORG_ID' billing_account: 'BILLING_ACCT' - name: 'network_attachment_instance_usage' primary_resource_id: 'default' min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: resource_name: 'basic-network-attachment' network_name: 'basic-network' subnetwork_name: 'basic-subnetwork' instance_name: 'basic-instance' parameters: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'name' + description: | + Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + required: true + - !ruby/object:Api::Type::ResourceRef + name: 'region' + resource: 'Region' + imports: 'name' + required: true + immutable: true + description: | + URL of the region where the network attachment resides. This field applies only to the region resource. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body. + default_from_api: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::String + name: 'kind' + description: 'Type of the resource.' + output: true + - !ruby/object:Api::Type::String + name: 'id' + description: 'The unique identifier for the resource type. The server generates this identifier.' + output: true + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::String + name: 'description' + description: | + An optional description of this resource. Provide this property when you create the resource. + - !ruby/object:Api::Type::String + name: 'selfLink' + description: 'Server-defined URL for the resource.' + output: true + - !ruby/object:Api::Type::String + name: 'selfLinkWithId' + description: | + Server-defined URL for this resource's resource id. + output: true + - !ruby/object:Api::Type::Enum + name: 'connectionPreference' + description: | + The connection preference of service attachment. The value can be set to ACCEPT_AUTOMATIC. An ACCEPT_AUTOMATIC service attachment is one that always accepts the connection from consumer forwarding rules. + required: true + values: + - :ACCEPT_AUTOMATIC + - :ACCEPT_MANUAL + - :INVALID + - !ruby/object:Api::Type::Array + name: 'connectionEndpoints' + output: true + description: | + An array of connections for all the producers connected to this network attachment. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'status' + output: true + description: | + The status of a connected endpoint to this network attachment. + - !ruby/object:Api::Type::String + name: 'projectIdOrNum' + output: true + description: | + The project id or number of the interface to which the IP was assigned. + - !ruby/object:Api::Type::String + name: 'subnetwork' + output: true + description: | + The subnetwork used to assign the IP to the producer instance network interface. + - !ruby/object:Api::Type::String + name: 'ipAddress' + output: true + description: | + The IPv4 address assigned to the producer instance network interface. This value will be a range in case of Serverless. + - !ruby/object:Api::Type::String + name: 'secondaryIpCidrRanges' + output: true + description: | + Alias IP ranges from the same subnetwork. + - !ruby/object:Api::Type::Array + name: 'subnetworks' + required: true + description: | + An array of URLs where each entry is the URL of a subnet provided by the service consumer to use for endpoints in the producers that connect to this network attachment. + item_type: !ruby/object:Api::Type::ResourceRef + name: 'subnet' + resource: 'Subnetwork' + imports: 'selfLink' + description: | + A subnet that is provided to set this network attachment. + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Array + name: 'producerRejectLists' + description: | + Projects that are not allowed to connect to this network attachment. The project can be specified using its id or number. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'producerAcceptLists' + description: | + Projects that are allowed to connect to this network attachment. The project can be specified using its id or number. + item_type: Api::Type::String + - !ruby/object:Api::Type::Fingerprint + name: 'fingerprint' + description: | + Fingerprint of this resource. A hash of the contents stored in this object. This + field is used in optimistic locking. An up-to-date fingerprint must be provided in order to patch. + - !ruby/object:Api::Type::String + name: 'network' + output: true + description: | + The URL of the network which the Network Attachment belongs to. Practically it is inferred by fetching the network of the first subnetwork associated. + Because it is required that all the subnetworks must be from the same network, it is assured that the Network Attachment belongs to the same network as all the subnetworks. +======= - name: 'name' type: String description: | @@ -184,3 +349,4 @@ properties: The URL of the network which the Network Attachment belongs to. Practically it is inferred by fetching the network of the first subnetwork associated. Because it is required that all the subnetworks must be from the same network, it is assured that the Network Attachment belongs to the same network as all the subnetworks. output: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/NetworkEdgeSecurityService.yaml b/mmv1/products/compute/NetworkEdgeSecurityService.yaml index 14594bcb1ef7..3d2cb3e63824 100644 --- a/mmv1/products/compute/NetworkEdgeSecurityService.yaml +++ b/mmv1/products/compute/NetworkEdgeSecurityService.yaml @@ -1,17 +1,68 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +# Licensed under the Apache License, Version 2.0 (the 'License'); +======= # Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software +<<<<<<< HEAD +# distributed under the License is distributed on an 'AS IS' BASIS, +======= # distributed under the License is distributed on an "AS IS" BASIS, +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. --- +<<<<<<< HEAD +!ruby/object:Api::Resource +name: 'NetworkEdgeSecurityService' +min_version: beta +kind: 'compute#networkEdgeSecurityService' +base_url: projects/{{project}}/regions/{{region}}/networkEdgeSecurityServices +create_url: 'projects/{{project}}/regions/{{region}}/networkEdgeSecurityServices?networkEdgeSecurityService={{name}}' +self_link: 'projects/{{project}}/regions/{{region}}/networkEdgeSecurityServices/{{name}}' +update_verb: :PATCH +update_mask: true +# Skipping the sweeper since we need to sweep multiple regions +skip_sweeper: true +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/armor/docs/advanced-network-ddos' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/networkEdgeSecurityServices' +description: | + Google Cloud Armor network edge security service resource. +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +import_format: + ['projects/{{project}}/regions/{{region}}/networkEdgeSecurityServices/{{name}}'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'compute_network_edge_security_service_basic' +======= name: 'NetworkEdgeSecurityService' kind: 'compute#networkEdgeSecurityService' description: | @@ -52,10 +103,67 @@ custom_code: exclude_sweeper: true examples: - name: 'compute_network_edge_security_service_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: resource_name: 'my-edge-security-service' test_env_vars: +<<<<<<< HEAD + project_id: :PROJECT_NAME +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'region' + resource: 'Region' + imports: 'name' + required: false + immutable: true + description: | + The region of the gateway security policy. + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'name' + immutable: true + description: | + Name of the resource. Provided by the client when the resource is created. + required: true + - !ruby/object:Api::Type::String + name: 'description' + description: | + Free-text description of the resource. + - !ruby/object:Api::Type::String + name: 'serviceId' + api_name: 'id' + output: true + description: | + The unique identifier for the resource. This identifier is defined by the server. + - !ruby/object:Api::Type::String + name: 'creationTimestamp' + output: true + description: | + Creation timestamp in RFC3339 text format. + - !ruby/object:Api::Type::String + name: 'selfLink' + output: true + description: | + Server-defined URL for the resource. + - !ruby/object:Api::Type::String + name: 'selfLinkWithServiceId' + api_name: 'selfLinkWithId' + output: true + description: | + Server-defined URL for this resource with the resource id. + - !ruby/object:Api::Type::Fingerprint + name: 'fingerprint' + output: true + description: | + Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a NetworkEdgeSecurityService. + An up-to-date fingerprint must be provided in order to update the NetworkEdgeSecurityService, otherwise the request will fail with error 412 conditionNotMet. + - !ruby/object:Api::Type::String + name: 'securityPolicy' + description: | + The resource URL for the network edge security service associated with this network edge security service. +======= project_id: 'PROJECT_NAME' parameters: - name: 'region' @@ -119,3 +227,4 @@ properties: description: | The resource URL for the network edge security service associated with this network edge security service. min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/NetworkEndpoint.yaml b/mmv1/products/compute/NetworkEndpoint.yaml index 3cdd5904786d..c279ef61a722 100644 --- a/mmv1/products/compute/NetworkEndpoint.yaml +++ b/mmv1/products/compute/NetworkEndpoint.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,9 +15,16 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'NetworkEndpoint' +kind: 'compute#networkEndpoint' +base_url: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}' +======= --- name: 'NetworkEndpoint' kind: 'compute#networkEndpoint' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A Network endpoint represents a IP address and port combination that is part of a specific network endpoint group (NEG). NEGs are zonal @@ -24,6 +35,15 @@ description: | -> **NOTE** In case the Endpoint's Instance is recreated, it's needed to perform `apply` twice. To avoid situations like this, please use this resource with the lifecycle `replace_triggered_by` method, with the passed Instance's ID. +<<<<<<< HEAD +immutable: true +create_verb: :POST +create_url: projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/attachNetworkEndpoints +delete_verb: :POST +delete_url: projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/detachNetworkEndpoints +read_verb: :POST +self_link: projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/listNetworkEndpoints +======= references: guides: 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/' @@ -56,10 +76,51 @@ async: error: path: 'error/errors' message: 'message' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 identity: - instance - ipAddress - port +<<<<<<< HEAD +nested_query: !ruby/object:Api::Resource::NestedQuery + keys: + - items +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/' + api: 'https://cloud.google.com/compute/docs/reference/rest/beta/networkEndpointGroups' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +id_format: '{{project}}/{{zone}}/{{network_endpoint_group}}/{{instance}}/{{ip_address}}/{{port}}' +mutex: networkEndpoint/{{project}}/{{zone}}/{{network_endpoint_group}} +exclude_tgc: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'network_endpoint' + primary_resource_id: + 'default-endpoint' + # Fine-grained resource need different autogenerated tests, as + # we need to check destroy during a test step where the parent resource + # still exists, rather than during CheckDestroy (when read returns + # nothing because the parent resource has then also been destroyed) + skip_test: true +======= nested_query: keys: - items @@ -74,11 +135,45 @@ exclude_tgc: true examples: - name: 'network_endpoint' primary_resource_id: 'default-endpoint' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: neg_name: 'my-lb-neg' instance_name: 'endpoint-instance' network_name: 'neg-network' subnetwork_name: 'neg-subnetwork' +<<<<<<< HEAD +custom_code: !ruby/object:Provider::Terraform::CustomCode + pre_delete: templates/terraform/pre_delete/compute_network_endpoint.go.erb + custom_import: templates/terraform/custom_import/compute_network_endpoint.go.erb + decoder: templates/terraform/decoders/unwrap_resource.go.erb + encoder: templates/terraform/encoders/compute_network_endpoint.go.erb +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'zone' + resource: 'Zone' + imports: 'name' + description: | + Zone where the containing network endpoint group is located. + required: false + url_param_only: true + default_from_api: true + ignore_read: true + - !ruby/object:Api::Type::ResourceRef + name: 'networkEndpointGroup' + resource: 'NetworkEndpointGroup' + imports: 'name' + description: | + The network endpoint group this endpoint is part of. + required: true + url_param_only: true + ignore_read: true + diff_suppress_func: tpgresource.CompareResourceNames +properties: + - !ruby/object:Api::Type::ResourceRef + name: 'instance' + resource: 'Instance' + imports: 'name' +======= # Fine-grained resource need different autogenerated tests, as # we need to check destroy during a test step where the parent resource # still exists, rather than during CheckDestroy (when read returns @@ -108,22 +203,35 @@ parameters: properties: - name: 'instance' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group. +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resource_from_self_link.go.erb' + - !ruby/object:Api::Type::Integer + name: 'port' +======= custom_expand: 'templates/terraform/custom_expand/resource_from_self_link.go.tmpl' resource: 'Instance' imports: 'name' - name: 'port' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Port number of network endpoint. **Note** `port` is required unless the Network Endpoint Group is created with the type of `GCE_VM_IP` +<<<<<<< HEAD + custom_flatten: templates/terraform/custom_flatten/float64_to_int.go.erb + - !ruby/object:Api::Type::String + name: 'ipAddress' +======= custom_flatten: 'templates/terraform/custom_flatten/float64_to_int.go.tmpl' - name: 'ipAddress' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | IPv4 address of network endpoint. The IP address must belong to a VM in GCE (either the primary IP or as part of an aliased IP diff --git a/mmv1/products/compute/NetworkEndpointGroup.yaml b/mmv1/products/compute/NetworkEndpointGroup.yaml index 90adf726d926..07701a95438a 100644 --- a/mmv1/products/compute/NetworkEndpointGroup.yaml +++ b/mmv1/products/compute/NetworkEndpointGroup.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,9 +15,23 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'NetworkEndpointGroup' +kind: 'compute#networkEndpointGroup' +base_url: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups' +immutable: true +has_self_link: true +collection_url_key: 'items' +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/' + api: 'https://cloud.google.com/compute/docs/reference/rest/beta/networkEndpointGroups' +======= --- name: 'NetworkEndpointGroup' kind: 'compute#networkEndpointGroup' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Network endpoint groups (NEGs) are zonal resources that represent collections of IP address and port combinations for GCP resources within a @@ -29,6 +47,31 @@ description: | Recreating a network endpoint group that's in use by another resource will give a `resourceInUseByAnotherResource` error. Use `lifecycle.create_before_destroy` to avoid this type of error. +<<<<<<< HEAD +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: templates/terraform/constants/compute_network_endpoint_group.go.erb +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'network_endpoint_group' +======= references: guides: 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/' @@ -60,17 +103,38 @@ custom_code: constants: 'templates/terraform/constants/compute_network_endpoint_group.go.tmpl' examples: - name: 'network_endpoint_group' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'neg' vars: neg_name: 'my-lb-neg' network_name: 'neg-network' subnetwork_name: 'neg-subnetwork' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'network_endpoint_group_non_gcp' +======= - name: 'network_endpoint_group_non_gcp' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'neg' vars: neg_name: 'my-lb-neg' network_name: 'neg-network' parameters: +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: 'zone' + resource: 'Zone' + imports: 'name' + description: | + Zone where the network endpoint group is located. + required: false + default_from_api: true + ignore_read: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::String + name: 'name' +======= - name: 'zone' type: ResourceRef description: | @@ -84,6 +148,7 @@ parameters: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -93,6 +158,17 @@ properties: characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + function: 'verify.ValidateGCEName' + - !ruby/object:Api::Type::String + name: 'description' + description: | + An optional description of this resource. Provide this property when + you create the resource. + - !ruby/object:Api::Type::Enum + name: 'networkEndpointType' +======= validation: function: 'verify.ValidateGCEName' - name: 'description' @@ -102,6 +178,7 @@ properties: you create the resource. - name: 'networkEndpointType' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Type of network endpoints in this network endpoint group. NON_GCP_PRIVATE_IP_PORT is used for hybrid connectivity network @@ -112,6 +189,25 @@ properties: CONNECTION balancing modes. Possible values include: GCE_VM_IP, GCE_VM_IP_PORT, NON_GCP_PRIVATE_IP_PORT, INTERNET_IP_PORT, INTERNET_FQDN_PORT, SERVERLESS, and PRIVATE_SERVICE_CONNECT. +<<<<<<< HEAD + values: + - :GCE_VM_IP + - :GCE_VM_IP_PORT + - :NON_GCP_PRIVATE_IP_PORT + - :INTERNET_IP_PORT + - :INTERNET_FQDN_PORT + - :SERVERLESS + - :PRIVATE_SERVICE_CONNECT + default_value: :GCE_VM_IP_PORT + - !ruby/object:Api::Type::Integer + name: 'size' + description: Number of network endpoints in the network endpoint group. + output: true + - !ruby/object:Api::Type::ResourceRef + name: 'network' + resource: 'Network' + imports: 'selfLink' +======= default_value: "GCE_VM_IP_PORT" enum_values: - 'GCE_VM_IP' @@ -127,10 +223,24 @@ properties: output: true - name: 'network' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The network to which all network endpoints in the NEG belong. Uses "default" project network if unspecified. required: true +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::ResourceRef + name: 'subnetwork' + resource: 'Subnetwork' + imports: 'selfLink' + description: | + Optional subnetwork to which all network endpoints in the NEG belong. + diff_suppress_func: 'compareOptionalSubnet' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Integer + name: 'defaultPort' +======= custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Network' imports: 'selfLink' @@ -144,6 +254,7 @@ properties: imports: 'selfLink' - name: 'defaultPort' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The default port used if the port number is not specified in the network endpoint. diff --git a/mmv1/products/compute/NetworkEndpoints.yaml b/mmv1/products/compute/NetworkEndpoints.yaml index 5fce56f2aeec..43fae25de98c 100644 --- a/mmv1/products/compute/NetworkEndpoints.yaml +++ b/mmv1/products/compute/NetworkEndpoints.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,9 +15,16 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'NetworkEndpoints' +kind: 'compute#networkEndpoints' +base_url: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}' +======= --- name: 'NetworkEndpoints' kind: 'compute#networkEndpoints' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A set of network endpoints belonging to a network endpoint group (NEG). A single network endpoint represents a IP address and port combination that is @@ -27,6 +38,55 @@ description: | -> **NOTE** In case the Endpoint's Instance is recreated, it's needed to perform `apply` twice. To avoid situations like this, please use this resource with the lifecycle `replace_triggered_by` method, with the passed Instance's ID. +<<<<<<< HEAD +create_verb: :POST +create_url: projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/attachNetworkEndpoints +update_verb: :POST +update_url: projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/attachNetworkEndpoints +delete_verb: :POST +delete_url: projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/detachNetworkEndpoints +read_verb: :POST +self_link: projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/listNetworkEndpoints +identity: + - networkEndpointGroup +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/' + api: 'https://cloud.google.com/compute/docs/reference/rest/beta/networkEndpointGroups' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +id_format: '{{project}}/{{zone}}/{{network_endpoint_group}}' +import_format: + - 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}' +mutex: networkEndpoint/{{project}}/{{zone}}/{{network_endpoint_group}} +exclude_tgc: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'network_endpoints' + primary_resource_id: + 'default-endpoints' + # Fine-grained resource need different autogenerated tests, as + # we need to check destroy during a test step where the parent resource + # still exists, rather than during CheckDestroy (when read returns + # nothing because the parent resource has then also been destroyed) + skip_test: true +======= references: guides: 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/' @@ -75,11 +135,46 @@ exclude_tgc: true examples: - name: 'network_endpoints' primary_resource_id: 'default-endpoints' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: neg_name: 'my-lb-neg' instance_name: 'endpoint-instance' network_name: 'neg-network' subnetwork_name: 'neg-subnetwork' +<<<<<<< HEAD +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: templates/terraform/constants/network_endpoints.go.erb + pre_create: templates/terraform/pre_create/network_endpoints.go.erb + pre_update: templates/terraform/pre_update/network_endpoints.go.erb + pre_delete: templates/terraform/pre_delete/compute_network_endpoints.go.erb + decoder: templates/terraform/decoders/network_endpoints.go.erb + encoder: templates/terraform/encoders/compute_network_endpoints.go.erb +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'zone' + resource: 'Zone' + imports: 'name' + description: | + Zone where the containing network endpoint group is located. + required: false + url_param_only: true + default_from_api: true + ignore_read: true + - !ruby/object:Api::Type::ResourceRef + name: 'networkEndpointGroup' + resource: 'NetworkEndpointGroup' + imports: 'name' + description: | + The network endpoint group these endpoints are part of. + required: true + url_param_only: true + ignore_read: true + diff_suppress_func: tpgresource.CompareResourceNames +properties: + - !ruby/object:Api::Type::Array + name: 'networkEndpoints' + is_set: true +======= # Fine-grained resource need different autogenerated tests, as # we need to check destroy during a test step where the parent resource # still exists, rather than during CheckDestroy (when read returns @@ -109,32 +204,54 @@ parameters: properties: - name: 'networkEndpoints' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The network endpoints to be added to the enclosing network endpoint group (NEG). Each endpoint specifies an IP address and port, along with additional information depending on the NEG type. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::ResourceRef + name: 'instance' + resource: 'Instance' + imports: 'name' +======= is_set: true item_type: type: NestedObject properties: - name: 'instance' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone as the network endpoint group. +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resource_from_self_link.go.erb' + - !ruby/object:Api::Type::Integer + name: 'port' +======= custom_expand: 'templates/terraform/custom_expand/resource_from_self_link.go.tmpl' resource: 'Instance' imports: 'name' - name: 'port' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Port number of network endpoint. **Note** `port` is required unless the Network Endpoint Group is created with the type of `GCE_VM_IP` +<<<<<<< HEAD + custom_flatten: templates/terraform/custom_flatten/float64_to_int.go.erb + - !ruby/object:Api::Type::String + name: 'ipAddress' +======= custom_flatten: 'templates/terraform/custom_flatten/float64_to_int.go.tmpl' - name: 'ipAddress' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | IPv4 address of network endpoint. The IP address must belong to a VM in GCE (either the primary IP or as part of an aliased IP diff --git a/mmv1/products/compute/NetworkFirewallPolicy.yaml b/mmv1/products/compute/NetworkFirewallPolicy.yaml index 1792ee6bc09c..ed6e0e51bff8 100644 --- a/mmv1/products/compute/NetworkFirewallPolicy.yaml +++ b/mmv1/products/compute/NetworkFirewallPolicy.yaml @@ -1,5 +1,10 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +# Licensed under the Apache License, Version 2.0 (the License); +======= # Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # @@ -11,6 +16,72 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: NetworkFirewallPolicy +base_url: projects/{{project}}/global/firewallPolicies +create_url: projects/{{project}}/global/firewallPolicies +self_link: projects/{{project}}/global/firewallPolicies/{{name}} +update_verb: :PATCH +description: "The Compute NetworkFirewallPolicy resource" +legacy_long_form_project: true +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'network_firewall_policy_full' + primary_resource_id: 'policy' + vars: + policy_name: 'tf-test-policy' +properties: + - !ruby/object:Api::Type::String + name: creationTimestamp + description: Creation timestamp in RFC3339 text format. + output: true + - !ruby/object:Api::Type::String + name: name + description: User-provided name of the Network firewall policy. The name should be unique in the project in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + required: true + immutable: true + - !ruby/object:Api::Type::String + name: networkFirewallPolicyId + description: The unique identifier for the resource. This identifier is defined by the server. + output: true + api_name: id + - !ruby/object:Api::Type::String + name: description + description: An optional description of this resource. Provide this property when you create the resource. + - !ruby/object:Api::Type::Fingerprint + name: fingerprint + description: Fingerprint of the resource. This field is used internally during updates of this resource. + output: true + - !ruby/object:Api::Type::String + name: selfLink + description: Server-defined URL for the resource. + output: true + - !ruby/object:Api::Type::String + name: selfLinkWithId + description: Server-defined URL for this resource with the resource id. + output: true + - !ruby/object:Api::Type::Integer + name: ruleTupleCount +======= --- name: 'NetworkFirewallPolicy' description: "The Compute NetworkFirewallPolicy resource" @@ -77,5 +148,6 @@ properties: output: true - name: 'ruleTupleCount' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: Total count of all firewall policy rule tuples. A firewall policy can not exceed a set number of tuples. output: true diff --git a/mmv1/products/compute/NetworkFirewallPolicyWithRules.yaml b/mmv1/products/compute/NetworkFirewallPolicyWithRules.yaml index 2c89a894586d..8d140826d7dd 100644 --- a/mmv1/products/compute/NetworkFirewallPolicyWithRules.yaml +++ b/mmv1/products/compute/NetworkFirewallPolicyWithRules.yaml @@ -1,5 +1,10 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +# Licensed under the Apache License, Version 2.0 (the License); +======= # Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # @@ -11,6 +16,38 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: NetworkFirewallPolicyWithRules +min_version: beta +base_url: projects/{{project}}/global/firewallPolicies +create_url: projects/{{project}}/global/firewallPolicies +self_link: projects/{{project}}/global/firewallPolicies/{{name}} +update_verb: :PATCH +description: "The Compute NetworkFirewallPolicy with rules resource" +legacy_long_form_project: true +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'compute_network_firewall_policy_with_rules_full' +======= --- name: 'NetworkFirewallPolicyWithRules' description: "The Compute NetworkFirewallPolicy with rules resource" @@ -47,6 +84,7 @@ custom_code: legacy_long_form_project: true examples: - name: 'compute_network_firewall_policy_with_rules_full' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'network-firewall-policy-with-rules' vars: policy_name: 'tf-fw-policy-with-rules' @@ -56,6 +94,22 @@ examples: security_profile_group_name: 'tf-security-profile-group' security_profile_name: 'tf-security-profile' test_env_vars: +<<<<<<< HEAD + org_id: :ORG_ID +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: templates/terraform/constants/resource_compute_network_firewall_policy_with_rules.go.erb + encoder: templates/terraform/encoders/resource_compute_network_firewall_policy_with_rules.go.erb + decoder: templates/terraform/decoders/resource_compute_network_firewall_policy_with_rules.go.erb + update_encoder: templates/terraform/update_encoder/resource_compute_network_firewall_policy_with_rules.go.erb + post_create: templates/terraform/post_create/resource_compute_network_firewall_policy_with_rules.go.erb +properties: + - !ruby/object:Api::Type::String + name: creationTimestamp + description: Creation timestamp in RFC3339 text format. + output: true + - !ruby/object:Api::Type::String + name: name +======= org_id: 'ORG_ID' parameters: properties: @@ -66,6 +120,7 @@ properties: output: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | User-provided name of the Network firewall policy. The name should be unique in the project in which the firewall policy is created. @@ -73,6 +128,36 @@ properties: the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. +<<<<<<< HEAD + required: true + immutable: true + - !ruby/object:Api::Type::String + name: networkFirewallPolicyId + description: The unique identifier for the resource. This identifier is defined by the server. + output: true + api_name: id + - !ruby/object:Api::Type::String + name: description + description: An optional description of this resource. + - !ruby/object:Api::Type::Array + name: 'rule' + api_name: 'rules' + description: A list of firewall policy rules. + required: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'description' + description: | + A description of the rule. + - !ruby/object:Api::Type::String + name: 'ruleName' + description: | + An optional name for the rule. This field is not a unique identifier + and can be updated. + - !ruby/object:Api::Type::Integer + name: 'priority' +======= min_version: 'beta' required: true immutable: true @@ -108,10 +193,60 @@ properties: min_version: 'beta' - name: 'priority' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An integer indicating the priority of a rule in the list. The priority must be a value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority. +<<<<<<< HEAD + required: true + - !ruby/object:Api::Type::NestedObject + name: 'match' + description: + A match condition that incoming traffic is evaluated against. If it + evaluates to true, the corresponding 'action' is enforced. + required: true + properties: + - !ruby/object:Api::Type::Array + name: 'srcIpRanges' + description: | + Source IP address range in CIDR format. Required for + INGRESS rules. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'destIpRanges' + description: | + Destination IP address range in CIDR format. Required for + EGRESS rules. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'srcAddressGroups' + description: | + Address groups which should be matched against the traffic source. + Maximum number of source address groups is 10. + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'destAddressGroups' + description: | + Address groups which should be matched against the traffic destination. + Maximum number of destination address groups is 10. + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'srcFqdns' + description: | + Fully Qualified Domain Name (FQDN) which should be matched against + traffic source. Maximum number of source fqdn allowed is 100. + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'destFqdns' + description: | + Fully Qualified Domain Name (FQDN) which should be matched against + traffic destination. Maximum number of destination fqdn allowed is 100. + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'srcRegionCodes' +======= min_version: 'beta' required: true - name: 'match' @@ -172,21 +307,52 @@ properties: type: String - name: 'srcRegionCodes' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'destRegionCodes' +======= min_version: 'beta' item_type: type: String - name: 'destRegionCodes' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of destination region codes allowed is 5000. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'srcThreatIntelligences' + description: | + Names of Network Threat Intelligence lists. + The IPs in these lists will be matched against traffic source. + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'destThreatIntelligences' + description: | + Names of Network Threat Intelligence lists. + The IPs in these lists will be matched against traffic destination. + - !ruby/object:Api::Type::Array + name: 'layer4Config' + api_name: 'layer4Configs' + description: | + Pairs of IP protocols and ports that the rule should match. + required: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'ipProtocol' +======= min_version: 'beta' item_type: type: String @@ -218,16 +384,24 @@ properties: properties: - name: 'ipProtocol' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number. +<<<<<<< HEAD + required: true + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'ports' +======= min_version: 'beta' required: true - name: 'ports' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be @@ -235,17 +409,35 @@ properties: applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'srcSecureTag' + api_name: 'srcSecureTags' +======= min_version: 'beta' item_type: type: String - name: 'srcSecureTag' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | List of secure tag values, which should be matched at the source of the traffic. For INGRESS rule, if all the srcSecureTag are INEFFECTIVE, and there is no srcIpRange, this rule will be ignored. Maximum number of source tag values allowed is 256. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + description: | + Name of the secure tag, created with TagManager's TagValue API. + @pattern tagValues/[0-9]+ + - !ruby/object:Api::Type::Enum + name: 'state' + output: true +======= api_name: srcSecureTags min_version: 'beta' item_type: @@ -259,10 +451,19 @@ properties: min_version: 'beta' - name: 'state' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | [Output Only] State of the secure tag, either `EFFECTIVE` or `INEFFECTIVE`. A secure tag is `INEFFECTIVE` when it is deleted or its network is deleted. +<<<<<<< HEAD + values: + - :EFFECTIVE + - :INEFFECTIVE + - !ruby/object:Api::Type::Array + name: 'targetSecureTag' + api_name: 'targetSecureTags' +======= min_version: 'beta' output: true enum_values: @@ -270,6 +471,7 @@ properties: - 'INEFFECTIVE' - name: 'targetSecureTag' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of secure tags that controls which instances the firewall rule applies to. If targetSecureTag are specified, then the @@ -282,6 +484,18 @@ properties: targetSecureTag are specified, the firewall rule applies to all instances on the specified network. Maximum number of target label tags allowed is 256. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + description: | + Name of the secure tag, created with TagManager's TagValue API. + @pattern tagValues/[0-9]+ + - !ruby/object:Api::Type::Enum + name: 'state' + output: true +======= api_name: targetSecureTags min_version: 'beta' item_type: @@ -295,10 +509,31 @@ properties: min_version: 'beta' - name: 'state' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | [Output Only] State of the secure tag, either `EFFECTIVE` or `INEFFECTIVE`. A secure tag is `INEFFECTIVE` when it is deleted or its network is deleted. +<<<<<<< HEAD + values: + - :EFFECTIVE + - :INEFFECTIVE + - !ruby/object:Api::Type::String + name: 'action' + description: | + The Action to perform when the client connection triggers the rule. Can currently be either + "allow", "deny", "apply_security_profile_group" or "goto_next". + required: true + - !ruby/object:Api::Type::Enum + name: 'direction' + description: | + The direction in which this rule applies. If unspecified an INGRESS rule is created. + values: + - :INGRESS + - :EGRESS + - !ruby/object:Api::Type::Boolean + name: 'enableLogging' +======= min_version: 'beta' output: true enum_values: @@ -321,10 +556,22 @@ properties: - 'EGRESS' - name: 'enableLogging' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. +<<<<<<< HEAD + send_empty_value: true + - !ruby/object:Api::Type::Array + name: 'targetServiceAccounts' + description: | + A list of service accounts indicating the sets of + instances that are applied with this rule. + item_type: Api::Type::String + - !ruby/object:Api::Type::String + name: 'securityProfileGroup' +======= min_version: 'beta' send_empty_value: true - name: 'targetServiceAccounts' @@ -337,11 +584,21 @@ properties: type: String - name: 'securityProfileGroup' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A fully-qualified URL of a SecurityProfile resource instance. Example: https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group Must be specified if action is 'apply_security_profile_group'. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'tlsInspect' + description: | + Boolean flag indicating if the traffic should be TLS decrypted. + It can be set only if action = 'apply_security_profile_group' and cannot be set for other actions. + - !ruby/object:Api::Type::Boolean + name: 'disabled' +======= min_version: 'beta' - name: 'tlsInspect' type: Boolean @@ -351,11 +608,34 @@ properties: min_version: 'beta' - name: 'disabled' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Denotes whether the firewall policy rule is disabled. When set to true, the firewall policy rule is not enforced and traffic behaves as if it did not exist. If this is unspecified, the firewall policy rule will be enabled. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'predefinedRules' + description: A list of firewall policy pre-defined rules. + output: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'description' + output: true + description: | + A description of the rule. + - !ruby/object:Api::Type::String + name: 'ruleName' + output: true + description: | + An optional name for the rule. This field is not a unique identifier + and can be updated. + - !ruby/object:Api::Type::Integer + name: 'priority' + output: true +======= min_version: 'beta' - name: 'predefinedRules' type: Array @@ -380,10 +660,66 @@ properties: output: true - name: 'priority' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An integer indicating the priority of a rule in the list. The priority must be a value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'match' + output: true + description: + A match condition that incoming traffic is evaluated against. If it + evaluates to true, the corresponding 'action' is enforced. + properties: + - !ruby/object:Api::Type::Array + name: 'srcIpRanges' + output: true + description: | + Source IP address range in CIDR format. Required for + INGRESS rules. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'destIpRanges' + output: true + description: | + Destination IP address range in CIDR format. Required for + EGRESS rules. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + output: true + name: 'srcAddressGroups' + description: | + Address groups which should be matched against the traffic source. + Maximum number of source address groups is 10. + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + output: true + name: 'destAddressGroups' + description: | + Address groups which should be matched against the traffic destination. + Maximum number of destination address groups is 10. + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'srcFqdns' + output: true + description: | + Fully Qualified Domain Name (FQDN) which should be matched against + traffic source. Maximum number of source fqdn allowed is 100. + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'destFqdns' + output: true + description: | + Fully Qualified Domain Name (FQDN) which should be matched against + traffic destination. Maximum number of destination fqdn allowed is 100. + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'srcRegionCodes' + output: true +======= min_version: 'beta' output: true - name: 'match' @@ -450,22 +786,57 @@ properties: type: String - name: 'srcRegionCodes' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'destRegionCodes' + output: true +======= min_version: 'beta' output: true item_type: type: String - name: 'destRegionCodes' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of destination region codes allowed is 5000. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'srcThreatIntelligences' + output: true + description: | + Names of Network Threat Intelligence lists. + The IPs in these lists will be matched against traffic source. + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'destThreatIntelligences' + output: true + description: | + Names of Network Threat Intelligence lists. + The IPs in these lists will be matched against traffic destination. + - !ruby/object:Api::Type::Array + name: 'layer4Config' + output: true + api_name: 'layer4Configs' + description: | + Pairs of IP protocols and ports that the rule should match. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'ipProtocol' + output: true +======= min_version: 'beta' output: true item_type: @@ -500,16 +871,24 @@ properties: properties: - name: 'ipProtocol' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'ports' + output: true +======= min_version: 'beta' output: true - name: 'ports' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be @@ -517,18 +896,38 @@ properties: applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'srcSecureTag' + api_name: 'srcSecureTags' + output: true +======= min_version: 'beta' output: true item_type: type: String - name: 'srcSecureTag' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | List of secure tag values, which should be matched at the source of the traffic. For INGRESS rule, if all the srcSecureTag are INEFFECTIVE, and there is no srcIpRange, this rule will be ignored. Maximum number of source tag values allowed is 256. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + Name of the secure tag, created with TagManager's TagValue API. + @pattern tagValues/[0-9]+ + - !ruby/object:Api::Type::Enum + name: 'state' + output: true +======= api_name: srcSecureTags min_version: 'beta' output: true @@ -544,10 +943,20 @@ properties: output: true - name: 'state' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | [Output Only] State of the secure tag, either `EFFECTIVE` or `INEFFECTIVE`. A secure tag is `INEFFECTIVE` when it is deleted or its network is deleted. +<<<<<<< HEAD + values: + - :EFFECTIVE + - :INEFFECTIVE + - !ruby/object:Api::Type::Array + name: 'targetSecureTag' + api_name: 'targetSecureTags' + output: true +======= min_version: 'beta' output: true enum_values: @@ -555,6 +964,7 @@ properties: - 'INEFFECTIVE' - name: 'targetSecureTag' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of secure tags that controls which instances the firewall rule applies to. If targetSecureTag are specified, then the @@ -567,6 +977,19 @@ properties: targetSecureTag are specified, the firewall rule applies to all instances on the specified network. Maximum number of target label tags allowed is 256. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + Name of the secure tag, created with TagManager's TagValue API. + @pattern tagValues/[0-9]+ + - !ruby/object:Api::Type::Enum + name: 'state' + output: true +======= api_name: targetSecureTags min_version: 'beta' output: true @@ -582,10 +1005,33 @@ properties: output: true - name: 'state' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | [Output Only] State of the secure tag, either `EFFECTIVE` or `INEFFECTIVE`. A secure tag is `INEFFECTIVE` when it is deleted or its network is deleted. +<<<<<<< HEAD + values: + - :EFFECTIVE + - :INEFFECTIVE + - !ruby/object:Api::Type::String + name: 'action' + output: true + description: | + The Action to perform when the client connection triggers the rule. Can currently be either + "allow", "deny", "apply_security_profile_group" or "goto_next". + - !ruby/object:Api::Type::Enum + name: 'direction' + output: true + description: | + The direction in which this rule applies. If unspecified an INGRESS rule is created. + values: + - :INGRESS + - :EGRESS + - !ruby/object:Api::Type::Boolean + name: 'enableLogging' + output: true +======= min_version: 'beta' output: true enum_values: @@ -609,10 +1055,24 @@ properties: - 'EGRESS' - name: 'enableLogging' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. +<<<<<<< HEAD + send_empty_value: true + - !ruby/object:Api::Type::Array + name: 'targetServiceAccounts' + output: true + description: | + A list of service accounts indicating the sets of + instances that are applied with this rule. + item_type: Api::Type::String + - !ruby/object:Api::Type::String + name: 'securityProfileGroup' + output: true +======= min_version: 'beta' output: true send_empty_value: true @@ -627,11 +1087,23 @@ properties: type: String - name: 'securityProfileGroup' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A fully-qualified URL of a SecurityProfile resource instance. Example: https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group Must be specified if action is 'apply_security_profile_group'. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'tlsInspect' + output: true + description: | + Boolean flag indicating if the traffic should be TLS decrypted. + It can be set only if action = 'apply_security_profile_group' and cannot be set for other actions. + - !ruby/object:Api::Type::Boolean + name: 'disabled' + output: true +======= min_version: 'beta' output: true - name: 'tlsInspect' @@ -643,11 +1115,29 @@ properties: output: true - name: 'disabled' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Denotes whether the firewall policy rule is disabled. When set to true, the firewall policy rule is not enforced and traffic behaves as if it did not exist. If this is unspecified, the firewall policy rule will be enabled. +<<<<<<< HEAD + - !ruby/object:Api::Type::Fingerprint + name: fingerprint + description: Fingerprint of the resource. This field is used internally during updates of this resource. + output: true + - !ruby/object:Api::Type::String + name: selfLink + description: Server-defined URL for the resource. + output: true + - !ruby/object:Api::Type::String + name: selfLinkWithId + description: Server-defined URL for this resource with the resource id. + output: true + - !ruby/object:Api::Type::Integer + name: ruleTupleCount + description: Total count of all firewall policy rule tuples. A firewall policy can not exceed a set number of tuples. +======= min_version: 'beta' output: true - name: 'fingerprint' @@ -669,4 +1159,5 @@ properties: type: Integer description: Total count of all firewall policy rule tuples. A firewall policy can not exceed a set number of tuples. min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 output: true diff --git a/mmv1/products/compute/NetworkPeeringRoutesConfig.yaml b/mmv1/products/compute/NetworkPeeringRoutesConfig.yaml index e294562057b6..dd4b684ed65a 100644 --- a/mmv1/products/compute/NetworkPeeringRoutesConfig.yaml +++ b/mmv1/products/compute/NetworkPeeringRoutesConfig.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,13 +15,63 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'NetworkPeeringRoutesConfig' +base_url: 'projects/{{project}}/global/networks/{{network}}' +self_link: 'projects/{{project}}/global/networks/{{network}}' +======= --- name: 'NetworkPeeringRoutesConfig' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Manage a network peering's route settings without managing the peering as a whole. This resource is primarily intended for use with GCP-generated peerings that shouldn't otherwise be managed by other tools. Deleting this resource is a no-op and the peering will not be modified. +<<<<<<< HEAD +create_verb: :PATCH +create_url: 'projects/{{project}}/global/networks/{{network}}/updatePeering' +update_verb: :PATCH +update_url: 'projects/{{project}}/global/networks/{{network}}/updatePeering' +identity: + - peering +nested_query: !ruby/object:Api::Resource::NestedQuery + keys: + - peerings +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/vpc/docs/vpc-peering' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/networks/updatePeering' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +id_format: 'projects/{{project}}/global/networks/{{network}}/networkPeerings/{{peering}}' +import_format: + [ + 'projects/{{project}}/global/networks/{{network}}/networkPeerings/{{peering}}', + ] +mutex: 'projects/{{project}}/global/networks/{{network}}/peerings' +skip_delete: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'network_peering_routes_config_basic' +======= references: guides: 'Official Documentation': 'https://cloud.google.com/vpc/docs/vpc-peering' @@ -63,13 +117,21 @@ custom_code: encoder: 'templates/terraform/encoders/network_peering_routes_config.go.tmpl' examples: - name: 'network_peering_routes_config_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'peering_primary_routes' vars: peering_primary_name: 'primary-peering' peering_secondary_name: 'secondary-peering' network_primary_name: 'primary-network' network_secondary_name: 'secondary-network' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'network_peering_routes_config_gke' + # currently failing + skip_vcr: true +======= - name: 'network_peering_routes_config_gke' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'peering_gke_routes' vars: network_name: 'container-network' @@ -77,6 +139,42 @@ examples: gke_cluster_name: 'private-cluster' deletion_protection: 'true' test_vars_overrides: +<<<<<<< HEAD + deletion_protection: 'false' + oics_vars_overrides: + deletion_protection: 'false' +custom_code: !ruby/object:Provider::Terraform::CustomCode + encoder: 'templates/terraform/encoders/network_peering_routes_config.go.erb' +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'network' + resource: 'Network' + imports: 'name' + description: | + The name of the primary network for the peering. + required: true + url_param_only: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' +properties: + - !ruby/object:Api::Type::String + name: 'peering' + # renamed to make it clear that this is an existing peering + api_name: 'name' + required: true + description: | + Name of the peering. + - !ruby/object:Api::Type::Boolean + name: 'exportCustomRoutes' + required: true + description: | + Whether to export the custom routes to the peer network. + send_empty_value: true + - !ruby/object:Api::Type::Boolean + name: 'importCustomRoutes' + required: true + description: | + Whether to import the custom routes to the peer network. +======= 'deletion_protection': 'false' oics_vars_overrides: 'deletion_protection': 'false' @@ -111,4 +209,5 @@ properties: description: | Whether to import the custom routes to the peer network. required: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 send_empty_value: true diff --git a/mmv1/products/compute/NodeGroup.yaml b/mmv1/products/compute/NodeGroup.yaml index e011a8300469..98e57a257857 100644 --- a/mmv1/products/compute/NodeGroup.yaml +++ b/mmv1/products/compute/NodeGroup.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,44 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'NodeGroup' +kind: 'compute#NodeGroup' +base_url: projects/{{project}}/zones/{{zone}}/nodeGroups +create_url: projects/{{project}}/zones/{{zone}}/nodeGroups?initialNodeCount=PRE_CREATE_REPLACE_ME +update_verb: :PATCH +update_mask: true +has_self_link: true +description: | + Represents a NodeGroup resource to manage a group of sole-tenant nodes. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Sole-Tenant Nodes': 'https://cloud.google.com/compute/docs/nodes/' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/nodeGroups' +collection_url_key: 'items' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'node_group_basic' +======= --- name: 'NodeGroup' kind: 'compute#NodeGroup' @@ -49,10 +91,16 @@ custom_code: pre_create: 'templates/terraform/pre_create/compute_node_group_url_replace.go.tmpl' examples: - name: 'node_group_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'nodes' vars: group_name: 'soletenant-group' template_name: 'soletenant-tmpl' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'node_group_maintenance_interval' + min_version: beta +======= - name: 'node_group_maintenance_interval' primary_resource_id: 'nodes' min_version: 'beta' @@ -60,11 +108,23 @@ examples: group_name: 'soletenant-group' template_name: 'soletenant-tmpl' - name: 'node_group_autoscaling_policy' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'nodes' vars: group_name: 'soletenant-group' template_name: 'soletenant-tmpl' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'node_group_autoscaling_policy' + primary_resource_id: 'nodes' + vars: + group_name: 'soletenant-group' + template_name: 'soletenant-tmpl' + - !ruby/object:Provider::Terraform::Examples + name: 'node_group_share_settings' +======= - name: 'node_group_share_settings' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'nodes' vars: group_name: 'soletenant-group' @@ -72,6 +132,73 @@ examples: guest_project_id: 'project-id' guest_project_name: 'project-name' test_env_vars: +<<<<<<< HEAD + org_id: :ORG_ID +custom_code: !ruby/object:Provider::Terraform::CustomCode + pre_create: templates/terraform/pre_create/compute_node_group_url_replace.go.erb +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'zone' + resource: 'Zone' + imports: 'selfLink' + required: false + description: | + Zone where this node group is located + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: | + Creation timestamp in RFC3339 text format. + output: true + - !ruby/object:Api::Type::String + name: 'description' + description: | + An optional textual description of the resource. + - !ruby/object:Api::Type::String + name: 'name' + description: | + Name of the resource. + - !ruby/object:Api::Type::ResourceRef + name: 'nodeTemplate' + resource: 'NodeTemplate' + imports: 'selfLink' + required: true + description: | + The URL of the node template to which this node group belongs. + update_verb: :POST + update_url: 'projects/{{project}}/zones/{{zone}}/nodeGroups/{{name}}/setNodeTemplate' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Integer + name: 'size' + description: | + The total number of nodes in the node group. + output: true + - !ruby/object:Api::Type::Integer + name: 'initialSize' + description: | + The initial number of nodes in the node group. One of `initial_size` or `autoscaling_policy` must be configured on resource creation. + url_param_only: true + - !ruby/object:Api::Type::String + name: 'maintenancePolicy' + description: | + Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. + default_value: DEFAULT + - !ruby/object:Api::Type::NestedObject + name: 'maintenanceWindow' + description: | + contains properties for the timeframe of maintenance + properties: + - !ruby/object:Api::Type::String + name: 'startTime' + required: true + description: | + instances.start time of the window. This must be in UTC format that resolves to one of 00:00, 04:00, 08:00, 12:00, 16:00, or 20:00. For example, both 13:00-5 and 08:00 are valid. + - !ruby/object:Api::Type::NestedObject + name: 'autoscalingPolicy' +======= org_id: 'ORG_ID' parameters: - name: 'zone' @@ -135,6 +262,7 @@ properties: required: true - name: 'autoscalingPolicy' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If you use sole-tenant nodes for your workloads, you can use the node group autoscaler to automatically manage the sizes of your node groups. @@ -142,8 +270,14 @@ properties: One of `initial_size` or `autoscaling_policy` must be configured on resource creation. default_from_api: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'mode' + required: true +======= - name: 'mode' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The autoscaling mode. Set to one of the following: - OFF: Disables the autoscaler. @@ -151,6 +285,15 @@ properties: - ONLY_SCALE_OUT: Enables only scaling out. You must use this mode if your node groups are configured to restart their hosted VMs on minimal servers. +<<<<<<< HEAD + values: + - :OFF + - :ON + - :ONLY_SCALE_OUT + default_from_api: true + - !ruby/object:Api::Type::Integer + name: 'minNodes' +======= required: true default_from_api: true enum_values: @@ -159,23 +302,63 @@ properties: - 'ONLY_SCALE_OUT' - name: 'minNodes' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Minimum size of the node group. Must be less than or equal to max-nodes. The default value is 0. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'maxNodes' +======= - name: 'maxNodes' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Maximum size of the node group. Set to a value less than or equal to 100 and greater than or equal to min-nodes. required: true default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'shareSettings' +======= - name: 'shareSettings' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Share settings for the node group. default_from_api: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'shareType' + required: true + description: | + Node group sharing type. + values: + - :ORGANIZATION + - :SPECIFIC_PROJECTS + - :LOCAL + - !ruby/object:Api::Type::Map + name: 'projectMap' + description: | + A map of project id and project config. This is only valid when shareType's value is SPECIFIC_PROJECTS. + key_name: id + key_description: | + The project ID. + value_type: !ruby/object:Api::Type::NestedObject + name: projectConfig + properties: + - !ruby/object:Api::Type::String + name: 'projectId' + required: true + description: | + The project id/number should be the same as the key of this project config in the project map. + - !ruby/object:Api::Type::Enum + name: 'maintenanceInterval' + min_version: beta +======= - name: 'shareType' type: Enum description: | @@ -203,12 +386,20 @@ properties: required: true - name: 'maintenanceInterval' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the frequency of planned maintenance events. Set to one of the following: - AS_NEEDED: Hosts are eligible to receive infrastructure and hypervisor updates as they become available. - RECURRENT: Hosts receive planned infrastructure and hypervisor updates on a periodic basis, but not more frequently than every 28 days. This minimizes the number of planned maintenance operations on individual hosts and reduces the frequency of disruptions, both live migrations and terminations, on individual VMs. +<<<<<<< HEAD + values: + - :AS_NEEDED + - :RECURRENT + default_from_api: true +======= min_version: 'beta' default_from_api: true enum_values: - 'AS_NEEDED' - 'RECURRENT' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/NodeTemplate.yaml b/mmv1/products/compute/NodeTemplate.yaml index c986cadd0871..3ec822eaa15b 100644 --- a/mmv1/products/compute/NodeTemplate.yaml +++ b/mmv1/products/compute/NodeTemplate.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,13 +15,60 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'NodeTemplate' +kind: 'compute#nodeTemplate' +base_url: projects/{{project}}/regions/{{region}}/nodeTemplates +has_self_link: true +======= --- name: 'NodeTemplate' kind: 'compute#nodeTemplate' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Represents a NodeTemplate resource. Node templates specify properties for creating sole-tenant nodes, such as node type, vCPU and memory requirements, node affinity labels, and region. +<<<<<<< HEAD +immutable: true +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Sole-Tenant Nodes': 'https://cloud.google.com/compute/docs/nodes/' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/nodeTemplates' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'node_template_basic' + primary_resource_id: 'template' + vars: + template_name: 'soletenant-tmpl' + - !ruby/object:Provider::Terraform::Examples + name: 'node_template_server_binding' + primary_resource_id: 'template' + vars: + template_name: 'soletenant-with-licenses' + - !ruby/object:Provider::Terraform::Examples + name: 'node_template_accelerators' +======= references: guides: 'Sole-Tenant Nodes': 'https://cloud.google.com/compute/docs/nodes/' @@ -56,10 +107,42 @@ examples: vars: template_name: 'soletenant-with-licenses' - name: 'node_template_accelerators' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'template' vars: template_name: 'soletenant-with-accelerators' parameters: +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: 'region' + resource: 'Region' + imports: 'selfLink' + required: false + description: | + Region where nodes using the node template will be created. + If it is not provided, the provider region is used. + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::String + name: 'description' + description: 'An optional textual description of the resource.' + - !ruby/object:Api::Type::String + name: 'name' + description: 'Name of the resource.' + - !ruby/object:Api::Type::KeyValuePairs + name: 'nodeAffinityLabels' + description: | + Labels to use for node affinity, which will be used in + instance scheduling. + - !ruby/object:Api::Type::String + name: 'nodeType' +======= - name: 'region' type: ResourceRef description: | @@ -89,13 +172,19 @@ properties: instance scheduling. - name: 'nodeType' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Node type to use for nodes group that are created from this template. Only one of nodeTypeFlexibility and nodeType can be specified. conflicts: - node_type_flexibility +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'nodeTypeFlexibility' +======= - name: 'nodeTypeFlexibility' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Flexible properties for the desired node type. Node groups that use this node template will create nodes of a type that matches @@ -104,6 +193,29 @@ properties: conflicts: - node_type properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: cpus + at_least_one_of: + - node_type_flexibility.0.cpus + - node_type_flexibility.0.memory + description: | + Number of virtual CPUs to use. + - !ruby/object:Api::Type::String + name: memory + at_least_one_of: + - node_type_flexibility.0.cpus + - node_type_flexibility.0.memory + description: | + Physical memory available to the node, defined in MB. + - !ruby/object:Api::Type::String + name: localSsd + description: | + Use local SSD + output: true + - !ruby/object:Api::Type::NestedObject + name: 'serverBinding' +======= - name: 'cpus' type: String description: | @@ -125,13 +237,20 @@ properties: output: true - name: 'serverBinding' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The server binding policy for nodes using this template. Determines where the nodes should restart following a maintenance event. default_from_api: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'type' + required: true +======= - name: 'type' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Type of server binding policy. If `RESTART_NODE_ON_ANY_SERVER`, nodes using this template will restart on any physical server @@ -145,6 +264,36 @@ properties: such as physical sockets or cores, to avoid the need for additional licenses when maintenance occurs. However, VMs on such nodes will experience outages while maintenance is applied. +<<<<<<< HEAD + values: + - :RESTART_NODE_ON_ANY_SERVER + - :RESTART_NODE_ON_MINIMAL_SERVERS + - !ruby/object:Api::Type::Array + name: 'accelerators' + description: | + List of the type and count of accelerator cards attached to the + node template + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Integer + name: 'acceleratorCount' + description: | + The number of the guest accelerator cards exposed to this + node template. + - !ruby/object:Api::Type::String + name: 'acceleratorType' + description: | + Full or partial URL of the accelerator type resource to expose + to this node template. + - !ruby/object:Api::Type::Enum + name: 'cpuOvercommitType' + description: | + CPU overcommit. + values: + - :ENABLED + - :NONE + default_value: :NONE +======= required: true enum_values: - 'RESTART_NODE_ON_ANY_SERVER' @@ -175,3 +324,4 @@ properties: enum_values: - 'ENABLED' - 'NONE' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/OrganizationSecurityPolicy.yaml b/mmv1/products/compute/OrganizationSecurityPolicy.yaml index d30931f598ce..9954bd452e9d 100644 --- a/mmv1/products/compute/OrganizationSecurityPolicy.yaml +++ b/mmv1/products/compute/OrganizationSecurityPolicy.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,70 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'OrganizationSecurityPolicy' +min_version: beta +base_url: 'locations/global/securityPolicies?parentId={{parent}}' +self_link: 'locations/global/securityPolicies/{{policy_id}}' +create_url: 'locations/global/securityPolicies?parentId={{parent}}' +update_verb: :PATCH +description: | + Organization security policies are used to control incoming/outgoing traffic. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Creating a firewall policy': 'https://cloud.google.com/vpc/docs/using-firewall-policies#create-policy' + api: 'https://cloud.google.com/compute/docs/reference/rest/beta/organizationSecurityPolicies' +id_format: 'locations/global/securityPolicies/{{policy_id}}' +import_format: ['locations/global/securityPolicies/{{policy_id}}'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'organization_security_policy_basic' + primary_resource_id: 'policy' + min_version: 'beta' + test_env_vars: + org_id: :ORG_ID +custom_code: !ruby/object:Provider::Terraform::CustomCode + post_create: templates/terraform/post_create/org_security_policy.go.erb + post_update: templates/terraform/post_update/org_security_policy.go.erb + post_delete: + templates/terraform/post_delete/org_security_policy.go.erb + # TODO: Remove once b/154369201 is closed. + test_check_destroy: templates/terraform/custom_check_destroy/skip_delete_during_test.go.erb +parameters: + - !ruby/object:Api::Type::String + name: parent + description: | + The parent of this OrganizationSecurityPolicy in the Cloud Resource Hierarchy. + Format: organizations/{organization_id} or folders/{folder_id} + required: true + immutable: true +properties: + - !ruby/object:Api::Type::String + name: displayName + description: | + A textual name of the security policy. + immutable: true + required: true + - !ruby/object:Api::Type::String + name: description + description: | + A textual description for the organization security policy. + - !ruby/object:Api::Type::Fingerprint + name: 'fingerprint' + description: | + Fingerprint of this resource. This field is used internally during + updates of this resource. + output: true + - !ruby/object:Api::Type::String + name: policy_id + api_name: 'id' + description: | + The unique identifier for the resource. This identifier is defined by the server. + output: true + - !ruby/object:Api::Type::Enum + name: type +======= --- name: 'OrganizationSecurityPolicy' description: | @@ -82,12 +150,20 @@ properties: output: true - name: 'type' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The type indicates the intended use of the security policy. For organization security policies, the only supported type is "FIREWALL". +<<<<<<< HEAD + immutable: true + values: + - :FIREWALL + default_value: :FIREWALL +======= min_version: 'beta' immutable: true default_value: "FIREWALL" enum_values: - 'FIREWALL' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/OrganizationSecurityPolicyAssociation.yaml b/mmv1/products/compute/OrganizationSecurityPolicyAssociation.yaml index 5f1a56b57d41..159fee3e2c5f 100644 --- a/mmv1/products/compute/OrganizationSecurityPolicyAssociation.yaml +++ b/mmv1/products/compute/OrganizationSecurityPolicyAssociation.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,62 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'OrganizationSecurityPolicyAssociation' +min_version: beta +base_url: '{{policy_id}}' +self_link: '{{policy_id}}/getAssociation?name={{name}}' +create_url: '{{policy_id}}/addAssociation' +delete_verb: :POST +delete_url: '{{policy_id}}/removeAssociation?name={{name}}' +description: | + An association for the OrganizationSecurityPolicy. +immutable: true +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Associating a policy with the organization or folder': 'https://cloud.google.com/vpc/docs/using-firewall-policies#associate' + api: 'https://cloud.google.com/compute/docs/reference/rest/beta/organizationSecurityPolicies/addAssociation' +id_format: '{{policy_id}}/association/{{name}}' +import_format: ['{{%policy_id}}/association/{{name}}'] +read_error_transform: 'transformSecurityPolicyAssociationReadError' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'organization_security_policy_association_basic' + primary_resource_id: 'policy' + min_version: 'beta' + test_env_vars: + org_id: :ORG_ID +custom_code: !ruby/object:Provider::Terraform::CustomCode + post_create: templates/terraform/post_create/org_security_policy_association.go.erb + post_delete: + templates/terraform/post_create/org_security_policy_association.go.erb + # TODO: Remove once b/154369201 is closed. + test_check_destroy: templates/terraform/custom_check_destroy/skip_delete_during_test.go.erb +parameters: + - !ruby/object:Api::Type::String + name: 'policyId' + description: | + The security policy ID of the association. + required: true + url_param_only: true + api_name: 'securityPolicyId' +properties: + - !ruby/object:Api::Type::String + name: name + description: | + The name for an association. + required: true + - !ruby/object:Api::Type::String + name: 'attachmentId' + description: | + The resource that the security policy is attached to. + required: true + - !ruby/object:Api::Type::String + name: 'displayName' + description: | + The display name of the security policy of the association. +======= --- name: 'OrganizationSecurityPolicyAssociation' description: | @@ -73,4 +133,5 @@ properties: description: | The display name of the security policy of the association. min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 output: true diff --git a/mmv1/products/compute/OrganizationSecurityPolicyRule.yaml b/mmv1/products/compute/OrganizationSecurityPolicyRule.yaml index db79e3d9b1d7..ecfff34b819c 100644 --- a/mmv1/products/compute/OrganizationSecurityPolicyRule.yaml +++ b/mmv1/products/compute/OrganizationSecurityPolicyRule.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,55 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'OrganizationSecurityPolicyRule' +min_version: beta +base_url: '{{policy_id}}' +self_link: '{{policy_id}}/getRule?priority={{priority}}' +create_url: '{{policy_id}}/addRule?priority={{priority}}' +update_verb: :POST +update_url: '{{policy_id}}/patchRule?priority={{priority}}' +delete_verb: :POST +delete_url: '{{policy_id}}/removeRule?priority={{priority}}' +description: | + A rule for the OrganizationSecurityPolicy. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Creating firewall rules': 'https://cloud.google.com/vpc/docs/using-firewall-policies#create-rules' + api: 'https://cloud.google.com/compute/docs/reference/rest/beta/organizationSecurityPolicies/addRule' +id_format: '{{policy_id}}/priority/{{priority}}' +import_format: ['{{%policy_id}}/priority/{{priority}}'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'organization_security_policy_rule_basic' + primary_resource_id: 'policy' + min_version: 'beta' + test_env_vars: + org_id: :ORG_ID +custom_code: !ruby/object:Provider::Terraform::CustomCode + post_create: templates/terraform/post_create/org_security_policy_rule.go.erb + post_delete: templates/terraform/post_create/org_security_policy_rule.go.erb + post_update: + templates/terraform/post_create/org_security_policy_rule.go.erb + # TODO: Remove once b/154369201 is closed. + test_check_destroy: templates/terraform/custom_check_destroy/skip_delete_during_test.go.erb +parameters: + - !ruby/object:Api::Type::String + name: policyId + description: | + The ID of the OrganizationSecurityPolicy this rule applies to. + required: true + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'description' + description: | + A description of the rule. + - !ruby/object:Api::Type::Integer + name: 'priority' +======= --- name: 'OrganizationSecurityPolicyRule' description: | @@ -64,10 +117,67 @@ properties: min_version: 'beta' - name: 'priority' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An integer indicating the priority of a rule in the list. The priority must be a value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest prority. +<<<<<<< HEAD + required: true + immutable: true + - !ruby/object:Api::Type::NestedObject + name: 'match' + description: + A match condition that incoming traffic is evaluated against. If it + evaluates to true, the corresponding 'action' is enforced. + required: true + properties: + - !ruby/object:Api::Type::String + name: 'description' + description: | + A description of the rule. + - !ruby/object:Api::Type::Enum + name: 'versionedExpr' + description: | + Preconfigured versioned expression. For organization security policy rules, + the only supported type is "FIREWALL". + values: + - :FIREWALL + default_value: :FIREWALL + - !ruby/object:Api::Type::NestedObject + name: 'config' + description: The configuration options for matching the rule. + required: true + properties: + - !ruby/object:Api::Type::Array + name: 'srcIpRanges' + description: | + Source IP address range in CIDR format. Required for + INGRESS rules. + item_type: Api::Type::String + exactly_one_of: + - match.0.config.0.src_ip_ranges + - match.0.config.0.dest_ip_ranges + - !ruby/object:Api::Type::Array + name: 'destIpRanges' + description: | + Destination IP address range in CIDR format. Required for + EGRESS rules. + item_type: Api::Type::String + exactly_one_of: + - match.0.config.0.src_ip_ranges + - match.0.config.0.dest_ip_ranges + - !ruby/object:Api::Type::Array + name: 'layer4Config' + api_name: 'layer4Configs' + description: | + Pairs of IP protocols and ports that the rule should match. + required: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'ipProtocol' +======= min_version: 'beta' required: true immutable: true @@ -133,16 +243,24 @@ properties: properties: - name: 'ipProtocol' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number. +<<<<<<< HEAD + required: true + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'ports' +======= min_version: 'beta' required: true - name: 'ports' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be @@ -151,6 +269,27 @@ properties: Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'action' + description: | + The Action to perform when the client connection triggers the rule. Can currently be either + "allow", "deny" or "goto_next". + required: true + - !ruby/object:Api::Type::Boolean + name: 'preview' + description: | + If set to true, the specified action is not enforced. + - !ruby/object:Api::Type::Enum + name: 'direction' + description: | + The direction in which this rule applies. If unspecified an INGRESS rule is created. + values: + - :INGRESS + - :EGRESS + - !ruby/object:Api::Type::Array + name: 'targetResources' +======= min_version: 'beta' item_type: type: String @@ -176,20 +315,36 @@ properties: - 'EGRESS' - name: 'targetResources' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Boolean + name: 'enableLogging' +======= min_version: 'beta' item_type: type: String - name: 'enableLogging' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. +<<<<<<< HEAD + send_empty_value: true + - !ruby/object:Api::Type::Array + name: 'targetServiceAccounts' + description: | + A list of service accounts indicating the sets of + instances that are applied with this rule. + item_type: Api::Type::String +======= min_version: 'beta' send_empty_value: true - name: 'targetServiceAccounts' @@ -200,3 +355,4 @@ properties: min_version: 'beta' item_type: type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/PacketMirroring.yaml b/mmv1/products/compute/PacketMirroring.yaml index d73b3f1de04a..7861cc91f4df 100644 --- a/mmv1/products/compute/PacketMirroring.yaml +++ b/mmv1/products/compute/PacketMirroring.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,12 +15,47 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'PacketMirroring' +base_url: projects/{{project}}/regions/{{region}}/packetMirrorings +update_verb: :PATCH +self_link: projects/{{project}}/regions/{{region}}/packetMirrorings/{{name}} +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Using Packet Mirroring': 'https://cloud.google.com/vpc/docs/using-packet-mirroring#creating' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/packetMirrorings' +======= --- name: 'PacketMirroring' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Packet Mirroring mirrors traffic to and from particular VM instances. You can use the collected traffic to help you detect security threats and monitor application performance. +<<<<<<< HEAD +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'compute_packet_mirroring_full' +======= references: guides: 'Using Packet Mirroring': 'https://cloud.google.com/vpc/docs/using-packet-mirroring#creating' @@ -46,6 +85,7 @@ async: custom_code: examples: - name: 'compute_packet_mirroring_full' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'foobar' vars: instance_name: 'my-instance' @@ -55,6 +95,21 @@ examples: mirroring_name: 'my-mirroring' ilb_rule_name: 'my-ilb' network_name: 'my-network' +<<<<<<< HEAD +properties: + - !ruby/object:Api::Type::String + name: name + description: The name of the packet mirroring rule + required: true + validation: !ruby/object:Provider::Terraform::Validation + function: 'verify.ValidateGCEName' + - !ruby/object:Api::Type::String + name: description + description: A human-readable description of the rule. + immutable: true + - !ruby/object:Api::Type::String + name: region +======= parameters: properties: - name: 'name' @@ -69,18 +124,41 @@ properties: immutable: true - name: 'region' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The Region in which the created address should reside. If it is not provided, the provider region is used. required: false default_from_api: true +<<<<<<< HEAD + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + - !ruby/object:Api::Type::NestedObject + name: network + immutable: true +======= custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' - name: 'network' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the mirrored VPC network. Only packets in this network will be mirrored. All mirrored VMs should have a NIC in the given network. All mirrored subnetworks should belong to the given network. +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::ResourceRef + name: url + description: + The full self_link URL of the network where this rule is active. + resource: 'Network' + imports: 'selfLink' + required: true + immutable: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + required: true + - !ruby/object:Api::Type::Integer + name: priority +======= required: true immutable: true properties: @@ -95,14 +173,20 @@ properties: imports: 'selfLink' - name: 'priority' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Since only one rule can be active at a time, priority is used to break ties in the case of two rules that apply to the same instances. required: false default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: collectorIlb +======= - name: 'collectorIlb' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The Forwarding Rule resource (of type load_balancing_scheme=INTERNAL) that will be used as collector for mirrored traffic. The @@ -110,6 +194,95 @@ properties: set to true. required: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: url + required: true + resource: 'ForwardingRule' + imports: 'selfLink' + description: The URL of the forwarding rule. + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::NestedObject + name: filter + description: | + A filter for mirrored traffic. If unset, all traffic is mirrored. + properties: + - !ruby/object:Api::Type::Array + name: ipProtocols + api_name: 'IPProtocols' + description: Possible IP protocols including tcp, udp, icmp and esp + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: cidrRanges + description: | + IP CIDR ranges that apply as a filter on the source (ingress) or + destination (egress) IP in the IP header. Only IPv4 is supported. + item_type: Api::Type::String + - !ruby/object:Api::Type::Enum + name: direction + description: Direction of traffic to mirror. + values: + - :INGRESS + - :EGRESS + - :BOTH + default_value: :BOTH + - !ruby/object:Api::Type::NestedObject + name: mirroredResources + required: true + description: | + A means of specifying which resources to mirror. + properties: + - !ruby/object:Api::Type::Array + name: subnetworks + at_least_one_of: + - mirrored_resources.0.subnetworks + - mirrored_resources.0.instances + - mirrored_resources.0.tags + description: | + All instances in one of these subnetworks will be mirrored. + item_type: !ruby/object:Api::Type::NestedObject + name: subnetworks + description: + The subnetworks that should be mirrored. Specify at most 5. + properties: + - !ruby/object:Api::Type::ResourceRef + name: url + resource: 'Subnetwork' + imports: 'selfLink' + description: + The URL of the subnetwork where this rule should be active. + required: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Array + name: instances + description: | + All the listed instances will be mirrored. Specify at most 50. + at_least_one_of: + - mirrored_resources.0.subnetworks + - mirrored_resources.0.instances + - mirrored_resources.0.tags + item_type: !ruby/object:Api::Type::NestedObject + name: instances + description: The instances that should be mirrored. + properties: + - !ruby/object:Api::Type::ResourceRef + name: url + resource: 'Instance' + imports: 'selfLink' + description: + The URL of the instances where this rule should be active. + required: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Array + name: tags + at_least_one_of: + - mirrored_resources.0.subnetworks + - mirrored_resources.0.instances + - mirrored_resources.0.tags + description: | + All instances with these tags will be mirrored. + item_type: Api::Type::String +======= - name: 'url' type: ResourceRef description: The URL of the forwarding rule. @@ -200,3 +373,4 @@ properties: - 'mirrored_resources.0.tags' item_type: type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/PerInstanceConfig.yaml b/mmv1/products/compute/PerInstanceConfig.yaml index a4aed0002834..ad8e46c22cff 100644 --- a/mmv1/products/compute/PerInstanceConfig.yaml +++ b/mmv1/products/compute/PerInstanceConfig.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,62 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'PerInstanceConfig' +base_url: 'projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}' +description: | + A config defined for a single managed instance that belongs to an instance group manager. It preserves the instance name + across instance group manager operations and can define stateful disks or metadata that are unique to the instance. +create_verb: :POST +create_url: projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}/createInstances +update_verb: :POST +update_url: projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}/updatePerInstanceConfigs +delete_verb: :POST +delete_url: projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}/deletePerInstanceConfigs +read_verb: :POST +self_link: projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}/listPerInstanceConfigs +identity: + - name +nested_query: !ruby/object:Api::Resource::NestedQuery + keys: + - items +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/compute/docs/instance-groups/stateful-migs#per-instance_configs' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroupManagers' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +id_format: '{{project}}/{{zone}}/{{instance_group_manager}}/{{name}}' +mutex: instanceGroupManager/{{project}}/{{zone}}/{{instance_group_manager}} +exclude_tgc: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'stateful_igm' + primary_resource_id: + 'stateful-instance' + # Fine-grained resource need different autogenerated tests, as + # we need to check destroy during a test step where the parent resource + # still exists, rather than during CheckDestroy (when read returns + # nothing because the parent resource has then also been destroyed) + skip_test: true +======= --- name: 'PerInstanceConfig' description: | @@ -65,10 +125,16 @@ exclude_tgc: true examples: - name: 'stateful_igm' primary_resource_id: 'stateful-instance' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: template_name: 'my-template' igm_name: 'my-igm' disk_name: 'my-disk-name' +<<<<<<< HEAD +virtual_fields: + - !ruby/object:Api::Type::String + name: 'minimal_action' +======= # Fine-grained resource need different autogenerated tests, as # we need to check destroy during a test step where the parent resource # still exists, rather than during CheckDestroy (when read returns @@ -76,6 +142,7 @@ examples: exclude_test: true virtual_fields: - name: 'minimal_action' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The minimal action to perform on the instance during an update. Default is `NONE`. Possible values are: @@ -83,9 +150,15 @@ virtual_fields: * RESTART * REFRESH * NONE +<<<<<<< HEAD + default_value: NONE + - !ruby/object:Api::Type::String + name: 'most_disruptive_allowed_action' +======= type: String default_value: "NONE" - name: 'most_disruptive_allowed_action' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The most disruptive action to perform on the instance during an update. Default is `REPLACE`. Possible values are: @@ -93,6 +166,21 @@ virtual_fields: * RESTART * REFRESH * NONE +<<<<<<< HEAD + default_value: REPLACE + - !ruby/object:Api::Type::Boolean + name: 'remove_instance_on_destroy' + conflicts: + - remove_instance_state_on_destroy + description: | + When true, deleting this config will immediately remove the underlying instance. + When false, deleting this config will use the behavior as determined by remove_instance_on_destroy. + default_value: false + - !ruby/object:Api::Type::Boolean + name: 'remove_instance_state_on_destroy' + conflicts: + - remove_instance_on_destroy +======= type: String default_value: "REPLACE" - name: 'remove_instance_on_destroy' @@ -102,10 +190,43 @@ virtual_fields: type: Boolean default_value: false - name: 'remove_instance_state_on_destroy' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | When true, deleting this config will immediately remove any specified state from the underlying instance. When false, deleting this config will *not* immediately remove any state from the underlying instance. State will be removed on the next instance recreation or update. +<<<<<<< HEAD + default_value: false +custom_code: !ruby/object:Provider::Terraform::CustomCode + encoder: templates/terraform/encoders/compute_per_instance_config.go.erb + update_encoder: templates/terraform/update_encoder/compute_per_instance_config.go.erb + post_update: templates/terraform/post_update/compute_per_instance_config.go.erb + custom_delete: templates/terraform/custom_delete/per_instance_config.go.erb +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'zone' + resource: 'Zone' + imports: 'name' + description: | + Zone where the containing instance group manager is located + required: false + url_param_only: true + immutable: true + ignore_read: true + default_from_api: true + - !ruby/object:Api::Type::ResourceRef + name: 'instanceGroupManager' + resource: 'InstanceGroupManager' + imports: 'name' + description: | + The instance group manager this instance config is part of. + required: true + url_param_only: true + immutable: true +properties: + - !ruby/object:Api::Type::String + name: 'name' +======= type: Boolean default_value: false parameters: @@ -132,10 +253,52 @@ parameters: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name for this per-instance config and its corresponding instance. required: true immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'preservedState' + description: 'The preserved state for this instance.' + properties: + - !ruby/object:Api::Type::KeyValuePairs + name: 'metadata' + description: | + Preserved metadata defined for this instance. This is a list of key->value pairs. + - !ruby/object:Api::Type::Array + name: 'disk' + api_name: disks + description: | + Stateful disks for the instance. + is_set: true + custom_flatten: templates/terraform/custom_flatten/preserved_state_disks.go.erb + custom_expand: templates/terraform/custom_expand/preserved_state_disks.go.erb + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: deviceName + required: true + description: | + A unique device name that is reflected into the /dev/ tree of a Linux operating system running within the instance. + - !ruby/object:Api::Type::String + name: source + required: true + description: | + The URI of an existing persistent disk to attach under the specified device-name in the format + `projects/project-id/zones/zone/disks/disk-name`. + - !ruby/object:Api::Type::Enum + name: mode + description: | + The mode of the disk. + values: + - :READ_ONLY + - :READ_WRITE + default_value: :READ_WRITE + - !ruby/object:Api::Type::Enum + name: deleteRule +======= - name: 'preservedState' type: NestedObject description: 'The preserved state for this instance.' @@ -176,12 +339,75 @@ properties: - 'READ_WRITE' - name: 'deleteRule' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A value that prescribes what should happen to the stateful disk when the VM instance is deleted. The available options are `NEVER` and `ON_PERMANENT_INSTANCE_DELETION`. `NEVER` - detach the disk when the VM is deleted, but do not delete the disk. `ON_PERMANENT_INSTANCE_DELETION` will delete the stateful disk when the VM is permanently deleted from the instance group. +<<<<<<< HEAD + values: + - :NEVER + - :ON_PERMANENT_INSTANCE_DELETION + default_value: :NEVER + - !ruby/object:Api::Type::Map + name: 'internalIp' + api_name: internalIPs + key_name: 'interface_name' + description: | + Preserved internal IPs defined for this instance. This map is keyed with the name of the network interface. + value_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Enum + name: autoDelete + description: | + These stateful IPs will never be released during autohealing, update or VM instance recreate operations. This flag is used to configure if the IP reservation should be deleted after it is no longer used by the group, e.g. when the given instance or the whole group is deleted. + values: + - :NEVER + - :ON_PERMANENT_INSTANCE_DELETION + default_value: :NEVER + - !ruby/object:Api::Type::NestedObject + name: 'ipAddress' + description: | + Ip address representation + properties: + - !ruby/object:Api::Type::ResourceRef + name: 'address' + resource: 'Address' + imports: 'selfLink' + description: | + The URL of the reservation for this IP address. + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Map + name: 'externalIp' + api_name: externalIPs + key_name: 'interface_name' + description: | + Preserved external IPs defined for this instance. This map is keyed with the name of the network interface. + value_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Enum + name: autoDelete + description: | + These stateful IPs will never be released during autohealing, update or VM instance recreate operations. This flag is used to configure if the IP reservation should be deleted after it is no longer used by the group, e.g. when the given instance or the whole group is deleted. + values: + - :NEVER + - :ON_PERMANENT_INSTANCE_DELETION + default_value: :NEVER + - !ruby/object:Api::Type::NestedObject + name: 'ipAddress' + description: | + Ip address representation + properties: + - !ruby/object:Api::Type::ResourceRef + name: 'address' + resource: 'Address' + imports: 'selfLink' + description: | + The URL of the reservation for this IP address. + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +======= default_value: "NEVER" enum_values: - 'NEVER' @@ -246,3 +472,4 @@ properties: custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Address' imports: 'selfLink' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/ProjectCloudArmorTier.yaml b/mmv1/products/compute/ProjectCloudArmorTier.yaml index 2eeb6d5d7fc3..7606a2d96083 100644 --- a/mmv1/products/compute/ProjectCloudArmorTier.yaml +++ b/mmv1/products/compute/ProjectCloudArmorTier.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,33 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'ProjectCloudArmorTier' +base_url: 'projects/{{project}}' +create_url: 'projects/{{project}}/setCloudArmorTier' +update_url: 'projects/{{project}}/setCloudArmorTier' +read_query_params: '?fields=cloudArmorTier' +create_verb: :POST +update_verb: :POST +description: | + Sets the Cloud Armor tier of the project. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Subscribing to Cloud Armor Enterprise': 'https://cloud.google.com/armor/docs/managed-protection-overview#subscribing_to_plus' + api: + 'https://cloud.google.com/compute/docs/reference/rest/v1/projects/setCloudArmorTier' +id_format: 'projects/{{project}}' +import_format: ['projects/{{project}}'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'compute_project_cloud_armor_tier_basic' + skip_test: true + primary_resource_id: 'cloud_armor_tier_config' + - !ruby/object:Provider::Terraform::Examples + name: 'compute_project_cloud_armor_tier_project_set' + skip_test: true +======= --- name: 'ProjectCloudArmorTier' description: | @@ -54,10 +85,44 @@ examples: primary_resource_id: 'cloud_armor_tier_config' exclude_test: true - name: 'compute_project_cloud_armor_tier_project_set' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'cloud_armor_tier_config' vars: project_id: 'your_project_id' test_env_vars: +<<<<<<< HEAD + org_id: :ORG_ID + billing_account: :BILLING_ACCT +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_delete: templates/terraform/custom_delete/only_remove_from_state.go.erb +properties: + - !ruby/object:Api::Type::Enum + name: 'cloudArmorTier' + required: true + description: | + Managed protection tier to be set. + values: + - :CA_STANDARD + - :CA_ENTERPRISE_PAYGO +======= org_id: 'ORG_ID' billing_account: 'BILLING_ACCT' exclude_test: true @@ -71,3 +136,4 @@ properties: enum_values: - 'CA_STANDARD' - 'CA_ENTERPRISE_PAYGO' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/PublicAdvertisedPrefix.yaml b/mmv1/products/compute/PublicAdvertisedPrefix.yaml index a040591657a0..f0841668bb02 100644 --- a/mmv1/products/compute/PublicAdvertisedPrefix.yaml +++ b/mmv1/products/compute/PublicAdvertisedPrefix.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,54 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'PublicAdvertisedPrefix' +base_url: projects/{{project}}/global/publicAdvertisedPrefixes +has_self_link: true +immutable: true +description: | + Represents a PublicAdvertisedPrefix for use with bring your own IP addresses (BYOIP). +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Using bring your own IP': 'https://cloud.google.com/vpc/docs/using-bring-your-own-ip' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/publicAdvertisedPrefixes' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'public_advertised_prefixes_basic' + primary_resource_id: 'prefixes' + # PAPs have very low quota limits and a shared testing range so serialized tests exist in: + # resource_compute_public_advertised_prefix_test.go + skip_test: true + vars: + prefixes_name: 'my-prefix' + test_env_vars: + desc: :PAP_DESCRIPTION +properties: + - !ruby/object:Api::Type::String + name: 'description' + description: An optional description of this resource. + - !ruby/object:Api::Type::String + name: 'name' +======= --- name: 'PublicAdvertisedPrefix' description: | @@ -59,6 +111,7 @@ properties: description: An optional description of this resource. - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters @@ -67,18 +120,35 @@ properties: following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'dnsVerificationIp' + description: The IPv4 address to be used for reverse DNS verification. + required: true + - !ruby/object:Api::Type::String + name: 'ipCidrRange' +======= - name: 'dnsVerificationIp' type: String description: The IPv4 address to be used for reverse DNS verification. required: true - name: 'ipCidrRange' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: The IPv4 address range, in CIDR format, represented by this public advertised prefix. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'sharedSecret' + output: true + description: | + Output Only. The shared secret to be used for reverse DNS verification. +======= - name: 'sharedSecret' type: String description: | Output Only. The shared secret to be used for reverse DNS verification. output: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/PublicDelegatedPrefix.yaml b/mmv1/products/compute/PublicDelegatedPrefix.yaml index da8ed28cdefc..d715e6e036a5 100644 --- a/mmv1/products/compute/PublicDelegatedPrefix.yaml +++ b/mmv1/products/compute/PublicDelegatedPrefix.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,62 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'PublicDelegatedPrefix' +base_url: projects/{{project}}/regions/{{region}}/publicDelegatedPrefixes +has_self_link: true +immutable: true +description: | + Represents a PublicDelegatedPrefix for use with bring your own IP addresses (BYOIP). +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Using bring your own IP': 'https://cloud.google.com/vpc/docs/using-bring-your-own-ip' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/publicDelegatedPrefixes' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'public_delegated_prefixes_basic' + primary_resource_id: 'prefixes' + # PAPs have very low quota limits and a shared testing range so serialized tests exist in: + # resource_compute_public_advertised_prefix_test.go + skip_test: true + vars: + prefixes_name: 'my-prefix' + test_env_vars: + desc: :PAP_DESCRIPTION +properties: + - !ruby/object:Api::Type::String + name: 'region' + description: 'A region where the prefix will reside.' + url_param_only: true + required: true + - !ruby/object:Api::Type::String + name: 'description' + description: An optional description of this resource. + - !ruby/object:Api::Type::Boolean + name: 'isLiveMigration' + description: If true, the prefix will be live migrated. + - !ruby/object:Api::Type::String + name: 'name' +======= --- name: 'PublicDelegatedPrefix' description: | @@ -67,6 +127,7 @@ properties: description: If true, the prefix will be live migrated. - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters @@ -75,15 +136,25 @@ properties: following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'parentPrefix' +======= - name: 'parentPrefix' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: The URL of parent prefix. Either PublicAdvertisedPrefix or PublicDelegatedPrefix. required: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'ipCidrRange' +======= - name: 'ipCidrRange' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: The IPv4 address range, in CIDR format, represented by this public advertised prefix. diff --git a/mmv1/products/compute/Region.yaml b/mmv1/products/compute/Region.yaml index 1bdfa4dad732..ccf8a7180357 100644 --- a/mmv1/products/compute/Region.yaml +++ b/mmv1/products/compute/Region.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,15 +15,44 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Region' +kind: 'compute#region' +base_url: projects/{{project}}/regions +collection_url_key: 'items' +has_self_link: true +readonly: true +======= --- name: 'Region' kind: 'compute#region' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Represents a Region resource. A region is a specific geographical location where you can run your resources. Each region has one or more zones # Used as a resource reference exclude: true +<<<<<<< HEAD +properties: + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::NestedObject + name: 'deprecated' + description: 'The deprecation state of this resource.' + output: true + properties: + - !ruby/object:Api::Type::Time + name: 'deleted' + description: | + An optional RFC3339 timestamp on or after which the deprecation state + of this resource will be changed to DELETED. + - !ruby/object:Api::Type::Time + name: 'deprecated' +======= readonly: true docs: base_url: 'projects/{{project}}/regions' @@ -48,25 +81,41 @@ properties: of this resource will be changed to DELETED. - name: 'deprecated' type: Time +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional RFC3339 timestamp on or after which the deprecation state of this resource will be changed to DEPRECATED. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Time + name: 'obsolete' +======= - name: 'obsolete' type: Time +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional RFC3339 timestamp on or after which the deprecation state of this resource will be changed to OBSOLETE. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'replacement' +======= - name: 'replacement' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The URL of the suggested replacement for a deprecated resource. The suggested replacement resource must be the same kind of resource as the deprecated resource. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'state' +======= - name: 'state' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The deprecation state of this resource. This can be DEPRECATED, OBSOLETE, or DELETED. Operations which create a new resource using a @@ -74,6 +123,44 @@ properties: indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error. +<<<<<<< HEAD + values: + - :DEPRECATED + - :OBSOLETE + - :DELETED + output: true + - !ruby/object:Api::Type::String + name: 'description' + description: 'An optional description of this resource.' + output: true + - !ruby/object:Api::Type::Integer + name: 'id' + description: 'The unique identifier for the resource.' + output: true + - !ruby/object:Api::Type::String + name: 'name' + description: 'Name of the resource.' + - !ruby/object:Api::Type::Array + name: 'quotas' + description: 'Quotas assigned to this region.' + output: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'metric' + description: 'Name of the quota metric.' + output: true + - !ruby/object:Api::Type::Double + name: 'limit' + description: 'Quota limit for this metric.' + output: true + - !ruby/object:Api::Type::Double + name: 'usage' + description: 'Current usage of this metric.' + output: true + - !ruby/object:Api::Type::String + name: 'owner' +======= output: true enum_values: - 'DEPRECATED' @@ -111,10 +198,26 @@ properties: output: true - name: 'owner' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: 'Owning resource. This is the resource on which this quota is applied.' output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'status' + description: | + Status of the region, either UP or DOWN. + values: + - :UP + - :DOWN + output: true + - !ruby/object:Api::Type::Array + name: 'zones' + description: 'List of zones within the region' + item_type: Api::Type::String + output: true +======= - name: 'status' type: Enum description: | @@ -129,3 +232,4 @@ properties: output: true item_type: type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/RegionAutoscaler.yaml b/mmv1/products/compute/RegionAutoscaler.yaml index 74463542f425..17e9f1b87a1f 100644 --- a/mmv1/products/compute/RegionAutoscaler.yaml +++ b/mmv1/products/compute/RegionAutoscaler.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,15 +15,52 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'RegionAutoscaler' +kind: 'compute#autoscaler' +base_url: projects/{{project}}/regions/{{region}}/autoscalers +update_url: projects/{{project}}/regions/{{region}}/autoscalers?autoscaler={{name}} +collection_url_key: 'items' +has_self_link: true +======= --- name: 'RegionAutoscaler' kind: 'compute#autoscaler' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Represents an Autoscaler resource. Autoscalers allow you to automatically scale virtual machine instances in managed instance groups according to an autoscaling policy that you define. +<<<<<<< HEAD +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Autoscaling Groups of Instances': 'https://cloud.google.com/compute/docs/autoscaler/' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionAutoscalers' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'region_autoscaler_basic' +======= references: guides: 'Autoscaling Groups of Instances': 'https://cloud.google.com/compute/docs/autoscaler/' @@ -50,6 +91,7 @@ collection_url_key: 'items' custom_code: examples: - name: 'region_autoscaler_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'foobar' vars: region_autoscaler_name: 'my-region-autoscaler' @@ -57,12 +99,31 @@ examples: target_pool_name: 'my-target-pool' rigm_name: 'my-region-igm' parameters: +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: 'region' + resource: 'Region' + imports: 'name' +======= - name: 'region' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | URL of the region where the instance group resides. required: false immutable: true +<<<<<<< HEAD + default_from_api: true + ignore_read: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::String + name: 'name' +======= ignore_read: true default_from_api: true custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' @@ -75,6 +136,7 @@ properties: output: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. The name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the @@ -83,6 +145,16 @@ properties: character, which cannot be a dash. required: true immutable: true +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + function: 'verify.ValidateGCEName' + - !ruby/object:Api::Type::String + name: 'description' + description: | + An optional description of this resource. + - !ruby/object:Api::Type::NestedObject + name: 'autoscalingPolicy' +======= validation: function: 'verify.ValidateGCEName' - name: 'description' @@ -91,6 +163,7 @@ properties: An optional description of this resource. - name: 'autoscalingPolicy' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The configuration parameters for the autoscaling algorithm. You can define one or more of the policies for an autoscaler: cpuUtilization, @@ -100,28 +173,50 @@ properties: on cpuUtilization to 0.6 or 60%. required: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'minReplicas' + api_name: 'minNumReplicas' + required: true +======= - name: 'minReplicas' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The minimum number of replicas that the autoscaler can scale down to. This cannot be less than 0. If not provided, autoscaler will choose a default value depending on maximum number of instances allowed. +<<<<<<< HEAD + send_empty_value: true + - !ruby/object:Api::Type::Integer + name: 'maxReplicas' + api_name: 'maxNumReplicas' +======= api_name: minNumReplicas required: true send_empty_value: true - name: 'maxReplicas' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The maximum number of instances that the autoscaler can scale up to. This is required when creating or updating an autoscaler. The maximum number of replicas should not be lower than minimal number of replicas. +<<<<<<< HEAD + send_empty_value: true + required: true + - !ruby/object:Api::Type::Integer + name: 'cooldownPeriod' + api_name: 'coolDownPeriodSec' +======= api_name: maxNumReplicas required: true send_empty_value: true - name: 'cooldownPeriod' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The number of seconds that the autoscaler should wait before it starts collecting information from a new instance. This prevents @@ -133,6 +228,53 @@ properties: numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process. +<<<<<<< HEAD + default_value: 60 + - !ruby/object:Api::Type::String + name: 'mode' + default_value: 'ON' + description: | + Defines operating mode for this policy. + - !ruby/object:Api::Type::NestedObject + name: 'scaleDownControl' + min_version: beta + description: | + Defines scale down controls to reduce the risk of response latency + and outages due to abrupt scale-in events + properties: + - !ruby/object:Api::Type::NestedObject + name: 'maxScaledDownReplicas' + at_least_one_of: + - autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas + - autoscaling_policy.0.scale_down_control.0.time_window_sec + properties: + - !ruby/object:Api::Type::Integer + name: 'fixed' + at_least_one_of: + - autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.fixed + - autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.percent + description: | + Specifies a fixed number of VM instances. This must be a positive + integer. + - !ruby/object:Api::Type::Integer + name: 'percent' + at_least_one_of: + - autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.fixed + - autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.percent + description: | + Specifies a percentage of instances between 0 to 100%, inclusive. + For example, specify 80 for 80%. + - !ruby/object:Api::Type::Integer + name: 'timeWindowSec' + at_least_one_of: + - autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas + - autoscaling_policy.0.scale_down_control.0.time_window_sec + description: | + How long back autoscaling should look when computing recommendations + to include directives regarding slower scale down, as described above. + - !ruby/object:Api::Type::NestedObject + name: 'scaleInControl' +======= api_name: coolDownPeriodSec default_value: 60 - name: 'mode' @@ -179,10 +321,45 @@ properties: - 'autoscaling_policy.0.scale_down_control.0.time_window_sec' - name: 'scaleInControl' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Defines scale in controls to reduce the risk of response latency and outages due to abrupt scale-in events properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'maxScaledInReplicas' + at_least_one_of: + - autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas + - autoscaling_policy.0.scale_in_control.0.time_window_sec + properties: + - !ruby/object:Api::Type::Integer + name: 'fixed' + at_least_one_of: + - autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.fixed + - autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.percent + description: | + Specifies a fixed number of VM instances. This must be a positive + integer. + - !ruby/object:Api::Type::Integer + name: 'percent' + at_least_one_of: + - autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.fixed + - autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.percent + description: | + Specifies a percentage of instances between 0 to 100%, inclusive. + For example, specify 80 for 80%. + - !ruby/object:Api::Type::Integer + name: 'timeWindowSec' + at_least_one_of: + - autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas + - autoscaling_policy.0.scale_in_control.0.time_window_sec + description: | + How long back autoscaling should look when computing recommendations + to include directives regarding slower scale down, as described above. + - !ruby/object:Api::Type::NestedObject + name: 'cpuUtilization' +======= - name: 'maxScaledInReplicas' type: NestedObject at_least_one_of: @@ -215,14 +392,22 @@ properties: - 'autoscaling_policy.0.scale_in_control.0.time_window_sec' - name: 'cpuUtilization' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group. default_from_api: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Double + name: 'target' + api_name: 'utilizationTarget' + required: true +======= - name: 'target' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The target CPU utilization that the autoscaler should maintain. Must be a float value in the range (0, 1]. If not specified, the @@ -237,16 +422,35 @@ properties: scales up until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'predictiveMethod' + default_value: NONE +======= api_name: utilizationTarget required: true - name: 'predictiveMethod' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: - NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. - OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand. +<<<<<<< HEAD + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb' + - !ruby/object:Api::Type::Array + name: 'metric' + api_name: 'customMetricUtilizations' + description: | + Configuration parameters of autoscaling based on a custom metric. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + api_name: 'metric' +======= custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' default_value: "NONE" - name: 'metric' @@ -259,15 +463,22 @@ properties: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE. +<<<<<<< HEAD + required: true + - !ruby/object:Api::Type::Double + name: 'singleInstanceAssignment' +======= api_name: metric required: true - name: 'singleInstanceAssignment' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to @@ -285,8 +496,14 @@ properties: latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead. +<<<<<<< HEAD + - !ruby/object:Api::Type::Double + name: 'target' + api_name: 'utilizationTarget' +======= - name: 'target' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The target value of the metric that autoscaler should maintain. This must be a positive value. A utilization @@ -297,6 +514,20 @@ properties: www.googleapis.com/compute/instance/network/received_bytes_count. The autoscaler will work to keep this value constant for each of the instances. +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'type' + api_name: 'utilizationTargetType' + description: | + Defines how target utilization value is expressed for a + Stackdriver Monitoring metric. + values: + - :GAUGE + - :DELTA_PER_SECOND + - :DELTA_PER_MINUTE + - !ruby/object:Api::Type::String + name: 'filter' +======= api_name: utilizationTarget - name: 'type' type: Enum @@ -310,6 +541,7 @@ properties: - 'DELTA_PER_MINUTE' - name: 'filter' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A filter string to be used as the filter string for a Stackdriver Monitoring TimeSeries.list API call. @@ -343,6 +575,17 @@ properties: (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'loadBalancingUtilization' + description: | + Configuration parameters of autoscaling based on a load balancer. + properties: + - !ruby/object:Api::Type::Double + name: 'target' + api_name: utilizationTarget + required: true +======= - name: 'loadBalancingUtilization' type: NestedObject description: | @@ -350,10 +593,25 @@ properties: properties: - name: 'target' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Fraction of backend capacity utilization (set in HTTP(s) load balancing configuration) that autoscaler should maintain. Must be a positive float value. If not defined, the default is 0.8. +<<<<<<< HEAD + - !ruby/object:Api::Type::Map + name: 'scalingSchedules' + description: | + Scaling schedules defined for an autoscaler. Multiple schedules can be set on an autoscaler and they can overlap. + key_name: name + key_description: | + A name for the schedule. + value_type: !ruby/object:Api::Type::NestedObject + name: scalingSchedule + properties: + - !ruby/object:Api::Type::Integer + name: 'minRequiredReplicas' +======= api_name: utilizationTarget required: true - name: 'scalingSchedules' @@ -369,10 +627,39 @@ properties: properties: - name: 'minRequiredReplicas' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Minimum number of VM instances that autoscaler will recommend in time intervals starting according to schedule. required: true send_empty_value: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'schedule' + description: | + The start timestamps of time intervals when this scaling schedule should provide a scaling signal. This field uses the extended cron format (with an optional year field). + required: true + - !ruby/object:Api::Type::String + name: 'timeZone' + default_value: UTC + description: | + The time zone to be used when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. + - !ruby/object:Api::Type::Integer + name: 'durationSec' + description: | + The duration of time intervals (in seconds) for which this scaling schedule will be running. The minimum allowed value is 300. + required: true + - !ruby/object:Api::Type::Boolean + name: 'disabled' + description: | + A boolean value that specifies if a scaling schedule can influence autoscaler recommendations. If set to true, then a scaling schedule has no effect. + default_value: false + - !ruby/object:Api::Type::String + name: 'description' + description: | + A description of a scaling schedule. + - !ruby/object:Api::Type::String + name: 'target' +======= - name: 'schedule' type: String description: | @@ -399,6 +686,7 @@ properties: A description of a scaling schedule. - name: 'target' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # TODO(#303): resourceref once RegionIGM exists # resource: 'RegionInstanceGroupManager' # imports: 'selfLink' diff --git a/mmv1/products/compute/RegionBackendService.yaml b/mmv1/products/compute/RegionBackendService.yaml index 17ce2a0c80ba..271638449c08 100644 --- a/mmv1/products/compute/RegionBackendService.yaml +++ b/mmv1/products/compute/RegionBackendService.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,56 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'RegionBackendService' +kind: 'compute#backendService' +base_url: projects/{{project}}/regions/{{region}}/backendServices +collection_url_key: 'items' +has_self_link: true +description: | + A Region Backend Service defines a regionally-scoped group of virtual + machines that will serve traffic for load balancing. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Internal TCP/UDP Load Balancing': 'https://cloud.google.com/compute/docs/load-balancing/internal/' + api: 'https://cloud.google.com/compute/docs/reference/latest/regionBackendServices' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'region_backend_service_basic' + primary_resource_id: 'default' + primary_resource_name: "fmt.Sprintf(\"tf-test-region-service%s\", + context[\"random_suffix\"\ + ])" + vars: + region_backend_service_name: 'region-service' + health_check_name: 'rbs-health-check' + - !ruby/object:Provider::Terraform::Examples + name: 'region_backend_service_external_iap' + primary_resource_id: 'default' + vars: + region_backend_service_name: 'tf-test-region-service-external' + - !ruby/object:Provider::Terraform::Examples + name: 'region_backend_service_cache' +======= --- name: 'RegionBackendService' kind: 'compute#backendService' @@ -76,10 +130,16 @@ examples: region_backend_service_name: 'region-service' health_check_name: 'rbs-health-check' - name: 'region_backend_service_ilb_round_robin' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: region_backend_service_name: 'region-service' health_check_name: 'rbs-health-check' +<<<<<<< HEAD + min_version: beta + - !ruby/object:Provider::Terraform::Examples + name: 'region_backend_service_ilb_round_robin' +======= - name: 'region_backend_service_external' primary_resource_id: 'default' min_version: 'beta' @@ -87,22 +147,77 @@ examples: region_backend_service_name: 'region-service' health_check_name: 'rbs-health-check' - name: 'region_backend_service_external_weighted' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: region_backend_service_name: 'region-service' health_check_name: 'rbs-health-check' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'region_backend_service_external' +======= - name: 'region_backend_service_ilb_ring_hash' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: region_backend_service_name: 'region-service' health_check_name: 'rbs-health-check' +<<<<<<< HEAD + min_version: beta + - !ruby/object:Provider::Terraform::Examples + name: 'region_backend_service_external_weighted' + primary_resource_id: 'default' + vars: + region_backend_service_name: 'region-service' + health_check_name: 'rbs-health-check' + - !ruby/object:Provider::Terraform::Examples + name: 'region_backend_service_ilb_ring_hash' + primary_resource_id: 'default' + vars: + region_backend_service_name: 'region-service' + health_check_name: 'rbs-health-check' + - !ruby/object:Provider::Terraform::Examples + name: 'region_backend_service_balancing_mode' +======= - name: 'region_backend_service_balancing_mode' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: region_backend_service_name: 'region-service' rigm_name: 'rbs-rigm' region_health_check_name: 'rbs-health-check' network_name: 'rbs-net' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'region_backend_service_connection_tracking' + min_version: 'beta' + primary_resource_id: 'default' + vars: + region_backend_service_name: 'region-service' + health_check_name: 'rbs-health-check' +iam_policy: !ruby/object:Api::Resource::IamPolicy + method_name_separator: '/' + fetch_iam_policy_verb: :GET + min_version: beta + iam_conditions_request_type: :QUERY_PARAM + parent_resource_attribute: 'name' + allowed_iam_role: 'roles/compute.admin' +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: templates/terraform/constants/region_backend_service.go.erb + encoder: templates/terraform/encoders/region_backend_service.go.erb + decoder: templates/terraform/decoders/region_backend_service.go.erb + post_create: 'templates/terraform/post_create/compute_region_backend_service_security_policy.go.erb' +custom_diff: [ + 'customDiffRegionBackendService', +] +migrate_state: 'tpgresource.MigrateStateNoop' +schema_version: 1 +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'region' + resource: 'Region' + imports: 'name' +======= - name: 'region_backend_service_connection_tracking' primary_resource_id: 'default' min_version: 'beta' @@ -112,11 +227,19 @@ examples: parameters: - name: 'region' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The Region in which the created backend service should reside. If it is not provided, the provider region is used. required: false default_from_api: true +<<<<<<< HEAD + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::Integer + name: 'affinityCookieTtlSec' +======= custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Region' @@ -124,6 +247,7 @@ parameters: properties: - name: 'affinityCookieTtlSec' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Lifetime of cookies in seconds if session_affinity is GENERATED_COOKIE. If set to 0, the cookie is non-persistent and lasts @@ -131,6 +255,24 @@ properties: maximum allowed value for TTL is one day. When the load balancing scheme is INTERNAL, this field is not used. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'backend' + api_name: 'backends' + is_set: true + set_hash_func: 'resourceGoogleComputeBackendServiceBackendHash' + description: | + The set of backends that serve this RegionBackendService. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Enum + name: 'balancingMode' + default_value: :UTILIZATION + values: + - :UTILIZATION + - :RATE + - :CONNECTION +======= - name: 'backend' type: Array description: | @@ -143,11 +285,16 @@ properties: properties: - name: 'balancingMode' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the balancing mode for this backend. See the [Backend Services Overview](https://cloud.google.com/load-balancing/docs/backend-service#balancing-mode) for an explanation of load balancing modes. +<<<<<<< HEAD + - !ruby/object:Api::Type::Double + name: 'capacityScaler' +======= default_value: "UTILIZATION" enum_values: - 'UTILIZATION' @@ -155,6 +302,7 @@ properties: - 'CONNECTION' - name: 'capacityScaler' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A multiplier applied to the group's maximum servicing capacity (based on UTILIZATION, RATE or CONNECTION). @@ -167,6 +315,24 @@ properties: A setting of 0 means the group is completely drained, offering 0% of its available Capacity. Valid range is [0.0,1.0]. send_empty_value: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'description' + description: | + An optional description of this resource. + Provide this property when you create the resource. + - !ruby/object:Api::Type::Boolean + name: 'failover' + default_from_api: true + description: | + This field designates whether this is a failover backend. More + than one failover backend can be configured for a given RegionBackendService. + - !ruby/object:Api::Type::String + name: 'group' + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' + custom_flatten: templates/terraform/custom_flatten/guard_self_link.go.erb +======= - name: 'description' type: String description: | @@ -180,6 +346,7 @@ properties: default_from_api: true - name: 'group' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The fully-qualified URL of an Instance Group or Network Endpoint Group resource. In case of instance group this defines the list @@ -201,11 +368,16 @@ properties: Note that you must specify an Instance Group or Network Endpoint Group resource using the fully-qualified URL, rather than a partial URL. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'maxConnections' +======= required: true diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' custom_flatten: 'templates/terraform/custom_flatten/guard_self_link.go.tmpl' - name: 'maxConnections' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The max number of simultaneous connections for the group. Can be used with either CONNECTION or UTILIZATION balancing modes. @@ -214,8 +386,13 @@ properties: For CONNECTION mode, either maxConnections or one of maxConnectionsPerInstance or maxConnectionsPerEndpoint, as appropriate for group type, must be set. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'maxConnectionsPerInstance' +======= - name: 'maxConnectionsPerInstance' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The max number of simultaneous connections that a single backend instance can handle. Cannot be set for INTERNAL backend @@ -225,8 +402,13 @@ properties: Can be used in either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or maxConnectionsPerInstance must be set. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'maxConnectionsPerEndpoint' +======= - name: 'maxConnectionsPerEndpoint' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The max number of simultaneous connections that a single backend network endpoint can handle. Cannot be set @@ -236,8 +418,13 @@ properties: used in either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or maxConnectionsPerEndpoint must be set. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'maxRate' +======= - name: 'maxRate' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The max requests per second (RPS) of the group. Cannot be set for INTERNAL backend services. @@ -246,35 +433,78 @@ properties: but required if RATE mode. Either maxRate or one of maxRatePerInstance or maxRatePerEndpoint, as appropriate for group type, must be set. +<<<<<<< HEAD + - !ruby/object:Api::Type::Double + name: 'maxRatePerInstance' +======= - name: 'maxRatePerInstance' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The max requests per second (RPS) that a single backend instance can handle. This is used to calculate the capacity of the group. Can be used in either balancing mode. For RATE mode, either maxRate or maxRatePerInstance must be set. Cannot be set for INTERNAL backend services. +<<<<<<< HEAD + - !ruby/object:Api::Type::Double + name: 'maxRatePerEndpoint' +======= - name: 'maxRatePerEndpoint' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The max requests per second (RPS) that a single backend network endpoint can handle. This is used to calculate the capacity of the group. Can be used in either balancing mode. For RATE mode, either maxRate or maxRatePerEndpoint must be set. Cannot be set for INTERNAL backend services. +<<<<<<< HEAD + - !ruby/object:Api::Type::Double + name: 'maxUtilization' +======= - name: 'maxUtilization' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Used when balancingMode is UTILIZATION. This ratio defines the CPU utilization target for the group. Valid range is [0.0, 1.0]. Cannot be set for INTERNAL backend services. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'circuitBreakers' +======= - name: 'circuitBreakers' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Settings controlling the volume of connections to a backend service. This field is applicable only when the `load_balancing_scheme` is set to INTERNAL_MANAGED and the `protocol` is set to HTTP, HTTPS, or HTTP2. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'connectTimeout' + min_version: beta + at_least_one_of: + - circuit_breakers.0.connect_timeout + - circuit_breakers.0.max_requests_per_connection + - circuit_breakers.0.max_connections + - circuit_breakers.0.max_pending_requests + - circuit_breakers.0.max_requests + - circuit_breakers.0.max_retries + description: | + The timeout for new network connections to hosts. + properties: + - !ruby/object:Api::Type::Integer + name: 'seconds' + required: true + description: | + Span of time at a resolution of a second. + Must be from 0 to 315,576,000,000 inclusive. + - !ruby/object:Api::Type::Integer + name: 'nanos' +======= - name: 'connectTimeout' type: NestedObject description: | @@ -296,18 +526,87 @@ properties: required: true - name: 'nanos' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'maxRequestsPerConnection' + at_least_one_of: + - circuit_breakers.0.connect_timeout + - circuit_breakers.0.max_requests_per_connection + - circuit_breakers.0.max_connections + - circuit_breakers.0.max_pending_requests + - circuit_breakers.0.max_requests + - circuit_breakers.0.max_retries +======= - name: 'maxRequestsPerConnection' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Maximum requests for a single backend connection. This parameter is respected by both the HTTP/1.1 and HTTP/2 implementations. If not specified, there is no limit. Setting this parameter to 1 will effectively disable keep alive. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'maxConnections' + default_value: 1024 + at_least_one_of: + - circuit_breakers.0.connect_timeout + - circuit_breakers.0.max_requests_per_connection + - circuit_breakers.0.max_connections + - circuit_breakers.0.max_pending_requests + - circuit_breakers.0.max_requests + - circuit_breakers.0.max_retries + description: | + The maximum number of connections to the backend cluster. + Defaults to 1024. + - !ruby/object:Api::Type::Integer + name: 'maxPendingRequests' + default_value: 1024 + at_least_one_of: + - circuit_breakers.0.connect_timeout + - circuit_breakers.0.max_requests_per_connection + - circuit_breakers.0.max_connections + - circuit_breakers.0.max_pending_requests + - circuit_breakers.0.max_requests + - circuit_breakers.0.max_retries + description: | + The maximum number of pending requests to the backend cluster. + Defaults to 1024. + - !ruby/object:Api::Type::Integer + name: 'maxRequests' + default_value: 1024 + at_least_one_of: + - circuit_breakers.0.connect_timeout + - circuit_breakers.0.max_requests_per_connection + - circuit_breakers.0.max_connections + - circuit_breakers.0.max_pending_requests + - circuit_breakers.0.max_requests + - circuit_breakers.0.max_retries + description: | + The maximum number of parallel requests to the backend cluster. + Defaults to 1024. + - !ruby/object:Api::Type::Integer + name: 'maxRetries' + default_value: 3 + at_least_one_of: + - circuit_breakers.0.connect_timeout + - circuit_breakers.0.max_requests_per_connection + - circuit_breakers.0.max_connections + - circuit_breakers.0.max_pending_requests + - circuit_breakers.0.max_requests + - circuit_breakers.0.max_retries + description: | + The maximum number of parallel retries to the backend cluster. + Defaults to 3. + - !ruby/object:Api::Type::NestedObject + name: 'consistentHash' +======= at_least_one_of: - 'circuit_breakers.0.connect_timeout' - 'circuit_breakers.0.max_requests_per_connection' @@ -369,6 +668,7 @@ properties: default_value: 3 - name: 'consistentHash' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing @@ -381,13 +681,42 @@ properties: * `protocol` is set to HTTP, HTTPS, or HTTP2 * `locality_lb_policy` is set to MAGLEV or RING_HASH properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'httpCookie' + at_least_one_of: + - consistent_hash.0.http_cookie + - consistent_hash.0.http_header_name + - consistent_hash.0.minimum_ring_size +======= - name: 'httpCookie' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE. +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::NestedObject + name: 'ttl' + at_least_one_of: + - consistent_hash.0.http_cookie.0.ttl + - consistent_hash.0.http_cookie.0.name + - consistent_hash.0.http_cookie.0.path + description: | + Lifetime of the cookie. + properties: + - !ruby/object:Api::Type::Integer + name: 'seconds' + required: true + description: | + Span of time at a resolution of a second. + Must be from 0 to 315,576,000,000 inclusive. + - !ruby/object:Api::Type::Integer + name: 'nanos' +======= at_least_one_of: - 'consistent_hash.0.http_cookie' - 'consistent_hash.0.http_header_name' @@ -410,11 +739,46 @@ properties: required: true - name: 'nanos' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'name' + at_least_one_of: + - consistent_hash.0.http_cookie.0.ttl + - consistent_hash.0.http_cookie.0.name + - consistent_hash.0.http_cookie.0.path + description: | + Name of the cookie. + - !ruby/object:Api::Type::String + name: 'path' + at_least_one_of: + - consistent_hash.0.http_cookie.0.ttl + - consistent_hash.0.http_cookie.0.name + - consistent_hash.0.http_cookie.0.path + description: | + Path to set for the cookie. + - !ruby/object:Api::Type::String + name: 'httpHeaderName' + at_least_one_of: + - consistent_hash.0.http_cookie + - consistent_hash.0.http_header_name + - consistent_hash.0.minimum_ring_size + description: | + The hash based on the value of the specified header field. + This field is applicable if the sessionAffinity is set to HEADER_FIELD. + - !ruby/object:Api::Type::Integer + name: 'minimumRingSize' + default_value: 1024 + at_least_one_of: + - consistent_hash.0.http_cookie + - consistent_hash.0.http_header_name + - consistent_hash.0.minimum_ring_size +======= - name: 'name' type: String description: | @@ -442,6 +806,7 @@ properties: - 'consistent_hash.0.minimum_ring_size' - name: 'minimumRingSize' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The minimum number of virtual nodes to use for the hash ring. Larger ring sizes result in more granular load @@ -449,6 +814,54 @@ properties: is larger than the ring size, each host will be assigned a single virtual node. Defaults to 1024. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'cdnPolicy' + description: 'Cloud CDN configuration for this BackendService.' + default_from_api: true + properties: + - !ruby/object:Api::Type::NestedObject + name: 'cacheKeyPolicy' + description: 'The CacheKeyPolicy for this CdnPolicy.' + at_least_one_of: + - cdn_policy.0.cache_key_policy + - cdn_policy.0.signed_url_cache_max_age_sec + properties: + - !ruby/object:Api::Type::Boolean + name: 'includeHost' + send_empty_value: true + at_least_one_of: + - cdn_policy.0.cache_key_policy.0.include_host + - cdn_policy.0.cache_key_policy.0.include_protocol + - cdn_policy.0.cache_key_policy.0.include_query_string + - cdn_policy.0.cache_key_policy.0.query_string_blacklist + - cdn_policy.0.cache_key_policy.0.query_string_whitelist + - cdn_policy.0.cache_key_policy.0.include_named_cookies + description: | + If true requests to different hosts will be cached separately. + - !ruby/object:Api::Type::Boolean + name: 'includeProtocol' + send_empty_value: true + at_least_one_of: + - cdn_policy.0.cache_key_policy.0.include_host + - cdn_policy.0.cache_key_policy.0.include_protocol + - cdn_policy.0.cache_key_policy.0.include_query_string + - cdn_policy.0.cache_key_policy.0.query_string_blacklist + - cdn_policy.0.cache_key_policy.0.query_string_whitelist + - cdn_policy.0.cache_key_policy.0.include_named_cookies + description: | + If true, http and https requests will be cached separately. + - !ruby/object:Api::Type::Boolean + name: 'includeQueryString' + send_empty_value: true + at_least_one_of: + - cdn_policy.0.cache_key_policy.0.include_host + - cdn_policy.0.cache_key_policy.0.include_protocol + - cdn_policy.0.cache_key_policy.0.include_query_string + - cdn_policy.0.cache_key_policy.0.query_string_blacklist + - cdn_policy.0.cache_key_policy.0.query_string_whitelist + - cdn_policy.0.cache_key_policy.0.include_named_cookies +======= at_least_one_of: - 'consistent_hash.0.http_cookie' - 'consistent_hash.0.http_header_name' @@ -492,6 +905,7 @@ properties: - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' - name: 'includeQueryString' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If true, include query string parameters in the cache key according to query_string_whitelist and @@ -500,6 +914,18 @@ properties: If false, the query string will be excluded from the cache key entirely. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'queryStringBlacklist' + send_empty_value: true + at_least_one_of: + - cdn_policy.0.cache_key_policy.0.include_host + - cdn_policy.0.cache_key_policy.0.include_protocol + - cdn_policy.0.cache_key_policy.0.include_query_string + - cdn_policy.0.cache_key_policy.0.query_string_blacklist + - cdn_policy.0.cache_key_policy.0.query_string_whitelist + - cdn_policy.0.cache_key_policy.0.include_named_cookies +======= send_empty_value: true at_least_one_of: - 'cdn_policy.0.cache_key_policy.0.include_host' @@ -510,6 +936,7 @@ properties: - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' - name: 'queryStringBlacklist' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Names of query string parameters to exclude in cache keys. @@ -518,6 +945,19 @@ properties: '&' and '=' will be percent encoded and not treated as delimiters. is_set: true +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + send_empty_value: true + name: 'queryStringWhitelist' + at_least_one_of: + - cdn_policy.0.cache_key_policy.0.include_host + - cdn_policy.0.cache_key_policy.0.include_protocol + - cdn_policy.0.cache_key_policy.0.include_query_string + - cdn_policy.0.cache_key_policy.0.query_string_blacklist + - cdn_policy.0.cache_key_policy.0.query_string_whitelist + - cdn_policy.0.cache_key_policy.0.include_named_cookies +======= send_empty_value: true at_least_one_of: - 'cdn_policy.0.cache_key_policy.0.include_host' @@ -530,6 +970,7 @@ properties: type: String - name: 'queryStringWhitelist' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Names of query string parameters to include in cache keys. @@ -538,6 +979,28 @@ properties: '&' and '=' will be percent encoded and not treated as delimiters. is_set: true +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'includeNamedCookies' + send_empty_value: true + at_least_one_of: + - cdn_policy.0.cache_key_policy.0.include_host + - cdn_policy.0.cache_key_policy.0.include_protocol + - cdn_policy.0.cache_key_policy.0.include_query_string + - cdn_policy.0.cache_key_policy.0.query_string_blacklist + - cdn_policy.0.cache_key_policy.0.query_string_whitelist + - cdn_policy.0.cache_key_policy.0.include_named_cookies + description: | + Names of cookies to include in cache keys. + item_type: Api::Type::String + - !ruby/object:Api::Type::Integer + name: 'signedUrlCacheMaxAgeSec' + default_value: 3600 + at_least_one_of: + - cdn_policy.0.cache_key_policy + - cdn_policy.0.signed_url_cache_max_age_sec +======= send_empty_value: true at_least_one_of: - 'cdn_policy.0.cache_key_policy.0.include_host' @@ -564,6 +1027,7 @@ properties: type: String - name: 'signedUrlCacheMaxAgeSec' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Maximum number of seconds the response to a signed URL request will be considered fresh, defaults to 1hr (3600s). After this @@ -575,16 +1039,70 @@ properties: "Cache-Control: public, max-age=[TTL]" header, regardless of any existing Cache-Control header. The actual headers served in responses will not be altered. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'defaultTtl' +======= at_least_one_of: - 'cdn_policy.0.cache_key_policy' - 'cdn_policy.0.signed_url_cache_max_age_sec' default_value: 3600 - name: 'defaultTtl' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'maxTtl' + description: | + Specifies the maximum allowed TTL for cached content served by this origin. + default_from_api: true + - !ruby/object:Api::Type::Integer + name: 'clientTtl' + description: | + Specifies the maximum allowed TTL for cached content served by this origin. + default_from_api: true + - !ruby/object:Api::Type::Boolean + name: 'negativeCaching' + send_empty_value: true + description: | + Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. + default_from_api: true + - !ruby/object:Api::Type::Array + name: 'negativeCachingPolicy' + description: | + Sets a cache TTL for the specified HTTP status code. negativeCaching must be enabled to configure negativeCachingPolicy. + Omitting the policy and leaving negativeCaching enabled will use Cloud CDN's default cache TTLs. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Integer + name: 'code' + description: | + The HTTP status code to define a TTL against. Only HTTP status codes 300, 301, 308, 404, 405, 410, 421, 451 and 501 + can be specified as values, and you cannot specify a status code more than once. + - !ruby/object:Api::Type::Integer + name: 'ttl' + min_version: beta + description: | + The TTL (in seconds) for which to cache responses with the corresponding status code. The maximum allowed value is 1800s + (30 minutes), noting that infrequently accessed objects may be evicted from the cache before the defined TTL. + - !ruby/object:Api::Type::Enum + name: 'cacheMode' + description: | + Specifies the cache setting for all responses from this backend. + The possible values are: USE_ORIGIN_HEADERS, FORCE_CACHE_ALL and CACHE_ALL_STATIC + values: + - :USE_ORIGIN_HEADERS + - :FORCE_CACHE_ALL + - :CACHE_ALL_STATIC + default_from_api: true + - !ruby/object:Api::Type::Integer + name: 'serveWhileStale' + send_empty_value: true +======= - name: 'maxTtl' type: Integer description: | @@ -632,17 +1150,35 @@ properties: - 'CACHE_ALL_STATIC' - name: 'serveWhileStale' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Serve existing content from the cache (if available) when revalidating content with the origin, or when an error is encountered when refreshing the cache. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'connectionDraining' +======= send_empty_value: true - name: 'connectionDraining' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Settings for connection draining flatten_object: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'connection_draining_timeout_sec' + api_name: drainingTimeoutSec + default_value: 300 + send_empty_value: true + description: | + Time for which instance will be drained (not accept new + connections, but still work to finish started). + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' +======= - name: 'connection_draining_timeout_sec' type: Integer description: | @@ -653,10 +1189,28 @@ properties: default_value: 300 - name: 'creationTimestamp' type: Time +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Creation timestamp in RFC3339 text format. output: true # customRequestHeaders only supported for EXTERNAL load balancing +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'description' + description: | + An optional description of this resource. + - !ruby/object:Api::Type::NestedObject + name: 'failoverPolicy' + description: | + Policy for failovers. + properties: + - !ruby/object:Api::Type::Boolean + name: 'disableConnectionDrainOnFailover' + at_least_one_of: + - failover_policy.0.disable_connection_drain_on_failover + - failover_policy.0.drop_traffic_if_unhealthy + - failover_policy.0.failover_ratio +======= - name: 'description' type: String description: | @@ -668,6 +1222,7 @@ properties: properties: - name: 'disableConnectionDrainOnFailover' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | On failover or failback, this field indicates whether connection drain will be honored. Setting this to true has the following effect: connections @@ -678,17 +1233,36 @@ properties: This can be set to true only if the protocol is TCP. The default is false. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'dropTrafficIfUnhealthy' + at_least_one_of: + - failover_policy.0.disable_connection_drain_on_failover + - failover_policy.0.drop_traffic_if_unhealthy + - failover_policy.0.failover_ratio +======= at_least_one_of: - 'failover_policy.0.disable_connection_drain_on_failover' - 'failover_policy.0.drop_traffic_if_unhealthy' - 'failover_policy.0.failover_ratio' - name: 'dropTrafficIfUnhealthy' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This option is used only when no healthy VMs are detected in the primary and backup instance groups. When set to true, traffic is dropped. When set to false, new connections are sent across all VMs in the primary group. The default is false. +<<<<<<< HEAD + send_empty_value: true + default_from_api: true + - !ruby/object:Api::Type::Double + name: 'failoverRatio' + at_least_one_of: + - failover_policy.0.disable_connection_drain_on_failover + - failover_policy.0.drop_traffic_if_unhealthy + - failover_policy.0.failover_ratio +======= default_from_api: true send_empty_value: true at_least_one_of: @@ -697,6 +1271,7 @@ properties: - 'failover_policy.0.failover_ratio' - name: 'failoverRatio' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The value of the field must be in [0, 1]. If the ratio of the healthy VMs in the primary backend is at or below this number, traffic arriving @@ -706,6 +1281,22 @@ properties: backend in the "force" mode, where traffic will be spread to the healthy VMs with the best effort, or to all VMs when no VM is healthy. This field is only used with l4 load balancing. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'enableCDN' + description: | + If true, enable Cloud CDN for this RegionBackendService. + - !ruby/object:Api::Type::Fingerprint + name: 'fingerprint' + output: true + description: | + Fingerprint of this resource. A hash of the contents stored in this + object. This field is used in optimistic locking. + - !ruby/object:Api::Type::Array + name: 'healthChecks' + min_size: 1 + max_size: 1 +======= at_least_one_of: - 'failover_policy.0.disable_connection_drain_on_failover' - 'failover_policy.0.drop_traffic_if_unhealthy' @@ -722,6 +1313,7 @@ properties: output: true - name: 'healthChecks' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The set of URLs to HealthCheck resources for health checking this RegionBackendService. Currently at most one health @@ -731,6 +1323,19 @@ properties: or serverless NEG as a backend. is_set: true set_hash_func: 'tpgresource.SelfLinkRelativePathHash' +<<<<<<< HEAD + custom_flatten: templates/terraform/custom_flatten/guard_self_link_array.go.erb + item_type: Api::Type::String + - !ruby/object:Api::Type::Integer + name: 'generated_id' + api_name: 'id' + description: + 'The unique identifier for the resource. This identifier is defined by the + server.' + output: true + - !ruby/object:Api::Type::NestedObject + name: 'iap' +======= custom_flatten: 'templates/terraform/custom_flatten/guard_self_link_array.go.tmpl' item_type: type: String @@ -745,10 +1350,37 @@ properties: output: true - name: 'iap' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: Settings for enabling Cloud Identity Aware Proxy default_from_api: true send_empty_value: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'enabled' + required: true + description: Whether the serving infrastructure will authenticate and authorize all incoming requests. + - !ruby/object:Api::Type::String + name: 'oauth2ClientId' + description: | + OAuth2 Client ID for IAP + - !ruby/object:Api::Type::String + name: 'oauth2ClientSecret' + description: | + OAuth2 Client Secret for IAP + send_empty_value: true + ignore_read: true + sensitive: true + - !ruby/object:Api::Type::String + name: 'oauth2ClientSecretSha256' + output: true + description: | + OAuth2 Client Secret SHA-256 for IAP + sensitive: true + - !ruby/object:Api::Type::Enum + name: 'loadBalancingScheme' + immutable: true +======= - name: 'enabled' type: Boolean description: Whether the serving infrastructure will authenticate and authorize all incoming requests. @@ -772,11 +1404,30 @@ properties: output: true - name: 'loadBalancingScheme' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates what kind of load balancing this regional backend service will be used for. A backend service created for one type of load balancing cannot be used with the other(s). For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service). +<<<<<<< HEAD + default_value: :INTERNAL + values: + - :EXTERNAL + - :EXTERNAL_MANAGED + - :INTERNAL + - :INTERNAL_MANAGED + - !ruby/object:Api::Type::Enum + name: 'localityLbPolicy' + values: + - :ROUND_ROBIN + - :LEAST_REQUEST + - :RING_HASH + - :RANDOM + - :ORIGINAL_DESTINATION + - :MAGLEV + - :WEIGHTED_MAGLEV +======= immutable: true default_value: "INTERNAL" enum_values: @@ -786,6 +1437,7 @@ properties: - 'INTERNAL_MANAGED' - name: 'localityLbPolicy' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The load balancing algorithm used within the scope of the locality. The possible values are: @@ -843,6 +1495,12 @@ properties: Only ROUND_ROBIN and RING_HASH are supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validate_for_proxyless field set to true. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'name' + required: true + immutable: true +======= enum_values: - 'ROUND_ROBIN' - 'LEAST_REQUEST' @@ -853,6 +1511,7 @@ properties: - 'WEIGHTED_MAGLEV' - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -861,21 +1520,54 @@ properties: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'outlierDetection' +======= required: true immutable: true - name: 'outlierDetection' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Settings controlling eviction of unhealthy hosts from the load balancing pool. This field is applicable only when the `load_balancing_scheme` is set to INTERNAL_MANAGED and the `protocol` is set to HTTP, HTTPS, or HTTP2. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'baseEjectionTime' + at_least_one_of: + - outlier_detection.0.base_ejection_time + - outlier_detection.0.consecutive_errors + - outlier_detection.0.consecutive_gateway_failure + - outlier_detection.0.enforcing_consecutive_errors + - outlier_detection.0.enforcing_consecutive_gateway_failure + - outlier_detection.0.enforcing_success_rate + - outlier_detection.0.interval + - outlier_detection.0.max_ejection_percent + - outlier_detection.0.success_rate_minimum_hosts + - outlier_detection.0.success_rate_request_volume + - outlier_detection.0.success_rate_stdev_factor +======= - name: 'baseEjectionTime' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The base time that a host is ejected for. The real time is equal to the base time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s. +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::Integer + name: 'seconds' + required: true + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 + inclusive. + - !ruby/object:Api::Type::Integer + name: 'nanos' +======= at_least_one_of: - 'outlier_detection.0.base_ejection_time' - 'outlier_detection.0.consecutive_errors' @@ -897,16 +1589,50 @@ properties: required: true - name: 'nanos' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'consecutiveErrors' + at_least_one_of: + - outlier_detection.0.base_ejection_time + - outlier_detection.0.consecutive_errors + - outlier_detection.0.consecutive_gateway_failure + - outlier_detection.0.enforcing_consecutive_errors + - outlier_detection.0.enforcing_consecutive_gateway_failure + - outlier_detection.0.enforcing_success_rate + - outlier_detection.0.interval + - outlier_detection.0.max_ejection_percent + - outlier_detection.0.success_rate_minimum_hosts + - outlier_detection.0.success_rate_request_volume + - outlier_detection.0.success_rate_stdev_factor +======= - name: 'consecutiveErrors' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Number of errors before a host is ejected from the connection pool. When the backend host is accessed over HTTP, a 5xx return code qualifies as an error. Defaults to 5. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'consecutiveGatewayFailure' + at_least_one_of: + - outlier_detection.0.base_ejection_time + - outlier_detection.0.consecutive_errors + - outlier_detection.0.consecutive_gateway_failure + - outlier_detection.0.enforcing_consecutive_errors + - outlier_detection.0.enforcing_consecutive_gateway_failure + - outlier_detection.0.enforcing_success_rate + - outlier_detection.0.interval + - outlier_detection.0.max_ejection_percent + - outlier_detection.0.success_rate_minimum_hosts + - outlier_detection.0.success_rate_request_volume + - outlier_detection.0.success_rate_stdev_factor +======= at_least_one_of: - 'outlier_detection.0.base_ejection_time' - 'outlier_detection.0.consecutive_errors' @@ -921,10 +1647,27 @@ properties: - 'outlier_detection.0.success_rate_stdev_factor' - name: 'consecutiveGatewayFailure' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The number of consecutive gateway failures (502, 503, 504 status or connection errors that are mapped to one of those status codes) before a consecutive gateway failure ejection occurs. Defaults to 5. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'enforcingConsecutiveErrors' + at_least_one_of: + - outlier_detection.0.base_ejection_time + - outlier_detection.0.consecutive_errors + - outlier_detection.0.consecutive_gateway_failure + - outlier_detection.0.enforcing_consecutive_errors + - outlier_detection.0.enforcing_consecutive_gateway_failure + - outlier_detection.0.enforcing_success_rate + - outlier_detection.0.interval + - outlier_detection.0.max_ejection_percent + - outlier_detection.0.success_rate_minimum_hosts + - outlier_detection.0.success_rate_request_volume + - outlier_detection.0.success_rate_stdev_factor +======= at_least_one_of: - 'outlier_detection.0.base_ejection_time' - 'outlier_detection.0.consecutive_errors' @@ -939,10 +1682,27 @@ properties: - 'outlier_detection.0.success_rate_stdev_factor' - name: 'enforcingConsecutiveErrors' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The percentage chance that a host will be actually ejected when an outlier status is detected through consecutive 5xx. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'enforcingConsecutiveGatewayFailure' + at_least_one_of: + - outlier_detection.0.base_ejection_time + - outlier_detection.0.consecutive_errors + - outlier_detection.0.consecutive_gateway_failure + - outlier_detection.0.enforcing_consecutive_errors + - outlier_detection.0.enforcing_consecutive_gateway_failure + - outlier_detection.0.enforcing_success_rate + - outlier_detection.0.interval + - outlier_detection.0.max_ejection_percent + - outlier_detection.0.success_rate_minimum_hosts + - outlier_detection.0.success_rate_request_volume + - outlier_detection.0.success_rate_stdev_factor +======= at_least_one_of: - 'outlier_detection.0.base_ejection_time' - 'outlier_detection.0.consecutive_errors' @@ -957,10 +1717,27 @@ properties: - 'outlier_detection.0.success_rate_stdev_factor' - name: 'enforcingConsecutiveGatewayFailure' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The percentage chance that a host will be actually ejected when an outlier status is detected through consecutive gateway failures. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 0. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'enforcingSuccessRate' + at_least_one_of: + - outlier_detection.0.base_ejection_time + - outlier_detection.0.consecutive_errors + - outlier_detection.0.consecutive_gateway_failure + - outlier_detection.0.enforcing_consecutive_errors + - outlier_detection.0.enforcing_consecutive_gateway_failure + - outlier_detection.0.enforcing_success_rate + - outlier_detection.0.interval + - outlier_detection.0.max_ejection_percent + - outlier_detection.0.success_rate_minimum_hosts + - outlier_detection.0.success_rate_request_volume + - outlier_detection.0.success_rate_stdev_factor +======= at_least_one_of: - 'outlier_detection.0.base_ejection_time' - 'outlier_detection.0.consecutive_errors' @@ -975,10 +1752,39 @@ properties: - 'outlier_detection.0.success_rate_stdev_factor' - name: 'enforcingSuccessRate' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The percentage chance that a host will be actually ejected when an outlier status is detected through success rate statistics. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'interval' + at_least_one_of: + - outlier_detection.0.base_ejection_time + - outlier_detection.0.consecutive_errors + - outlier_detection.0.consecutive_gateway_failure + - outlier_detection.0.enforcing_consecutive_errors + - outlier_detection.0.enforcing_consecutive_gateway_failure + - outlier_detection.0.enforcing_success_rate + - outlier_detection.0.interval + - outlier_detection.0.max_ejection_percent + - outlier_detection.0.success_rate_minimum_hosts + - outlier_detection.0.success_rate_request_volume + - outlier_detection.0.success_rate_stdev_factor + description: | + Time interval between ejection sweep analysis. This can result in both new + ejections as well as hosts being returned to service. Defaults to 10 seconds. + properties: + - !ruby/object:Api::Type::Integer + name: 'seconds' + required: true + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 + inclusive. + - !ruby/object:Api::Type::Integer + name: 'nanos' +======= at_least_one_of: - 'outlier_detection.0.base_ejection_time' - 'outlier_detection.0.consecutive_errors' @@ -1017,10 +1823,44 @@ properties: required: true - name: 'nanos' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'maxEjectionPercent' + at_least_one_of: + - outlier_detection.0.base_ejection_time + - outlier_detection.0.consecutive_errors + - outlier_detection.0.consecutive_gateway_failure + - outlier_detection.0.enforcing_consecutive_errors + - outlier_detection.0.enforcing_consecutive_gateway_failure + - outlier_detection.0.enforcing_success_rate + - outlier_detection.0.interval + - outlier_detection.0.max_ejection_percent + - outlier_detection.0.success_rate_minimum_hosts + - outlier_detection.0.success_rate_request_volume + - outlier_detection.0.success_rate_stdev_factor + description: | + Maximum percentage of hosts in the load balancing pool for the backend service + that can be ejected. Defaults to 10%. + - !ruby/object:Api::Type::Integer + name: 'successRateMinimumHosts' + at_least_one_of: + - outlier_detection.0.base_ejection_time + - outlier_detection.0.consecutive_errors + - outlier_detection.0.consecutive_gateway_failure + - outlier_detection.0.enforcing_consecutive_errors + - outlier_detection.0.enforcing_consecutive_gateway_failure + - outlier_detection.0.enforcing_success_rate + - outlier_detection.0.interval + - outlier_detection.0.max_ejection_percent + - outlier_detection.0.success_rate_minimum_hosts + - outlier_detection.0.success_rate_request_volume + - outlier_detection.0.success_rate_stdev_factor +======= - name: 'maxEjectionPercent' type: Integer description: | @@ -1040,11 +1880,28 @@ properties: - 'outlier_detection.0.success_rate_stdev_factor' - name: 'successRateMinimumHosts' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The number of hosts in a cluster that must have enough request volume to detect success rate outliers. If the number of hosts is less than this setting, outlier detection via success rate statistics is not performed for any host in the cluster. Defaults to 5. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'successRateRequestVolume' + at_least_one_of: + - outlier_detection.0.base_ejection_time + - outlier_detection.0.consecutive_errors + - outlier_detection.0.consecutive_gateway_failure + - outlier_detection.0.enforcing_consecutive_errors + - outlier_detection.0.enforcing_consecutive_gateway_failure + - outlier_detection.0.enforcing_success_rate + - outlier_detection.0.interval + - outlier_detection.0.max_ejection_percent + - outlier_detection.0.success_rate_minimum_hosts + - outlier_detection.0.success_rate_request_volume + - outlier_detection.0.success_rate_stdev_factor +======= at_least_one_of: - 'outlier_detection.0.base_ejection_time' - 'outlier_detection.0.consecutive_errors' @@ -1059,12 +1916,29 @@ properties: - 'outlier_detection.0.success_rate_stdev_factor' - name: 'successRateRequestVolume' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'successRateStdevFactor' + at_least_one_of: + - outlier_detection.0.base_ejection_time + - outlier_detection.0.consecutive_errors + - outlier_detection.0.consecutive_gateway_failure + - outlier_detection.0.enforcing_consecutive_errors + - outlier_detection.0.enforcing_consecutive_gateway_failure + - outlier_detection.0.enforcing_success_rate + - outlier_detection.0.interval + - outlier_detection.0.max_ejection_percent + - outlier_detection.0.success_rate_minimum_hosts + - outlier_detection.0.success_rate_request_volume + - outlier_detection.0.success_rate_stdev_factor +======= at_least_one_of: - 'outlier_detection.0.base_ejection_time' - 'outlier_detection.0.consecutive_errors' @@ -1079,6 +1953,7 @@ properties: - 'outlier_detection.0.success_rate_stdev_factor' - name: 'successRateStdevFactor' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success @@ -1086,6 +1961,10 @@ properties: success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'portName' +======= at_least_one_of: - 'outlier_detection.0.base_ejection_time' - 'outlier_detection.0.consecutive_errors' @@ -1100,6 +1979,7 @@ properties: - 'outlier_detection.0.success_rate_stdev_factor' - name: 'portName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the @@ -1109,12 +1989,58 @@ properties: default of "http" if not given. Must be omitted when the loadBalancingScheme is INTERNAL (Internal TCP/UDP Load Balancing). default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'protocol' +======= - name: 'protocol' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The protocol this RegionBackendService uses to communicate with backends. The default is HTTP. **NOTE**: HTTP2 is only valid for beta HTTP/2 load balancer types and may result in errors if used with the GA API. +<<<<<<< HEAD + # This is removed to avoid breaking terraform, as default values cannot be + # unspecified. Providers should include this as needed via overrides + # default_value: :TCP + values: + - :HTTP + - :HTTPS + - :HTTP2 + - :SSL + - :TCP + - :UDP + - :GRPC + - :UNSPECIFIED + default_from_api: true + - !ruby/object:Api::Type::String + name: 'securityPolicy' + min_version: beta + description: | + The security policy associated with this backend service. + update_verb: :POST + update_url: 'projects/{{project}}/regions/{{region}}/backendServices/{{name}}/setSecurityPolicy' + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - !ruby/object:Api::Type::Enum + name: 'sessionAffinity' + description: | + Type of session affinity to use. The default is NONE. Session affinity is + not applicable if the protocol is UDP. + values: + - :NONE + - :CLIENT_IP + - :CLIENT_IP_PORT_PROTO + - :CLIENT_IP_PROTO + - :GENERATED_COOKIE + - :HEADER_FIELD + - :HTTP_COOKIE + - :CLIENT_IP_NO_DESTINATION + default_from_api: true + - !ruby/object:Api::Type::NestedObject + name: 'connectionTrackingPolicy' + min_version: 'beta' +======= default_from_api: true # This is removed to avoid breaking terraform, as default values cannot be # unspecified. Providers should include this as needed via overrides @@ -1153,14 +2079,21 @@ properties: - 'CLIENT_IP_NO_DESTINATION' - name: 'connectionTrackingPolicy' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Connection Tracking configuration for this BackendService. This is available only for Layer 4 Internal Load Balancing and Network Load Balancing. +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::Integer + name: 'idleTimeoutSec' +======= min_version: 'beta' properties: - name: 'idleTimeoutSec' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds). @@ -1169,8 +2102,13 @@ properties: For NLB the minimum(default) is 60 seconds and the maximum is 16 hours. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'trackingMode' +======= - name: 'trackingMode' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the key used for connection tracking. There are two options: `PER_CONNECTION`: The Connection Tracking is performed as per the @@ -1178,12 +2116,21 @@ properties: `PER_SESSION`: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity. +<<<<<<< HEAD + default_value: :PER_CONNECTION + values: + - :PER_CONNECTION + - :PER_SESSION + - !ruby/object:Api::Type::Enum + name: 'connectionPersistenceOnUnhealthyBackends' +======= default_value: "PER_CONNECTION" enum_values: - 'PER_CONNECTION' - 'PER_SESSION' - name: 'connectionPersistenceOnUnhealthyBackends' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies connection persistence when backends are unhealthy. @@ -1201,6 +2148,18 @@ properties: If set to `ALWAYS_PERSIST`, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default. +<<<<<<< HEAD + default_value: :DEFAULT_FOR_PROTOCOL + values: + - :DEFAULT_FOR_PROTOCOL + - :NEVER_PERSIST + - :ALWAYS_PERSIST + - !ruby/object:Api::Type::Boolean + name: enableStrongAffinity + description: Enable Strong Session Affinity for Network Load Balancing. This option is not available publicly. + - !ruby/object:Api::Type::Integer + name: 'timeoutSec' +======= default_value: "DEFAULT_FOR_PROTOCOL" enum_values: - 'DEFAULT_FOR_PROTOCOL' @@ -1211,19 +2170,40 @@ properties: description: Enable Strong Session Affinity for Network Load Balancing. This option is not available publicly. - name: 'timeoutSec' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The backend service timeout has a different meaning depending on the type of load balancer. For more information see, [Backend service settings](https://cloud.google.com/compute/docs/reference/rest/v1/backendServices). The default is 30 seconds. The full range of timeout values allowed goes from 1 through 2,147,483,647 seconds. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'logConfig' +======= - name: 'logConfig' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver. default_from_api: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'enable' + at_least_one_of: + - log_config.0.enable + - log_config.0.sample_rate + description: | + Whether to enable logging for the load balancer traffic served by this backend service. + send_empty_value: true + - !ruby/object:Api::Type::Double + name: 'sampleRate' + at_least_one_of: + - log_config.0.enable + - log_config.0.sample_rate +======= - name: 'enable' type: Boolean description: | @@ -1234,11 +2214,37 @@ properties: - 'log_config.0.sample_rate' - name: 'sampleRate' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0. +<<<<<<< HEAD + default_value: 1.0 + diff_suppress_func: 'suppressWhenDisabled' + - !ruby/object:Api::Type::ResourceRef + resource: 'Network' + name: 'network' + imports: 'selfLink' + description: | + The URL of the network to which this backend service belongs. + This field can only be specified when the load balancing scheme is set to INTERNAL. + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::NestedObject + name: 'subsetting' + min_version: beta + description: | + Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing and Internal HTTP(S) load balancing. + properties: + - !ruby/object:Api::Type::Enum + name: 'policy' + values: + - :CONSISTENT_HASH_SUBSETTING + required: true + description: | + The algorithm used for subsetting. +======= at_least_one_of: - 'log_config.0.enable' - 'log_config.0.sample_rate' @@ -1265,3 +2271,4 @@ properties: required: true enum_values: - 'CONSISTENT_HASH_SUBSETTING' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/RegionCommitment.yaml b/mmv1/products/compute/RegionCommitment.yaml index 38f332a23341..c841268b5162 100644 --- a/mmv1/products/compute/RegionCommitment.yaml +++ b/mmv1/products/compute/RegionCommitment.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,15 +15,74 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'RegionCommitment' +kind: 'compute#commitment' +base_url: projects/{{project}}/regions/{{region}}/commitments +collection_url_key: 'items' +has_self_link: true +# Cannot be deleted +skip_delete: true +# Cannot be updated (as of implementation date) +immutable: true +======= --- name: 'RegionCommitment' kind: 'compute#commitment' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Represents a regional Commitment resource. Creating a commitment resource means that you are purchasing a committed use contract with an explicit start and end time. You can create commitments based on vCPUs and memory usage and receive discounted rates. +<<<<<<< HEAD +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Committed use discounts for Compute Engine': 'https://cloud.google.com/compute/docs/instances/committed-use-discounts-overview' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionCommitments' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'compute_region_commitment_basic' + primary_resource_id: 'foobar' + # Creating a resource means signing a contract + # Spanning years that cannot be deleted + skip_test: true + vars: + region_commitment_name: 'my-region-commitment' + - !ruby/object:Provider::Terraform::Examples + name: 'compute_region_commitment_full' + primary_resource_id: 'foobar' + # Creating a resource means signing a contract + # Spanning years that cannot be deleted + skip_test: true + vars: + region_commitment_name: 'my-full-commitment' +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'region' + resource: 'Region' + imports: 'name' +======= references: guides: 'Committed use discounts for Compute Engine': 'https://cloud.google.com/compute/docs/instances/committed-use-discounts-overview' @@ -69,10 +132,27 @@ examples: parameters: - name: 'region' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | URL of the region where this commitment may be used. required: false default_from_api: true +<<<<<<< HEAD + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::Integer + name: 'commitment_id' + api_name: 'id' + description: 'Unique identifier for the resource.' + output: true + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::String + name: 'name' +======= custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Region' @@ -89,6 +169,7 @@ properties: output: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. The name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the @@ -96,6 +177,60 @@ properties: characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + function: 'verify.ValidateGCEName' + - !ruby/object:Api::Type::String + name: 'description' + description: | + An optional description of this resource. + - !ruby/object:Api::Type::Enum + name: 'status' + output: true + description: | + Status of the commitment with regards to eventual expiration + (each commitment has an end date defined). + values: + - :NOT_YET_ACTIVE + - :ACTIVE + - :EXPIRED + - !ruby/object:Api::Type::String + name: 'statusMessage' + output: true + description: | + A human-readable explanation of the status. + - !ruby/object:Api::Type::Enum + name: 'plan' + required: true + description: | + The plan for this commitment, which determines duration and discount rate. + The currently supported plans are TWELVE_MONTH (1 year), and THIRTY_SIX_MONTH (3 years). + values: + - :TWELVE_MONTH + - :THIRTY_SIX_MONTH + - !ruby/object:Api::Type::Time + name: 'startTimestamp' + description: 'Commitment start time in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::Time + name: 'endTimestamp' + description: 'Commitment end time in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::Array + name: resources + description: | + A list of commitment amounts for particular resources. + Note that VCPU and MEMORY resource commitments must occur together. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'type' + description: | + Type of resource for which this commitment applies. + Possible values are VCPU, MEMORY, LOCAL_SSD, and ACCELERATOR. + - !ruby/object:Api::Type::String + name: 'amount' +======= validation: function: 'verify.ValidateGCEName' - name: 'description' @@ -149,31 +284,74 @@ properties: Possible values are VCPU, MEMORY, LOCAL_SSD, and ACCELERATOR. - name: 'amount' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The amount of the resource purchased (in a type-dependent unit, such as bytes). For vCPUs, this can just be an integer. For memory, this must be provided in MB. Memory must be a multiple of 256 MB, with up to 6.5GB of memory per every vCPU. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'acceleratorType' + description: | + Name of the accelerator type resource. Applicable only when the type is ACCELERATOR. + - !ruby/object:Api::Type::String + name: 'type' + default_from_api: true +======= - name: 'acceleratorType' type: String description: | Name of the accelerator type resource. Applicable only when the type is ACCELERATOR. - name: 'type' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The type of commitment, which affects the discount rate and the eligible resources. The type could be one of the following value: `MEMORY_OPTIMIZED`, `ACCELERATOR_OPTIMIZED`, `GENERAL_PURPOSE_N1`, `GENERAL_PURPOSE_N2`, `GENERAL_PURPOSE_N2D`, `GENERAL_PURPOSE_E2`, `GENERAL_PURPOSE_T2D`, `GENERAL_PURPOSE_C3`, `COMPUTE_OPTIMIZED_C2`, `COMPUTE_OPTIMIZED_C2D` and `GRAPHICS_OPTIMIZED_G2` +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'category' + default_from_api: true +======= default_from_api: true - name: 'category' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The category of the commitment. Category MACHINE specifies commitments composed of machine resources such as VCPU or MEMORY, listed in resources. Category LICENSE specifies commitments composed of software licenses, listed in licenseResources. Note that only MACHINE commitments should have a Type specified. +<<<<<<< HEAD + values: + - :LICENSE + - :MACHINE + - !ruby/object:Api::Type::NestedObject + name: 'licenseResource' + description: | + The license specification required as part of a license commitment. + properties: + - !ruby/object:Api::Type::String + name: 'license' + required: true + description: | + Any applicable license URI. + - !ruby/object:Api::Type::String + name: 'amount' + description: | + The number of licenses purchased. + - !ruby/object:Api::Type::String + name: 'coresPerLicense' + description: | + Specifies the core range of the instance for which this license applies. + - !ruby/object:Api::Type::Boolean + name: 'autoRenew' + default_from_api: true +======= default_from_api: true enum_values: - 'LICENSE' @@ -198,14 +376,23 @@ properties: Specifies the core range of the instance for which this license applies. - name: 'autoRenew' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies whether to enable automatic renewal for the commitment. The default value is false if not specified. If the field is set to true, the commitment will be automatically renewed for either one or three years according to the terms of the existing commitment. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'existingReservations' + default_from_api: true + description: | + Specifies the already existing reservations to attach to the Commitment. +======= default_from_api: true - name: 'existingReservations' type: String description: | Specifies the already existing reservations to attach to the Commitment. default_from_api: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/RegionDisk.yaml b/mmv1/products/compute/RegionDisk.yaml index 56cadab731ae..519e4b1d8d60 100644 --- a/mmv1/products/compute/RegionDisk.yaml +++ b/mmv1/products/compute/RegionDisk.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,9 +15,19 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'RegionDisk' +kind: 'compute#disk' +immutable: true +base_url: projects/{{project}}/regions/{{region}}/disks +collection_url_key: 'items' +has_self_link: true +======= --- name: 'RegionDisk' kind: 'compute#disk' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Persistent disks are durable storage devices that function similarly to the physical disks in a desktop or a server. Compute Engine manages the @@ -30,6 +44,45 @@ description: | Add a persistent disk to your instance when you need reliable and affordable storage with consistent performance characteristics. +<<<<<<< HEAD +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Adding or Resizing Regional Persistent Disks': 'https://cloud.google.com/compute/docs/disks/regional-persistent-disk' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionDisks' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +custom_code: !ruby/object:Provider::Terraform::CustomCode + pre_delete: templates/terraform/pre_delete/detach_disk.erb + encoder: templates/terraform/encoders/disk.erb + decoder: templates/terraform/decoders/disk.erb +custom_diff: [ + 'customdiff.ForceNewIfChange("size", IsDiskShrinkage)', + 'hyperDiskIopsUpdateDiffSupress', +] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'region_disk_basic' + primary_resource_id: 'regiondisk' + primary_resource_name: "fmt.Sprintf(\"tf-test-my-region-disk%s\", + context[\"random_suffix\"\ + ])" +======= references: guides: 'Adding or Resizing Regional Persistent Disks': 'https://cloud.google.com/compute/docs/disks/regional-persistent-disk' @@ -75,10 +128,49 @@ examples: - name: 'region_disk_basic' primary_resource_id: 'regiondisk' primary_resource_name: 'fmt.Sprintf("tf-test-my-region-disk%s", context["random_suffix"])' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: region_disk_name: 'my-region-disk' disk_name: 'my-disk' snapshot_name: 'my-snapshot' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'region_disk_async' + primary_resource_id: 'primary' + primary_resource_name: "fmt.Sprintf(\"tf-test-my-region-disk%s\", + context[\"random_suffix\"\ + ])" + vars: + region_disk_name: 'primary-region-disk' + secondary_region_disk_name: 'secondary-region-disk' + - !ruby/object:Provider::Terraform::Examples + name: 'region_disk_features' + primary_resource_id: 'regiondisk' + primary_resource_name: "fmt.Sprintf(\"tf-test-my-region-disk%s\", + context[\"random_suffix\"\ + ])" + vars: + region_disk_name: 'my-region-features-disk' +iam_policy: !ruby/object:Api::Resource::IamPolicy + method_name_separator: '/' + fetch_iam_policy_verb: :GET + parent_resource_attribute: 'name' + import_format: + ['projects/{{project}}/regions/{{region}}/disks/{{name}}', '{{name}}'] + base_url: projects/{{project}}/regions/{{region}}/disks/{{name}} +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'region' + resource: 'Region' + imports: 'name' + description: 'A reference to the region where the disk resides.' + required: false + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::NestedObject + name: 'diskEncryptionKey' +======= - name: 'region_disk_async' primary_resource_id: 'primary' primary_resource_name: 'fmt.Sprintf("tf-test-my-region-disk%s", context["random_suffix"])' @@ -102,6 +194,7 @@ parameters: imports: 'name' - name: 'diskEncryptionKey' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Encrypts the disk using a customer-supplied encryption key. @@ -115,27 +208,51 @@ parameters: If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::String + name: 'rawKey' +======= immutable: true properties: - name: 'rawKey' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. sensitive: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'sha256' +======= - name: 'sha256' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource. output: true # TODO(chrisst) Change to ResourceRef once KMS is in Magic Modules +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'kmsKeyName' + description: | + The name of the encryption key that is stored in Google Cloud KMS. + immutable: true + - !ruby/object:Api::Type::ResourceRef + name: 'snapshot' + api_name: sourceSnapshot + resource: 'Snapshot' + imports: 'selfLink' +======= - name: 'kmsKeyName' type: String description: | The name of the encryption key that is stored in Google Cloud KMS. - name: 'snapshot' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are @@ -145,24 +262,45 @@ parameters: * `projects/project/global/snapshots/snapshot` * `global/snapshots/snapshot` * `snapshot` +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::NestedObject + name: 'sourceSnapshotEncryptionKey' +======= api_name: sourceSnapshot custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Snapshot' imports: 'selfLink' - name: 'sourceSnapshotEncryptionKey' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key. +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::String + name: 'rawKey' +======= immutable: true properties: - name: 'rawKey' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. # TODO(chrisst) Change to ResourceRef once KMS is in Magic Modules +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'kmsKeyName' + min_version: beta + description: | + The name of the encryption key that is stored in Google Cloud KMS. + - !ruby/object:Api::Type::String + name: 'sha256' +======= - name: 'kmsKeyName' type: String description: | @@ -170,12 +308,19 @@ parameters: min_version: 'beta' - name: 'sha256' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource. output: true +<<<<<<< HEAD + immutable: true + - !ruby/object:Api::Type::String + name: 'sourceSnapshotId' +======= - name: 'sourceSnapshotId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent @@ -185,6 +330,40 @@ parameters: used. output: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Fingerprint + name: 'labelFingerprint' + description: | + The fingerprint used for optimistic locking of this resource. Used + internally during updates. + update_url: 'projects/{{project}}/regions/{{region}}/disks/{{name}}/setLabels' + update_verb: :POST + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::String + name: 'description' + description: | + An optional description of this resource. Provide this property when + you create the resource. + - !ruby/object:Api::Type::Time + name: 'lastAttachTimestamp' + description: 'Last attach timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::Time + name: 'lastDetachTimestamp' + description: 'Last detach timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: | + Labels to apply to this disk. A list of key->value pairs. + update_verb: :POST + update_url: 'projects/{{project}}/regions/{{region}}/disks/{{name}}/setLabels' + - !ruby/object:Api::Type::String + name: 'name' +======= - name: 'labelFingerprint' type: Fingerprint description: | @@ -219,6 +398,7 @@ properties: update_verb: 'POST' - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -227,10 +407,19 @@ properties: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. +<<<<<<< HEAD + immutable: true + required: true + - !ruby/object:Api::Type::Integer + name: 'size' + api_name: sizeGb + default_from_api: true +======= required: true immutable: true - name: 'size' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Size of the persistent disk, specified in GB. You can specify this field when creating a persistent disk using the sourceImage or @@ -240,6 +429,24 @@ properties: If you specify this field along with sourceImage or sourceSnapshot, the value of sizeGb must not be less than the size of the sourceImage or the size of the snapshot. +<<<<<<< HEAD + update_verb: :POST + update_url: 'projects/{{project}}/regions/{{region}}/disks/{{name}}/resize' + - !ruby/object:Api::Type::Array + name: 'users' + description: | + Links to the users of the disk (attached instances) in form: + project/zones/zone/instances/instance + item_type: !ruby/object:Api::Type::ResourceRef + name: 'user' + resource: 'Instance' + imports: 'selfLink' + description: 'A reference to a user of this disk' + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' + output: true + - !ruby/object:Api::Type::Integer + name: 'physicalBlockSizeBytes' +======= api_name: sizeGb default_from_api: true update_url: 'projects/{{project}}/regions/{{region}}/disks/{{name}}/resize' @@ -259,6 +466,7 @@ properties: imports: 'selfLink' - name: 'physicalBlockSizeBytes' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Physical block size of the persistent disk, in bytes. If not present in a request, a default value is used. Currently supported sizes @@ -266,6 +474,33 @@ properties: If an unsupported value is requested, the error message will list the supported values for the caller's project. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'replicaZones' + description: 'URLs of the zones where the disk should be replicated to.' + min_size: 2 + max_size: 2 + required: true + item_type: !ruby/object:Api::Type::ResourceRef + name: 'zone' + resource: 'Zone' + imports: 'selfLink' + description: | + A reference to a zone where the disk should be replicated to. + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::ResourceRef + name: 'type' + resource: 'RegionDiskType' + imports: 'selfLink' + description: | + URL of the disk type resource describing which disk type to use to + create the disk. Provide this when creating the disk. + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + default_value: 'pd-standard' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::String + name: 'interface' +======= - name: 'replicaZones' type: Array description: 'URLs of the zones where the disk should be replicated to.' @@ -294,15 +529,29 @@ properties: type: String description: | Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 min_version: 'beta' # interface is removed using url_param_only to preserve schema definition # and prevent sending or reading in API requests url_param_only: true +<<<<<<< HEAD + default_value: 'SCSI' + deprecation_message: >- + `interface` is deprecated and will be removed in a future major release. + This field is no longer used and can be safely removed from your configurations; + disk interfaces are automatically determined on attachment. + description: | + Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI. + diff_suppress_func: AlwaysDiffSuppress + - !ruby/object:Api::Type::String + name: 'sourceDisk' +======= diff_suppress_func: 'AlwaysDiffSuppress' default_value: "SCSI" deprecation_message: '`interface` is deprecated and will be removed in a future major release. This field is no longer used and can be safely removed from your configurations; disk interfaces are automatically determined on attachment.' - name: 'sourceDisk' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: @@ -314,13 +563,66 @@ properties: * zones/{zone}/disks/{disk} * regions/{region}/disks/{disk} diff_suppress_func: 'sourceDiskDiffSupress' +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'sourceDiskId' +======= - name: 'sourceDiskId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The ID value of the disk used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given disk name. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'asyncPrimaryDisk' + properties: + - !ruby/object:Api::Type::String + name: 'disk' + description: | + Primary disk for asynchronous disk replication. + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' + - !ruby/object:Api::Type::Array + name: 'guestOsFeatures' + description: | + A list of features to enable on the guest operating system. + Applicable only for bootable disks. + default_from_api: true + is_set: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Enum + name: 'type' + required: true + description: | + The type of supported feature. Read [Enabling guest operating system features](https://cloud.google.com/compute/docs/images/create-delete-deprecate-private-images#guest-os-features) to see a list of available options. + values: + - :MULTI_IP_SUBNET + - :SECURE_BOOT + - :SEV_CAPABLE + - :UEFI_COMPATIBLE + - :VIRTIO_SCSI_MULTIQUEUE + - :WINDOWS + - :GVNIC + - :SEV_LIVE_MIGRATABLE + - :SEV_SNP_CAPABLE + - :SUSPEND_RESUME_COMPATIBLE + - :TDX_CAPABLE + - !ruby/object:Api::Type::Array + name: 'licenses' + description: Any applicable license URI. + default_from_api: true + immutable: true + item_type: !ruby/object:Api::Type::ResourceRef + name: 'license' + description: 'An applicable license URI' + resource: 'License' + imports: 'selfLink' + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' +======= - name: 'asyncPrimaryDisk' type: NestedObject diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' @@ -369,3 +671,4 @@ properties: description: 'An applicable license URI' resource: 'License' imports: 'selfLink' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/RegionDiskResourcePolicyAttachment.yaml b/mmv1/products/compute/RegionDiskResourcePolicyAttachment.yaml index c2eeedbb584e..b8f1b5240194 100644 --- a/mmv1/products/compute/RegionDiskResourcePolicyAttachment.yaml +++ b/mmv1/products/compute/RegionDiskResourcePolicyAttachment.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,13 +15,54 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'RegionDiskResourcePolicyAttachment' +immutable: true +base_url: projects/{{project}}/regions/{{region}}/disks/{{disk}} +create_verb: :POST +create_url: projects/{{project}}/regions/{{region}}/disks/{{disk}}/addResourcePolicies +delete_verb: :POST +delete_url: projects/{{project}}/regions/{{region}}/disks/{{disk}}/removeResourcePolicies +self_link: projects/{{project}}/regions/{{region}}/disks/{{disk}} +nested_query: !ruby/object:Api::Resource::NestedQuery + keys: + - resourcePolicies + is_list_of_ids: true +identity: + - name +======= --- name: 'RegionDiskResourcePolicyAttachment' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Adds existing resource policies to a disk. You can only add one policy which will be applied to this disk for scheduling snapshot creation. ~> **Note:** This resource does not support zonal disks (`google_compute_disk`). For zonal disks, please refer to [`google_compute_disk_resource_policy_attachment`](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_disk_resource_policy_attachment) +<<<<<<< HEAD +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'region_disk_resource_policy_attachment_basic' +======= docs: id_format: '{{project}}/{{region}}/{{disk}}/{{name}}' base_url: 'projects/{{project}}/regions/{{region}}/disks/{{disk}}' @@ -57,12 +102,40 @@ custom_code: pre_delete: 'templates/terraform/pre_delete/compute_region_disk_resource_policies_attachment.go.tmpl' examples: - name: 'region_disk_resource_policy_attachment_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'attachment' vars: base_disk_name: 'my-base-disk' snapshot_name: 'my-snapshot' disk_name: 'my-disk' policy_name: 'my-resource-policy' +<<<<<<< HEAD +id_format: '{{project}}/{{region}}/{{disk}}/{{name}}' +custom_code: !ruby/object:Provider::Terraform::CustomCode + encoder: templates/terraform/encoders/compute_region_disk_resource_policies_attachment.go.erb + decoder: templates/terraform/decoders/compute_disk_resource_policies_attachment.go.erb + pre_delete: templates/terraform/pre_delete/compute_region_disk_resource_policies_attachment.go.erb +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'disk' + resource: 'Disk' + imports: 'name' + description: | + The name of the regional disk in which the resource policies are attached to. + required: true + url_param_only: true + - !ruby/object:Api::Type::ResourceRef + name: 'region' + resource: 'Region' + imports: 'name' + description: 'A reference to the region where the disk resides.' + required: false + url_param_only: true + default_from_api: true +properties: + - !ruby/object:Api::Type::String + name: 'name' +======= parameters: - name: 'disk' type: ResourceRef @@ -83,6 +156,7 @@ parameters: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The resource policy to be attached to the disk for scheduling snapshot creation. Do not specify the self link. diff --git a/mmv1/products/compute/RegionDiskType.yaml b/mmv1/products/compute/RegionDiskType.yaml index 7a656e46cac4..6f8d80ab2c01 100644 --- a/mmv1/products/compute/RegionDiskType.yaml +++ b/mmv1/products/compute/RegionDiskType.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,13 +15,50 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'RegionDiskType' +kind: 'compute#diskType' +base_url: projects/{{project}}/regions/{{region}}/diskTypes +collection_url_key: 'items' +======= --- name: 'RegionDiskType' kind: 'compute#diskType' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Represents a regional DiskType resource. A DiskType resource represents the type of disk to use, such as a pd-ssd, pd-balanced or pd-standard. To reference a disk type, use the disk type's full or partial URL. +<<<<<<< HEAD +readonly: true +has_self_link: true +exclude: true +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'region' + resource: 'Region' + imports: 'name' + description: 'A reference to the region where the disk type resides.' + required: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::Integer + name: 'defaultDiskSizeGb' + description: 'Server-defined default disk size in GB.' + output: true + - !ruby/object:Api::Type::NestedObject + name: 'deprecated' + description: 'The deprecation status associated with this disk type.' + output: true + properties: + - !ruby/object:Api::Type::Time + name: 'deleted' +======= exclude: true readonly: true docs: @@ -53,31 +94,52 @@ properties: properties: - name: 'deleted' type: Time +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional RFC3339 timestamp on or after which the deprecation state of this resource will be changed to DELETED. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Time + name: 'deprecated' +======= - name: 'deprecated' type: Time +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional RFC3339 timestamp on or after which the deprecation state of this resource will be changed to DEPRECATED. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Time + name: 'obsolete' +======= - name: 'obsolete' type: Time +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional RFC3339 timestamp on or after which the deprecation state of this resource will be changed to OBSOLETE. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'replacement' +======= - name: 'replacement' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The URL of the suggested replacement for a deprecated resource. The suggested replacement resource must be the same kind of resource as the deprecated resource. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'state' +======= - name: 'state' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The deprecation state of this resource. This can be DEPRECATED, OBSOLETE, or DELETED. Operations which create a new resource using a @@ -85,6 +147,26 @@ properties: indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error. +<<<<<<< HEAD + values: + - :DEPRECATED + - :OBSOLETE + - :DELETED + output: true + - !ruby/object:Api::Type::String + name: 'description' + description: 'An optional description of this resource.' + output: true + - !ruby/object:Api::Type::Integer + name: 'id' + description: 'The unique identifier for the resource.' + output: true + - !ruby/object:Api::Type::String + name: 'name' + description: 'Name of the resource.' + - !ruby/object:Api::Type::String + name: 'validDiskSize' +======= output: true enum_values: - 'DEPRECATED' @@ -103,6 +185,7 @@ properties: description: 'Name of the resource.' - name: 'validDiskSize' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional textual description of the valid disk size, such as "10GB-10TB". diff --git a/mmv1/products/compute/RegionHealthCheck.yaml b/mmv1/products/compute/RegionHealthCheck.yaml index 42419bc26890..caf35444b038 100644 --- a/mmv1/products/compute/RegionHealthCheck.yaml +++ b/mmv1/products/compute/RegionHealthCheck.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,9 +15,22 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'RegionHealthCheck' +kind: 'compute#healthCheck' +base_url: projects/{{project}}/regions/{{region}}/healthChecks +collection_url_key: 'items' +has_self_link: true +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/health-checks' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionHealthChecks' +======= --- name: 'RegionHealthCheck' kind: 'compute#healthCheck' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Health Checks determine whether instances are responsive and able to do work. They are an important part of a comprehensive load balancing configuration, @@ -26,6 +43,114 @@ description: | continue to poll unhealthy instances. If an instance later responds successfully to some number of consecutive probes, it is marked healthy again and can receive new connections. +<<<<<<< HEAD +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'region_health_check_tcp' + primary_resource_id: 'tcp-region-health-check' + vars: + health_check_name: 'tcp-region-health-check' + - !ruby/object:Provider::Terraform::Examples + name: 'region_health_check_tcp_full' + primary_resource_id: 'tcp-region-health-check' + vars: + health_check_name: 'tcp-region-health-check' + - !ruby/object:Provider::Terraform::Examples + name: 'region_health_check_ssl' + primary_resource_id: 'ssl-region-health-check' + vars: + health_check_name: 'ssl-region-health-check' + - !ruby/object:Provider::Terraform::Examples + name: 'region_health_check_ssl_full' + primary_resource_id: 'ssl-region-health-check' + vars: + health_check_name: 'ssl-region-health-check' + - !ruby/object:Provider::Terraform::Examples + name: 'region_health_check_http' + primary_resource_id: 'http-region-health-check' + vars: + health_check_name: 'http-region-health-check' + - !ruby/object:Provider::Terraform::Examples + name: 'region_health_check_http_logs' + primary_resource_id: 'http-region-health-check' + min_version: beta + vars: + health_check_name: 'http-region-health-check' + - !ruby/object:Provider::Terraform::Examples + name: 'region_health_check_http_full' + primary_resource_id: 'http-region-health-check' + vars: + health_check_name: 'http-region-health-check' + - !ruby/object:Provider::Terraform::Examples + name: 'region_health_check_https' + primary_resource_id: 'https-region-health-check' + vars: + health_check_name: 'https-region-health-check' + - !ruby/object:Provider::Terraform::Examples + name: 'region_health_check_https_full' + primary_resource_id: 'https-region-health-check' + vars: + health_check_name: 'https-region-health-check' + - !ruby/object:Provider::Terraform::Examples + name: 'region_health_check_http2' + primary_resource_id: 'http2-region-health-check' + vars: + health_check_name: 'http2-region-health-check' + - !ruby/object:Provider::Terraform::Examples + name: 'region_health_check_http2_full' + primary_resource_id: 'http2-region-health-check' + vars: + health_check_name: 'http2-region-health-check' + - !ruby/object:Provider::Terraform::Examples + name: 'region_health_check_grpc' + primary_resource_id: 'grpc-region-health-check' + vars: + health_check_name: 'grpc-region-health-check' + - !ruby/object:Provider::Terraform::Examples + name: 'region_health_check_grpc_full' + primary_resource_id: 'grpc-region-health-check' + vars: + health_check_name: 'grpc-region-health-check' +custom_code: !ruby/object:Provider::Terraform::CustomCode + encoder: templates/terraform/encoders/health_check_type.erb +custom_diff: [ + 'healthCheckCustomizeDiff', +] +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'region' + resource: 'Region' + imports: 'selfLink' + immutable: true + description: | + The Region in which the created health check should reside. + If it is not provided, the provider region is used. + default_from_api: true + required: false + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::Integer + name: 'checkIntervalSec' +======= references: guides: 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/health-checks' @@ -126,28 +251,50 @@ parameters: properties: - name: 'checkIntervalSec' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | How often (in seconds) to send a health check. The default value is 5 seconds. default_value: 5 +<<<<<<< HEAD + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::String + name: 'description' +======= - name: 'creationTimestamp' type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - name: 'description' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional description of this resource. Provide this property when you create the resource. send_empty_value: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'healthyThreshold' +======= - name: 'healthyThreshold' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2. default_value: 2 +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'name' + required: true + immutable: true +======= - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -156,21 +303,65 @@ properties: the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'unhealthyThreshold' +======= required: true immutable: true - name: 'unhealthyThreshold' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2. default_value: 2 +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'timeoutSec' +======= - name: 'timeoutSec' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec. default_value: 5 +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'type' + description: |- + The type of the health check. One of HTTP, HTTP2, HTTPS, TCP, or SSL. + values: + - :TCP + - :SSL + - :HTTP + - :HTTPS + - :HTTP2 + output: true + - !ruby/object:Api::Type::NestedObject + name: 'httpHealthCheck' + exactly_one_of: + - http_health_check + - https_health_check + - http2_health_check + - tcp_health_check + - ssl_health_check + - grpc_health_check + diff_suppress_func: 'portDiffSuppress' + properties: + - !ruby/object:Api::Type::String + name: 'host' + at_least_one_of: + - http_health_check.0.host + - http_health_check.0.request_path + - http_health_check.0.response + - http_health_check.0.port + - http_health_check.0.port_name + - http_health_check.0.proxy_header + - http_health_check.0.port_specification +======= - name: 'type' type: Enum description: |- @@ -195,10 +386,37 @@ properties: properties: - name: 'host' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The value of the host header in the HTTP health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'requestPath' + at_least_one_of: + - http_health_check.0.host + - http_health_check.0.request_path + - http_health_check.0.response + - http_health_check.0.port + - http_health_check.0.port_name + - http_health_check.0.proxy_header + - http_health_check.0.port_specification + description: | + The request path of the HTTP health check request. + The default value is /. + default_value: '/' + - !ruby/object:Api::Type::String + name: 'response' + at_least_one_of: + - http_health_check.0.host + - http_health_check.0.request_path + - http_health_check.0.response + - http_health_check.0.port + - http_health_check.0.port_name + - http_health_check.0.proxy_header + - http_health_check.0.port_specification +======= at_least_one_of: - 'http_health_check.0.host' - 'http_health_check.0.request_path' @@ -223,10 +441,66 @@ properties: default_value: "/" - name: 'response' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'port' + at_least_one_of: + - http_health_check.0.host + - http_health_check.0.request_path + - http_health_check.0.response + - http_health_check.0.port + - http_health_check.0.port_name + - http_health_check.0.proxy_header + - http_health_check.0.port_specification + description: | + The TCP port number for the HTTP health check request. + The default value is 80. + - !ruby/object:Api::Type::String + name: 'portName' + at_least_one_of: + - http_health_check.0.host + - http_health_check.0.request_path + - http_health_check.0.response + - http_health_check.0.port + - http_health_check.0.port_name + - http_health_check.0.proxy_header + - http_health_check.0.port_specification + description: | + Port name as defined in InstanceGroup#NamedPort#name. If both port and + port_name are defined, port takes precedence. + - !ruby/object:Api::Type::Enum + name: 'proxyHeader' + at_least_one_of: + - http_health_check.0.host + - http_health_check.0.request_path + - http_health_check.0.response + - http_health_check.0.port + - http_health_check.0.port_name + - http_health_check.0.proxy_header + - http_health_check.0.port_specification + description: | + Specifies the type of proxy header to append before sending data to the + backend. + values: + - :NONE + - :PROXY_V1 + default_value: :NONE + - !ruby/object:Api::Type::Enum + name: 'portSpecification' + at_least_one_of: + - http_health_check.0.host + - http_health_check.0.request_path + - http_health_check.0.response + - http_health_check.0.port + - http_health_check.0.port_name + - http_health_check.0.proxy_header + - http_health_check.0.port_specification +======= at_least_one_of: - 'http_health_check.0.host' - 'http_health_check.0.request_path' @@ -280,6 +554,7 @@ properties: - 'PROXY_V1' - name: 'portSpecification' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies how port is selected for health checking, can be one of the following values: @@ -295,6 +570,33 @@ properties: If not specified, HTTP health check follows behavior specified in `port` and `portName` fields. +<<<<<<< HEAD + values: + - :USE_FIXED_PORT + - :USE_NAMED_PORT + - :USE_SERVING_PORT + - !ruby/object:Api::Type::NestedObject + name: 'httpsHealthCheck' + exactly_one_of: + - http_health_check + - https_health_check + - http2_health_check + - tcp_health_check + - ssl_health_check + - grpc_health_check + diff_suppress_func: 'portDiffSuppress' + properties: + - !ruby/object:Api::Type::String + name: 'host' + at_least_one_of: + - https_health_check.0.host + - https_health_check.0.request_path + - https_health_check.0.response + - https_health_check.0.port + - https_health_check.0.port_name + - https_health_check.0.proxy_header + - https_health_check.0.port_specification +======= at_least_one_of: - 'http_health_check.0.host' - 'http_health_check.0.request_path' @@ -320,10 +622,37 @@ properties: properties: - name: 'host' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The value of the host header in the HTTPS health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'requestPath' + at_least_one_of: + - https_health_check.0.host + - https_health_check.0.request_path + - https_health_check.0.response + - https_health_check.0.port + - https_health_check.0.port_name + - https_health_check.0.proxy_header + - https_health_check.0.port_specification + description: | + The request path of the HTTPS health check request. + The default value is /. + default_value: '/' + - !ruby/object:Api::Type::String + name: 'response' + at_least_one_of: + - https_health_check.0.host + - https_health_check.0.request_path + - https_health_check.0.response + - https_health_check.0.port + - https_health_check.0.port_name + - https_health_check.0.proxy_header + - https_health_check.0.port_specification +======= at_least_one_of: - 'https_health_check.0.host' - 'https_health_check.0.request_path' @@ -348,10 +677,66 @@ properties: default_value: "/" - name: 'response' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'port' + at_least_one_of: + - https_health_check.0.host + - https_health_check.0.request_path + - https_health_check.0.response + - https_health_check.0.port + - https_health_check.0.port_name + - https_health_check.0.proxy_header + - https_health_check.0.port_specification + description: | + The TCP port number for the HTTPS health check request. + The default value is 443. + - !ruby/object:Api::Type::String + name: 'portName' + at_least_one_of: + - https_health_check.0.host + - https_health_check.0.request_path + - https_health_check.0.response + - https_health_check.0.port + - https_health_check.0.port_name + - https_health_check.0.proxy_header + - https_health_check.0.port_specification + description: | + Port name as defined in InstanceGroup#NamedPort#name. If both port and + port_name are defined, port takes precedence. + - !ruby/object:Api::Type::Enum + name: 'proxyHeader' + at_least_one_of: + - https_health_check.0.host + - https_health_check.0.request_path + - https_health_check.0.response + - https_health_check.0.port + - https_health_check.0.port_name + - https_health_check.0.proxy_header + - https_health_check.0.port_specification + description: | + Specifies the type of proxy header to append before sending data to the + backend. + values: + - :NONE + - :PROXY_V1 + default_value: :NONE + - !ruby/object:Api::Type::Enum + name: 'portSpecification' + at_least_one_of: + - https_health_check.0.host + - https_health_check.0.request_path + - https_health_check.0.response + - https_health_check.0.port + - https_health_check.0.port_name + - https_health_check.0.proxy_header + - https_health_check.0.port_specification +======= at_least_one_of: - 'https_health_check.0.host' - 'https_health_check.0.request_path' @@ -405,6 +790,7 @@ properties: - 'PROXY_V1' - name: 'portSpecification' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies how port is selected for health checking, can be one of the following values: @@ -420,6 +806,32 @@ properties: If not specified, HTTPS health check follows behavior specified in `port` and `portName` fields. +<<<<<<< HEAD + values: + - :USE_FIXED_PORT + - :USE_NAMED_PORT + - :USE_SERVING_PORT + - !ruby/object:Api::Type::NestedObject + name: 'tcpHealthCheck' + exactly_one_of: + - http_health_check + - https_health_check + - http2_health_check + - tcp_health_check + - ssl_health_check + - grpc_health_check + diff_suppress_func: 'portDiffSuppress' + properties: + - !ruby/object:Api::Type::String + name: 'request' + at_least_one_of: + - tcp_health_check.0.request + - tcp_health_check.0.response + - tcp_health_check.0.port + - tcp_health_check.0.port_name + - tcp_health_check.0.proxy_header + - tcp_health_check.0.port_specification +======= at_least_one_of: - 'https_health_check.0.host' - 'https_health_check.0.request_path' @@ -445,11 +857,23 @@ properties: properties: - name: 'request' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'response' + at_least_one_of: + - tcp_health_check.0.request + - tcp_health_check.0.response + - tcp_health_check.0.port + - tcp_health_check.0.port_name + - tcp_health_check.0.proxy_header + - tcp_health_check.0.port_specification +======= at_least_one_of: - 'tcp_health_check.0.request' - 'tcp_health_check.0.response' @@ -459,10 +883,62 @@ properties: - 'tcp_health_check.0.port_specification' - name: 'response' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'port' + at_least_one_of: + - tcp_health_check.0.request + - tcp_health_check.0.response + - tcp_health_check.0.port + - tcp_health_check.0.port_name + - tcp_health_check.0.proxy_header + - tcp_health_check.0.port_specification + description: | + The TCP port number for the TCP health check request. + The default value is 80. + - !ruby/object:Api::Type::String + name: 'portName' + at_least_one_of: + - tcp_health_check.0.request + - tcp_health_check.0.response + - tcp_health_check.0.port + - tcp_health_check.0.port_name + - tcp_health_check.0.proxy_header + - tcp_health_check.0.port_specification + description: | + Port name as defined in InstanceGroup#NamedPort#name. If both port and + port_name are defined, port takes precedence. + - !ruby/object:Api::Type::Enum + name: 'proxyHeader' + at_least_one_of: + - tcp_health_check.0.request + - tcp_health_check.0.response + - tcp_health_check.0.port + - tcp_health_check.0.port_name + - tcp_health_check.0.proxy_header + - tcp_health_check.0.port_specification + description: | + Specifies the type of proxy header to append before sending data to the + backend. + values: + - :NONE + - :PROXY_V1 + default_value: :NONE + - !ruby/object:Api::Type::Enum + name: 'portSpecification' + at_least_one_of: + - tcp_health_check.0.request + - tcp_health_check.0.response + - tcp_health_check.0.port + - tcp_health_check.0.port_name + - tcp_health_check.0.proxy_header + - tcp_health_check.0.port_specification +======= at_least_one_of: - 'tcp_health_check.0.request' - 'tcp_health_check.0.response' @@ -512,6 +988,7 @@ properties: - 'PROXY_V1' - name: 'portSpecification' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies how port is selected for health checking, can be one of the following values: @@ -527,6 +1004,32 @@ properties: If not specified, TCP health check follows behavior specified in `port` and `portName` fields. +<<<<<<< HEAD + values: + - :USE_FIXED_PORT + - :USE_NAMED_PORT + - :USE_SERVING_PORT + - !ruby/object:Api::Type::NestedObject + name: 'sslHealthCheck' + exactly_one_of: + - http_health_check + - https_health_check + - http2_health_check + - tcp_health_check + - ssl_health_check + - grpc_health_check + diff_suppress_func: 'portDiffSuppress' + properties: + - !ruby/object:Api::Type::String + name: 'request' + at_least_one_of: + - ssl_health_check.0.request + - ssl_health_check.0.response + - ssl_health_check.0.port + - ssl_health_check.0.port_name + - ssl_health_check.0.proxy_header + - ssl_health_check.0.port_specification +======= at_least_one_of: - 'tcp_health_check.0.request' - 'tcp_health_check.0.response' @@ -551,11 +1054,23 @@ properties: properties: - name: 'request' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'response' + at_least_one_of: + - ssl_health_check.0.request + - ssl_health_check.0.response + - ssl_health_check.0.port + - ssl_health_check.0.port_name + - ssl_health_check.0.proxy_header + - ssl_health_check.0.port_specification +======= at_least_one_of: - 'ssl_health_check.0.request' - 'ssl_health_check.0.response' @@ -565,10 +1080,62 @@ properties: - 'ssl_health_check.0.port_specification' - name: 'response' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'port' + at_least_one_of: + - ssl_health_check.0.request + - ssl_health_check.0.response + - ssl_health_check.0.port + - ssl_health_check.0.port_name + - ssl_health_check.0.proxy_header + - ssl_health_check.0.port_specification + description: | + The TCP port number for the SSL health check request. + The default value is 443. + - !ruby/object:Api::Type::String + name: 'portName' + at_least_one_of: + - ssl_health_check.0.request + - ssl_health_check.0.response + - ssl_health_check.0.port + - ssl_health_check.0.port_name + - ssl_health_check.0.proxy_header + - ssl_health_check.0.port_specification + description: | + Port name as defined in InstanceGroup#NamedPort#name. If both port and + port_name are defined, port takes precedence. + - !ruby/object:Api::Type::Enum + name: 'proxyHeader' + at_least_one_of: + - ssl_health_check.0.request + - ssl_health_check.0.response + - ssl_health_check.0.port + - ssl_health_check.0.port_name + - ssl_health_check.0.proxy_header + - ssl_health_check.0.port_specification + description: | + Specifies the type of proxy header to append before sending data to the + backend. + values: + - :NONE + - :PROXY_V1 + default_value: :NONE + - !ruby/object:Api::Type::Enum + name: 'portSpecification' + at_least_one_of: + - ssl_health_check.0.request + - ssl_health_check.0.response + - ssl_health_check.0.port + - ssl_health_check.0.port_name + - ssl_health_check.0.proxy_header + - ssl_health_check.0.port_specification +======= at_least_one_of: - 'ssl_health_check.0.request' - 'ssl_health_check.0.response' @@ -618,6 +1185,7 @@ properties: - 'PROXY_V1' - name: 'portSpecification' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies how port is selected for health checking, can be one of the following values: @@ -633,6 +1201,33 @@ properties: If not specified, SSL health check follows behavior specified in `port` and `portName` fields. +<<<<<<< HEAD + values: + - :USE_FIXED_PORT + - :USE_NAMED_PORT + - :USE_SERVING_PORT + - !ruby/object:Api::Type::NestedObject + name: 'http2HealthCheck' + exactly_one_of: + - http_health_check + - https_health_check + - http2_health_check + - tcp_health_check + - ssl_health_check + - grpc_health_check + diff_suppress_func: 'portDiffSuppress' + properties: + - !ruby/object:Api::Type::String + name: 'host' + at_least_one_of: + - http2_health_check.0.host + - http2_health_check.0.request_path + - http2_health_check.0.response + - http2_health_check.0.port + - http2_health_check.0.port_name + - http2_health_check.0.proxy_header + - http2_health_check.0.port_specification +======= at_least_one_of: - 'ssl_health_check.0.request' - 'ssl_health_check.0.response' @@ -657,10 +1252,37 @@ properties: properties: - name: 'host' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The value of the host header in the HTTP2 health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'requestPath' + at_least_one_of: + - http2_health_check.0.host + - http2_health_check.0.request_path + - http2_health_check.0.response + - http2_health_check.0.port + - http2_health_check.0.port_name + - http2_health_check.0.proxy_header + - http2_health_check.0.port_specification + description: | + The request path of the HTTP2 health check request. + The default value is /. + default_value: '/' + - !ruby/object:Api::Type::String + name: 'response' + at_least_one_of: + - http2_health_check.0.host + - http2_health_check.0.request_path + - http2_health_check.0.response + - http2_health_check.0.port + - http2_health_check.0.port_name + - http2_health_check.0.proxy_header + - http2_health_check.0.port_specification +======= at_least_one_of: - 'http2_health_check.0.host' - 'http2_health_check.0.request_path' @@ -685,10 +1307,66 @@ properties: default_value: "/" - name: 'response' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'port' + at_least_one_of: + - http2_health_check.0.host + - http2_health_check.0.request_path + - http2_health_check.0.response + - http2_health_check.0.port + - http2_health_check.0.port_name + - http2_health_check.0.proxy_header + - http2_health_check.0.port_specification + description: | + The TCP port number for the HTTP2 health check request. + The default value is 443. + - !ruby/object:Api::Type::String + name: 'portName' + at_least_one_of: + - http2_health_check.0.host + - http2_health_check.0.request_path + - http2_health_check.0.response + - http2_health_check.0.port + - http2_health_check.0.port_name + - http2_health_check.0.proxy_header + - http2_health_check.0.port_specification + description: | + Port name as defined in InstanceGroup#NamedPort#name. If both port and + port_name are defined, port takes precedence. + - !ruby/object:Api::Type::Enum + name: 'proxyHeader' + at_least_one_of: + - http2_health_check.0.host + - http2_health_check.0.request_path + - http2_health_check.0.response + - http2_health_check.0.port + - http2_health_check.0.port_name + - http2_health_check.0.proxy_header + - http2_health_check.0.port_specification + description: | + Specifies the type of proxy header to append before sending data to the + backend. + values: + - :NONE + - :PROXY_V1 + default_value: :NONE + - !ruby/object:Api::Type::Enum + name: 'portSpecification' + at_least_one_of: + - http2_health_check.0.host + - http2_health_check.0.request_path + - http2_health_check.0.response + - http2_health_check.0.port + - http2_health_check.0.port_name + - http2_health_check.0.proxy_header + - http2_health_check.0.port_specification +======= at_least_one_of: - 'http2_health_check.0.host' - 'http2_health_check.0.request_path' @@ -742,6 +1420,7 @@ properties: - 'PROXY_V1' - name: 'portSpecification' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies how port is selected for health checking, can be one of the following values: @@ -757,6 +1436,30 @@ properties: If not specified, HTTP2 health check follows behavior specified in `port` and `portName` fields. +<<<<<<< HEAD + values: + - :USE_FIXED_PORT + - :USE_NAMED_PORT + - :USE_SERVING_PORT + - !ruby/object:Api::Type::NestedObject + name: 'grpcHealthCheck' + exactly_one_of: + - http_health_check + - https_health_check + - http2_health_check + - tcp_health_check + - ssl_health_check + - grpc_health_check + diff_suppress_func: 'portDiffSuppress' + properties: + - !ruby/object:Api::Type::Integer + name: 'port' + at_least_one_of: + - grpc_health_check.0.port + - grpc_health_check.0.port_name + - grpc_health_check.0.port_specification + - grpc_health_check.0.grpc_service_name +======= at_least_one_of: - 'http2_health_check.0.host' - 'http2_health_check.0.request_path' @@ -782,10 +1485,30 @@ properties: properties: - name: 'port' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The port number for the health check request. Must be specified if portName and portSpecification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'portName' + at_least_one_of: + - grpc_health_check.0.port + - grpc_health_check.0.port_name + - grpc_health_check.0.port_specification + - grpc_health_check.0.grpc_service_name + description: | + Port name as defined in InstanceGroup#NamedPort#name. If both port and + port_name are defined, port takes precedence. + - !ruby/object:Api::Type::Enum + name: 'portSpecification' + at_least_one_of: + - grpc_health_check.0.port + - grpc_health_check.0.port_name + - grpc_health_check.0.port_specification + - grpc_health_check.0.grpc_service_name +======= at_least_one_of: - 'grpc_health_check.0.port' - 'grpc_health_check.0.port_name' @@ -803,6 +1526,7 @@ properties: - 'grpc_health_check.0.grpc_service_name' - name: 'portSpecification' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies how port is selected for health checking, can be one of the following values: @@ -818,6 +1542,19 @@ properties: If not specified, gRPC health check follows behavior specified in `port` and `portName` fields. +<<<<<<< HEAD + values: + - :USE_FIXED_PORT + - :USE_NAMED_PORT + - :USE_SERVING_PORT + - !ruby/object:Api::Type::String + name: 'grpcServiceName' + at_least_one_of: + - grpc_health_check.0.port + - grpc_health_check.0.port_name + - grpc_health_check.0.port_specification + - grpc_health_check.0.grpc_service_name +======= at_least_one_of: - 'grpc_health_check.0.port' - 'grpc_health_check.0.port_name' @@ -829,6 +1566,7 @@ properties: - 'USE_SERVING_PORT' - name: 'grpcServiceName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The gRPC service name for the health check. The value of grpcServiceName has the following meanings by convention: @@ -837,6 +1575,17 @@ properties: * Non-empty serviceName means the health of that gRPC service, as defined by the owner of the service. The grpcServiceName can only be ASCII. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'logConfig' + description: | + Configure logging on this health check. + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/health_check_log_config.go.erb' + properties: + - !ruby/object:Api::Type::Boolean + name: 'enable' +======= at_least_one_of: - 'grpc_health_check.0.port' - 'grpc_health_check.0.port_name' @@ -851,6 +1600,7 @@ properties: properties: - name: 'enable' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates whether or not to export logs. This is false by default, which means no health check logging will be done. diff --git a/mmv1/products/compute/RegionInstanceGroupManager.yaml b/mmv1/products/compute/RegionInstanceGroupManager.yaml index c80b73a6c148..166b7f922b05 100644 --- a/mmv1/products/compute/RegionInstanceGroupManager.yaml +++ b/mmv1/products/compute/RegionInstanceGroupManager.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,9 +15,18 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'RegionInstanceGroupManager' +kind: 'compute#instanceGroupManager' +base_url: projects/{{project}}/regions/{{region}}/instanceGroupManagers +collection_url_key: 'items' +has_self_link: true +======= --- name: 'RegionInstanceGroupManager' kind: 'compute#instanceGroupManager' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Creates a managed instance group using the information that you specify in the request. After the group is created, it schedules an action to create @@ -23,6 +36,38 @@ description: | verify the status of the individual instances. A managed instance group can have up to 1000 VM instances per group. +<<<<<<< HEAD +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +exclude: true +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'region' + resource: 'Region' + imports: 'name' + description: 'The region the managed instance group resides.' + required: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::String + name: 'baseInstanceName' +======= exclude: true docs: base_url: 'projects/{{project}}/regions/{{region}}/instanceGroupManagers' @@ -58,18 +103,34 @@ parameters: properties: - name: 'baseInstanceName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The base instance name to use for instances in this group. The value must be 1-58 characters long. Instances are named by appending a hyphen and a random four-character string to the base instance name. The base instance name must comply with RFC1035. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' +======= - name: 'creationTimestamp' type: Time +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The creation timestamp for this managed instance group in RFC3339 text format. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'currentActions' + description: | + The list of instance actions and the number of instances in this + managed instance group that are scheduled for each of those actions. + properties: + - !ruby/object:Api::Type::Integer + name: 'abandoning' +======= - name: 'currentActions' type: NestedObject description: | @@ -79,13 +140,19 @@ properties: properties: - name: 'abandoning' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'creating' +======= - name: 'creating' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the @@ -96,28 +163,48 @@ properties: populated; instead, the creatingWithoutRetries field will be populated. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'creatingWithoutRetries' +======= - name: 'creatingWithoutRetries' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'deleting' +======= - name: 'deleting' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'none' +======= - name: 'none' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The number of instances in the managed instance group that are running and have no scheduled actions. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'recreating' +======= - name: 'recreating' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The number of instances in the managed instance group that are scheduled to be recreated or are currently being being recreated. @@ -125,27 +212,60 @@ properties: and creates a new disk from the image that is defined in the instance template. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'refreshing' +======= - name: 'refreshing' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The number of instances in the managed instance group that are being reconfigured with properties that do not require a restart or a recreate action. For example, setting or removing target pools for the instance. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'restarting' +======= - name: 'restarting' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The number of instances in the managed instance group that are scheduled to be restarted or are currently being restarted. output: true +<<<<<<< HEAD + output: true + - !ruby/object:Api::Type::String + name: 'description' +======= - name: 'description' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional description of this resource. Provide this property when you create the resource. immutable: true # fingerprint ignored as it is an internal locking detail +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'id' + description: 'A unique identifier for this resource' + output: true + - !ruby/object:Api::Type::ResourceRef + name: 'instanceGroup' + resource: 'InstanceGroup' + imports: 'selfLink' + description: 'The instance group being managed' + output: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::ResourceRef + name: 'instanceTemplate' + resource: 'InstanceTemplate' + imports: 'selfLink' +======= - name: 'id' type: Integer description: 'A unique identifier for this resource' @@ -159,22 +279,49 @@ properties: imports: 'selfLink' - name: 'instanceTemplate' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group. required: true # kind is internal transport detail +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::String + name: 'name' +======= custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'InstanceTemplate' imports: 'selfLink' - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035. required: true # TODO(nelsonjr): Make namedPorts a NameValue(name[string], port[integer]) +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'namedPorts' + description: + Named ports configured for the Instance Groups complementary to this + Instance Group Manager. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + description: | + The name for this named port. The name must be 1-63 characters + long, and comply with RFC1035. + - !ruby/object:Api::Type::Integer + name: 'port' + description: + The port number, which can be a value between 1 and 65535. + - !ruby/object:Api::Type::Array + name: 'targetPools' +======= - name: 'namedPorts' type: Array description: @@ -194,10 +341,21 @@ properties: The port number, which can be a value between 1 and 65535. - name: 'targetPools' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | TargetPool resources to which instances in the instanceGroup field are added. The target pools automatically apply to all of the instances in the managed instance group. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::ResourceRef + name: 'targetPool' + description: 'The targetPool to receive managed instances.' + resource: 'TargetPool' + imports: 'selfLink' + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Integer + name: 'targetSize' +======= custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.tmpl' item_type: name: 'targetPool' @@ -207,10 +365,25 @@ properties: imports: 'selfLink' - name: 'targetSize' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The target number of running instances for this managed instance group. Deleting or abandoning instances reduces this number. Resizing the group changes this number. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'autoHealingPolicies' + description: | + The autohealing policy for this managed instance group + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'healthCheck' + description: | + The URL for the health check that signals autohealing. + - !ruby/object:Api::Type::Integer + name: 'initialDelaySec' +======= - name: 'autoHealingPolicies' type: Array description: | @@ -224,6 +397,7 @@ properties: The URL for the health check that signals autohealing. - name: 'initialDelaySec' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The number of seconds that the managed instance group waits before it applies autohealing policies to new instances or recently recreated instances diff --git a/mmv1/products/compute/RegionNetworkEndpoint.yaml b/mmv1/products/compute/RegionNetworkEndpoint.yaml index 7e9a7d468c8a..ffadf1f45037 100644 --- a/mmv1/products/compute/RegionNetworkEndpoint.yaml +++ b/mmv1/products/compute/RegionNetworkEndpoint.yaml @@ -11,19 +11,70 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'RegionNetworkEndpoint' +kind: 'compute#networkEndpoint' +base_url: 'projects/{{project}}/regions/{{region}}/networkEndpointGroups/{{region_network_endpoint_group}}' +======= --- name: 'RegionNetworkEndpoint' kind: 'compute#networkEndpoint' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A Region network endpoint represents a IP address/FQDN and port combination that is part of a specific network endpoint group (NEG). ~> **NOTE**: Network endpoints cannot be created outside of a network endpoint group. +<<<<<<< HEAD +immutable: true +create_verb: :POST +create_url: projects/{{project}}/regions/{{region}}/networkEndpointGroups/{{region_network_endpoint_group}}/attachNetworkEndpoints +delete_verb: :POST +delete_url: projects/{{project}}/regions/{{region}}/networkEndpointGroups/{{region_network_endpoint_group}}/detachNetworkEndpoints +read_verb: :POST +self_link: projects/{{project}}/regions/{{region}}/networkEndpointGroups/{{region_network_endpoint_group}}/listNetworkEndpoints +identity: + - ipAddress + - fqdn + - port +nested_query: !ruby/object:Api::Resource::NestedQuery + keys: + - items +references: !ruby/object:Api::Resource::ReferenceLinks +======= references: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 guides: 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/' 'Internet NEGs Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/internet-neg-concepts' api: 'https://cloud.google.com/compute/docs/reference/rest/beta/regionNetworkEndpointGroups' +<<<<<<< HEAD +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +id_format: '{{project}}/{{region}}/{{region_network_endpoint_group}}/{{ip_address}}/{{fqdn}}/{{port}}' +mutex: networkEndpoint/{{project}}/{{region}}/{{region_network_endpoint_group}} +exclude_tgc: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'region_network_endpoint_internet_ip_port' +======= docs: id_format: '{{project}}/{{region}}/{{region_network_endpoint_group}}/{{ip_address}}/{{fqdn}}/{{port}}' base_url: 'projects/{{project}}/regions/{{region}}/networkEndpointGroups/{{region_network_endpoint_group}}' @@ -69,22 +120,78 @@ custom_code: exclude_tgc: true examples: - name: 'region_network_endpoint_internet_ip_port' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'region-internet-ip-port-endpoint' vars: neg_name: 'ip-port-neg' network_name: 'network' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'region_network_endpoint_internet_fqdn_port' +======= - name: 'region_network_endpoint_internet_fqdn_port' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'region-internet-fqdn-port-endpoint' vars: neg_name: 'fqdn-port-neg' network_name: 'network' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'region_network_endpoint_portmap' + primary_resource_id: 'region_network_endpoint_portmap' + # Fine-grained resource need different autogenerated tests, as + # we need to check destroy during a test step where the parent resource + # still exists, rather than during CheckDestroy (when read returns + # nothing because the parent resource has then also been destroyed) + skip_test: true +======= - name: 'region_network_endpoint_portmap' primary_resource_id: 'region_network_endpoint_portmap' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: network_name: 'network' subnetwork_name: 'subnetwork' instance_name: 'instance' neg_name: 'portmap-neg' +<<<<<<< HEAD +custom_code: !ruby/object:Provider::Terraform::CustomCode + pre_delete: templates/terraform/pre_delete/compute_region_network_endpoint.go.erb + custom_import: templates/terraform/custom_import/compute_region_network_endpoint.go.erb + decoder: templates/terraform/decoders/network_endpoint.go.erb + encoder: templates/terraform/encoders/compute_region_network_endpoint.go.erb +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'region' + resource: 'Region' + imports: 'name' + description: | + Region where the containing network endpoint group is located. + required: false + url_param_only: true + default_from_api: true + ignore_read: true + - !ruby/object:Api::Type::ResourceRef + name: 'regionNetworkEndpointGroup' + resource: 'RegionNetworkEndpointGroup' + imports: 'name' + description: | + The network endpoint group this endpoint is part of. + required: true + url_param_only: true + ignore_read: true + diff_suppress_func: tpgresource.CompareResourceNames +properties: + - !ruby/object:Api::Type::Integer + name: 'port' + description: | + Port number of network endpoint. + required: true + custom_flatten: templates/terraform/custom_flatten/float64_to_int.go.erb + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.IntAtLeast(1)' + - !ruby/object:Api::Type::String + name: 'ipAddress' +======= # Fine-grained resource need different autogenerated tests, as # we need to check destroy during a test step where the parent resource # still exists, rather than during CheckDestroy (when read returns @@ -122,16 +229,39 @@ properties: function: 'validation.IntAtLeast(1)' - name: 'ipAddress' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | IPv4 address external endpoint. This can only be specified when network_endpoint_type of the NEG is INTERNET_IP_PORT. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'fqdn' + at_least_one_of: + - fqdn + - ip_address +======= - name: 'fqdn' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Fully qualified domain name of network endpoint. This can only be specified when network_endpoint_type of the NEG is INTERNET_FQDN_PORT. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'clientDestinationPort' + custom_flatten: templates/terraform/custom_flatten/float64_to_int.go.erb + description: | + Client destination port for the `GCE_VM_IP_PORTMAP` NEG. + - !ruby/object:Api::Type::ResourceRef + name: 'instance' + resource: 'Instance' + imports: 'name' + description: | + The name for a specific VM instance that the IP address belongs to. + This is required for network endpoints of type GCE_VM_IP_PORTMAP. +======= at_least_one_of: - 'fqdn' - 'ip_address' @@ -147,3 +277,4 @@ properties: This is required for network endpoints of type GCE_VM_IP_PORTMAP. resource: 'Instance' imports: 'name' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/RegionNetworkEndpointGroup.yaml b/mmv1/products/compute/RegionNetworkEndpointGroup.yaml index 6db8fcc59b58..db3e6fac8d2e 100644 --- a/mmv1/products/compute/RegionNetworkEndpointGroup.yaml +++ b/mmv1/products/compute/RegionNetworkEndpointGroup.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,9 +15,24 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'RegionNetworkEndpointGroup' +kind: 'compute#networkEndpointGroup' +base_url: 'projects/{{project}}/regions/{{region}}/networkEndpointGroups' +immutable: true +has_self_link: true +collection_url_key: 'items' +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Serverless NEGs Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/serverless-neg-concepts' + 'Internet NEGs Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/internet-neg-concepts' + api: 'https://cloud.google.com/compute/docs/reference/rest/beta/regionNetworkEndpointGroups' +======= --- name: 'RegionNetworkEndpointGroup' kind: 'compute#networkEndpointGroup' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A regional NEG that can support Serverless Products, proxying traffic to external backends and providing traffic to the PSC port mapping endpoints. @@ -21,6 +40,29 @@ description: | Recreating a region network endpoint group that's in use by another resource will give a `resourceInUseByAnotherResource` error. Use `lifecycle.create_before_destroy` to avoid this type of error. +<<<<<<< HEAD +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'region_network_endpoint_group_functions' +======= references: guides: 'Serverless NEGs Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/serverless-neg-concepts' @@ -52,6 +94,7 @@ collection_url_key: 'items' custom_code: examples: - name: 'region_network_endpoint_group_functions' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'function_neg' vars: neg_name: 'function-neg' @@ -59,6 +102,31 @@ examples: bucket_name: 'cloudfunctions-function-example-bucket' zip_path: 'path/to/index.zip' test_vars_overrides: +<<<<<<< HEAD + zip_path: 'acctest.CreateZIPArchiveForCloudFunctionSource(t, "./test-fixtures/http_trigger.js")' + - !ruby/object:Provider::Terraform::Examples + name: 'region_network_endpoint_group_cloudrun' + primary_resource_id: 'cloudrun_neg' + vars: + neg_name: 'cloudrun-neg' + - !ruby/object:Provider::Terraform::Examples + name: 'region_network_endpoint_group_appengine' + primary_resource_id: 'appengine_neg' + vars: + neg_name: 'appengine-neg' + - !ruby/object:Provider::Terraform::Examples + name: 'region_network_endpoint_group_appengine_empty' + primary_resource_id: 'appengine_neg' + vars: + neg_name: 'appengine-neg' + - !ruby/object:Provider::Terraform::Examples + name: 'region_network_endpoint_group_psc' + primary_resource_id: 'psc_neg' + vars: + neg_name: 'psc-neg' + - !ruby/object:Provider::Terraform::Examples + name: 'region_network_endpoint_group_psc_service_attachment' +======= 'zip_path': 'acctest.CreateZIPArchiveForCloudFunctionSource(t, "./test-fixtures/http_trigger.js")' - name: 'region_network_endpoint_group_cloudrun' primary_resource_id: 'cloudrun_neg' @@ -77,6 +145,7 @@ examples: vars: neg_name: 'psc-neg' - name: 'region_network_endpoint_group_psc_service_attachment' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'psc_neg_service_attachment' vars: neg_name: 'psc-neg' @@ -87,23 +156,51 @@ examples: forwarding_rule_name: 'psc-forwarding-rule' service_attachment_name: 'psc-service-attachment' health_check_name: 'psc-healthcheck' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'region_network_endpoint_group_internet_ip_port' +======= - name: 'region_network_endpoint_group_internet_ip_port' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'region_network_endpoint_group_internet_ip_port' vars: neg_name: 'ip-port-neg' network_name: 'network' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'region_network_endpoint_group_internet_fqdn_port' +======= - name: 'region_network_endpoint_group_internet_fqdn_port' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'region_network_endpoint_group_internet_fqdn_port' vars: neg_name: 'ip-port-neg' network_name: 'network' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'region_network_endpoint_group_portmap' +======= - name: 'region_network_endpoint_group_portmap' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'region_network_endpoint_group_portmap' vars: network_name: 'network' subnetwork_name: 'subnetwork' neg_name: 'portmap-neg' parameters: +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: 'region' + resource: 'Region' + imports: 'name' + description: | + A reference to the region where the regional NEGs reside. + required: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::String + name: 'name' +======= - name: 'region' type: ResourceRef description: | @@ -115,6 +212,7 @@ parameters: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -124,6 +222,28 @@ properties: characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + function: 'verify.ValidateGCEName' + - !ruby/object:Api::Type::String + name: 'description' + description: | + An optional description of this resource. Provide this property when + you create the resource. + - !ruby/object:Api::Type::Enum + name: 'networkEndpointType' + description: | + Type of network endpoints in this network endpoint group. Defaults to SERVERLESS. + values: + - :SERVERLESS + - :PRIVATE_SERVICE_CONNECT + - :INTERNET_IP_PORT + - :INTERNET_FQDN_PORT + - :GCE_VM_IP_PORTMAP + default_value: :SERVERLESS + - !ruby/object:Api::Type::String + name: 'pscTargetService' +======= validation: function: 'verify.ValidateGCEName' - name: 'description' @@ -144,36 +264,70 @@ properties: - 'GCE_VM_IP_PORTMAP' - name: 'pscTargetService' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This field is only used for PSC and INTERNET NEGs. The target service url used to set up private service connection to a Google API or a PSC Producer Service Attachment. +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: 'network' + resource: 'Network' + imports: 'selfLink' +======= - name: 'network' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This field is only used for PSC and INTERNET NEGs. The URL of the network to which all network endpoints in the NEG belong. Uses "default" project network if unspecified. +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::ResourceRef + name: 'subnetwork' + resource: 'Subnetwork' + imports: 'selfLink' +======= custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Network' imports: 'selfLink' - name: 'subnetwork' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This field is only used for PSC NEGs. Optional URL of the subnetwork to which all network endpoints in the NEG belong. +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::NestedObject + name: 'cloudRun' + conflicts: + - cloud_function + - app_engine + - serverless_deployment +======= custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Subnetwork' imports: 'selfLink' - name: 'cloudRun' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This field is only used for SERVERLESS NEGs. Only one of cloud_run, app_engine, cloud_function or serverless_deployment may be set. +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::String + name: 'service' + at_least_one_of: + - cloud_run.0.service + - cloud_run.0.url_mask +======= conflicts: - cloud_function - app_engine @@ -181,22 +335,36 @@ properties: properties: - name: 'service' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: "run-service". +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'tag' +======= at_least_one_of: - 'cloud_run.0.service' - 'cloud_run.0.url_mask' - name: 'tag' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: "revision-0010". +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'urlMask' + at_least_one_of: + - cloud_run.0.service + - cloud_run.0.url_mask +======= - name: 'urlMask' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having @@ -206,15 +374,31 @@ properties: an be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'appEngine' + conflicts: + - cloud_run + - cloud_function + - serverless_deployment + allow_empty_object: true + send_empty_value: true +======= at_least_one_of: - 'cloud_run.0.service' - 'cloud_run.0.url_mask' - name: 'appEngine' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This field is only used for SERVERLESS NEGs. Only one of cloud_run, app_engine, cloud_function or serverless_deployment may be set. +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::String + name: 'service' +======= send_empty_value: true allow_empty_object: true conflicts: @@ -224,18 +408,29 @@ properties: properties: - name: 'service' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Optional serving service. The service name must be 1-63 characters long, and comply with RFC1035. Example value: "default", "my-service". +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'version' +======= - name: 'version' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Optional serving version. The version must be 1-63 characters long, and comply with RFC1035. Example value: "v1", "v2". +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'urlMask' +======= - name: 'urlMask' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without @@ -245,12 +440,29 @@ properties: "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'cloudFunction' + conflicts: + - cloud_run + - app_engine + - serverless_deployment +======= - name: 'cloudFunction' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This field is only used for SERVERLESS NEGs. Only one of cloud_run, app_engine, cloud_function or serverless_deployment may be set. +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::String + name: 'function' + at_least_one_of: + - cloud_function.0.function + - cloud_function.0.url_mask +======= conflicts: - cloud_run - app_engine @@ -258,15 +470,24 @@ properties: properties: - name: 'function' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: "func1". +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'urlMask' + at_least_one_of: + - cloud_function.0.function + - cloud_function.0.url_mask +======= at_least_one_of: - 'cloud_function.0.function' - 'cloud_function.0.url_mask' - name: 'urlMask' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create @@ -275,15 +496,33 @@ properties: For example, request URLs "mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'serverlessDeployment' + min_version: beta + conflicts: + - cloud_run + - cloud_function + - app_engine + allow_empty_object: true + send_empty_value: true +======= at_least_one_of: - 'cloud_function.0.function' - 'cloud_function.0.url_mask' - name: 'serverlessDeployment' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This field is only used for SERVERLESS NEGs. Only one of cloudRun, appEngine, cloudFunction or serverlessDeployment may be set. +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::String + name: 'platform' + required: true +======= min_version: 'beta' send_empty_value: true allow_empty_object: true @@ -294,6 +533,7 @@ properties: properties: - name: 'platform' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Docs (https://cloud.google.com/compute/docs/reference/rest/beta/regionNetworkEndpointGroups) say support is offered for: # API Gateway: apigateway.googleapis.com, App Engine: appengine.googleapis.com, # Cloud Functions: cloudfunctions.googleapis.com, Cloud Run: run.googleapis.com @@ -301,13 +541,28 @@ properties: description: | The platform of the NEG backend target(s). Possible values: API Gateway: apigateway.googleapis.com +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'resource' +======= required: true - name: 'resource' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The user-defined name of the workload/instance. This value must be provided explicitly or in the urlMask. The resource identified by this value is platform-specific and is as follows: API Gateway: The gateway ID, App Engine: The service name, Cloud Functions: The function name, Cloud Run: The service name +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'version' + description: | + The optional resource version. The version identified by this value is platform-specific and is follows: + API Gateway: Unused, App Engine: The service version, Cloud Functions: Unused, Cloud Run: The service tag + - !ruby/object:Api::Type::String + name: 'urlMask' + required: false +======= - name: 'version' type: String description: | @@ -315,9 +570,13 @@ properties: API Gateway: Unused, App Engine: The service version, Cloud Functions: Unused, Cloud Run: The service tag - name: 'urlMask' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A template to parse platform-specific fields from a request URL. URL mask allows for routing to multiple resources on the same serverless platform without having to create multiple Network Endpoint Groups and backend resources. The fields parsed by this template are platform-specific and are as follows: API Gateway: The gateway ID, App Engine: The service and version, Cloud Functions: The function name, Cloud Run: The service and tag +<<<<<<< HEAD +======= required: false +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/RegionNetworkFirewallPolicy.yaml b/mmv1/products/compute/RegionNetworkFirewallPolicy.yaml index 13dfcebdcaeb..7f7599302e6a 100644 --- a/mmv1/products/compute/RegionNetworkFirewallPolicy.yaml +++ b/mmv1/products/compute/RegionNetworkFirewallPolicy.yaml @@ -1,5 +1,10 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +# Licensed under the Apache License, Version 2.0 (the License); +======= # Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # @@ -11,6 +16,37 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: RegionNetworkFirewallPolicy +base_url: projects/{{project}}/regions/{{region}}/firewallPolicies +create_url: projects/{{project}}/regions/{{region}}/firewallPolicies +self_link: projects/{{project}}/regions/{{region}}/firewallPolicies/{{name}} +update_verb: :PATCH +description: "The Compute NetworkFirewallPolicy resource" +legacy_long_form_project: true +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'region_network_firewall_policy_full' +======= --- name: 'RegionNetworkFirewallPolicy' description: "The Compute NetworkFirewallPolicy resource" @@ -41,10 +77,51 @@ custom_code: legacy_long_form_project: true examples: - name: 'region_network_firewall_policy_full' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'policy' vars: policy_name: 'tf-test-policy' parameters: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: region + description: The region of this resource. + url_param_only: true + default_from_api: true + immutable: true +properties: + - !ruby/object:Api::Type::String + name: creationTimestamp + description: Creation timestamp in RFC3339 text format. + output: true + - !ruby/object:Api::Type::String + name: name + description: User-provided name of the Network firewall policy. The name should be unique in the project in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + required: true + immutable: true + - !ruby/object:Api::Type::String + name: regionNetworkFirewallPolicyId + description: The unique identifier for the resource. This identifier is defined by the server. + output: true + api_name: id + - !ruby/object:Api::Type::String + name: description + description: An optional description of this resource. Provide this property when you create the resource. + - !ruby/object:Api::Type::Fingerprint + name: fingerprint + description: Fingerprint of the resource. This field is used internally during updates of this resource. + output: true + - !ruby/object:Api::Type::String + name: selfLink + description: Server-defined URL for the resource. + output: true + - !ruby/object:Api::Type::String + name: selfLinkWithId + description: Server-defined URL for this resource with the resource id. + output: true + - !ruby/object:Api::Type::Integer + name: ruleTupleCount +======= - name: 'region' type: String description: The region of this resource. @@ -83,5 +160,6 @@ properties: output: true - name: 'ruleTupleCount' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: Total count of all firewall policy rule tuples. A firewall policy can not exceed a set number of tuples. output: true diff --git a/mmv1/products/compute/RegionNetworkFirewallPolicyWithRules.yaml b/mmv1/products/compute/RegionNetworkFirewallPolicyWithRules.yaml index f9a8100f09e1..832a219a5ccc 100644 --- a/mmv1/products/compute/RegionNetworkFirewallPolicyWithRules.yaml +++ b/mmv1/products/compute/RegionNetworkFirewallPolicyWithRules.yaml @@ -1,5 +1,9 @@ # Copyright 2024 Google Inc. +<<<<<<< HEAD +# Licensed under the Apache License, Version 2.0 (the License); +======= # Licensed under the Apache License, Version 2.0 (the "License"); +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # @@ -11,6 +15,38 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: RegionNetworkFirewallPolicyWithRules +min_version: beta +base_url: projects/{{project}}/regions/{{region}}/firewallPolicies +create_url: projects/{{project}}/regions/{{region}}/firewallPolicies +self_link: projects/{{project}}/regions/{{region}}/firewallPolicies/{{name}} +update_verb: :PATCH +description: "The Compute NetworkFirewallPolicy with rules resource" +legacy_long_form_project: true +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'compute_region_network_firewall_policy_with_rules_full' +======= --- name: 'RegionNetworkFirewallPolicyWithRules' description: "The Compute NetworkFirewallPolicy with rules resource" @@ -47,6 +83,7 @@ custom_code: legacy_long_form_project: true examples: - name: 'compute_region_network_firewall_policy_with_rules_full' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'region-network-firewall-policy-with-rules' vars: policy_name: 'tf-region-fw-policy-with-rules' @@ -54,6 +91,29 @@ examples: tag_key_name: 'tf-tag-key' tag_value_name: 'tf-tag-value' test_env_vars: +<<<<<<< HEAD + org_id: :ORG_ID +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: templates/terraform/constants/resource_compute_region_network_firewall_policy_with_rules.go.erb + encoder: templates/terraform/encoders/resource_compute_region_network_firewall_policy_with_rules.go.erb + decoder: templates/terraform/decoders/resource_compute_region_network_firewall_policy_with_rules.go.erb + update_encoder: templates/terraform/update_encoder/resource_compute_region_network_firewall_policy_with_rules.go.erb + post_create: templates/terraform/post_create/resource_compute_region_network_firewall_policy_with_rules.go.erb +parameters: + - !ruby/object:Api::Type::String + name: region + description: The region of this resource. + url_param_only: true + default_from_api: true + immutable: true +properties: + - !ruby/object:Api::Type::String + name: creationTimestamp + description: Creation timestamp in RFC3339 text format. + output: true + - !ruby/object:Api::Type::String + name: name +======= org_id: 'ORG_ID' parameters: - name: 'region' @@ -71,6 +131,7 @@ properties: output: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | User-provided name of the Network firewall policy. The name should be unique in the project in which the firewall policy is created. @@ -78,6 +139,36 @@ properties: the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. +<<<<<<< HEAD + required: true + immutable: true + - !ruby/object:Api::Type::String + name: networkFirewallPolicyId + description: The unique identifier for the resource. This identifier is defined by the server. + output: true + api_name: id + - !ruby/object:Api::Type::String + name: description + description: An optional description of this resource. + - !ruby/object:Api::Type::Array + name: 'rule' + api_name: 'rules' + description: A list of firewall policy rules. + required: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'description' + description: | + A description of the rule. + - !ruby/object:Api::Type::String + name: 'ruleName' + description: | + An optional name for the rule. This field is not a unique identifier + and can be updated. + - !ruby/object:Api::Type::Integer + name: 'priority' +======= min_version: 'beta' required: true immutable: true @@ -113,10 +204,60 @@ properties: min_version: 'beta' - name: 'priority' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An integer indicating the priority of a rule in the list. The priority must be a value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority. +<<<<<<< HEAD + required: true + - !ruby/object:Api::Type::NestedObject + name: 'match' + description: + A match condition that incoming traffic is evaluated against. If it + evaluates to true, the corresponding 'action' is enforced. + required: true + properties: + - !ruby/object:Api::Type::Array + name: 'srcIpRanges' + description: | + Source IP address range in CIDR format. Required for + INGRESS rules. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'destIpRanges' + description: | + Destination IP address range in CIDR format. Required for + EGRESS rules. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'srcAddressGroups' + description: | + Address groups which should be matched against the traffic source. + Maximum number of source address groups is 10. + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'destAddressGroups' + description: | + Address groups which should be matched against the traffic destination. + Maximum number of destination address groups is 10. + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'srcFqdns' + description: | + Fully Qualified Domain Name (FQDN) which should be matched against + traffic source. Maximum number of source fqdn allowed is 100. + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'destFqdns' + description: | + Fully Qualified Domain Name (FQDN) which should be matched against + traffic destination. Maximum number of destination fqdn allowed is 100. + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'srcRegionCodes' +======= min_version: 'beta' required: true - name: 'match' @@ -177,21 +318,52 @@ properties: type: String - name: 'srcRegionCodes' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'destRegionCodes' +======= min_version: 'beta' item_type: type: String - name: 'destRegionCodes' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of destination region codes allowed is 5000. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'srcThreatIntelligences' + description: | + Names of Network Threat Intelligence lists. + The IPs in these lists will be matched against traffic source. + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'destThreatIntelligences' + description: | + Names of Network Threat Intelligence lists. + The IPs in these lists will be matched against traffic destination. + - !ruby/object:Api::Type::Array + name: 'layer4Config' + api_name: 'layer4Configs' + description: | + Pairs of IP protocols and ports that the rule should match. + required: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'ipProtocol' +======= min_version: 'beta' item_type: type: String @@ -223,16 +395,24 @@ properties: properties: - name: 'ipProtocol' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number. +<<<<<<< HEAD + required: true + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'ports' +======= min_version: 'beta' required: true - name: 'ports' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be @@ -240,17 +420,35 @@ properties: applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'srcSecureTag' + api_name: 'srcSecureTags' +======= min_version: 'beta' item_type: type: String - name: 'srcSecureTag' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | List of secure tag values, which should be matched at the source of the traffic. For INGRESS rule, if all the srcSecureTag are INEFFECTIVE, and there is no srcIpRange, this rule will be ignored. Maximum number of source tag values allowed is 256. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + description: | + Name of the secure tag, created with TagManager's TagValue API. + @pattern tagValues/[0-9]+ + - !ruby/object:Api::Type::Enum + name: 'state' + output: true +======= api_name: srcSecureTags min_version: 'beta' item_type: @@ -264,10 +462,19 @@ properties: min_version: 'beta' - name: 'state' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | [Output Only] State of the secure tag, either `EFFECTIVE` or `INEFFECTIVE`. A secure tag is `INEFFECTIVE` when it is deleted or its network is deleted. +<<<<<<< HEAD + values: + - :EFFECTIVE + - :INEFFECTIVE + - !ruby/object:Api::Type::Array + name: 'targetSecureTag' + api_name: 'targetSecureTags' +======= min_version: 'beta' output: true enum_values: @@ -275,6 +482,7 @@ properties: - 'INEFFECTIVE' - name: 'targetSecureTag' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of secure tags that controls which instances the firewall rule applies to. If targetSecureTag are specified, then the @@ -287,6 +495,18 @@ properties: targetSecureTag are specified, the firewall rule applies to all instances on the specified network. Maximum number of target label tags allowed is 256. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + description: | + Name of the secure tag, created with TagManager's TagValue API. + @pattern tagValues/[0-9]+ + - !ruby/object:Api::Type::Enum + name: 'state' + output: true +======= api_name: targetSecureTags min_version: 'beta' item_type: @@ -300,10 +520,31 @@ properties: min_version: 'beta' - name: 'state' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | [Output Only] State of the secure tag, either `EFFECTIVE` or `INEFFECTIVE`. A secure tag is `INEFFECTIVE` when it is deleted or its network is deleted. +<<<<<<< HEAD + values: + - :EFFECTIVE + - :INEFFECTIVE + - !ruby/object:Api::Type::String + name: 'action' + description: | + The Action to perform when the client connection triggers the rule. Can currently be either + "allow", "deny", "apply_security_profile_group" or "goto_next". + required: true + - !ruby/object:Api::Type::Enum + name: 'direction' + description: | + The direction in which this rule applies. If unspecified an INGRESS rule is created. + values: + - :INGRESS + - :EGRESS + - !ruby/object:Api::Type::Boolean + name: 'enableLogging' +======= min_version: 'beta' output: true enum_values: @@ -326,10 +567,22 @@ properties: - 'EGRESS' - name: 'enableLogging' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. +<<<<<<< HEAD + send_empty_value: true + - !ruby/object:Api::Type::Array + name: 'targetServiceAccounts' + description: | + A list of service accounts indicating the sets of + instances that are applied with this rule. + item_type: Api::Type::String + - !ruby/object:Api::Type::String + name: 'securityProfileGroup' +======= min_version: 'beta' send_empty_value: true - name: 'targetServiceAccounts' @@ -342,11 +595,21 @@ properties: type: String - name: 'securityProfileGroup' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A fully-qualified URL of a SecurityProfile resource instance. Example: https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group Must be specified if action is 'apply_security_profile_group'. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'tlsInspect' + description: | + Boolean flag indicating if the traffic should be TLS decrypted. + It can be set only if action = 'apply_security_profile_group' and cannot be set for other actions. + - !ruby/object:Api::Type::Boolean + name: 'disabled' +======= min_version: 'beta' - name: 'tlsInspect' type: Boolean @@ -356,11 +619,34 @@ properties: min_version: 'beta' - name: 'disabled' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Denotes whether the firewall policy rule is disabled. When set to true, the firewall policy rule is not enforced and traffic behaves as if it did not exist. If this is unspecified, the firewall policy rule will be enabled. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'predefinedRules' + description: A list of firewall policy pre-defined rules. + output: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'description' + output: true + description: | + A description of the rule. + - !ruby/object:Api::Type::String + name: 'ruleName' + output: true + description: | + An optional name for the rule. This field is not a unique identifier + and can be updated. + - !ruby/object:Api::Type::Integer + name: 'priority' + output: true +======= min_version: 'beta' - name: 'predefinedRules' type: Array @@ -385,10 +671,66 @@ properties: output: true - name: 'priority' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An integer indicating the priority of a rule in the list. The priority must be a value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'match' + output: true + description: + A match condition that incoming traffic is evaluated against. If it + evaluates to true, the corresponding 'action' is enforced. + properties: + - !ruby/object:Api::Type::Array + name: 'srcIpRanges' + output: true + description: | + Source IP address range in CIDR format. Required for + INGRESS rules. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'destIpRanges' + output: true + description: | + Destination IP address range in CIDR format. Required for + EGRESS rules. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + output: true + name: 'srcAddressGroups' + description: | + Address groups which should be matched against the traffic source. + Maximum number of source address groups is 10. + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + output: true + name: 'destAddressGroups' + description: | + Address groups which should be matched against the traffic destination. + Maximum number of destination address groups is 10. + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'srcFqdns' + output: true + description: | + Fully Qualified Domain Name (FQDN) which should be matched against + traffic source. Maximum number of source fqdn allowed is 100. + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'destFqdns' + output: true + description: | + Fully Qualified Domain Name (FQDN) which should be matched against + traffic destination. Maximum number of destination fqdn allowed is 100. + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'srcRegionCodes' + output: true +======= min_version: 'beta' output: true - name: 'match' @@ -455,22 +797,57 @@ properties: type: String - name: 'srcRegionCodes' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'destRegionCodes' + output: true +======= min_version: 'beta' output: true item_type: type: String - name: 'destRegionCodes' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of destination region codes allowed is 5000. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'srcThreatIntelligences' + output: true + description: | + Names of Network Threat Intelligence lists. + The IPs in these lists will be matched against traffic source. + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'destThreatIntelligences' + output: true + description: | + Names of Network Threat Intelligence lists. + The IPs in these lists will be matched against traffic destination. + - !ruby/object:Api::Type::Array + name: 'layer4Config' + output: true + api_name: 'layer4Configs' + description: | + Pairs of IP protocols and ports that the rule should match. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'ipProtocol' + output: true +======= min_version: 'beta' output: true item_type: @@ -505,16 +882,24 @@ properties: properties: - name: 'ipProtocol' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + item_type: Api::Type::String + name: 'ports' + output: true +======= min_version: 'beta' output: true - name: 'ports' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be @@ -522,18 +907,38 @@ properties: applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'srcSecureTag' + api_name: 'srcSecureTags' + output: true +======= min_version: 'beta' output: true item_type: type: String - name: 'srcSecureTag' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | List of secure tag values, which should be matched at the source of the traffic. For INGRESS rule, if all the srcSecureTag are INEFFECTIVE, and there is no srcIpRange, this rule will be ignored. Maximum number of source tag values allowed is 256. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + Name of the secure tag, created with TagManager's TagValue API. + @pattern tagValues/[0-9]+ + - !ruby/object:Api::Type::Enum + name: 'state' + output: true +======= api_name: srcSecureTags min_version: 'beta' output: true @@ -549,10 +954,20 @@ properties: output: true - name: 'state' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | [Output Only] State of the secure tag, either `EFFECTIVE` or `INEFFECTIVE`. A secure tag is `INEFFECTIVE` when it is deleted or its network is deleted. +<<<<<<< HEAD + values: + - :EFFECTIVE + - :INEFFECTIVE + - !ruby/object:Api::Type::Array + name: 'targetSecureTag' + api_name: 'targetSecureTags' + output: true +======= min_version: 'beta' output: true enum_values: @@ -560,6 +975,7 @@ properties: - 'INEFFECTIVE' - name: 'targetSecureTag' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of secure tags that controls which instances the firewall rule applies to. If targetSecureTag are specified, then the @@ -572,6 +988,19 @@ properties: targetSecureTag are specified, the firewall rule applies to all instances on the specified network. Maximum number of target label tags allowed is 256. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + Name of the secure tag, created with TagManager's TagValue API. + @pattern tagValues/[0-9]+ + - !ruby/object:Api::Type::Enum + name: 'state' + output: true +======= api_name: targetSecureTags min_version: 'beta' output: true @@ -587,10 +1016,33 @@ properties: output: true - name: 'state' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | [Output Only] State of the secure tag, either `EFFECTIVE` or `INEFFECTIVE`. A secure tag is `INEFFECTIVE` when it is deleted or its network is deleted. +<<<<<<< HEAD + values: + - :EFFECTIVE + - :INEFFECTIVE + - !ruby/object:Api::Type::String + name: 'action' + output: true + description: | + The Action to perform when the client connection triggers the rule. Can currently be either + "allow", "deny", "apply_security_profile_group" or "goto_next". + - !ruby/object:Api::Type::Enum + name: 'direction' + output: true + description: | + The direction in which this rule applies. If unspecified an INGRESS rule is created. + values: + - :INGRESS + - :EGRESS + - !ruby/object:Api::Type::Boolean + name: 'enableLogging' + output: true +======= min_version: 'beta' output: true enum_values: @@ -614,10 +1066,24 @@ properties: - 'EGRESS' - name: 'enableLogging' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. +<<<<<<< HEAD + send_empty_value: true + - !ruby/object:Api::Type::Array + name: 'targetServiceAccounts' + output: true + description: | + A list of service accounts indicating the sets of + instances that are applied with this rule. + item_type: Api::Type::String + - !ruby/object:Api::Type::String + name: 'securityProfileGroup' + output: true +======= min_version: 'beta' output: true send_empty_value: true @@ -632,11 +1098,23 @@ properties: type: String - name: 'securityProfileGroup' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A fully-qualified URL of a SecurityProfile resource instance. Example: https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group Must be specified if action is 'apply_security_profile_group'. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'tlsInspect' + output: true + description: | + Boolean flag indicating if the traffic should be TLS decrypted. + It can be set only if action = 'apply_security_profile_group' and cannot be set for other actions. + - !ruby/object:Api::Type::Boolean + name: 'disabled' + output: true +======= min_version: 'beta' output: true - name: 'tlsInspect' @@ -648,11 +1126,29 @@ properties: output: true - name: 'disabled' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Denotes whether the firewall policy rule is disabled. When set to true, the firewall policy rule is not enforced and traffic behaves as if it did not exist. If this is unspecified, the firewall policy rule will be enabled. +<<<<<<< HEAD + - !ruby/object:Api::Type::Fingerprint + name: fingerprint + description: Fingerprint of the resource. This field is used internally during updates of this resource. + output: true + - !ruby/object:Api::Type::String + name: selfLink + description: Server-defined URL for the resource. + output: true + - !ruby/object:Api::Type::String + name: selfLinkWithId + description: Server-defined URL for this resource with the resource id. + output: true + - !ruby/object:Api::Type::Integer + name: ruleTupleCount + description: Total count of all firewall policy rule tuples. A firewall policy can not exceed a set number of tuples. +======= min_version: 'beta' output: true - name: 'fingerprint' @@ -674,4 +1170,5 @@ properties: type: Integer description: Total count of all firewall policy rule tuples. A firewall policy can not exceed a set number of tuples. min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 output: true diff --git a/mmv1/products/compute/RegionPerInstanceConfig.yaml b/mmv1/products/compute/RegionPerInstanceConfig.yaml index 9d0a6340a5ab..b99d96316771 100644 --- a/mmv1/products/compute/RegionPerInstanceConfig.yaml +++ b/mmv1/products/compute/RegionPerInstanceConfig.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,12 +15,68 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'RegionPerInstanceConfig' +base_url: 'projects/{{project}}/regions/{{region}}/instanceGroupManagers/{{region_instance_group_manager}}' +======= --- name: 'RegionPerInstanceConfig' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A config defined for a single managed instance that belongs to an instance group manager. It preserves the instance name across instance group manager operations and can define stateful disks or metadata that are unique to the instance. This resource works with regional instance group managers. +<<<<<<< HEAD +create_verb: :POST +create_url: projects/{{project}}/regions/{{region}}/instanceGroupManagers/{{region_instance_group_manager}}/createInstances +update_verb: :POST +update_url: projects/{{project}}/regions/{{region}}/instanceGroupManagers/{{region_instance_group_manager}}/updatePerInstanceConfigs +delete_verb: :POST +delete_url: projects/{{project}}/regions/{{region}}/instanceGroupManagers/{{region_instance_group_manager}}/deletePerInstanceConfigs +read_verb: :POST +self_link: projects/{{project}}/regions/{{region}}/instanceGroupManagers/{{region_instance_group_manager}}/listPerInstanceConfigs +identity: + - name +nested_query: !ruby/object:Api::Resource::NestedQuery + keys: + - items +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/compute/docs/instance-groups/stateful-migs#per-instance_configs' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroupManagers' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +id_format: '{{project}}/{{region}}/{{region_instance_group_manager}}/{{name}}' +mutex: instanceGroupManager/{{project}}/{{region}}/{{region_instance_group_manager}} +exclude_tgc: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'stateful_rigm' + primary_resource_id: + 'stateful-instance' + # Fine-grained resource need different autogenerated tests, as + # we need to check destroy during a test step where the parent resource + # still exists, rather than during CheckDestroy (when read returns + # nothing because the parent resource has then also been destroyed) + skip_test: true +======= references: guides: 'Official Documentation': 'https://cloud.google.com/compute/docs/instance-groups/stateful-migs#per-instance_configs' @@ -66,10 +126,16 @@ exclude_tgc: true examples: - name: 'stateful_rigm' primary_resource_id: 'stateful-instance' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: template_name: 'my-template' igm_name: 'my-rigm' disk_name: 'my-disk-name' +<<<<<<< HEAD +virtual_fields: + - !ruby/object:Api::Type::String + name: 'minimal_action' +======= # Fine-grained resource need different autogenerated tests, as # we need to check destroy during a test step where the parent resource # still exists, rather than during CheckDestroy (when read returns @@ -77,6 +143,7 @@ examples: exclude_test: true virtual_fields: - name: 'minimal_action' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The minimal action to perform on the instance during an update. Default is `NONE`. Possible values are: @@ -84,9 +151,15 @@ virtual_fields: * RESTART * REFRESH * NONE +<<<<<<< HEAD + default_value: NONE + - !ruby/object:Api::Type::String + name: 'most_disruptive_allowed_action' +======= type: String default_value: "NONE" - name: 'most_disruptive_allowed_action' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The most disruptive action to perform on the instance during an update. Default is `REPLACE`. Possible values are: @@ -94,6 +167,21 @@ virtual_fields: * RESTART * REFRESH * NONE +<<<<<<< HEAD + default_value: REPLACE + - !ruby/object:Api::Type::Boolean + name: 'remove_instance_on_destroy' + conflicts: + - remove_instance_state_on_destroy + description: | + When true, deleting this config will immediately remove the underlying instance. + When false, deleting this config will use the behavior as determined by remove_instance_on_destroy. + default_value: false + - !ruby/object:Api::Type::Boolean + name: 'remove_instance_state_on_destroy' + conflicts: + - remove_instance_on_destroy +======= type: String default_value: "REPLACE" - name: 'remove_instance_on_destroy' @@ -103,10 +191,43 @@ virtual_fields: type: Boolean default_value: false - name: 'remove_instance_state_on_destroy' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | When true, deleting this config will immediately remove any specified state from the underlying instance. When false, deleting this config will *not* immediately remove any state from the underlying instance. State will be removed on the next instance recreation or update. +<<<<<<< HEAD + default_value: false +custom_code: !ruby/object:Provider::Terraform::CustomCode + encoder: templates/terraform/encoders/compute_per_instance_config.go.erb + update_encoder: templates/terraform/update_encoder/compute_per_instance_config.go.erb + post_update: templates/terraform/post_update/compute_region_per_instance_config.go.erb + custom_delete: templates/terraform/custom_delete/region_per_instance_config.go.erb +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'region' + resource: 'Region' + imports: 'name' + description: | + Region where the containing instance group manager is located + required: false + url_param_only: true + immutable: true + ignore_read: true + default_from_api: true + - !ruby/object:Api::Type::ResourceRef + name: 'regionInstanceGroupManager' + resource: 'RegionInstanceGroupManager' + imports: 'name' + description: | + The region instance group manager this instance config is part of. + required: true + url_param_only: true + immutable: true +properties: + - !ruby/object:Api::Type::String + name: 'name' +======= type: Boolean default_value: false parameters: @@ -133,10 +254,53 @@ parameters: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name for this per-instance config and its corresponding instance. required: true immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'preservedState' + description: 'The preserved state for this instance.' + update_verb: :POST + properties: + - !ruby/object:Api::Type::KeyValuePairs + name: 'metadata' + description: | + Preserved metadata defined for this instance. This is a list of key->value pairs. + - !ruby/object:Api::Type::Array + name: 'disk' + api_name: disks + description: | + Stateful disks for the instance. + is_set: true + custom_flatten: templates/terraform/custom_flatten/preserved_state_disks.go.erb + custom_expand: templates/terraform/custom_expand/preserved_state_disks.go.erb + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: deviceName + required: true + description: | + A unique device name that is reflected into the /dev/ tree of a Linux operating system running within the instance. + - !ruby/object:Api::Type::String + name: source + required: true + description: | + The URI of an existing persistent disk to attach under the specified device-name in the format + `projects/project-id/zones/zone/disks/disk-name`. + - !ruby/object:Api::Type::Enum + name: mode + description: | + The mode of the disk. + values: + - :READ_ONLY + - :READ_WRITE + default_value: :READ_WRITE + - !ruby/object:Api::Type::Enum + name: deleteRule +======= - name: 'preservedState' type: NestedObject description: 'The preserved state for this instance.' @@ -177,12 +341,75 @@ properties: - 'READ_WRITE' - name: 'deleteRule' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A value that prescribes what should happen to the stateful disk when the VM instance is deleted. The available options are `NEVER` and `ON_PERMANENT_INSTANCE_DELETION`. `NEVER` - detach the disk when the VM is deleted, but do not delete the disk. `ON_PERMANENT_INSTANCE_DELETION` will delete the stateful disk when the VM is permanently deleted from the instance group. +<<<<<<< HEAD + values: + - :NEVER + - :ON_PERMANENT_INSTANCE_DELETION + default_value: :NEVER + - !ruby/object:Api::Type::Map + name: 'internalIp' + api_name: internalIPs + key_name: 'interface_name' + description: | + Preserved internal IPs defined for this instance. This map is keyed with the name of the network interface. + value_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Enum + name: autoDelete + description: | + These stateful IPs will never be released during autohealing, update or VM instance recreate operations. This flag is used to configure if the IP reservation should be deleted after it is no longer used by the group, e.g. when the given instance or the whole group is deleted. + values: + - :NEVER + - :ON_PERMANENT_INSTANCE_DELETION + default_value: :NEVER + - !ruby/object:Api::Type::NestedObject + name: 'ipAddress' + description: | + Ip address representation + properties: + - !ruby/object:Api::Type::ResourceRef + name: 'address' + resource: 'Address' + imports: 'selfLink' + description: | + The URL of the reservation for this IP address. + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Map + name: 'externalIp' + api_name: externalIPs + key_name: 'interface_name' + description: | + Preserved external IPs defined for this instance. This map is keyed with the name of the network interface. + value_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Enum + name: autoDelete + description: | + These stateful IPs will never be released during autohealing, update or VM instance recreate operations. This flag is used to configure if the IP reservation should be deleted after it is no longer used by the group, e.g. when the given instance or the whole group is deleted. + values: + - :NEVER + - :ON_PERMANENT_INSTANCE_DELETION + default_value: :NEVER + - !ruby/object:Api::Type::NestedObject + name: 'ipAddress' + description: | + Ip address representation + properties: + - !ruby/object:Api::Type::ResourceRef + name: 'address' + resource: 'Address' + imports: 'selfLink' + description: | + The URL of the reservation for this IP address. + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +======= default_value: "NEVER" enum_values: - 'NEVER' @@ -247,3 +474,4 @@ properties: custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Address' imports: 'selfLink' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/RegionSecurityPolicy.yaml b/mmv1/products/compute/RegionSecurityPolicy.yaml index b41615004665..719279bd2e98 100644 --- a/mmv1/products/compute/RegionSecurityPolicy.yaml +++ b/mmv1/products/compute/RegionSecurityPolicy.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,53 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'RegionSecurityPolicy' +min_version: beta +base_url: projects/{{project}}/regions/{{region}}/securityPolicies +self_link: projects/{{project}}/regions/{{region}}/securityPolicies/{{name}} +update_verb: :PATCH +update_mask: true +description: | + Represents a Region Cloud Armor Security Policy resource. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/armor/docs/security-policy-concepts' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionSecurityPolicies' +import_format: ['projects/{{project}}/regions/{{region}}/securityPolicies/{{name}}'] +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'region_security_policy_basic' + primary_resource_id: 'region-sec-policy-basic' + vars: + sec_policy_name: 'my-sec-policy-basic' + - !ruby/object:Provider::Terraform::Examples + name: 'region_security_policy_with_ddos_protection_config' + primary_resource_id: 'region-sec-policy-ddos-protection' + vars: + sec_policy_name: 'my-sec-policy-ddos-protection' + - !ruby/object:Provider::Terraform::Examples + name: 'region_security_policy_with_user_defined_fields' +======= --- name: 'RegionSecurityPolicy' description: | @@ -56,10 +107,51 @@ examples: vars: sec_policy_name: 'my-sec-policy-ddos-protection' - name: 'region_security_policy_with_user_defined_fields' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'region-sec-policy-user-defined-fields' vars: sec_policy_name: 'my-sec-policy-user-defined-fields' parameters: +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: 'region' + resource: 'Region' + imports: 'name' + required: false + immutable: true + description: | + The Region in which the created Region Security Policy should reside. + If it is not provided, the provider region is used. + default_from_api: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::String + name: 'policyId' + api_name: 'id' + description: | + The unique identifier for the resource. This identifier is defined by the server. + output: true + - !ruby/object:Api::Type::String + name: 'name' + immutable: true + description: | + Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. + Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + required: true + - !ruby/object:Api::Type::String + name: 'description' + description: | + An optional description of this resource. Provide this property when you create the resource. + - !ruby/object:Api::Type::Fingerprint + name: 'fingerprint' + description: | + Fingerprint of this resource. This field is used internally during + updates of this resource. + output: true + - !ruby/object:Api::Type::Enum + name: 'type' + immutable: true +======= - name: 'region' type: ResourceRef description: | @@ -102,12 +194,26 @@ properties: output: true - name: 'type' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The type indicates the intended use of the security policy. - CLOUD_ARMOR: Cloud Armor backend security policies can be configured to filter incoming HTTP requests targeting backend services. They filter requests before they hit the origin servers. - CLOUD_ARMOR_EDGE: Cloud Armor edge security policies can be configured to filter incoming HTTP requests targeting backend services (including Cloud CDN-enabled) as well as backend buckets (Cloud Storage). They filter requests before the request is served from Google's cache. - CLOUD_ARMOR_NETWORK: Cloud Armor network policies can be configured to filter packets targeting network load balancing resources such as backend services, target pools, target instances, and instances with external IPs. They filter requests before the request is served from the application. This field can be set only at resource creation time. +<<<<<<< HEAD + values: + - :CLOUD_ARMOR + - :CLOUD_ARMOR_EDGE + - :CLOUD_ARMOR_NETWORK + - !ruby/object:Api::Type::NestedObject + name: 'ddosProtectionConfig' + description: | + Configuration for Google Cloud Armor DDOS Proctection Config. + properties: + - !ruby/object:Api::Type::Enum + name: 'ddosProtection' +======= min_version: 'beta' immutable: true enum_values: @@ -122,11 +228,32 @@ properties: properties: - name: 'ddosProtection' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Google Cloud Armor offers the following options to help protect systems against DDoS attacks: - STANDARD: basic always-on protection for network load balancers, protocol forwarding, or VMs with public IP addresses. - ADVANCED: additional protections for Managed Protection Plus subscribers who use network load balancers, protocol forwarding, or VMs with public IP addresses. - ADVANCED_PREVIEW: flag to enable the security policy in preview mode. +<<<<<<< HEAD + values: + - :ADVANCED + - :ADVANCED_PREVIEW + - :STANDARD + required: true + - !ruby/object:Api::Type::String + name: 'selfLink' + output: true + description: | + Server-defined URL for the resource. + - !ruby/object:Api::Type::String + name: 'selfLinkWithPolicyId' + api_name: 'selfLinkWithId' + output: true + description: | + Server-defined URL for this resource with the resource id. + - !ruby/object:Api::Type::Array + name: 'userDefinedFields' +======= min_version: 'beta' required: true enum_values: @@ -148,10 +275,22 @@ properties: output: true - name: 'userDefinedFields' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Definitions of user-defined fields for CLOUD_ARMOR_NETWORK policies. A user-defined field consists of up to 4 bytes extracted from a fixed offset in the packet, relative to the IPv4, IPv6, TCP, or UDP header, with an optional mask to select certain bits. Rules may then specify matching values for these fields. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + description: | + The name of this field. Must be unique within the policy. + - !ruby/object:Api::Type::Enum + name: 'base' + required: true +======= min_version: 'beta' item_type: type: NestedObject @@ -163,12 +302,30 @@ properties: min_version: 'beta' - name: 'base' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The base relative to which 'offset' is measured. Possible values are: - IPV4: Points to the beginning of the IPv4 header. - IPV6: Points to the beginning of the IPv6 header. - TCP: Points to the beginning of the TCP header, skipping over any IPv4 options or IPv6 extension headers. Not present for non-first fragments. - UDP: Points to the beginning of the UDP header, skipping over any IPv4 options or IPv6 extension headers. Not present for non-first fragments. +<<<<<<< HEAD + values: + - :IPV4 + - :IPV6 + - :TCP + - :UDP + - !ruby/object:Api::Type::Integer + name: 'offset' + description: | + Offset of the first byte of the field (in network byte order) relative to 'base'. + - !ruby/object:Api::Type::Integer + name: 'size' + description: | + Size of the field in bytes. Valid values: 1-4. + - !ruby/object:Api::Type::String + name: 'mask' +======= min_version: 'beta' required: true enum_values: @@ -188,8 +345,12 @@ properties: min_version: 'beta' - name: 'mask' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If specified, apply this mask (bitwise AND) to the field to ignore bits before matching. Encoded as a hexadecimal number (starting with "0x"). The last byte of the field (in network byte order) corresponds to the least significant byte of the mask. +<<<<<<< HEAD +======= min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/RegionSecurityPolicyRule.yaml b/mmv1/products/compute/RegionSecurityPolicyRule.yaml index 765935d2fe9c..c93d6b42113c 100644 --- a/mmv1/products/compute/RegionSecurityPolicyRule.yaml +++ b/mmv1/products/compute/RegionSecurityPolicyRule.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,49 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'RegionSecurityPolicyRule' +min_version: beta +base_url: 'projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}' +self_link: 'projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}/getRule?priority={{priority}}' +create_url: 'projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}/addRule?priority={{priority}}' +update_verb: :POST +update_mask: true +update_url: 'projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}/patchRule?priority={{priority}}' +delete_verb: :POST +delete_url: 'projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}/removeRule?priority={{priority}}' +description: | + A rule for the RegionSecurityPolicy. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Creating region security policy rules': 'https://cloud.google.com/armor/docs/configure-security-policies' + api: + 'https://cloud.google.com/compute/docs/reference/rest/beta/regionSecurityPolicies/addRule' +id_format: 'projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}/priority/{{priority}}' +import_format: ['projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}/priority/{{priority}}'] +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'region_security_policy_rule_basic' +======= --- name: 'RegionSecurityPolicyRule' description: | @@ -53,25 +100,68 @@ async: custom_code: examples: - name: 'region_security_policy_rule_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'policy_rule' min_version: 'beta' vars: sec_policy_name: 'policyruletest' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'region_security_policy_rule_multiple_rules' +======= - name: 'region_security_policy_rule_multiple_rules' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'policy_rule_one' min_version: 'beta' vars: sec_policy_name: 'policywithmultiplerules' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'region_security_policy_rule_with_preconfigured_waf_config' +======= - name: 'region_security_policy_rule_with_preconfigured_waf_config' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'policy_rule' min_version: 'beta' vars: sec_policy_name: 'policyruletest' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'region_security_policy_rule_with_network_match' + # it needs to run synchronously because a region can have only one google_compute_network_edge_security_service. + # there is a robust handwritten test which covers this scenario. + skip_test: true +======= - name: 'region_security_policy_rule_with_network_match' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'policy_rule_network_match' min_version: 'beta' vars: sec_policy_name: 'policyfornetworkmatch' +<<<<<<< HEAD +parameters: + - !ruby/object:Api::Type::String + name: 'region' + description: | + The Region in which the created Region Security Policy rule should reside. + immutable: true + url_param_only: true + required: true + - !ruby/object:Api::Type::String + name: 'security_policy' + required: true + immutable: true + description: | + The name of the security policy this rule belongs to. + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'description' + description: | + An optional description of this resource. Provide this property when you create the resource. + - !ruby/object:Api::Type::Integer + name: 'priority' +======= # it needs to run synchronously because a region can have only one google_compute_network_edge_security_service. # there is a robust handwritten test which covers this scenario. exclude_test: true @@ -100,10 +190,84 @@ properties: min_version: 'beta' - name: 'priority' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority. +<<<<<<< HEAD + required: true + immutable: true + - !ruby/object:Api::Type::NestedObject + name: 'match' + description: | + A match condition that incoming traffic is evaluated against. + If it evaluates to true, the corresponding 'action' is enforced. + properties: + - !ruby/object:Api::Type::Enum + name: 'versionedExpr' + description: | + Preconfigured versioned expression. If this field is specified, config must also be specified. + Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding srcIpRange field in config. + values: + - :SRC_IPS_V1 + - !ruby/object:Api::Type::NestedObject + name: 'expr' + description: | + User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header. + properties: + - !ruby/object:Api::Type::String + name: 'expression' + required: true + description: | + Textual representation of an expression in Common Expression Language syntax. The application context of the containing message determines which well-known feature set of CEL is supported. + - !ruby/object:Api::Type::NestedObject + name: 'config' + description: | + The configuration options available when specifying versionedExpr. + This field must be specified if versionedExpr is specified and cannot be specified if versionedExpr is not specified. + properties: + - !ruby/object:Api::Type::Array + name: 'srcIpRanges' + description: | + CIDR IP address range. Maximum number of srcIpRanges allowed is 10. + item_type: Api::Type::String + - !ruby/object:Api::Type::NestedObject + name: 'preconfiguredWafConfig' + description: | + Preconfigured WAF configuration to be applied for the rule. + If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect. + properties: + - !ruby/object:Api::Type::Array + name: 'exclusion' + api_name: 'exclusions' + description: | + An exclusion to apply during preconfigured WAF evaluation. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'targetRuleSet' + required: true + description: | + Target WAF rule set to apply the preconfigured WAF exclusion. + - !ruby/object:Api::Type::Array + name: 'targetRuleIds' + description: | + A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. + If omitted, it refers to all the rule IDs under the WAF rule set. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'requestHeader' + api_name: 'requestHeadersToExclude' + description: | + Request header whose value will be excluded from inspection during preconfigured WAF evaluation. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Enum + name: 'operator' + api_name: 'op' + required: true +======= min_version: 'beta' required: true immutable: true @@ -189,6 +353,7 @@ properties: properties: - name: 'operator' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | You can specify an exact match or a partial match by using a field operator and a field value. Available options: @@ -197,6 +362,31 @@ properties: ENDS_WITH: The operator matches if the field value ends with the specified value. CONTAINS: The operator matches if the field value contains the specified value. EQUALS_ANY: The operator matches if the field value is any value. +<<<<<<< HEAD + values: + - :CONTAINS + - :ENDS_WITH + - :EQUALS + - :EQUALS_ANY + - :STARTS_WITH + - !ruby/object:Api::Type::String + name: 'value' + api_name: 'val' + description: | + A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation. + The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY. + - !ruby/object:Api::Type::Array + name: 'requestCookie' + api_name: 'requestCookiesToExclude' + description: | + Request cookie whose value will be excluded from inspection during preconfigured WAF evaluation. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Enum + name: 'operator' + api_name: 'op' + required: true +======= api_name: op min_version: 'beta' required: true @@ -224,6 +414,7 @@ properties: properties: - name: 'operator' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | You can specify an exact match or a partial match by using a field operator and a field value. Available options: @@ -232,6 +423,32 @@ properties: ENDS_WITH: The operator matches if the field value ends with the specified value. CONTAINS: The operator matches if the field value contains the specified value. EQUALS_ANY: The operator matches if the field value is any value. +<<<<<<< HEAD + values: + - :CONTAINS + - :ENDS_WITH + - :EQUALS + - :EQUALS_ANY + - :STARTS_WITH + - !ruby/object:Api::Type::String + name: 'value' + api_name: 'val' + description: | + A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation. + The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY. + - !ruby/object:Api::Type::Array + name: 'requestUri' + api_name: 'requestUrisToExclude' + description: | + Request URI from the request line to be excluded from inspection during preconfigured WAF evaluation. + When specifying this field, the query or fragment part should be excluded. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Enum + name: 'operator' + api_name: 'op' + required: true +======= api_name: op min_version: 'beta' required: true @@ -260,6 +477,7 @@ properties: properties: - name: 'operator' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | You can specify an exact match or a partial match by using a field operator and a field value. Available options: @@ -268,6 +486,32 @@ properties: ENDS_WITH: The operator matches if the field value ends with the specified value. CONTAINS: The operator matches if the field value contains the specified value. EQUALS_ANY: The operator matches if the field value is any value. +<<<<<<< HEAD + values: + - :CONTAINS + - :ENDS_WITH + - :EQUALS + - :EQUALS_ANY + - :STARTS_WITH + - !ruby/object:Api::Type::String + name: 'value' + api_name: 'val' + description: | + A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation. + The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY. + - !ruby/object:Api::Type::Array + name: 'requestQueryParam' + api_name: 'requestQueryParamsToExclude' + description: | + Request query parameter whose value will be excluded from inspection during preconfigured WAF evaluation. + Note that the parameter can be in the query string or in the POST body. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Enum + name: 'operator' + api_name: 'op' + required: true +======= api_name: op min_version: 'beta' required: true @@ -296,6 +540,7 @@ properties: properties: - name: 'operator' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | You can specify an exact match or a partial match by using a field operator and a field value. Available options: @@ -304,6 +549,22 @@ properties: ENDS_WITH: The operator matches if the field value ends with the specified value. CONTAINS: The operator matches if the field value contains the specified value. EQUALS_ANY: The operator matches if the field value is any value. +<<<<<<< HEAD + values: + - :CONTAINS + - :ENDS_WITH + - :EQUALS + - :EQUALS_ANY + - :STARTS_WITH + - !ruby/object:Api::Type::String + name: 'value' + api_name: 'val' + description: | + A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation. + The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY. + - !ruby/object:Api::Type::String + name: 'action' +======= api_name: op min_version: 'beta' required: true @@ -322,6 +583,7 @@ properties: min_version: 'beta' - name: 'action' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The Action to perform when the rule is matched. The following are the valid actions: @@ -334,6 +596,13 @@ properties: * redirect: redirect to a different target. This can either be an internal reCAPTCHA redirect, or an external URL-based redirect via a 302 response. Parameters for this action can be configured via redirectOptions. This action is only supported in Global Security Policies of type CLOUD_ARMOR. * throttle: limit client traffic to the configured threshold. Configure parameters for this action in rateLimitOptions. Requires rateLimitOptions to be set for this. +<<<<<<< HEAD + required: true + - !ruby/object:Api::Type::NestedObject + name: 'rateLimitOptions' + description: | + Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions. +======= min_version: 'beta' required: true - name: 'rateLimitOptions' @@ -341,6 +610,7 @@ properties: description: | Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions. min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 update_mask_fields: - 'rateLimitOptions.rateLimitThreshold' - 'rateLimitOptions.conformAction' @@ -351,6 +621,33 @@ properties: - 'rateLimitOptions.banThreshold' - 'rateLimitOptions.banDurationSec' properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'rateLimitThreshold' + description: | + Threshold at which to begin ratelimiting. + properties: + - !ruby/object:Api::Type::Integer + name: 'count' + description: | + Number of HTTP(S) requests for calculating the threshold. + - !ruby/object:Api::Type::Integer + name: 'intervalSec' + description: | + Interval over which the threshold is computed. + - !ruby/object:Api::Type::String + name: 'conformAction' + description: | + Action to take for requests that are under the configured rate limit threshold. + Valid option is "allow" only. + - !ruby/object:Api::Type::String + name: 'exceedAction' + description: | + Action to take for requests that are above the configured rate limit threshold, to deny with a specified HTTP response code. + Valid options are deny(STATUS), where valid values for STATUS are 403, 404, 429, and 502. + - !ruby/object:Api::Type::Enum + name: 'enforceOnKey' +======= - name: 'rateLimitThreshold' type: NestedObject description: | @@ -381,6 +678,7 @@ properties: min_version: 'beta' - name: 'enforceOnKey' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Determines the key to enforce the rateLimitThreshold on. Possible values are: * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKey" is not configured. @@ -393,6 +691,21 @@ properties: * REGION_CODE: The country/region from which the request originates. * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. +<<<<<<< HEAD + values: + - :ALL + - :IP + - :HTTP_HEADER + - :XFF_IP + - :HTTP_COOKIE + - :HTTP_PATH + - :SNI + - :REGION_CODE + - :TLS_JA3_FINGERPRINT + - :USER_IP + - !ruby/object:Api::Type::String + name: 'enforceOnKeyName' +======= min_version: 'beta' enum_values: - 'ALL' @@ -407,23 +720,36 @@ properties: - 'USER_IP' - name: 'enforceOnKeyName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Rate limit key name applicable only for the following key types: HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'enforceOnKeyConfigs' +======= min_version: 'beta' - name: 'enforceOnKeyConfigs' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If specified, any combination of values of enforceOnKeyType/enforceOnKeyName is treated as the key on which ratelimit threshold/action is enforced. You can specify up to 3 enforceOnKeyConfigs. If enforceOnKeyConfigs is specified, enforceOnKey must not be specified. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Enum + name: 'enforceOnKeyType' +======= min_version: 'beta' item_type: type: NestedObject properties: - name: 'enforceOnKeyType' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Determines the key to enforce the rateLimitThreshold on. Possible values are: * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKeyConfigs" is not configured. @@ -436,6 +762,21 @@ properties: * REGION_CODE: The country/region from which the request originates. * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. +<<<<<<< HEAD + values: + - :ALL + - :IP + - :HTTP_HEADER + - :XFF_IP + - :HTTP_COOKIE + - :HTTP_PATH + - :SNI + - :REGION_CODE + - :TLS_JA3_FINGERPRINT + - :USER_IP + - !ruby/object:Api::Type::String + name: 'enforceOnKeyName' +======= min_version: 'beta' enum_values: - 'ALL' @@ -450,10 +791,38 @@ properties: - 'USER_IP' - name: 'enforceOnKeyName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Rate limit key name applicable only for the following key types: HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'banThreshold' + description: | + Can only be specified if the action for the rule is "rate_based_ban". + If specified, the key will be banned for the configured 'banDurationSec' when the number of requests that exceed the 'rateLimitThreshold' also exceed this 'banThreshold'. + properties: + - !ruby/object:Api::Type::Integer + name: 'count' + description: | + Number of HTTP(S) requests for calculating the threshold. + - !ruby/object:Api::Type::Integer + name: 'intervalSec' + description: | + Interval over which the threshold is computed. + - !ruby/object:Api::Type::Integer + name: 'banDurationSec' + description: | + Can only be specified if the action for the rule is "rate_based_ban". + If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold. + - !ruby/object:Api::Type::Boolean + name: 'preview' + description: | + If set to true, the specified action is not enforced. + - !ruby/object:Api::Type::NestedObject + name: 'networkMatch' +======= min_version: 'beta' - name: 'banThreshold' type: NestedObject @@ -485,6 +854,7 @@ properties: min_version: 'beta' - name: 'networkMatch' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A match condition that incoming packets are evaluated against for CLOUD_ARMOR_NETWORK security policies. If it matches, the corresponding 'action' is enforced. The match criteria for a rule consists of built-in match fields (like 'srcIpRanges') and potentially multiple user-defined match fields ('userDefinedFields'). @@ -494,7 +864,10 @@ properties: Example: networkMatch: srcIpRanges: - "192.0.2.0/24" - "198.51.100.0/24" userDefinedFields: - name: "ipv4_fragment_offset" values: - "1-0x1fff" The above match condition matches packets with a source IP in 192.0.2.0/24 or 198.51.100.0/24 and a user-defined field named "ipv4_fragment_offset" with a value between 1 and 0x1fff inclusive +<<<<<<< HEAD +======= min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 update_mask_fields: - 'network_match.userDefinedFields' - 'network_match.srcIpRanges' @@ -505,6 +878,58 @@ properties: - 'network_match.srcRegionCodes' - 'network_match.srcAsns' properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'userDefinedFields' + description: | + User-defined fields. Each element names a defined field and lists the matching values for that field. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + description: | + Name of the user-defined field, as given in the definition. + - !ruby/object:Api::Type::Array + name: 'values' + description: | + Matching values of the field. Each element can be a 32-bit unsigned decimal or hexadecimal (starting with "0x") number (e.g. "64") or range (e.g. "0x400-0x7ff"). + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'srcIpRanges' + description: | + Source IPv4/IPv6 addresses or CIDR prefixes, in standard text format. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'destIpRanges' + description: | + Destination IPv4/IPv6 addresses or CIDR prefixes, in standard text format. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'ipProtocols' + description: | + IPv4 protocol / IPv6 next header (after extension headers). Each element can be an 8-bit unsigned decimal number (e.g. "6"), range (e.g. "253-254"), or one of the following protocol names: "tcp", "udp", "icmp", "esp", "ah", "ipip", or "sctp". + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'srcPorts' + description: | + Source port numbers for TCP/UDP/SCTP. Each element can be a 16-bit unsigned decimal number (e.g. "80") or range (e.g. "0-1023"). + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'destPorts' + description: | + Destination port numbers for TCP/UDP/SCTP. Each element can be a 16-bit unsigned decimal number (e.g. "80") or range (e.g. "0-1023"). + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'srcRegionCodes' + description: | + Two-letter ISO 3166-1 alpha-2 country code associated with the source IP address. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'srcAsns' + description: | + BGP Autonomous System Number associated with the source IP address. + item_type: Api::Type::Integer +======= - name: 'userDefinedFields' type: Array description: | @@ -574,3 +999,4 @@ properties: min_version: 'beta' item_type: type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/RegionSslCertificate.yaml b/mmv1/products/compute/RegionSslCertificate.yaml index 1bb481b10e65..a7935e59251a 100644 --- a/mmv1/products/compute/RegionSslCertificate.yaml +++ b/mmv1/products/compute/RegionSslCertificate.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,18 +15,54 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'RegionSslCertificate' +kind: 'compute#sslCertificate' +base_url: projects/{{project}}/regions/{{region}}/sslCertificates +collection_url_key: 'items' +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/ssl-certificates' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionSslCertificates' +immutable: true +has_self_link: true +======= --- name: 'RegionSslCertificate' kind: 'compute#sslCertificate' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A RegionSslCertificate resource, used for HTTPS load balancing. This resource provides a mechanism to upload an SSL key and certificate to the load balancer to serve secure connections from the user. +<<<<<<< HEAD +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +docs: !ruby/object:Provider::Terraform::Docs +======= references: guides: 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/ssl-certificates' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionSslCertificates' docs: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 optional_properties: | * `name_prefix` - (Optional) Creates a unique name beginning with the specified prefix. Conflicts with `name`. Max length is 54 characters. @@ -32,6 +72,30 @@ docs: `name_prefix` + YYYYmmddHHSSssss + 8 digit incremental counter Resulting name for a `name_prefix` 38 - 54 characters: `name_prefix` + YYmmdd + 3 digit incremental counter +<<<<<<< HEAD +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'region_ssl_certificate_basic' + primary_resource_id: + 'default' + # Uses id.UniqueId + skip_vcr: true + ignore_read_extra: + - 'name_prefix' + - !ruby/object:Provider::Terraform::Examples + name: 'region_ssl_certificate_random_provider' + external_providers: ["random", "time"] + primary_resource_id: + 'default' + # Uses id.UniqueId + skip_vcr: true + - !ruby/object:Provider::Terraform::Examples + name: 'region_ssl_certificate_target_https_proxies' + primary_resource_id: + 'default' + # Uses id.UniqueId + skip_vcr: true +======= base_url: 'projects/{{project}}/regions/{{region}}/sslCertificates' has_self_link: true immutable: true @@ -71,6 +135,7 @@ examples: skip_vcr: true - name: 'region_ssl_certificate_target_https_proxies' primary_resource_id: 'default' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: region_target_https_proxy_name: 'test-proxy' region_url_map_name: 'url-map' @@ -78,6 +143,27 @@ examples: region_health_check_name: 'http-health-check' ignore_read_extra: - 'name_prefix' +<<<<<<< HEAD +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: templates/terraform/constants/compute_certificate.go.erb + extra_schema_entry: templates/terraform/extra_schema_entry/ssl_certificate.erb +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'region' + resource: 'Region' + imports: 'name' + required: false + immutable: true + description: | + The Region in which the created regional ssl certificate should reside. + If it is not provided, the provider region is used. + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::String + name: 'certificate' +======= # Uses id.UniqueId skip_vcr: true parameters: @@ -96,12 +182,33 @@ parameters: properties: - name: 'certificate' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. required: true sensitive: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::String + name: 'description' + description: 'An optional description of this resource.' + - !ruby/object:Api::Type::String + name: 'expireTime' + output: true + description: 'Expire time of the certificate in RFC3339 text format.' + - !ruby/object:Api::Type::Integer + name: 'certificate_id' + api_name: 'id' + description: 'The unique identifier for the resource.' + output: true + - !ruby/object:Api::Type::String + name: 'name' +======= - name: 'creationTimestamp' type: Time description: 'Creation timestamp in RFC3339 text format.' @@ -120,6 +227,7 @@ properties: output: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -131,6 +239,20 @@ properties: These are in the same namespace as the managed SSL certificates. default_from_api: true +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/name_or_name_prefix.go.erb' + validation: !ruby/object:Provider::Terraform::Validation + function: 'verify.ValidateGCEName' + - !ruby/object:Api::Type::String + name: 'privateKey' + description: 'The write-only private key in PEM format.' + required: true + immutable: true + sensitive: true + ignore_read: true + custom_flatten: 'templates/terraform/custom_flatten/sha256.erb' + diff_suppress_func: 'sha256DiffSuppress' +======= custom_expand: 'templates/terraform/custom_expand/name_or_name_prefix.go.tmpl' validation: function: 'verify.ValidateGCEName' @@ -143,3 +265,4 @@ properties: sensitive: true diff_suppress_func: 'sha256DiffSuppress' custom_flatten: 'templates/terraform/custom_flatten/sha256.tmpl' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/RegionSslPolicy.yaml b/mmv1/products/compute/RegionSslPolicy.yaml index f09fc0432096..3198e7747e50 100644 --- a/mmv1/products/compute/RegionSslPolicy.yaml +++ b/mmv1/products/compute/RegionSslPolicy.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,67 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'RegionSslPolicy' +kind: 'compute#sslPolicy' +base_url: projects/{{project}}/regions/{{region}}/sslPolicies +collection_url_key: 'items' +update_verb: :PATCH +has_self_link: true +description: | + Represents a Regional SSL policy. SSL policies give you the ability to control the + features of SSL that your SSL proxy or HTTPS load balancer negotiates. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Using SSL Policies': 'https://cloud.google.com/compute/docs/load-balancing/ssl-policies' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionSslPolicies' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: 'templates/terraform/constants/region_ssl_policy.erb' +custom_diff: [ + 'regionSslPolicyCustomizeDiff', +] +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'region' + resource: 'Region' + imports: 'name' + default_from_api: true + immutable: true + description: | + The region where the regional SSL policy resides. + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::String + name: 'description' + description: 'An optional description of this resource.' + immutable: true + - !ruby/object:Api::Type::String + name: 'name' +======= --- name: 'RegionSslPolicy' kind: 'compute#sslPolicy' @@ -70,6 +135,7 @@ properties: immutable: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -78,10 +144,17 @@ properties: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. +<<<<<<< HEAD + immutable: true + required: true + - !ruby/object:Api::Type::Enum + name: 'profile' +======= required: true immutable: true - name: 'profile' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. If using `CUSTOM`, @@ -91,6 +164,32 @@ properties: See the [official documentation](https://cloud.google.com/compute/docs/load-balancing/ssl-policies#profilefeaturesupport) for information on what cipher suites each profile provides. If `CUSTOM` is used, the `custom_features` attribute **must be set**. +<<<<<<< HEAD + values: + - :COMPATIBLE + - :MODERN + - :RESTRICTED + - :CUSTOM + default_value: :COMPATIBLE + - !ruby/object:Api::Type::Enum + name: 'minTlsVersion' + description: | + The minimum version of SSL protocol that can be used by the clients + to establish a connection with the load balancer. + values: + - :TLS_1_0 + - :TLS_1_1 + - :TLS_1_2 + default_value: :TLS_1_0 + - !ruby/object:Api::Type::Array + name: 'enabledFeatures' + description: 'The list of features enabled in the SSL policy.' + output: true + is_set: true + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'customFeatures' +======= default_value: "COMPATIBLE" enum_values: - 'COMPATIBLE' @@ -116,6 +215,7 @@ properties: type: String - name: 'customFeatures' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of features enabled when the selected profile is CUSTOM. The method returns the set of features that can be specified in this @@ -127,10 +227,16 @@ properties: *must not* be present when using any other profile. is_set: true send_empty_value: true +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Fingerprint + name: 'fingerprint' +======= item_type: type: String - name: 'fingerprint' type: Fingerprint +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. diff --git a/mmv1/products/compute/RegionTargetHttpProxy.yaml b/mmv1/products/compute/RegionTargetHttpProxy.yaml index 9e31fb6966e0..95c86633011c 100644 --- a/mmv1/products/compute/RegionTargetHttpProxy.yaml +++ b/mmv1/products/compute/RegionTargetHttpProxy.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,41 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'RegionTargetHttpProxy' +base_url: projects/{{project}}/regions/{{region}}/targetHttpProxies +has_self_link: true +immutable: true +description: | + Represents a RegionTargetHttpProxy resource, which is used by one or more + forwarding rules to route incoming HTTP requests to a URL map. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/compute/docs/load-balancing/http/target-proxies' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionTargetHttpProxies' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'region_target_http_proxy_basic' +======= --- name: 'RegionTargetHttpProxy' description: | @@ -45,25 +84,65 @@ async: custom_code: examples: - name: 'region_target_http_proxy_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: region_target_http_proxy_name: 'test-proxy' region_url_map_name: 'url-map' region_backend_service_name: 'backend-service' region_health_check_name: 'http-health-check' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'region_target_http_proxy_http_keep_alive_timeout' +======= - name: 'region_target_http_proxy_http_keep_alive_timeout' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: region_target_http_proxy_name: 'test-http-keep-alive-timeout-proxy' region_url_map_name: 'url-map' region_backend_service_name: 'backend-service' region_health_check_name: 'http-health-check' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'region_target_http_proxy_https_redirect' +======= - name: 'region_target_http_proxy_https_redirect' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: region_target_http_proxy_name: 'test-https-redirect-proxy' region_url_map_name: 'url-map' parameters: +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: 'region' + resource: 'Region' + imports: 'name' + required: false + immutable: true + description: | + The Region in which the created target https proxy should reside. + If it is not provided, the provider region is used. + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::String + name: 'description' + description: 'An optional description of this resource.' + - !ruby/object:Api::Type::Integer + name: 'proxyId' + api_name: 'id' + description: 'The unique identifier for the resource.' + output: true + - !ruby/object:Api::Type::String + name: 'name' +======= - name: 'region' type: ResourceRef description: | @@ -91,6 +170,7 @@ properties: output: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -100,12 +180,26 @@ properties: characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: 'urlMap' + resource: 'RegionUrlMap' + imports: 'selfLink' +======= - name: 'urlMap' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A reference to the RegionUrlMap resource that defines the mapping from URL to the BackendService. required: true +<<<<<<< HEAD + update_verb: :POST + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + update_url: 'projects/{{project}}/regions/{{region}}/targetHttpProxies/{{name}}/setUrlMap' + - !ruby/object:Api::Type::Integer + name: 'httpKeepAliveTimeoutSec' +======= update_url: 'projects/{{project}}/regions/{{region}}/targetHttpProxies/{{name}}/setUrlMap' update_verb: 'POST' custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' @@ -113,6 +207,7 @@ properties: imports: 'selfLink' - name: 'httpKeepAliveTimeoutSec' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies how long to keep a connection open, after completing a response, while there is no matching traffic (in seconds). If an HTTP keepalive is diff --git a/mmv1/products/compute/RegionTargetHttpsProxy.yaml b/mmv1/products/compute/RegionTargetHttpsProxy.yaml index 9348a3799b67..f615dabb1e1b 100644 --- a/mmv1/products/compute/RegionTargetHttpsProxy.yaml +++ b/mmv1/products/compute/RegionTargetHttpsProxy.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,48 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'RegionTargetHttpsProxy' +base_url: projects/{{project}}/regions/{{region}}/targetHttpsProxies +has_self_link: true +immutable: true +description: | + Represents a RegionTargetHttpsProxy resource, which is used by one or more + forwarding rules to route incoming HTTPS requests to a URL map. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/compute/docs/load-balancing/http/target-proxies' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionTargetHttpsProxies' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +custom_code: !ruby/object:Provider::Terraform::CustomCode + encoder: templates/terraform/encoders/compute_region_target_https_proxy.go.erb + # update_encoder is usually the same as encoder by default. This resource is an uncommon case where the whole resource + # is marked to be immutable, but we have a field specific update that overrides it (e.g certifiacteManagerCertificates). + # This causes the encoder logic to not be applied during update. + update_encoder: templates/terraform/encoders/compute_region_target_https_proxy.go.erb + decoder: templates/terraform/decoders/compute_region_target_https_proxy.go.erb +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'region_target_https_proxy_basic' +======= --- name: 'RegionTargetHttpsProxy' description: | @@ -51,6 +97,7 @@ custom_code: decoder: 'templates/terraform/decoders/compute_region_target_https_proxy.go.tmpl' examples: - name: 'region_target_https_proxy_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: region_target_https_proxy_name: 'test-proxy' @@ -58,7 +105,12 @@ examples: region_url_map_name: 'url-map' region_backend_service_name: 'backend-service' region_health_check_name: 'http-health-check' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'region_target_https_proxy_http_keep_alive_timeout' +======= - name: 'region_target_https_proxy_http_keep_alive_timeout' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: region_target_https_proxy_name: 'test-http-keep-alive-timeout-proxy' @@ -66,7 +118,12 @@ examples: region_url_map_name: 'url-map' region_backend_service_name: 'backend-service' region_health_check_name: 'http-health-check' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'region_target_https_proxy_mtls' +======= - name: 'region_target_https_proxy_mtls' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' min_version: 'beta' vars: @@ -77,7 +134,12 @@ examples: http_health_check_name: 'http-health-check' server_tls_policy_name: 'my-tls-policy' trust_config_name: 'my-trust-config' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'region_target_https_proxy_certificate_manager_certificate' +======= - name: 'region_target_https_proxy_certificate_manager_certificate' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: region_target_https_proxy_name: 'target-http-proxy' @@ -85,6 +147,36 @@ examples: region_url_map_name: 'url-map' region_backend_service_name: 'backend-service' parameters: +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: 'region' + resource: 'Region' + imports: 'name' + immutable: true + required: false + description: | + The Region in which the created target https proxy should reside. + If it is not provided, the provider region is used. + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::String + name: 'description' + description: 'An optional description of this resource.' + immutable: true + - !ruby/object:Api::Type::Integer + name: 'proxyId' + api_name: 'id' + description: 'The unique identifier for the resource.' + output: true + - !ruby/object:Api::Type::String + name: 'name' +======= - name: 'region' type: ResourceRef description: | @@ -113,6 +205,7 @@ properties: output: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -121,8 +214,13 @@ properties: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. +<<<<<<< HEAD + immutable: true + required: true +======= required: true immutable: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # This field is present in the schema but as of 2019 Sep 23 attempting to set it fails with # a 400 "QUIC override is supported only with global TargetHttpsProxy". jamessynge@ said in an # email sent on 2019 Sep 20 that support for this "is probably far in the future." @@ -142,12 +240,28 @@ properties: # update_verb: :POST # update_url: # 'projects/{{project}}/regions/{{region}}/targetHttpsProxies/{{name}}/setQuicOverride' +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'certificateManagerCertificates' +======= - name: 'certificateManagerCertificates' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer. sslCertificates and certificateManagerCertificates can't be defined together. Accepted format is `//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName}` or just the self_link `projects/{project}/locations/{location}/certificates/{resourceName}` +<<<<<<< HEAD + update_verb: :POST + update_url: 'projects/{{project}}/regions/{{region}}/targetHttpsProxies/{{name}}/setSslCertificates' + item_type: Api::Type::String + custom_expand: 'templates/terraform/custom_expand/certificate_manager_certificate_construct_full_url.go.erb' + diff_suppress_func: 'tpgresource.CompareResourceNames' + conflicts: + - ssl_certificates + - !ruby/object:Api::Type::Array + name: 'sslCertificates' +======= update_url: 'projects/{{project}}/regions/{{region}}/targetHttpsProxies/{{name}}/setSslCertificates' update_verb: 'POST' conflicts: @@ -158,10 +272,27 @@ properties: type: String - name: 'sslCertificates' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED. +<<<<<<< HEAD + update_verb: :POST + update_url: 'projects/{{project}}/regions/{{region}}/targetHttpsProxies/{{name}}/setSslCertificates' + item_type: !ruby/object:Api::Type::ResourceRef + name: 'sslCertificate' + resource: 'RegionSslCertificate' + imports: 'selfLink' + description: 'The SSL certificates used by this TargetHttpsProxy' + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' + conflicts: + - certificate_manager_certificates + - !ruby/object:Api::Type::ResourceRef + name: 'sslPolicy' + resource: 'RegionSslPolicy' + imports: 'selfLink' +======= update_url: 'projects/{{project}}/regions/{{region}}/targetHttpsProxies/{{name}}/setSslCertificates' update_verb: 'POST' conflicts: @@ -175,10 +306,23 @@ properties: imports: 'selfLink' - name: 'sslPolicy' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A reference to the Region SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured. +<<<<<<< HEAD + update_id: 'sslPolicy' + fingerprint_name: 'fingerprint' + update_verb: :PATCH + update_url: + 'projects/{{project}}/regions/{{region}}/targetHttpsProxies/{{name}}' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::ResourceRef + name: 'urlMap' + resource: 'RegionUrlMap' + imports: 'selfLink' +======= update_url: 'projects/{{project}}/regions/{{region}}/targetHttpsProxies/{{name}}' update_verb: 'PATCH' update_id: 'sslPolicy' @@ -188,10 +332,18 @@ properties: imports: 'selfLink' - name: 'urlMap' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A reference to the RegionUrlMap resource that defines the mapping from URL to the RegionBackendService. required: true +<<<<<<< HEAD + update_verb: :POST + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + update_url: 'projects/{{project}}/regions/{{region}}/targetHttpsProxies/{{name}}/setUrlMap' + - !ruby/object:Api::Type::Integer + name: 'httpKeepAliveTimeoutSec' +======= update_url: 'projects/{{project}}/regions/{{region}}/targetHttpsProxies/{{name}}/setUrlMap' update_verb: 'POST' custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' @@ -199,14 +351,22 @@ properties: imports: 'selfLink' - name: 'httpKeepAliveTimeoutSec' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies how long to keep a connection open, after completing a response, while there is no matching traffic (in seconds). If an HTTP keepalive is not specified, a default value (600 seconds) will be used. For Regioanl HTTP(S) load balancer, the minimum allowed value is 5 seconds and the maximum allowed value is 600 seconds. +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: 'serverTlsPolicy' + resource: 'SslPolicy' + imports: 'selfLink' +======= - name: 'serverTlsPolicy' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound @@ -222,9 +382,17 @@ properties: deleting or recreating a referenced ServerTlsPolicy resource, you will receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy within the ServerTlsPolicy resource to avoid this. +<<<<<<< HEAD + update_id: 'serverTlsPolicy' + fingerprint_name: 'fingerprint' + update_verb: :PATCH + update_url: + 'projects/{{project}}/regions/{{region}}/targetHttpsProxies/{{name}}' +======= update_url: 'projects/{{project}}/regions/{{region}}/targetHttpsProxies/{{name}}' update_verb: 'PATCH' update_id: 'serverTlsPolicy' fingerprint_name: 'fingerprint' resource: 'SslPolicy' imports: 'selfLink' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/RegionTargetTcpProxy.yaml b/mmv1/products/compute/RegionTargetTcpProxy.yaml index a6b97416621f..a6dcc4f80d6a 100644 --- a/mmv1/products/compute/RegionTargetTcpProxy.yaml +++ b/mmv1/products/compute/RegionTargetTcpProxy.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,12 +15,47 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'RegionTargetTcpProxy' +base_url: projects/{{project}}/regions/{{region}}/targetTcpProxies +has_self_link: true +immutable: true +======= --- name: 'RegionTargetTcpProxy' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Represents a RegionTargetTcpProxy resource, which is used by one or more forwarding rules to route incoming TCP requests to a regional TCP proxy load balancer. +<<<<<<< HEAD +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/tcp/internal-proxy' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionTargetTcpProxies' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'region_target_tcp_proxy_basic' +======= references: guides: 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/tcp/internal-proxy' @@ -46,12 +85,43 @@ async: custom_code: examples: - name: 'region_target_tcp_proxy_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: region_target_tcp_proxy_name: 'test-proxy' region_backend_service_name: 'backend-service' health_check_name: 'health-check' parameters: +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: 'region' + resource: 'Region' + imports: 'name' + required: false + immutable: true + description: | + The Region in which the created target TCP proxy should reside. + If it is not provided, the provider region is used. + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::String + name: 'description' + description: 'An optional description of this resource.' + immutable: true + - !ruby/object:Api::Type::Integer + name: 'proxyId' + api_name: 'id' + description: 'The unique identifier for the resource.' + output: true + - !ruby/object:Api::Type::String + name: 'name' +======= - name: 'region' type: ResourceRef description: | @@ -80,6 +150,7 @@ properties: output: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -88,6 +159,30 @@ properties: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. +<<<<<<< HEAD + immutable: true + required: true + - !ruby/object:Api::Type::Enum + name: 'proxyHeader' + description: | + Specifies the type of proxy header to append before sending data to + the backend. + values: + - :NONE + - :PROXY_V1 + default_value: :NONE + - !ruby/object:Api::Type::ResourceRef + name: 'backendService' + api_name: 'service' + resource: 'RegionBackendService' + imports: 'selfLink' + description: | + A reference to the BackendService resource. + required: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Boolean + name: 'proxyBind' +======= required: true immutable: true - name: 'proxyHeader' @@ -110,6 +205,7 @@ properties: imports: 'selfLink' - name: 'proxyBind' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. diff --git a/mmv1/products/compute/RegionUrlMap.yaml b/mmv1/products/compute/RegionUrlMap.yaml index 093a6b0ce6e2..59b8cf311eb8 100644 --- a/mmv1/products/compute/RegionUrlMap.yaml +++ b/mmv1/products/compute/RegionUrlMap.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,38 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'RegionUrlMap' +kind: 'compute#urlMap' +base_url: projects/{{project}}/regions/{{region}}/urlMaps +collection_url_key: 'items' +has_self_link: true +description: | + UrlMaps are used to route requests to a backend service based on rules + that you define for the host and path of an incoming URL. +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'region_url_map_basic' +======= --- name: 'RegionUrlMap' kind: 'compute#urlMap' @@ -42,46 +78,79 @@ collection_url_key: 'items' custom_code: examples: - name: 'region_url_map_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'regionurlmap' vars: region_url_map_name: 'regionurlmap' login_region_backend_service_name: 'login' home_region_backend_service_name: 'home' region_health_check_name: 'health-check' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'region_url_map_default_route_action' +======= - name: 'region_url_map_default_route_action' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'regionurlmap' vars: region_url_map_name: 'regionurlmap' login_region_backend_service_name: 'login' home_region_backend_service_name: 'home' region_health_check_name: 'health-check' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'region_url_map_l7_ilb_path' +======= - name: 'region_url_map_l7_ilb_path' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'regionurlmap' vars: region_url_map_name: 'regionurlmap' home_region_backend_service_name: 'home' region_health_check_name: 'health-check' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'region_url_map_l7_ilb_path_partial' +======= - name: 'region_url_map_l7_ilb_path_partial' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'regionurlmap' vars: region_url_map_name: 'regionurlmap' home_region_backend_service_name: 'home' region_health_check_name: 'health-check' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'region_url_map_l7_ilb_route' +======= - name: 'region_url_map_l7_ilb_route' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'regionurlmap' vars: region_url_map_name: 'regionurlmap' home_region_backend_service_name: 'home' region_health_check_name: 'health-check' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'region_url_map_l7_ilb_route_partial' +======= - name: 'region_url_map_l7_ilb_route_partial' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'regionurlmap' vars: region_url_map_name: 'regionurlmap' home_region_backend_service_name: 'home' region_health_check_name: 'health-check' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'int_https_lb_https_redirect' + primary_resource_id: 'redirect' + skip_test: true +======= - name: 'int_https_lb_https_redirect' primary_resource_id: 'redirect' min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: l7_ilb_network: 'l7-ilb-network' l7_ilb_proxy_subnet: 'l7-ilb-proxy-subnet' @@ -100,6 +169,16 @@ examples: l7_ilb_redirect: 'l7-ilb-redirect' l7_ilb_target_http_proxy: 'l7-ilb-target-http-proxy' l7_ilb_redirect_url_map: 'l7-ilb-redirect-url-map' +<<<<<<< HEAD + min_version: beta + ignore_read_extra: + - 'target' + - 'ip_address' + - !ruby/object:Provider::Terraform::Examples + name: 'regional_external_http_load_balancer' + primary_resource_type: 'google_compute_region_url_map' + primary_resource_id: 'default' +======= ignore_read_extra: - 'target' - 'ip_address' @@ -107,6 +186,7 @@ examples: - name: 'regional_external_http_load_balancer' primary_resource_id: 'default' min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: lb_network: 'lb-network' backend_subnet: 'backend-subnet' @@ -121,6 +201,25 @@ examples: regional_l7_xlb_map: 'regional-l7-xlb-map' l7_xlb_proxy: 'l7-xlb-proxy' l7_xlb_forwarding_rule: 'l7-xlb-forwarding-rule' +<<<<<<< HEAD + skip_docs: true + skip_test: true # Similar to other samples + min_version: beta + - !ruby/object:Provider::Terraform::Examples + name: "region_url_map_path_template_match" + primary_resource_id: "urlmap" + vars: + url_map_name: "urlmap" + home_backend_service_name: "home-service" + cart_backend_service_name: "cart-service" + user_backend_service_name: "user-service" + health_check_name: "health-check" +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'region' + resource: 'Region' + imports: 'name' +======= # Similar to other samples exclude_test: true exclude_docs: true @@ -135,11 +234,29 @@ examples: parameters: - name: 'region' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The Region in which the url map should reside. If it is not provided, the provider region is used. required: false default_from_api: true +<<<<<<< HEAD + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::ResourceRef + name: 'defaultService' + exactly_one_of: + - default_service + - default_url_redirect + - default_route_action.0.weighted_backend_services + resource: 'RegionBackendService' + imports: 'selfLink' +======= custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Region' @@ -151,6 +268,7 @@ properties: output: true - name: 'defaultService' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced @@ -159,6 +277,11 @@ properties: weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::String + name: 'description' +======= exactly_one_of: - 'default_service' - 'default_url_redirect' @@ -168,10 +291,30 @@ properties: imports: 'selfLink' - name: 'description' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional description of this resource. Provide this property when you create the resource. # 'fingerprint' used internally for object consistency. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'host_rule' + api_name: 'hostRules' + is_set: true + description: 'The list of HostRules to use against the URL.' + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'description' + description: | + An optional description of this HostRule. Provide this property + when you create the resource. + - !ruby/object:Api::Type::Array + name: 'hosts' + is_set: true + required: true + item_type: Api::Type::String +======= - name: 'host_rule' type: Array description: 'The list of HostRules to use against the URL.' @@ -187,11 +330,34 @@ properties: when you create the resource. - name: 'hosts' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The list of host patterns to match. They must be valid hostnames, except * will match any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'pathMatcher' + required: true + description: | + The name of the PathMatcher to use to match the path portion of + the URL if the hostRule matches the URL's host portion. + - !ruby/object:Api::Type::Integer + name: 'map_id' + description: 'The unique identifier for the resource.' + api_name: 'id' + output: true + - !ruby/object:Api::Type::Fingerprint + name: 'fingerprint' + description: | + Fingerprint of this resource. This field is used internally during + updates of this resource. + - !ruby/object:Api::Type::String + name: 'name' + required: true + immutable: true +======= is_set: true required: true item_type: @@ -215,6 +381,7 @@ properties: output: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -223,6 +390,16 @@ properties: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'path_matcher' + api_name: 'pathMatchers' + description: 'The list of named PathMatchers to use against the URL.' + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::ResourceRef + name: 'defaultService' +======= required: true immutable: true - name: 'path_matcher' @@ -239,6 +416,7 @@ properties: none of the pathRules defined by this PathMatcher is matched by the URL's path portion. custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # TODO: (mbang) won't work for array path matchers yet, uncomment here once they are supported. # (github.com/hashicorp/terraform-plugin-sdk/issues/470) # TODO: add defaultRouteAction.weightedBackendService here once they are supported. @@ -247,6 +425,23 @@ properties: # - path_matchers.0.default_url_redirect resource: 'RegionBackendService' imports: 'selfLink' +<<<<<<< HEAD + description: | + A reference to a RegionBackendService resource. This will be used if + none of the pathRules defined by this PathMatcher is matched by + the URL's path portion. + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::String + name: 'description' + description: 'An optional description of this resource.' + - !ruby/object:Api::Type::String + name: 'name' + required: true + description: | + The name to which this PathMatcher is referred by the HostRule. + - !ruby/object:Api::Type::Array + name: 'routeRules' +======= - name: 'description' type: String description: 'An optional description of this resource.' @@ -257,6 +452,7 @@ properties: required: true - name: 'routeRules' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The list of ordered HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. The order of specifying @@ -264,11 +460,19 @@ properties: action to take effect. Within a given pathMatcher, only one of pathRules or routeRules must be set. routeRules are not supported in UrlMaps intended for External load balancers. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Integer + name: 'priority' + required: true +======= item_type: type: NestedObject properties: - name: 'priority' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated @@ -285,9 +489,16 @@ properties: 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules. +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: 'service' + resource: 'RegionBackendService' + imports: 'selfLink' +======= required: true - name: 'service' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The region backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, @@ -296,17 +507,45 @@ properties: contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::NestedObject + name: 'headerAction' +======= custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'RegionBackendService' imports: 'selfLink' - name: 'headerAction' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].r outeAction.weightedBackendService.backendServiceWeightAction[].headerAction properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'requestHeadersToAdd' + description: | + Headers to add to a matching request prior to forwarding the request to the + backendService. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'headerName' + required: true + description: | + The name of the header. + - !ruby/object:Api::Type::String + name: 'headerValue' + required: true + description: | + The value of the header to add. + - !ruby/object:Api::Type::Boolean + name: 'replace' + required: true +======= - name: 'requestHeadersToAdd' type: Array description: | @@ -327,10 +566,38 @@ properties: required: true - name: 'replace' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'requestHeadersToRemove' + item_type: Api::Type::String + description: | + A list of header names for headers that need to be removed from the request + prior to forwarding the request to the backendService. + - !ruby/object:Api::Type::Array + name: 'responseHeadersToAdd' + description: | + Headers to add the response prior to sending the response back to the client. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'headerName' + required: true + description: | + The name of the header. + - !ruby/object:Api::Type::String + name: 'headerValue' + required: true + description: | + The value of the header to add. + - !ruby/object:Api::Type::Boolean + name: 'replace' + required: true +======= required: true - name: 'requestHeadersToRemove' type: Array @@ -358,10 +625,27 @@ properties: required: true - name: 'replace' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'responseHeadersToRemove' + item_type: Api::Type::String + description: | + A list of header names for headers that need to be removed from the response + prior to sending the response back to the client. + - !ruby/object:Api::Type::Array + name: 'matchRules' + description: | + The rules for determining a match. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'fullPathMatch' +======= required: true - name: 'responseHeadersToRemove' type: Array @@ -379,12 +663,30 @@ properties: properties: - name: 'fullPathMatch' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. FullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'headerMatches' + description: | + Specifies a list of header match criteria, all of which must match corresponding + headers in the request. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'exactMatch' + description: | + The value should exactly match contents of exactMatch. Only one of exactMatch, + prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. + - !ruby/object:Api::Type::String + name: 'headerName' + required: true +======= - name: 'headerMatches' type: Array description: | @@ -400,32 +702,54 @@ properties: prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. - name: 'headerName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'invertMatch' + default_value: false +======= required: true - name: 'invertMatch' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. Defaults to false. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'prefixMatch' +======= default_value: false - name: 'prefixMatch' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'presentMatch' +======= - name: 'presentMatch' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value or not. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'rangeMatch' +======= - name: 'rangeMatch' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, @@ -439,6 +763,20 @@ properties: Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'rangeEnd' + required: true + description: | + The end of the range (exclusive). + - !ruby/object:Api::Type::Integer + name: 'rangeStart' + required: true + description: | + The start of the range (inclusive). + - !ruby/object:Api::Type::String + name: 'regexMatch' +======= - name: 'rangeEnd' type: Integer description: | @@ -451,6 +789,7 @@ properties: required: true - name: 'regexMatch' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: @@ -459,12 +798,27 @@ properties: a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'suffixMatch' +======= - name: 'suffixMatch' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'ignoreCase' + default_value: false + description: | + Specifies that prefixMatch and fullPathMatch matches are case sensitive. + Defaults to false. + - !ruby/object:Api::Type::Array + name: 'metadataFilters' +======= - name: 'ignoreCase' type: Boolean description: | @@ -473,6 +827,7 @@ properties: default_value: false - name: 'metadataFilters' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set xDS compliant clients. In their xDS requests to Loadbalancer, xDS @@ -485,15 +840,44 @@ properties: here can be overrides those specified in ForwardingRule that refers to this UrlMap. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Array + name: 'filterLabels' + min_size: 1 + max_size: 64 + required: true +======= item_type: type: NestedObject properties: - name: 'filterLabels' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + required: true + description: | + Name of metadata label. The name can have a maximum length of 1024 characters + and must be at least 1 character long. + - !ruby/object:Api::Type::String + name: 'value' + required: true + description: | + The value of the label must match the specified value. value can have a maximum + length of 1024 characters. + - !ruby/object:Api::Type::Enum + name: 'filterMatchCriteria' + required: true +======= required: true item_type: type: NestedObject @@ -514,6 +898,7 @@ properties: max_size: 64 - name: 'filterMatchCriteria' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: @@ -522,17 +907,36 @@ properties: provided metadata. * MATCH_ALL: All filterLabels must have matching labels in the provided metadata. +<<<<<<< HEAD + values: + - :MATCH_ALL + - :MATCH_ANY + - !ruby/object:Api::Type::String + name: 'prefixMatch' +======= required: true enum_values: - 'MATCH_ALL' - 'MATCH_ANY' - name: 'prefixMatch' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'queryParameterMatches' + description: | + Specifies a list of query parameter match criteria, all of which must match + corresponding query parameters in the request. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'exactMatch' +======= - name: 'queryParameterMatches' type: Array description: | @@ -543,10 +947,21 @@ properties: properties: - name: 'exactMatch' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch and regexMatch must be set. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'name' + required: true + description: | + The name of the query parameter to match. The query parameter must exist in the + request, in the absence of which the request match fails. + - !ruby/object:Api::Type::Boolean + name: 'presentMatch' +======= - name: 'name' type: String description: | @@ -555,27 +970,43 @@ properties: required: true - name: 'presentMatch' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch and regexMatch must be set. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'regexMatch' +======= - name: 'regexMatch' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see en.cppreference.com/w/cpp/regex/ecmascript Only one of presentMatch, exactMatch and regexMatch must be set. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'regexMatch' +======= - name: 'regexMatch' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see en.cppreference.com/w/cpp/regex/ecmascript Only one of prefixMatch, fullPathMatch or regexMatch must be specified. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'pathTemplateMatch' +======= - name: 'pathTemplateMatch' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | For satisfying the matchRule condition, the path of the request must match the wildcard pattern specified in pathTemplateMatch @@ -586,8 +1017,13 @@ properties: (inclusive). The pattern specified by pathTemplateMatch may have at most 5 wildcard operators and at most 5 variable captures in total. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'routeAction' +======= - name: 'routeAction' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the @@ -596,18 +1032,44 @@ properties: routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'corsPolicy' +======= - name: 'corsPolicy' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'allowCredentials' + default_value: false +======= - name: 'allowCredentials' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access- Control-Allow-Credentials header. Defaults to false. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'allowHeaders' + item_type: Api::Type::String + description: | + Specifies the content for the Access-Control-Allow-Headers header. + - !ruby/object:Api::Type::Array + name: 'allowMethods' + item_type: Api::Type::String + description: | + Specifies the content for the Access-Control-Allow-Methods header. + - !ruby/object:Api::Type::Array + name: 'allowOriginRegexes' + item_type: Api::Type::String +======= default_value: false - name: 'allowHeaders' type: Array @@ -623,10 +1085,37 @@ properties: type: String - name: 'allowOriginRegexes' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the regular expression patterns that match allowed origins. For regular expression grammar please see en.cppreference.com/w/cpp/regex/ecmascript An origin is allowed if it matches either allow_origins or allow_origin_regex. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'allowOrigins' + item_type: Api::Type::String + description: | + Specifies the list of origins that will be allowed to do CORS requests. An + origin is allowed if it matches either allow_origins or allow_origin_regex. + - !ruby/object:Api::Type::Boolean + name: 'disabled' + default_value: false + description: | + If true, specifies the CORS policy is disabled. + which indicates that the CORS policy is in effect. Defaults to false. + - !ruby/object:Api::Type::Array + name: 'exposeHeaders' + item_type: Api::Type::String + description: | + Specifies the content for the Access-Control-Expose-Headers header. + - !ruby/object:Api::Type::Integer + name: 'maxAge' + description: | + Specifies how long the results of a preflight request can be cached. This + translates to the content for the Access-Control-Max-Age header. + - !ruby/object:Api::Type::NestedObject + name: 'faultInjectionPolicy' +======= item_type: type: String - name: 'allowOrigins' @@ -655,6 +1144,7 @@ properties: translates to the content for the Access-Control-Max-Age header. - name: 'faultInjectionPolicy' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, @@ -664,12 +1154,26 @@ properties: Loadbalancer for a percentage of requests. timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'abort' +======= - name: 'abort' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The specification for how client requests are aborted as part of fault injection. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'httpStatus' + description: | + The HTTP status code used to abort the request. The value must be between 200 + and 599 inclusive. + - !ruby/object:Api::Type::Double + name: 'percentage' +======= - name: 'httpStatus' type: Integer description: | @@ -677,16 +1181,31 @@ properties: and 599 inclusive. - name: 'percentage' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'delay' +======= - name: 'delay' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The specification for how client requests are delayed as part of fault injection, before being sent to a backend service. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'fixedDelay' + description: | + Specifies the value of the fixed delay interval. + properties: + - !ruby/object:Api::Type::Integer + name: 'nanos' +======= - name: 'fixedDelay' type: NestedObject description: | @@ -694,10 +1213,21 @@ properties: properties: - name: 'nanos' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'seconds' + required: true + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 + inclusive. + - !ruby/object:Api::Type::Double + name: 'percentage' +======= - name: 'seconds' type: String description: | @@ -706,18 +1236,51 @@ properties: required: true - name: 'percentage' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'requestMirrorPolicy' +======= - name: 'requestMirrorPolicy' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: 'backendService' + required: true + resource: 'RegionBackendService' + imports: 'selfLink' + description: | + The RegionBackendService resource being mirrored to. + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::NestedObject + name: 'retryPolicy' + description: | + Specifies the retry policy associated with this route. + properties: + - !ruby/object:Api::Type::Integer + name: 'numRetries' + required: true + description: | + Specifies the allowed number retries. This number must be > 0. + - !ruby/object:Api::Type::NestedObject + name: 'perTryTimeout' + description: | + Specifies a non-zero timeout per retry attempt. + properties: + - !ruby/object:Api::Type::Integer + name: 'nanos' +======= - name: 'backendService' type: ResourceRef description: | @@ -743,10 +1306,22 @@ properties: properties: - name: 'nanos' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'seconds' + required: true + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 + inclusive. + - !ruby/object:Api::Type::Array + name: 'retryConditions' + item_type: Api::Type::String +======= - name: 'seconds' type: String description: | @@ -755,6 +1330,7 @@ properties: required: true - name: 'retryConditions' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies one or more conditions when this retry rule applies. Valid values are: @@ -778,22 +1354,42 @@ properties: header is set to resource-exhausted * unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'timeout' +======= item_type: type: String - name: 'timeout' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the timeout for the selected route. Timeout is computed from the time the request is has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, the default value is 15 seconds. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'nanos' +======= - name: 'nanos' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'seconds' + required: true + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 + inclusive. + - !ruby/object:Api::Type::NestedObject + name: 'urlRewrite' +======= - name: 'seconds' type: String description: | @@ -802,24 +1398,40 @@ properties: required: true - name: 'urlRewrite' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The spec to modify the URL of the request, prior to forwarding the request to the matched service properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'hostRewrite' +======= - name: 'hostRewrite' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'pathPrefixRewrite' +======= - name: 'pathPrefixRewrite' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'pathTemplateRewrite' +======= - name: 'pathTemplateRewrite' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Prior to forwarding the request to the selected origin, if the request matched a pathTemplateMatch, the matching portion of the @@ -835,8 +1447,13 @@ properties: Only one of pathPrefixRewrite and pathTemplateRewrite may be specified. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'weightedBackendServices' +======= - name: 'weightedBackendServices' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their @@ -846,26 +1463,64 @@ properties: the backend service, advanced routing actions like Url rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::ResourceRef + name: 'backendService' + required: true + resource: 'RegionBackendService' + imports: 'selfLink' +======= item_type: type: NestedObject properties: - name: 'backendService' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The default RegionBackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight. +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::NestedObject + name: 'headerAction' +======= required: true custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'RegionBackendService' imports: 'selfLink' - name: 'headerAction' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'requestHeadersToAdd' + description: | + Headers to add to a matching request prior to forwarding the request to the + backendService. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'headerName' + required: true + description: | + The name of the header. + - !ruby/object:Api::Type::String + name: 'headerValue' + required: true + description: | + The value of the header to add. + - !ruby/object:Api::Type::Boolean + name: 'replace' + required: true +======= - name: 'requestHeadersToAdd' type: Array description: | @@ -886,10 +1541,38 @@ properties: required: true - name: 'replace' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'requestHeadersToRemove' + item_type: Api::Type::String + description: | + A list of header names for headers that need to be removed from the request + prior to forwarding the request to the backendService. + - !ruby/object:Api::Type::Array + name: 'responseHeadersToAdd' + description: | + Headers to add the response prior to sending the response back to the client. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'headerName' + required: true + description: | + The name of the header. + - !ruby/object:Api::Type::String + name: 'headerValue' + required: true + description: | + The value of the header to add. + - !ruby/object:Api::Type::Boolean + name: 'replace' + required: true +======= required: true - name: 'requestHeadersToRemove' type: Array @@ -917,10 +1600,22 @@ properties: required: true - name: 'replace' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'responseHeadersToRemove' + item_type: Api::Type::String + description: | + A list of header names for headers that need to be removed from the response + prior to sending the response back to the client. + - !ruby/object:Api::Type::Integer + name: 'weight' + required: true +======= required: true - name: 'responseHeadersToRemove' type: Array @@ -931,6 +1626,7 @@ properties: type: String - name: 'weight' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a @@ -938,39 +1634,65 @@ properties: been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000 +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'urlRedirect' +======= required: true - name: 'urlRedirect' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'hostRedirect' +======= - name: 'hostRedirect' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'httpsRedirect' + default_value: false +======= - name: 'httpsRedirect' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'pathRedirect' +======= default_value: false - name: 'pathRedirect' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'prefixRedirect' +======= - name: 'prefixRedirect' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before @@ -978,8 +1700,13 @@ properties: pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters. +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'redirectResponseCode' +======= - name: 'redirectResponseCode' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The HTTP Status code to use for this RedirectAction. Supported values are: @@ -994,6 +1721,18 @@ properties: * PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained. +<<<<<<< HEAD + skip_docs_values: true + values: + - :FOUND + - :MOVED_PERMANENTLY_DEFAULT + - :PERMANENT_REDIRECT + - :SEE_OTHER + - :TEMPORARY_REDIRECT + - !ruby/object:Api::Type::Boolean + name: 'stripQuery' + default_value: false +======= enum_values: - 'FOUND' - 'MOVED_PERMANENTLY_DEFAULT' @@ -1003,13 +1742,20 @@ properties: exclude_docs_values: true - name: 'stripQuery' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default value is false. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'pathRule' + api_name: 'pathRules' +======= default_value: false - name: 'pathRule' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules @@ -1017,12 +1763,21 @@ properties: basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::ResourceRef + name: 'service' + resource: 'RegionBackendService' + imports: 'selfLink' +======= api_name: pathRules item_type: type: NestedObject properties: - name: 'service' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The region backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, @@ -1031,22 +1786,36 @@ properties: contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Array + name: 'paths' + required: true + is_set: true + item_type: Api::Type::String +======= custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'RegionBackendService' imports: 'selfLink' - name: 'paths' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The list of path patterns to match. Each must start with / and the only place a \* is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'routeAction' +======= is_set: true required: true item_type: type: String - name: 'routeAction' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the @@ -1055,18 +1824,44 @@ properties: routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'corsPolicy' +======= - name: 'corsPolicy' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'allowCredentials' + default_value: false +======= - name: 'allowCredentials' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access- Control-Allow-Credentials header. Defaults to false. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'allowHeaders' + item_type: Api::Type::String + description: | + Specifies the content for the Access-Control-Allow-Headers header. + - !ruby/object:Api::Type::Array + name: 'allowMethods' + item_type: Api::Type::String + description: | + Specifies the content for the Access-Control-Allow-Methods header. + - !ruby/object:Api::Type::Array + name: 'allowOriginRegexes' + item_type: Api::Type::String +======= default_value: false - name: 'allowHeaders' type: Array @@ -1082,10 +1877,36 @@ properties: type: String - name: 'allowOriginRegexes' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the regular expression patterns that match allowed origins. For regular expression grammar please see en.cppreference.com/w/cpp/regex/ecmascript An origin is allowed if it matches either allow_origins or allow_origin_regex. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'allowOrigins' + item_type: Api::Type::String + description: | + Specifies the list of origins that will be allowed to do CORS requests. An + origin is allowed if it matches either allow_origins or allow_origin_regex. + - !ruby/object:Api::Type::Boolean + name: 'disabled' + required: true + description: | + If true, specifies the CORS policy is disabled. + - !ruby/object:Api::Type::Array + name: 'exposeHeaders' + item_type: Api::Type::String + description: | + Specifies the content for the Access-Control-Expose-Headers header. + - !ruby/object:Api::Type::Integer + name: 'maxAge' + description: | + Specifies how long the results of a preflight request can be cached. This + translates to the content for the Access-Control-Max-Age header. + - !ruby/object:Api::Type::NestedObject + name: 'faultInjectionPolicy' +======= item_type: type: String - name: 'allowOrigins' @@ -1113,6 +1934,7 @@ properties: translates to the content for the Access-Control-Max-Age header. - name: 'faultInjectionPolicy' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, @@ -1122,12 +1944,28 @@ properties: Loadbalancer for a percentage of requests. timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'abort' +======= - name: 'abort' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The specification for how client requests are aborted as part of fault injection. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'httpStatus' + required: true + description: | + The HTTP status code used to abort the request. The value must be between 200 + and 599 inclusive. + - !ruby/object:Api::Type::Double + name: 'percentage' + required: true +======= - name: 'httpStatus' type: Integer description: | @@ -1136,17 +1974,33 @@ properties: required: true - name: 'percentage' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'delay' +======= required: true - name: 'delay' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The specification for how client requests are delayed as part of fault injection, before being sent to a backend service. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'fixedDelay' + required: true + description: | + Specifies the value of the fixed delay interval. + properties: + - !ruby/object:Api::Type::Integer + name: 'nanos' +======= - name: 'fixedDelay' type: NestedObject description: | @@ -1155,10 +2009,22 @@ properties: properties: - name: 'nanos' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'seconds' + required: true + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 + inclusive. + - !ruby/object:Api::Type::Double + name: 'percentage' + required: true +======= - name: 'seconds' type: String description: | @@ -1167,19 +2033,51 @@ properties: required: true - name: 'percentage' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'requestMirrorPolicy' +======= required: true - name: 'requestMirrorPolicy' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: 'backendService' + required: true + resource: 'RegionBackendService' + imports: 'selfLink' + description: | + The RegionBackendService resource being mirrored to. + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::NestedObject + name: 'retryPolicy' + description: | + Specifies the retry policy associated with this route. + properties: + - !ruby/object:Api::Type::Integer + name: 'numRetries' + description: | + Specifies the allowed number retries. This number must be > 0. + - !ruby/object:Api::Type::NestedObject + name: 'perTryTimeout' + description: | + Specifies a non-zero timeout per retry attempt. + properties: + - !ruby/object:Api::Type::Integer + name: 'nanos' +======= - name: 'backendService' type: ResourceRef description: | @@ -1204,10 +2102,22 @@ properties: properties: - name: 'nanos' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'seconds' + required: true + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 + inclusive. + - !ruby/object:Api::Type::Array + name: 'retryConditions' + item_type: Api::Type::String +======= - name: 'seconds' type: String description: | @@ -1216,6 +2126,7 @@ properties: required: true - name: 'retryConditions' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies one or more conditions when this retry rule applies. Valid values are: @@ -1239,22 +2150,42 @@ properties: header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'timeout' +======= item_type: type: String - name: 'timeout' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the timeout for the selected route. Timeout is computed from the time the request is has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, the default value is 15 seconds. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'nanos' +======= - name: 'nanos' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'seconds' + required: true + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 + inclusive. + - !ruby/object:Api::Type::NestedObject + name: 'urlRewrite' +======= - name: 'seconds' type: String description: | @@ -1263,24 +2194,40 @@ properties: required: true - name: 'urlRewrite' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The spec to modify the URL of the request, prior to forwarding the request to the matched service properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'hostRewrite' +======= - name: 'hostRewrite' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'pathPrefixRewrite' +======= - name: 'pathPrefixRewrite' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'weightedBackendServices' +======= - name: 'weightedBackendServices' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their @@ -1290,26 +2237,64 @@ properties: the backend service, advanced routing actions like Url rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::ResourceRef + name: 'backendService' + required: true + resource: 'RegionBackendService' + imports: 'selfLink' +======= item_type: type: NestedObject properties: - name: 'backendService' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The default RegionBackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight. +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::NestedObject + name: 'headerAction' +======= required: true custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'RegionBackendService' imports: 'selfLink' - name: 'headerAction' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'requestHeadersToAdd' + description: | + Headers to add to a matching request prior to forwarding the request to the + backendService. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'headerName' + required: true + description: | + The name of the header. + - !ruby/object:Api::Type::String + name: 'headerValue' + required: true + description: | + The value of the header to add. + - !ruby/object:Api::Type::Boolean + name: 'replace' + required: true +======= - name: 'requestHeadersToAdd' type: Array description: | @@ -1330,10 +2315,38 @@ properties: required: true - name: 'replace' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'requestHeadersToRemove' + item_type: Api::Type::String + description: | + A list of header names for headers that need to be removed from the request + prior to forwarding the request to the backendService. + - !ruby/object:Api::Type::Array + name: 'responseHeadersToAdd' + description: | + Headers to add the response prior to sending the response back to the client. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'headerName' + required: true + description: | + The name of the header. + - !ruby/object:Api::Type::String + name: 'headerValue' + required: true + description: | + The value of the header to add. + - !ruby/object:Api::Type::Boolean + name: 'replace' + required: true +======= required: true - name: 'requestHeadersToRemove' type: Array @@ -1361,10 +2374,22 @@ properties: required: true - name: 'replace' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'responseHeadersToRemove' + item_type: Api::Type::String + description: | + A list of header names for headers that need to be removed from the response + prior to sending the response back to the client. + - !ruby/object:Api::Type::Integer + name: 'weight' + required: true +======= required: true - name: 'responseHeadersToRemove' type: Array @@ -1375,6 +2400,7 @@ properties: type: String - name: 'weight' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a @@ -1382,39 +2408,65 @@ properties: been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000 +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'urlRedirect' +======= required: true - name: 'urlRedirect' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'hostRedirect' +======= - name: 'hostRedirect' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'httpsRedirect' + default_value: false +======= - name: 'httpsRedirect' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'pathRedirect' +======= default_value: false - name: 'pathRedirect' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'prefixRedirect' +======= - name: 'prefixRedirect' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before @@ -1422,8 +2474,13 @@ properties: pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters. +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'redirectResponseCode' +======= - name: 'redirectResponseCode' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The HTTP Status code to use for this RedirectAction. Supported values are: @@ -1438,6 +2495,18 @@ properties: * PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained. +<<<<<<< HEAD + skip_docs_values: true + values: + - :FOUND + - :MOVED_PERMANENTLY_DEFAULT + - :PERMANENT_REDIRECT + - :SEE_OTHER + - :TEMPORARY_REDIRECT + - !ruby/object:Api::Type::Boolean + name: 'stripQuery' + required: true +======= enum_values: - 'FOUND' - 'MOVED_PERMANENTLY_DEFAULT' @@ -1447,14 +2516,20 @@ properties: exclude_docs_values: true - name: 'stripQuery' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. This field is required to ensure an empty block is not set. The normal default value is false. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'defaultUrlRedirect' +======= required: true - name: 'defaultUrlRedirect' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # TODO: (mbang) won't work for array path matchers yet, uncomment here once they are supported. # (github.com/hashicorp/terraform-plugin-sdk/issues/470) # TODO: add defaultRouteAction.weightedBackendService here once they are supported. @@ -1466,6 +2541,16 @@ properties: by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'hostRedirect' + description: | + The host that will be used in the redirect response instead of the one that was + supplied in the request. The value must be between 1 and 255 characters. + - !ruby/object:Api::Type::Boolean + name: 'httpsRedirect' + default_value: false +======= - name: 'hostRedirect' type: String description: | @@ -1473,30 +2558,46 @@ properties: supplied in the request. The value must be between 1 and 255 characters. - name: 'httpsRedirect' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'pathRedirect' +======= default_value: false - name: 'pathRedirect' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'prefixRedirect' +======= - name: 'prefixRedirect' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters. +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'redirectResponseCode' +======= - name: 'redirectResponseCode' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The HTTP Status code to use for this RedirectAction. Supported values are: @@ -1511,6 +2612,18 @@ properties: * PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained. +<<<<<<< HEAD + skip_docs_values: true + values: + - :FOUND + - :MOVED_PERMANENTLY_DEFAULT + - :PERMANENT_REDIRECT + - :SEE_OTHER + - :TEMPORARY_REDIRECT + - !ruby/object:Api::Type::Boolean + name: 'stripQuery' + required: true +======= enum_values: - 'FOUND' - 'MOVED_PERMANENTLY_DEFAULT' @@ -1520,11 +2633,50 @@ properties: exclude_docs_values: true - name: 'stripQuery' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. This field is required to ensure an empty block is not set. The normal default value is false. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'test' + api_name: tests + description: | + The list of expected URL mappings. Requests to update this UrlMap will + succeed only if all of the test cases pass. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'description' + description: 'Description of this test case.' + - !ruby/object:Api::Type::String + name: 'host' + required: true + description: 'Host portion of the URL.' + - !ruby/object:Api::Type::String + name: 'path' + required: true + description: 'Path portion of the URL.' + - !ruby/object:Api::Type::ResourceRef + name: 'service' + required: true + resource: 'RegionBackendService' + imports: 'selfLink' + description: + A reference to expected RegionBackendService resource the given URL + should be mapped to. + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::NestedObject + name: 'defaultUrlRedirect' + exactly_one_of: + - default_service + - default_url_redirect + - default_route_action.0.weighted_backend_services + conflicts: + - default_route_action +======= required: true - name: 'test' type: Array @@ -1557,10 +2709,22 @@ properties: imports: 'selfLink' - name: 'defaultUrlRedirect' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::String + name: 'hostRedirect' + description: | + The host that will be used in the redirect response instead of the one that was + supplied in the request. The value must be between 1 and 255 characters. + - !ruby/object:Api::Type::Boolean + name: 'httpsRedirect' + default_value: false +======= conflicts: - default_route_action exactly_one_of: @@ -1575,30 +2739,46 @@ properties: supplied in the request. The value must be between 1 and 255 characters. - name: 'httpsRedirect' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'pathRedirect' +======= default_value: false - name: 'pathRedirect' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'prefixRedirect' +======= - name: 'prefixRedirect' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters. +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'redirectResponseCode' +======= - name: 'redirectResponseCode' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The HTTP Status code to use for this RedirectAction. Supported values are: @@ -1613,6 +2793,17 @@ properties: * PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained. +<<<<<<< HEAD + skip_docs_values: true + values: + - :FOUND + - :MOVED_PERMANENTLY_DEFAULT + - :PERMANENT_REDIRECT + - :SEE_OTHER + - :TEMPORARY_REDIRECT + - !ruby/object:Api::Type::Boolean + name: 'stripQuery' +======= enum_values: - 'FOUND' - 'MOVED_PERMANENTLY_DEFAULT' @@ -1622,19 +2813,58 @@ properties: exclude_docs_values: true - name: 'stripQuery' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. This field is required to ensure an empty block is not set. The normal default value is false. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'defaultRouteAction' + conflicts: + - default_url_redirect +======= - name: 'defaultRouteAction' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions, such as URL rewrites and header transformations, before forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. URL maps for Classic external HTTP(S) load balancers only support the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true. +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::Array + name: 'weightedBackendServices' + description: | + A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. + After a backend service is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction. + exactly_one_of: + - default_service + - default_url_redirect + - default_route_action.0.weighted_backend_services + at_least_one_of: + - default_route_action.0.weighted_backend_services + - default_route_action.0.url_rewrite + - default_route_action.0.timeout + - default_route_action.0.retry_policy + - default_route_action.0.request_mirror_policy + - default_route_action.0.cors_policy + - default_route_action.0.fault_injection_policy + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::ResourceRef + name: 'backendService' + resource: 'RegionBackendService' + imports: 'selfLink' + description: | + The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the load balancer applies any relevant headerActions specified as part of this backendServiceWeight. + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Integer + name: 'weight' +======= conflicts: - default_url_redirect properties: @@ -1667,20 +2897,49 @@ properties: imports: 'selfLink' - name: 'weight' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the fraction of traffic sent to a backend service, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backend service, subsequent requests are sent to the same backend service as determined by the backend service's session affinity policy. The value must be from 0 to 1000. +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.IntBetween(0, 1000)' + - !ruby/object:Api::Type::NestedObject + name: 'headerAction' +======= validation: function: 'validation.IntBetween(0, 1000)' - name: 'headerAction' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. headerAction is not supported for load balancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'requestHeadersToRemove' + item_type: Api::Type::String + description: | + A list of header names for headers that need to be removed from the request before forwarding the request to the backendService. + - !ruby/object:Api::Type::Array + name: 'requestHeadersToAdd' + description: | + Headers to add to a matching request before forwarding the request to the backendService. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'headerName' + description: 'The name of the header.' + - !ruby/object:Api::Type::String + name: 'headerValue' + description: 'The value of the header to add.' + - !ruby/object:Api::Type::Boolean + name: 'replace' +======= - name: 'requestHeadersToRemove' type: Array description: | @@ -1702,10 +2961,32 @@ properties: description: 'The value of the header to add.' - name: 'replace' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false. default_value: false +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'responseHeadersToRemove' + item_type: Api::Type::String + description: | + A list of header names for headers that need to be removed from the response before sending the response back to the client. + - !ruby/object:Api::Type::Array + name: 'responseHeadersToAdd' + description: | + Headers to add the response before sending the response back to the client. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'headerName' + description: 'The name of the header.' + - !ruby/object:Api::Type::String + name: 'headerValue' + description: 'The value of the header to add.' + - !ruby/object:Api::Type::Boolean + name: 'replace' +======= - name: 'responseHeadersToRemove' type: Array description: | @@ -1727,17 +3008,35 @@ properties: description: 'The value of the header to add.' - name: 'replace' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false. default_value: false +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'urlRewrite' +======= - name: 'urlRewrite' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The spec to modify the URL of the request, before forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true. at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.weighted_backend_services + - default_route_action.0.url_rewrite + - default_route_action.0.timeout + - default_route_action.0.retry_policy + - default_route_action.0.request_mirror_policy + - default_route_action.0.cors_policy + - default_route_action.0.fault_injection_policy + properties: + - !ruby/object:Api::Type::String + name: 'pathPrefixRewrite' +======= - 'default_route_action.0.weighted_backend_services' - 'default_route_action.0.url_rewrite' - 'default_route_action.0.timeout' @@ -1748,31 +3047,92 @@ properties: properties: - name: 'pathPrefixRewrite' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Before forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be from 1 to 1024 characters. at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.url_rewrite.0.path_prefix_rewrite + - default_route_action.0.url_rewrite.0.host_rewrite + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringLenBetween(1, 1024)' + - !ruby/object:Api::Type::String + name: 'hostRewrite' +======= - 'default_route_action.0.url_rewrite.0.path_prefix_rewrite' - 'default_route_action.0.url_rewrite.0.host_rewrite' validation: function: 'validation.StringLenBetween(1, 1024)' - name: 'hostRewrite' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Before forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be from 1 to 255 characters. at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.url_rewrite.0.path_prefix_rewrite + - default_route_action.0.url_rewrite.0.host_rewrite + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringLenBetween(1, 255)' + - !ruby/object:Api::Type::NestedObject + name: 'timeout' +======= - 'default_route_action.0.url_rewrite.0.path_prefix_rewrite' - 'default_route_action.0.url_rewrite.0.host_rewrite' validation: function: 'validation.StringLenBetween(1, 255)' - name: 'timeout' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (known as end-of-stream) up until the response has been processed. Timeout includes all retries. If not specified, this field uses the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true. at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.weighted_backend_services + - default_route_action.0.url_rewrite + - default_route_action.0.timeout + - default_route_action.0.retry_policy + - default_route_action.0.request_mirror_policy + - default_route_action.0.cors_policy + - default_route_action.0.fault_injection_policy + properties: + - !ruby/object:Api::Type::String + name: 'seconds' + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years + at_least_one_of: + - default_route_action.0.timeout.0.seconds + - default_route_action.0.timeout.0.nanos + - !ruby/object:Api::Type::Integer + name: 'nanos' + description: | + Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. + at_least_one_of: + - default_route_action.0.timeout.0.seconds + - default_route_action.0.timeout.0.nanos + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.IntBetween(0, 999999999)' + - !ruby/object:Api::Type::NestedObject + name: 'retryPolicy' + description: | + Specifies the retry policy associated with this route. + at_least_one_of: + - default_route_action.0.weighted_backend_services + - default_route_action.0.url_rewrite + - default_route_action.0.timeout + - default_route_action.0.retry_policy + - default_route_action.0.request_mirror_policy + - default_route_action.0.cors_policy + - default_route_action.0.fault_injection_policy + properties: + - !ruby/object:Api::Type::Array + name: 'retryConditions' + item_type: Api::Type::String +======= - 'default_route_action.0.weighted_backend_services' - 'default_route_action.0.url_rewrite' - 'default_route_action.0.timeout' @@ -1812,6 +3172,7 @@ properties: properties: - name: 'retryConditions' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies one or more conditions when this retry policy applies. Valid values are listed below. Only the following codes are supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true: cancelled, deadline-exceeded, internal, resource-exhausted, unavailable. @@ -1826,6 +3187,24 @@ properties: - resource-exhausted : a retry is attempted if the gRPC status code in the response header is set to resource-exhausted. - unavailable : a retry is attempted if the gRPC status code in the response header is set to unavailable. at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.retry_policy.0.retry_conditions + - default_route_action.0.retry_policy.0.num_retries + - default_route_action.0.retry_policy.0.per_try_timeout + - !ruby/object:Api::Type::Integer + name: 'numRetries' + description: | + Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1. + default_value: 1 + at_least_one_of: + - default_route_action.0.retry_policy.0.retry_conditions + - default_route_action.0.retry_policy.0.num_retries + - default_route_action.0.retry_policy.0.per_try_timeout + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.IntAtLeast(1)' + - !ruby/object:Api::Type::NestedObject + name: 'perTryTimeout' +======= - 'default_route_action.0.retry_policy.0.retry_conditions' - 'default_route_action.0.retry_policy.0.num_retries' - 'default_route_action.0.retry_policy.0.per_try_timeout' @@ -1844,41 +3223,81 @@ properties: default_value: 1 - name: 'perTryTimeout' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route. at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.retry_policy.0.retry_conditions + - default_route_action.0.retry_policy.0.num_retries + - default_route_action.0.retry_policy.0.per_try_timeout + properties: + - !ruby/object:Api::Type::String + name: 'seconds' +======= - 'default_route_action.0.retry_policy.0.retry_conditions' - 'default_route_action.0.retry_policy.0.num_retries' - 'default_route_action.0.retry_policy.0.per_try_timeout' properties: - name: 'seconds' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.retry_policy.0.per_try_timeout.0.seconds + - default_route_action.0.retry_policy.0.per_try_timeout.0.nanos + - !ruby/object:Api::Type::Integer + name: 'nanos' +======= - 'default_route_action.0.retry_policy.0.per_try_timeout.0.seconds' - 'default_route_action.0.retry_policy.0.per_try_timeout.0.nanos' - name: 'nanos' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.retry_policy.0.per_try_timeout.0.seconds + - default_route_action.0.retry_policy.0.per_try_timeout.0.nanos + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.IntBetween(0, 999999999)' + - !ruby/object:Api::Type::NestedObject + name: 'requestMirrorPolicy' +======= - 'default_route_action.0.retry_policy.0.per_try_timeout.0.seconds' - 'default_route_action.0.retry_policy.0.per_try_timeout.0.nanos' validation: function: 'validation.IntBetween(0, 999999999)' - name: 'requestMirrorPolicy' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. The load balancer does not wait for responses from the shadow service. Before sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true. at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.weighted_backend_services + - default_route_action.0.url_rewrite + - default_route_action.0.timeout + - default_route_action.0.retry_policy + - default_route_action.0.request_mirror_policy + - default_route_action.0.cors_policy + - default_route_action.0.fault_injection_policy + properties: + - !ruby/object:Api::Type::ResourceRef + name: 'backendService' + resource: 'RegionBackendService' + imports: 'selfLink' +======= - 'default_route_action.0.weighted_backend_services' - 'default_route_action.0.url_rewrite' - 'default_route_action.0.timeout' @@ -1889,19 +3308,38 @@ properties: properties: - name: 'backendService' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The full or partial URL to the RegionBackendService resource being mirrored to. The backend service configured for a mirroring policy must reference backends that are of the same type as the original backend service matched in the URL map. Serverless NEG backends are not currently supported as a mirrored backend service. +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::NestedObject + name: 'corsPolicy' +======= custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'RegionBackendService' imports: 'selfLink' - name: 'corsPolicy' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The specification for allowing client side cross-origin requests. Please see [W3C Recommendation for Cross Origin Resource Sharing](https://www.w3.org/TR/cors/) at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.weighted_backend_services + - default_route_action.0.url_rewrite + - default_route_action.0.timeout + - default_route_action.0.retry_policy + - default_route_action.0.request_mirror_policy + - default_route_action.0.cors_policy + - default_route_action.0.fault_injection_policy + properties: + - !ruby/object:Api::Type::Array + name: 'allowOrigins' +======= - 'default_route_action.0.weighted_backend_services' - 'default_route_action.0.url_rewrite' - 'default_route_action.0.timeout' @@ -1912,10 +3350,24 @@ properties: properties: - name: 'allowOrigins' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.cors_policy.0.allow_origins + - default_route_action.0.cors_policy.0.allow_origin_regexes + - default_route_action.0.cors_policy.0.allow_methods + - default_route_action.0.cors_policy.0.allow_headers + - default_route_action.0.cors_policy.0.expose_headers + - default_route_action.0.cors_policy.0.max_age + - default_route_action.0.cors_policy.0.allow_credentials + - default_route_action.0.cors_policy.0.disabled + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'allowOriginRegexes' +======= - 'default_route_action.0.cors_policy.0.allow_origins' - 'default_route_action.0.cors_policy.0.allow_origin_regexes' - 'default_route_action.0.cors_policy.0.allow_methods' @@ -1928,11 +3380,67 @@ properties: type: String - name: 'allowOriginRegexes' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see en.cppreference.com/w/cpp/regex/ecmascript An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.cors_policy.0.allow_origins + - default_route_action.0.cors_policy.0.allow_origin_regexes + - default_route_action.0.cors_policy.0.allow_methods + - default_route_action.0.cors_policy.0.allow_headers + - default_route_action.0.cors_policy.0.expose_headers + - default_route_action.0.cors_policy.0.max_age + - default_route_action.0.cors_policy.0.allow_credentials + - default_route_action.0.cors_policy.0.disabled + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'allowMethods' + description: | + Specifies the content for the Access-Control-Allow-Methods header. + at_least_one_of: + - default_route_action.0.cors_policy.0.allow_origins + - default_route_action.0.cors_policy.0.allow_origin_regexes + - default_route_action.0.cors_policy.0.allow_methods + - default_route_action.0.cors_policy.0.allow_headers + - default_route_action.0.cors_policy.0.expose_headers + - default_route_action.0.cors_policy.0.max_age + - default_route_action.0.cors_policy.0.allow_credentials + - default_route_action.0.cors_policy.0.disabled + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'allowHeaders' + description: | + Specifies the content for the Access-Control-Allow-Headers header. + at_least_one_of: + - default_route_action.0.cors_policy.0.allow_origins + - default_route_action.0.cors_policy.0.allow_origin_regexes + - default_route_action.0.cors_policy.0.allow_methods + - default_route_action.0.cors_policy.0.allow_headers + - default_route_action.0.cors_policy.0.expose_headers + - default_route_action.0.cors_policy.0.max_age + - default_route_action.0.cors_policy.0.allow_credentials + - default_route_action.0.cors_policy.0.disabled + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'exposeHeaders' + description: | + Specifies the content for the Access-Control-Expose-Headers header. + at_least_one_of: + - default_route_action.0.cors_policy.0.allow_origins + - default_route_action.0.cors_policy.0.allow_origin_regexes + - default_route_action.0.cors_policy.0.allow_methods + - default_route_action.0.cors_policy.0.allow_headers + - default_route_action.0.cors_policy.0.expose_headers + - default_route_action.0.cors_policy.0.max_age + - default_route_action.0.cors_policy.0.allow_credentials + - default_route_action.0.cors_policy.0.disabled + item_type: Api::Type::String + - !ruby/object:Api::Type::Integer + name: 'maxAge' +======= - 'default_route_action.0.cors_policy.0.allow_origins' - 'default_route_action.0.cors_policy.0.allow_origin_regexes' - 'default_route_action.0.cors_policy.0.allow_methods' @@ -1990,10 +3498,52 @@ properties: type: String - name: 'maxAge' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.cors_policy.0.allow_origins + - default_route_action.0.cors_policy.0.allow_origin_regexes + - default_route_action.0.cors_policy.0.allow_methods + - default_route_action.0.cors_policy.0.allow_headers + - default_route_action.0.cors_policy.0.expose_headers + - default_route_action.0.cors_policy.0.max_age + - default_route_action.0.cors_policy.0.allow_credentials + - default_route_action.0.cors_policy.0.disabled + - !ruby/object:Api::Type::Boolean + name: 'allowCredentials' + description: | + In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This field translates to the Access-Control-Allow-Credentials header. + Default is false. + default_value: false + at_least_one_of: + - default_route_action.0.cors_policy.0.allow_origins + - default_route_action.0.cors_policy.0.allow_origin_regexes + - default_route_action.0.cors_policy.0.allow_methods + - default_route_action.0.cors_policy.0.allow_headers + - default_route_action.0.cors_policy.0.expose_headers + - default_route_action.0.cors_policy.0.max_age + - default_route_action.0.cors_policy.0.allow_credentials + - default_route_action.0.cors_policy.0.disabled + - !ruby/object:Api::Type::Boolean + name: 'disabled' + description: | + If true, the setting specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect. + default_value: false + at_least_one_of: + - default_route_action.0.cors_policy.0.allow_origins + - default_route_action.0.cors_policy.0.allow_origin_regexes + - default_route_action.0.cors_policy.0.allow_methods + - default_route_action.0.cors_policy.0.allow_headers + - default_route_action.0.cors_policy.0.expose_headers + - default_route_action.0.cors_policy.0.max_age + - default_route_action.0.cors_policy.0.allow_credentials + - default_route_action.0.cors_policy.0.disabled + - !ruby/object:Api::Type::NestedObject + name: 'faultInjectionPolicy' +======= - 'default_route_action.0.cors_policy.0.allow_origins' - 'default_route_action.0.cors_policy.0.allow_origin_regexes' - 'default_route_action.0.cors_policy.0.allow_methods' @@ -2033,6 +3583,7 @@ properties: default_value: false - name: 'faultInjectionPolicy' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by a load balancer on a percentage of requests before sending those requests to the backend service. @@ -2040,6 +3591,34 @@ properties: timeout and retryPolicy is ignored by clients that are configured with a faultInjectionPolicy if: 1. The traffic is generated by fault injection AND 2. The fault injection is not a delay fault injection. Fault injection is not supported with the global external HTTP(S) load balancer (classic). To see which load balancers support fault injection, see Load balancing: [Routing and traffic management features](https://cloud.google.com/load-balancing/docs/features#routing-traffic-management). at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.weighted_backend_services + - default_route_action.0.url_rewrite + - default_route_action.0.timeout + - default_route_action.0.retry_policy + - default_route_action.0.request_mirror_policy + - default_route_action.0.cors_policy + - default_route_action.0.fault_injection_policy + properties: + - !ruby/object:Api::Type::NestedObject + name: 'delay' + description: | + The specification for how client requests are delayed as part of fault injection, before being sent to a backend service. + at_least_one_of: + - default_route_action.0.fault_injection_policy.0.delay + - default_route_action.0.fault_injection_policy.0.abort + properties: + - !ruby/object:Api::Type::NestedObject + name: 'fixedDelay' + description: | + Specifies the value of the fixed delay interval. + at_least_one_of: + - default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay + - default_route_action.0.fault_injection_policy.0.delay.0.percentage + properties: + - !ruby/object:Api::Type::String + name: 'seconds' +======= - 'default_route_action.0.weighted_backend_services' - 'default_route_action.0.url_rewrite' - 'default_route_action.0.timeout' @@ -2066,28 +3645,61 @@ properties: properties: - name: 'seconds' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.seconds + - default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.nanos + - !ruby/object:Api::Type::Integer + name: 'nanos' +======= - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.seconds' - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.nanos' - name: 'nanos' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.seconds + - default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.nanos + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.IntBetween(0, 999999999)' + - !ruby/object:Api::Type::Double + name: 'percentage' +======= - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.seconds' - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.nanos' validation: function: 'validation.IntBetween(0, 999999999)' - name: 'percentage' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive. at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay + - default_route_action.0.fault_injection_policy.0.delay.0.percentage + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.FloatBetween(0, 100)' + - !ruby/object:Api::Type::NestedObject + name: 'abort' + description: | + The specification for how client requests are aborted as part of fault injection. + at_least_one_of: + - default_route_action.0.fault_injection_policy.0.delay + - default_route_action.0.fault_injection_policy.0.abort + properties: + - !ruby/object:Api::Type::Integer + name: 'httpStatus' +======= - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay' - 'default_route_action.0.fault_injection_policy.0.delay.0.percentage' validation: @@ -2102,21 +3714,37 @@ properties: properties: - name: 'httpStatus' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.fault_injection_policy.0.abort.0.http_status + - default_route_action.0.fault_injection_policy.0.abort.0.percentage + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.IntBetween(200, 599)' + - !ruby/object:Api::Type::Double + name: 'percentage' +======= - 'default_route_action.0.fault_injection_policy.0.abort.0.http_status' - 'default_route_action.0.fault_injection_policy.0.abort.0.percentage' validation: function: 'validation.IntBetween(200, 599)' - name: 'percentage' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive. at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.fault_injection_policy.0.abort.0.http_status + - default_route_action.0.fault_injection_policy.0.abort.0.percentage + validation: !ruby/object:Provider::Terraform::Validation +======= - 'default_route_action.0.fault_injection_policy.0.abort.0.http_status' - 'default_route_action.0.fault_injection_policy.0.abort.0.percentage' validation: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 function: 'validation.FloatBetween(0, 100)' diff --git a/mmv1/products/compute/Reservation.yaml b/mmv1/products/compute/Reservation.yaml index 7db5bfc96cad..a01647b5760c 100644 --- a/mmv1/products/compute/Reservation.yaml +++ b/mmv1/products/compute/Reservation.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,8 +15,19 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Reservation' +base_url: projects/{{project}}/zones/{{zone}}/reservations +update_verb: :PATCH +update_url: projects/{{project}}/zones/{{zone}}/reservations/{{name}} +update_mask: true +collection_url_key: 'items' +has_self_link: true +======= --- name: 'Reservation' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. @@ -22,6 +37,57 @@ description: | `g1-small` machine types, preemptible VMs, sole tenant nodes, or other services not listed above like Cloud SQL and Dataflow. +<<<<<<< HEAD +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Reserving zonal resources': 'https://cloud.google.com/compute/docs/instances/reserving-zonal-resources' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/reservations' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'reservation_basic' + primary_resource_id: 'gce_reservation' + vars: + reservation_name: 'gce-reservation' + - !ruby/object:Provider::Terraform::Examples + name: 'shared_reservation_basic' + primary_resource_id: 'gce_reservation' + test_env_vars: + project: :PROJECT_NAME + org_id: :ORG_ID + billing_account: :BILLING_ACCT + vars: + reservation_name: 'gce-shared-reservation' + skip_docs: + true + # Resource creation race + skip_vcr: true +custom_code: !ruby/object:Provider::Terraform::CustomCode + update_encoder: templates/terraform/update_encoder/reservation.go.erb + pre_update: templates/terraform/pre_update/shared_reservation_update.go.erb +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'zone' + resource: 'Zone' + imports: 'name' +======= references: guides: 'Reserving zonal resources': 'https://cloud.google.com/compute/docs/instances/reserving-zonal-resources' @@ -73,10 +139,29 @@ examples: parameters: - name: 'zone' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The zone where the reservation is made. required: true immutable: true +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + output: true + description: | + Creation timestamp in RFC3339 text format. + - !ruby/object:Api::Type::String + name: 'description' + immutable: true + description: | + An optional description of this resource. + - !ruby/object:Api::Type::String + name: 'name' + required: true + immutable: true +======= custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Zone' imports: 'name' @@ -93,6 +178,7 @@ properties: immutable: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -101,6 +187,20 @@ properties: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'commitment' + output: true + description: | + Full or partial URL to a parent commitment. This field displays for + reservations that are tied to a commitment. + - !ruby/object:Api::Type::Boolean + name: 'specificReservationRequired' + immutable: true + # Not a hard API default, but this should help avoid a unset/true/false + # trinary. + default_value: false +======= required: true immutable: true - name: 'commitment' @@ -111,10 +211,84 @@ properties: output: true - name: 'specificReservationRequired' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | When set to true, only VMs that target this reservation by name can consume this reservation. Otherwise, it can be consumed by VMs with affinity for any reservation. Defaults to false. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'status' + output: true + description: | + The status of the reservation. + - !ruby/object:Api::Type::NestedObject + name: 'shareSettings' + description: | + The share setting for reservations. + default_from_api: true + ignore_read: true + properties: + - !ruby/object:Api::Type::Enum + name: 'shareType' + values: + - :LOCAL + - :SPECIFIC_PROJECTS + description: | + Type of sharing for this shared-reservation + default_from_api: true + immutable: true + - !ruby/object:Api::Type::Map + name: 'projectMap' + description: | + A map of project number and project config. This is only valid when shareType's value is SPECIFIC_PROJECTS. + key_name: id + key_description: | + The project id/number which is deleting or adding to the project list. + value_type: !ruby/object:Api::Type::NestedObject + name: projectConfig + properties: + - !ruby/object:Api::Type::String + name: 'projectId' + description: | + The project id/number, should be same as the key of this project config in the project map. + - !ruby/object:Api::Type::NestedObject + name: 'specificReservation' + required: true + description: | + Reservation for instances with specific machine shapes. + update_verb: :POST + update_url: 'projects/{{project}}/zones/{{zone}}/reservations/{{name}}/resize' + properties: + - !ruby/object:Api::Type::Integer + name: 'count' + required: true + description: | + The number of resources that are allocated. + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.IntAtLeast(1)' + - !ruby/object:Api::Type::Integer + name: 'inUseCount' + output: true + description: | + How many instances are in use. + - !ruby/object:Api::Type::NestedObject + name: 'instanceProperties' + required: true + immutable: true + description: | + The instance properties for the reservation. + properties: + - !ruby/object:Api::Type::String + name: 'machineType' + required: true + immutable: true + description: | + The name of the machine type to reserve. + - !ruby/object:Api::Type::String + name: 'minCpuPlatform' + immutable: true +======= immutable: true # Not a hard API default, but this should help avoid a unset/true/false # trinary. @@ -190,11 +364,26 @@ properties: immutable: true - name: 'minCpuPlatform' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The minimum CPU platform for the reservation. For example, `"Intel Skylake"`. See the CPU platform availability reference](https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform#availablezones) for information on available CPU platforms. +<<<<<<< HEAD + default_from_api: true + - !ruby/object:Api::Type::Array + name: 'guestAccelerators' + description: | + Guest accelerator type and count. + immutable: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'acceleratorType' + required: true + immutable: true +======= immutable: true default_from_api: true - name: 'guestAccelerators' @@ -207,12 +396,45 @@ properties: properties: - name: 'acceleratorType' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The full or partial URL of the accelerator type to attach to this instance. For example: `projects/my-project/zones/us-central1-c/acceleratorTypes/nvidia-tesla-p100` If you are creating an instance template, specify only the accelerator name. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'acceleratorCount' + required: true + immutable: true + description: | + The number of the guest accelerator cards exposed to + this instance. + - !ruby/object:Api::Type::Array + name: 'localSsds' + immutable: true + description: | + The amount of local ssd to reserve with each instance. This + reserves disks of type `local-ssd`. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Enum + name: 'interface' + immutable: true + default_value: :SCSI + values: + - :SCSI + - :NVME + description: | + The disk interface to use for attaching this disk. + - !ruby/object:Api::Type::Integer + name: 'diskSizeGb' + required: true + immutable: true + description: | + The size of the disk in base-2 GB. +======= required: true immutable: true - name: 'acceleratorCount' @@ -246,3 +468,4 @@ properties: The size of the disk in base-2 GB. required: true immutable: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/ResizeRequest.yaml b/mmv1/products/compute/ResizeRequest.yaml index 80fc2e19e459..f4826a57533c 100644 --- a/mmv1/products/compute/ResizeRequest.yaml +++ b/mmv1/products/compute/ResizeRequest.yaml @@ -12,14 +12,39 @@ # limitations under the License. --- +<<<<<<< HEAD +!ruby/object:Api::Resource +name: "ResizeRequest" +kind: "compute#instanceGroupManagerResizeRequest" +======= name: 'ResizeRequest' kind: 'compute#instanceGroupManagerResizeRequest' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Represents a Managed Instance Group Resize Request Resize Requests are the Managed Instance Group implementation of Dynamic Workload Scheduler Flex Start. With Dynamic Workload Scheduler in Flex Start mode, you submit a GPU capacity request for your AI/ML jobs by indicating how many you need, a duration, and your preferred region. Dynamic Workload Scheduler intelligently persists the request; once the capacity becomes available, it automatically provisions your VMs enabling your workloads to run continuously for the entire duration of the capacity allocation. +<<<<<<< HEAD +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + # Link to quickstart in the API's Guides section. For example: + # 'Create and connect to a database': 'https://cloud.google.com/alloydb/docs/quickstart/create-and-connect' + "QUICKSTART_TITLE": "https://cloud.google.com/compute/docs/instance-groups/create-resize-requests-mig" + # Link to the REST API reference for the resource. For example, + # https://cloud.google.com/alloydb/docs/reference/rest/v1/projects.locations.backups + api: "https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroupManagerResizeRequests" + +immutable: true + +### List Method ### +base_url: "projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}/resizeRequests" + +### Get Method +self_link: "projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}/resizeRequests/{{name}}" + +======= references: guides: # Link to quickstart in the API's Guides section. For example: @@ -56,6 +81,7 @@ async: error: path: 'error/errors' message: 'message' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 ### Update method ### # Resize requests are currently not update-able @@ -63,6 +89,54 @@ async: # Custom delete method to handle resize request cancellations vs. deletions. # If a resize request is in the ACCEPTED state, it must be canceled before it can be # deleted. If a resize request is NOT in the ACCEPTED state, it can be directly deleted. +<<<<<<< HEAD +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_delete: templates/terraform/custom_delete/compute_mig_resize_request_delete.go.erb + +# Sets parameters for handling operations returned by the API. +async: !ruby/object:Api::OpAsync + # Overrides which API calls return operations. Default: ['create', + # 'update', 'delete'] + # actions: ['create', 'update', 'delete'] + operation: !ruby/object:Api::OpAsync::Operation + kind: "compute#operation" + path: "name" + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: "targetLink" + status: !ruby/object:Api::OpAsync::Status + path: "status" + complete: "DONE" + allowed: + - "PENDING" + - "RUNNING" + - "DONE" + error: !ruby/object:Api::OpAsync::Error + path: "error/errors" + message: "message" +# Examples for testing +examples: + - !ruby/object:Provider::Terraform::Examples + name: "compute_mig_resize_request" + primary_resource_id: "a3_resize_request" + vars: + resize_request_name: a3-dws +# Resize request parameters injected via URL +parameters: + - !ruby/object:Api::Type::ResourceRef + name: "zone" + resource: "Zone" + imports: "name" + description: | + Name of the compute zone scoping this request. Name should conform to RFC1035. + required: true + url_param_only: true + - !ruby/object:Api::Type::ResourceRef + name: "instanceGroupManager" + resource: "InstanceGroupManager" + imports: "name" +======= custom_code: custom_delete: 'templates/terraform/custom_delete/compute_mig_resize_request_delete.go.tmpl' # Examples for testing @@ -83,10 +157,64 @@ parameters: imports: 'name' - name: 'instanceGroupManager' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the managed instance group. The name should conform to RFC1035 or be a resource ID. Authorization requires the following IAM permission on the specified resource instanceGroupManager: *compute.instanceGroupManagers.update +<<<<<<< HEAD + required: true + url_param_only: true + +# Non-URL parameters including input and output parameters +properties: + - !ruby/object:Api::Type::Time + name: "creationTimestamp" + description: | + The creation timestamp for this resize request in RFC3339 text format. + output: true + - !ruby/object:Api::Type::Enum + name: "state" + description: | + [Output only] Current state of the request. + values: + - :CREATING + - :ACCEPTED + - :FAILED + - :SUCCEEDED + - :CANCELLED + output: true + - !ruby/object:Api::Type::String + name: "name" + description: | + The name of this resize request. The name must be 1-63 characters long, and comply with RFC1035. + required: true + - !ruby/object:Api::Type::String + name: "description" + description: | + An optional description of this resize-request. + - !ruby/object:Api::Type::Integer + name: "resizeBy" + description: | + The number of instances to be created by this resize request. The group's target size will be increased by this number. + required: true + - !ruby/object:Api::Type::NestedObject + name: "requestedRunDuration" + description: | + Requested run duration for instances that will be created by this request. At the end of the run duration instance will be deleted. + properties: + - !ruby/object:Api::Type::String + name: "seconds" + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years + required: true + - !ruby/object:Api::Type::Integer + name: "nanos" + description: | + Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. + - !ruby/object:Api::Type::NestedObject + name: "status" +======= url_param_only: true required: true resource: 'InstanceGroupManager' @@ -139,11 +267,279 @@ properties: Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. - name: 'status' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | [Output only] Status of the request. output: true properties: # Status.error +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: "error" + output: true + description: | + [Output only] Fatal errors encountered during the queueing or provisioning phases of the ResizeRequest that caused the transition to the FAILED state. Contrary to the lastAttempt errors, this field is final and errors are never removed from here, as the ResizeRequest is not going to retry. + properties: + - !ruby/object:Api::Type::NestedObject + name: "errors" + output: true + description: | + [Output Only] The array of errors encountered while processing this operation. + properties: + - !ruby/object:Api::Type::String + name: "code" + output: true + description: | + [Output Only] The error type identifier for this error. + - !ruby/object:Api::Type::String + name: "location" + output: true + description: | + Output Only] Indicates the field in the request that caused the error. This property is optional. + - !ruby/object:Api::Type::String + name: "message" + output: true + description: | + [Output Only] An optional, human-readable error message. + - !ruby/object:Api::Type::NestedObject + name: "errorDetails" + output: true + description: | + [Output Only] An optional list of messages that contain the error details. There is a set of defined message types to use for providing details.The syntax depends on the error code. For example, QuotaExceededInfo will have details when the error code is QUOTA_EXCEEDED. + properties: + - !ruby/object:Api::Type::NestedObject + name: "errorInfo" + output: true + description: | + [Output Only] + properties: + - !ruby/object:Api::Type::String + name: "reason" + output: true + description: | + The reason of the error. This is a constant value that identifies the proximate cause of the error. Error reasons are unique within a particular domain of errors. This should be at most 63 characters and match a regular expression of [A-Z][A-Z0-9_]+[A-Z0-9], which represents UPPER_SNAKE_CASE. + - !ruby/object:Api::Type::String + name: "domain" + output: true + description: | + The logical grouping to which the "reason" belongs. The error domain is typically the registered service name of the tool or product that generates the error. Example: "pubsub.googleapis.com". If the error is generated by some common infrastructure, the error domain must be a globally unique value that identifies the infrastructure. For Google API infrastructure, the error domain is "googleapis.com". + - !ruby/object:Api::Type::KeyValuePairs + name: "metadatas" + output: true + description: | + Additional structured details about this error. + Keys must match /[a-z][a-zA-Z0-9-_]+/ but should ideally be lowerCamelCase. Also they must be limited to 64 characters in length. When identifying the current value of an exceeded limit, the units should be contained in the key, not the value. For example, rather than {"instanceLimit": "100/request"}, should be returned as, {"instanceLimitPerRequest": "100"}, if the client exceeds the number of instances that can be created in a single (batch) request. + - !ruby/object:Api::Type::NestedObject + name: "quotaInfo" + output: true + description: | + [Output Only] + properties: + - !ruby/object:Api::Type::String + name: "metricName" + output: true + description: | + The Compute Engine quota metric name. + - !ruby/object:Api::Type::String + name: "limitName" + output: true + description: | + The name of the quota limit. + - !ruby/object:Api::Type::KeyValuePairs + name: "dimensions" + output: true + description: | + The map holding related quota dimensions + - !ruby/object:Api::Type::Integer + name: "limit" + output: true + description: | + Current effective quota limit. The limit's unit depends on the quota type or metric. + - !ruby/object:Api::Type::Integer + name: "futureLimit" + output: true + description: | + Future quota limit being rolled out. The limit's unit depends on the quota type or metric. + - !ruby/object:Api::Type::String + name: "rolloutStatus" + output: true + description: | + Rollout status of the future quota limit. + - !ruby/object:Api::Type::NestedObject + name: "help" + output: true + description: | + [Output Only] + properties: + - !ruby/object:Api::Type::NestedObject + name: "links" + output: true + description: | + [Output Only] + properties: + - !ruby/object:Api::Type::String + name: "description" + output: true + description: | + Describes what the link offers. + - !ruby/object:Api::Type::String + name: "url" + output: true + description: | + The URL of the link. + - !ruby/object:Api::Type::NestedObject + name: "localizedMessage" + output: true + description: | + [Output Only] + properties: + - !ruby/object:Api::Type::String + name: "locale" + output: true + description: | + The locale used following the specification defined at https://www.rfc-editor.org/rfc/bcp/bcp47.txt. Examples are: "en-US", "fr-CH", "es-MX" + - !ruby/object:Api::Type::String + name: "message" + output: true + description: | + The localized error message in the above locale. + # Status.lastAttempt + - !ruby/object:Api::Type::NestedObject + name: "lastAttempt" + output: true + description: | + [Output only] Information about the last attempt to fulfill the request. The value is temporary since the ResizeRequest can retry, as long as it's still active and the last attempt value can either be cleared or replaced with a different error. Since ResizeRequest retries infrequently, the value may be stale and no longer show an active problem. The value is cleared when ResizeRequest transitions to the final state (becomes inactive). If the final state is FAILED the error describing it will be storred in the "error" field only. + properties: + - !ruby/object:Api::Type::NestedObject + name: "error" + output: true + description: | + [Output only] Fatal errors encountered during the queueing or provisioning phases of the ResizeRequest that caused the transition to the FAILED state. Contrary to the lastAttempt errors, this field is final and errors are never removed from here, as the ResizeRequest is not going to retry. + properties: + - !ruby/object:Api::Type::NestedObject + name: "errors" + output: true + description: | + [Output Only] The array of errors encountered while processing this operation. + properties: + - !ruby/object:Api::Type::String + name: "code" + output: true + description: | + [Output Only] The error type identifier for this error. + - !ruby/object:Api::Type::String + name: "location" + output: true + description: | + Output Only] Indicates the field in the request that caused the error. This property is optional. + - !ruby/object:Api::Type::String + name: "message" + output: true + description: | + [Output Only] An optional, human-readable error message. + - !ruby/object:Api::Type::NestedObject + name: "errorDetails" + output: true + description: | + [Output Only] An optional list of messages that contain the error details. There is a set of defined message types to use for providing details.The syntax depends on the error code. For example, QuotaExceededInfo will have details when the error code is QUOTA_EXCEEDED. + properties: + - !ruby/object:Api::Type::NestedObject + name: "errorInfo" + output: true + description: | + [Output Only] + properties: + - !ruby/object:Api::Type::String + name: "reason" + output: true + description: | + The reason of the error. This is a constant value that identifies the proximate cause of the error. Error reasons are unique within a particular domain of errors. This should be at most 63 characters and match a regular expression of [A-Z][A-Z0-9_]+[A-Z0-9], which represents UPPER_SNAKE_CASE. + - !ruby/object:Api::Type::String + name: "domain" + output: true + description: | + The logical grouping to which the "reason" belongs. The error domain is typically the registered service name of the tool or product that generates the error. Example: "pubsub.googleapis.com". If the error is generated by some common infrastructure, the error domain must be a globally unique value that identifies the infrastructure. For Google API infrastructure, the error domain is "googleapis.com". + - !ruby/object:Api::Type::KeyValuePairs + name: "metadatas" + output: true + description: | + Additional structured details about this error. + Keys must match /[a-z][a-zA-Z0-9-_]+/ but should ideally be lowerCamelCase. Also they must be limited to 64 characters in length. When identifying the current value of an exceeded limit, the units should be contained in the key, not the value. For example, rather than {"instanceLimit": "100/request"}, should be returned as, {"instanceLimitPerRequest": "100"}, if the client exceeds the number of instances that can be created in a single (batch) request. + - !ruby/object:Api::Type::NestedObject + name: "quotaInfo" + output: true + description: | + [Output Only] + properties: + - !ruby/object:Api::Type::String + name: "metricName" + output: true + description: | + The Compute Engine quota metric name. + - !ruby/object:Api::Type::String + name: "limitName" + output: true + description: | + The name of the quota limit. + - !ruby/object:Api::Type::KeyValuePairs + name: "dimensions" + output: true + description: | + The map holding related quota dimensions + - !ruby/object:Api::Type::Integer + name: "limit" + output: true + description: | + Current effective quota limit. The limit's unit depends on the quota type or metric. + - !ruby/object:Api::Type::Integer + name: "futureLimit" + output: true + description: | + Future quota limit being rolled out. The limit's unit depends on the quota type or metric. + - !ruby/object:Api::Type::String + name: "rolloutStatus" + output: true + description: | + Rollout status of the future quota limit. + - !ruby/object:Api::Type::NestedObject + name: "help" + output: true + description: | + [Output Only] + properties: + - !ruby/object:Api::Type::NestedObject + name: "links" + output: true + description: | + [Output Only] + properties: + - !ruby/object:Api::Type::String + name: "description" + output: true + description: | + Describes what the link offers. + - !ruby/object:Api::Type::String + name: "url" + output: true + description: | + The URL of the link. + - !ruby/object:Api::Type::NestedObject + name: "localizedMessage" + output: true + description: | + [Output Only] + properties: + - !ruby/object:Api::Type::String + name: "locale" + output: true + description: | + The locale used following the specification defined at https://www.rfc-editor.org/rfc/bcp/bcp47.txt. Examples are: "en-US", "fr-CH", "es-MX" + - !ruby/object:Api::Type::String + name: "message" + output: true + description: | + The localized error message in the above locale. +======= - name: 'error' type: NestedObject description: | @@ -409,3 +805,4 @@ properties: description: | The localized error message in the above locale. output: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/ResourcePolicy.yaml b/mmv1/products/compute/ResourcePolicy.yaml index de3eaecdce61..61b746325dfe 100644 --- a/mmv1/products/compute/ResourcePolicy.yaml +++ b/mmv1/products/compute/ResourcePolicy.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,98 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'ResourcePolicy' +kind: 'compute#resourcePolicy' +base_url: projects/{{project}}/regions/{{region}}/resourcePolicies +has_self_link: true +update_verb: :PATCH +update_url: projects/{{project}}/regions/{{region}}/resourcePolicies/{{name}} +collection_url_key: 'items' +description: | + A policy that can be attached to a resource to specify or schedule actions on that resource. +references: !ruby/object:Api::Resource::ReferenceLinks + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/resourcePolicies' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'resource_policy_basic' + primary_resource_id: 'foo' + vars: + name: 'gce-policy' + - !ruby/object:Provider::Terraform::Examples + name: 'resource_policy_hourly_format' + primary_resource_id: 'foo' + skip_docs: true + vars: + name: 'gce-policy' + - !ruby/object:Provider::Terraform::Examples + name: 'resource_policy_full' + primary_resource_id: 'bar' + vars: + name: 'gce-policy' + - !ruby/object:Provider::Terraform::Examples + name: 'resource_policy_placement_policy' + primary_resource_id: 'baz' + vars: + name: 'gce-policy' + - !ruby/object:Provider::Terraform::Examples + name: 'resource_policy_placement_policy_max_distance' + min_version: 'beta' + primary_resource_id: 'baz' + vars: + name: 'gce-policy' + - !ruby/object:Provider::Terraform::Examples + name: 'resource_policy_instance_schedule_policy' + primary_resource_id: 'hourly' + vars: + name: 'gce-policy' + - !ruby/object:Provider::Terraform::Examples + name: 'resource_policy_snapshot_schedule_chain_name' + primary_resource_id: 'hourly' + vars: + name: 'gce-policy' + - !ruby/object:Provider::Terraform::Examples + name: 'resource_policy_consistency_group' + primary_resource_id: 'cgroup' + vars: + name: 'gce-policy' +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: templates/terraform/constants/compute_resource_policy.go.erb +parameters: + - !ruby/object:Api::Type::ResourceRef + name: region + resource: Region + imports: name + description: Region where resource policy resides. + immutable: true + required: false + ignore_read: true + default_from_api: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::String + name: 'name' + required: true +======= --- name: 'ResourcePolicy' kind: 'compute#resourcePolicy' @@ -94,6 +190,7 @@ parameters: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply @@ -102,6 +199,23 @@ properties: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'description' + description: | + An optional description of this resource. Provide this property when you create the resource. + - !ruby/object:Api::Type::NestedObject + name: 'snapshotSchedulePolicy' + conflicts: + - 'group_placement_policy' + - 'instance_schedule_policy' + - 'disk_consistency_group_policy' + description: | + Policy for creating snapshots of persistent disks. + properties: + - !ruby/object:Api::Type::NestedObject + name: 'schedule' +======= required: true - name: 'description' type: String @@ -118,10 +232,29 @@ properties: properties: - name: 'schedule' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Contains one of an `hourlySchedule`, `dailySchedule`, or `weeklySchedule`. required: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'hourlySchedule' + description: | + The policy will execute every nth hour starting at the specified time. + exactly_one_of: + - snapshot_schedule_policy.0.schedule.0.hourly_schedule + - snapshot_schedule_policy.0.schedule.0.daily_schedule + - snapshot_schedule_policy.0.schedule.0.weekly_schedule + properties: + - !ruby/object:Api::Type::Integer + name: 'hoursInCycle' + description: | + The number of hours between snapshots. + required: true + - !ruby/object:Api::Type::String + name: 'startTime' +======= - name: 'hourlySchedule' type: NestedObject description: | @@ -138,11 +271,33 @@ properties: required: true - name: 'startTime' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Time within the window to start the operations. It must be in an hourly format "HH:MM", where HH : [00-23] and MM : [00] GMT. eg: 21:00 required: true +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + function: 'verify.ValidateHourlyOnly' + diff_suppress_func: 'HourlyFormatSuppressDiff' + - !ruby/object:Api::Type::NestedObject + name: 'dailySchedule' + description: | + The policy will execute every nth day at the specified time. + exactly_one_of: + - snapshot_schedule_policy.0.schedule.0.hourly_schedule + - snapshot_schedule_policy.0.schedule.0.daily_schedule + - snapshot_schedule_policy.0.schedule.0.weekly_schedule + properties: + - !ruby/object:Api::Type::Integer + name: 'daysInCycle' + description: | + Defines a schedule with units measured in days. The value determines how many days pass between the start of each cycle. Days in cycle for snapshot schedule policy must be 1. + required: true + - !ruby/object:Api::Type::String + name: 'startTime' +======= diff_suppress_func: 'HourlyFormatSuppressDiff' validation: function: 'verify.ValidateHourlyOnly' @@ -162,11 +317,38 @@ properties: required: true - name: 'startTime' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This must be in UTC format that resolves to one of 00:00, 04:00, 08:00, 12:00, 16:00, or 20:00. For example, both 13:00-5 and 08:00 are valid. required: true +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + function: 'verify.ValidateHourlyOnly' + diff_suppress_func: 'HourlyFormatSuppressDiff' + - !ruby/object:Api::Type::NestedObject + name: 'weeklySchedule' + description: | + Allows specifying a snapshot time for each day of the week. + exactly_one_of: + - snapshot_schedule_policy.0.schedule.0.hourly_schedule + - snapshot_schedule_policy.0.schedule.0.daily_schedule + - snapshot_schedule_policy.0.schedule.0.weekly_schedule + properties: + - !ruby/object:Api::Type::Array + name: 'dayOfWeeks' + description: | + May contain up to seven (one for each day of the week) snapshot times. + required: true + min_size: 1 + max_size: 7 + is_set: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'startTime' +======= diff_suppress_func: 'HourlyFormatSuppressDiff' validation: function: 'verify.ValidateHourlyOnly' @@ -190,10 +372,65 @@ properties: properties: - name: 'startTime' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Time within the window to start the operations. It must be in format "HH:MM", where HH : [00-23] and MM : [00-00] GMT. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'day' + description: | + The day of the week to create the snapshot. e.g. MONDAY + required: true + values: + - :MONDAY + - :TUESDAY + - :WEDNESDAY + - :THURSDAY + - :FRIDAY + - :SATURDAY + - :SUNDAY + - !ruby/object:Api::Type::NestedObject + name: 'retentionPolicy' + description: | + Retention policy applied to snapshots created by this resource policy. + properties: + - !ruby/object:Api::Type::Integer + name: 'maxRetentionDays' + description: | + Maximum age of the snapshot that is allowed to be kept. + required: true + - !ruby/object:Api::Type::Enum + name: 'onSourceDiskDelete' + description: | + Specifies the behavior to apply to scheduled snapshots when + the source disk is deleted. + default_value: :KEEP_AUTO_SNAPSHOTS + values: + - :KEEP_AUTO_SNAPSHOTS + - :APPLY_RETENTION_POLICY + - !ruby/object:Api::Type::NestedObject + name: 'snapshotProperties' + description: | + Properties with which the snapshots are created, such as labels. + properties: + - !ruby/object:Api::Type::KeyValuePairs + name: 'labels' + at_least_one_of: + - snapshot_schedule_policy.0.snapshot_properties.0.labels + - snapshot_schedule_policy.0.snapshot_properties.0.storage_locations + - snapshot_schedule_policy.0.snapshot_properties.0.guest_flush + description: | + A set of key-value pairs. + - !ruby/object:Api::Type::Array + name: 'storageLocations' + at_least_one_of: + - snapshot_schedule_policy.0.snapshot_properties.0.labels + - snapshot_schedule_policy.0.snapshot_properties.0.storage_locations + - snapshot_schedule_policy.0.snapshot_properties.0.guest_flush + max_size: 1 +======= - name: 'day' type: Enum description: | @@ -243,10 +480,25 @@ properties: - 'snapshot_schedule_policy.0.snapshot_properties.0.guest_flush' - name: 'storageLocations' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Cloud Storage bucket location to store the auto snapshot (regional or multi-regional) is_set: true +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Boolean + name: 'guestFlush' + send_empty_value: true + at_least_one_of: + - snapshot_schedule_policy.0.snapshot_properties.0.labels + - snapshot_schedule_policy.0.snapshot_properties.0.storage_locations + - snapshot_schedule_policy.0.snapshot_properties.0.guest_flush + description: | + Whether to perform a 'guest aware' snapshot. + - !ruby/object:Api::Type::String + name: 'chainName' +======= at_least_one_of: - 'snapshot_schedule_policy.0.snapshot_properties.0.labels' - 'snapshot_schedule_policy.0.snapshot_properties.0.storage_locations' @@ -265,10 +517,24 @@ properties: - 'snapshot_schedule_policy.0.snapshot_properties.0.guest_flush' - name: 'chainName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Creates the new snapshot in the snapshot chain labeled with the specified name. The chain name must be 1-63 characters long and comply with RFC1035. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'groupPlacementPolicy' + conflicts: + - 'instance_schedule_policy' + - 'snapshot_schedule_policy' + - 'disk_consistency_group_policy' + description: | + Resource policy for instances used for placement configuration. + properties: + - !ruby/object:Api::Type::Integer + name: 'vmCount' +======= - name: 'groupPlacementPolicy' type: NestedObject description: | @@ -280,10 +546,20 @@ properties: properties: - name: 'vmCount' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Number of VMs in this placement group. Google does not recommend that you use this field unless you use a compact policy and you want your policy to work only if it contains this exact number of VMs. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'availabilityDomainCount' + description: | + The number of availability domains instances will be spread across. If two instances are in different + availability domain, they will not be put in the same low latency network + - !ruby/object:Api::Type::Enum + name: 'collocation' +======= - name: 'availabilityDomainCount' type: Integer description: | @@ -291,11 +567,58 @@ properties: availability domain, they will not be put in the same low latency network - name: 'collocation' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Collocation specifies whether to place VMs inside the same availability domain on the same low-latency network. Specify `COLLOCATED` to enable collocation. Can only be specified with `vm_count`. If compute instances are created with a COLLOCATED policy, then exactly `vm_count` instances must be created at the same time with the resource policy attached. +<<<<<<< HEAD + values: + - :COLLOCATED + - !ruby/object:Api::Type::Integer + name: 'maxDistance' + min_version: 'beta' + description: | + Specifies the number of max logical switches. + - !ruby/object:Api::Type::NestedObject + name: 'instanceSchedulePolicy' + conflicts: + - 'snapshot_schedule_policy' + - 'group_placement_policy' + - 'disk_consistency_group_policy' + description: | + Resource policy for scheduling instance operations. + properties: + - !ruby/object:Api::Type::NestedObject + name: 'vmStartSchedule' + at_least_one_of: + - instance_schedule_policy.0.vm_start_schedule + - instance_schedule_policy.0.vm_stop_schedule + description: | + Specifies the schedule for starting instances. + properties: + - !ruby/object:Api::Type::String + name: 'schedule' + description: | + Specifies the frequency for the operation, using the unix-cron format. + required: true + - !ruby/object:Api::Type::NestedObject + name: 'vmStopSchedule' + at_least_one_of: + - instance_schedule_policy.0.vm_start_schedule + - instance_schedule_policy.0.vm_stop_schedule + description: | + Specifies the schedule for stopping instances. + properties: + - !ruby/object:Api::Type::String + name: 'schedule' + description: | + Specifies the frequency for the operation, using the unix-cron format. + required: true + - !ruby/object:Api::Type::String + name: 'timeZone' +======= enum_values: - 'COLLOCATED' - name: 'maxDistance' @@ -340,10 +663,39 @@ properties: required: true - name: 'timeZone' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the time zone to be used in interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'startTime' + description: | + The start time of the schedule. The timestamp is an RFC3339 string. + - !ruby/object:Api::Type::String + name: 'expirationTime' + description: | + The expiration time of the schedule. The timestamp is an RFC3339 string. + - !ruby/object:Api::Type::NestedObject + name: 'diskConsistencyGroupPolicy' + conflicts: + - 'snapshot_schedule_policy' + - 'group_placement_policy' + - 'instance_schedule_policy' + description: | + Replication consistency group for asynchronous disk replication. + send_empty_value: true + properties: + - !ruby/object:Api::Type::Boolean + name: 'enabled' + immutable: true + required: true + description: | + Enable disk consistency on the resource policy. + custom_expand: 'templates/terraform/custom_expand/disk_consistency_group_policy.erb' + custom_flatten: 'templates/terraform/custom_flatten/disk_consistency_group_policy.erb' +======= - name: 'startTime' type: String description: | @@ -370,3 +722,4 @@ properties: Enable disk consistency on the resource policy. required: true immutable: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/Route.yaml b/mmv1/products/compute/Route.yaml index 7dca5539dbc0..d3d29b6ac466 100644 --- a/mmv1/products/compute/Route.yaml +++ b/mmv1/products/compute/Route.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,9 +15,19 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Route' +kind: 'compute#route' +base_url: projects/{{project}}/global/routes +collection_url_key: 'items' +immutable: true +has_self_link: true +======= --- name: 'Route' kind: 'compute#route' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Represents a Route resource. @@ -38,6 +52,35 @@ description: | nextHopGateway, nextHopInstance, nextHopIp, nextHopVpnTunnel, or nextHopIlb. +<<<<<<< HEAD +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Using Routes': 'https://cloud.google.com/vpc/docs/using-routes' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/routes' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +mutex: 'projects/{{project}}/global/networks/{{network}}/peerings' +error_retry_predicates: ['transport_tpg.IsPeeringOperationInProgress'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'route_basic' +======= references: guides: 'Using Routes': 'https://cloud.google.com/vpc/docs/using-routes' @@ -80,11 +123,17 @@ error_retry_predicates: - 'transport_tpg.IsPeeringOperationInProgress' examples: - name: 'route_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: route_name: 'network-route' network_name: 'compute-network' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'route_ilb' +======= - name: 'route_ilb' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'route-ilb' vars: network_name: 'compute-network' @@ -93,9 +142,16 @@ examples: health_check_name: 'proxy-health-check' backend_name: 'compute-backend' route_name: 'route-ilb' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'route_ilb_vip' + primary_resource_id: 'route-ilb' + min_version: beta +======= - name: 'route_ilb_vip' primary_resource_id: 'route-ilb' min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: producer_name: 'producer' consumer_name: 'consumer' @@ -103,14 +159,39 @@ examples: health_check_name: 'proxy-health-check' backend_name: 'compute-backend' route_name: 'route-ilb' +<<<<<<< HEAD +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: templates/terraform/constants/compute_route.go.erb + decoder: templates/terraform/decoders/route.erb + extra_schema_entry: templates/terraform/extra_schema_entry/route.erb +docs: !ruby/object:Provider::Terraform::Docs + optional_properties: | + * `next_hop_instance_zone` - (Optional when `next_hop_instance` is + specified) The zone of the instance specified in + `next_hop_instance`. Omit if `next_hop_instance` is specified as + a URL. +properties: + - !ruby/object:Api::Type::String + name: 'destRange' +======= parameters: properties: - name: 'destRange' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The destination range of outgoing packets that this route applies to. Only IPv4 is supported. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'description' + description: | + An optional description of this resource. Provide this property + when you create the resource. + - !ruby/object:Api::Type::String + name: 'name' +======= - name: 'description' type: String description: | @@ -118,6 +199,7 @@ properties: when you create the resource. - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -127,6 +209,21 @@ properties: characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + regex: '^[a-z]([-a-z0-9]*[a-z0-9])?$' + - !ruby/object:Api::Type::ResourceRef + name: 'network' + resource: 'Network' + imports: 'selfLink' + description: 'The network that this route applies to.' + immutable: true + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Integer + name: 'priority' +======= validation: regex: '^[a-z]([-a-z0-9]*[a-z0-9])?$' - name: 'network' @@ -140,6 +237,7 @@ properties: imports: 'selfLink' - name: 'priority' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The priority of this route. Priority is used to break ties in cases where there is more than one matching route of equal prefix length. @@ -149,6 +247,26 @@ properties: Default value is 1000. Valid range is 0 through 65535. immutable: true +<<<<<<< HEAD + default_value: 1000 + send_empty_value: true + - !ruby/object:Api::Type::Array + name: 'tags' + description: 'A list of instance tags to which this route applies.' + immutable: true + custom_expand: templates/terraform/custom_expand/set_to_list.erb + is_set: true + item_type: Api::Type::String + - !ruby/object:Api::Type::String + name: 'nextHopGateway' + immutable: true + exactly_one_of: + - next_hop_gateway + - next_hop_instance + - next_hop_ip + - next_hop_vpn_tunnel + - next_hop_ilb +======= send_empty_value: true default_value: 1000 - name: 'tags' @@ -161,6 +279,7 @@ properties: type: String - name: 'nextHopGateway' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | URL to a gateway that should handle matching packets. Currently, you can only specify the internet gateway, using a full or @@ -169,6 +288,21 @@ properties: * `projects/project/global/gateways/default-internet-gateway` * `global/gateways/default-internet-gateway` * The string `default-internet-gateway`. +<<<<<<< HEAD + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + custom_expand: templates/terraform/custom_expand/route_gateway.erb + - !ruby/object:Api::Type::ResourceRef + name: 'nextHopInstance' + resource: 'Instance' + imports: 'selfLink' + immutable: true + exactly_one_of: + - next_hop_gateway + - next_hop_instance + - next_hop_ip + - next_hop_vpn_tunnel + - next_hop_ilb +======= immutable: true exactly_one_of: - 'next_hop_gateway' @@ -180,6 +314,7 @@ properties: custom_expand: 'templates/terraform/custom_expand/route_gateway.tmpl' - name: 'nextHopInstance' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example: @@ -187,6 +322,42 @@ properties: * `projects/project/zones/zone/instances/instance` * `zones/zone/instances/instance` * Just the instance name, with the zone in `next_hop_instance_zone`. +<<<<<<< HEAD + custom_expand: templates/terraform/custom_expand/route_instance.erb + - !ruby/object:Api::Type::String + name: 'nextHopIp' + description: | + Network IP address of an instance that should handle matching packets. + immutable: true + exactly_one_of: + - next_hop_gateway + - next_hop_instance + - next_hop_ip + - next_hop_vpn_tunnel + - next_hop_ilb + default_from_api: true + - !ruby/object:Api::Type::ResourceRef + name: 'nextHopVpnTunnel' + resource: 'VpnTunnel' + imports: 'selfLink' + immutable: true + exactly_one_of: + - next_hop_gateway + - next_hop_instance + - next_hop_ip + - next_hop_vpn_tunnel + - next_hop_ilb + description: | + URL to a VpnTunnel that should handle matching packets. + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::String + name: 'nextHopNetwork' + output: true + description: | + URL to a Network that should handle matching packets. + - !ruby/object:Api::Type::String + name: 'nextHopIlb' +======= immutable: true exactly_one_of: - 'next_hop_gateway' @@ -230,6 +401,7 @@ properties: output: true - name: 'nextHopIlb' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The IP address or URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching @@ -249,9 +421,17 @@ properties: a public (non-RFC 1918) IP CIDR range. immutable: true exactly_one_of: +<<<<<<< HEAD + - next_hop_gateway + - next_hop_instance + - next_hop_ip + - next_hop_vpn_tunnel + - next_hop_ilb +======= - 'next_hop_gateway' - 'next_hop_instance' - 'next_hop_ip' - 'next_hop_vpn_tunnel' - 'next_hop_ilb' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff_suppress_func: 'CompareIpAddressOrSelfLinkOrResourceName' diff --git a/mmv1/products/compute/Router.yaml b/mmv1/products/compute/Router.yaml index b152c433bd8a..dfda67bf6aa3 100644 --- a/mmv1/products/compute/Router.yaml +++ b/mmv1/products/compute/Router.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,46 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Router' +kind: 'compute#router' +base_url: projects/{{project}}/regions/{{region}}/routers +collection_url_key: 'items' +# Since Terraform has separate resources for router, router interface, and +# router peer, calling PUT on the router will delete the interface and peer. +# Use patch instead. +update_verb: :PATCH +has_self_link: true +description: | + Represents a Router resource. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Google Cloud Router': 'https://cloud.google.com/router/docs/' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/routers' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +mutex: router/{{region}}/{{name}} +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'router_basic' +======= --- name: 'Router' kind: 'compute#router' @@ -53,18 +97,51 @@ custom_diff: - 'resourceComputeRouterCustomDiff' examples: - name: 'router_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'foobar' vars: router_name: 'my-router' network_name: 'my-network' ignore_read_extra: +<<<<<<< HEAD + - advertisedIpRanges + - !ruby/object:Provider::Terraform::Examples + name: 'compute_router_encrypted_interconnect' +======= - 'advertisedIpRanges' - name: 'compute_router_encrypted_interconnect' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'encrypted-interconnect-router' vars: router_name: 'test-router' network_name: 'test-network' ignore_read_extra: +<<<<<<< HEAD + - advertisedIpRanges +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: templates/terraform/constants/router.go.erb +custom_diff: [ + 'resourceComputeRouterCustomDiff', +] +parameters: + - !ruby/object:Api::Type::ResourceRef + name: region + resource: Region + imports: name + description: Region where the router resides. + immutable: true + required: false + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::String + name: name +======= - 'advertisedIpRanges' parameters: - name: 'region' @@ -84,6 +161,7 @@ properties: output: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters @@ -91,6 +169,21 @@ properties: which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. +<<<<<<< HEAD + immutable: true + required: true + validation: !ruby/object:Provider::Terraform::Validation + function: 'verify.ValidateGCEName' + - !ruby/object:Api::Type::String + name: description + description: | + An optional description of this resource. + send_empty_value: true + - !ruby/object:Api::Type::ResourceRef + name: network + resource: Network + imports: 'selfLink' +======= required: true immutable: true validation: @@ -102,6 +195,7 @@ properties: send_empty_value: true - name: 'network' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A reference to the network to which this router belongs. required: true @@ -113,23 +207,48 @@ properties: # these fields to the Terraform resource (and then within that, decide # whether to deprecate router_interface and router_peer or leave them # alone). +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::NestedObject + name: bgp +======= custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Network' imports: 'selfLink' - name: 'bgp' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | BGP information specific to this router. send_empty_value: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: asn +======= - name: 'asn' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN. required: true +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + function: 'verify.ValidateRFC6996Asn' + - !ruby/object:Api::Type::Enum + name: advertiseMode + description: | + User-specified flag to indicate which mode to use for advertisement. + values: + - :DEFAULT + - :CUSTOM + default_value: :DEFAULT + - !ruby/object:Api::Type::Array + name: advertisedGroups +======= validation: function: 'verify.ValidateRFC6996Asn' - name: 'advertiseMode' @@ -142,6 +261,7 @@ properties: - 'CUSTOM' - name: 'advertisedGroups' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertiseMode is CUSTOM and @@ -150,12 +270,19 @@ properties: blank to advertise no custom groups. This enum field has the one valid value: ALL_SUBNETS +<<<<<<< HEAD + item_type: Api::Type::String # TODO(#324): enum? + send_empty_value: true + - !ruby/object:Api::Type::Array + name: advertisedIpRanges +======= send_empty_value: true # TODO(#324): enum? item_type: type: String - name: 'advertisedIpRanges' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertiseMode @@ -163,6 +290,25 @@ properties: ranges will be advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges. send_empty_value: true +<<<<<<< HEAD + custom_flatten: 'templates/terraform/custom_flatten/compute_router_range.go.erb' + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: range + required: true + description: | + The IP range to advertise. The value must be a + CIDR-formatted string. + send_empty_value: true + - !ruby/object:Api::Type::String + name: description + description: | + User-specified description for the IP range. + send_empty_value: true + - !ruby/object:Api::Type::Integer + name: keepaliveInterval +======= custom_flatten: 'templates/terraform/custom_flatten/compute_router_range.go.tmpl' item_type: type: NestedObject @@ -181,6 +327,7 @@ properties: send_empty_value: true - name: 'keepaliveInterval' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive @@ -193,14 +340,28 @@ properties: between the two peers. If set, this value must be between 20 and 60. The default is 20. default_value: 20 +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: identifierRange + default_from_api: true +======= - name: 'identifierRange' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Explicitly specifies a range of valid BGP Identifiers for this Router. It is provided as a link-local IPv4 range (from 169.254.0.0/16), of size at least /30, even if the BGP sessions are over IPv6. It must not overlap with any IPv4 BGP session ranges. Other vendors commonly call this router ID. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: encryptedInterconnectRouter + immutable: true + description: | + Indicates if a router is dedicated for use with encrypted VLAN + attachments (interconnectAttachments). +======= default_from_api: true - name: 'encryptedInterconnectRouter' type: Boolean @@ -208,3 +369,4 @@ properties: Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments). immutable: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/RouterNat.yaml b/mmv1/products/compute/RouterNat.yaml index 08eff670dde3..af46ebd3326a 100644 --- a/mmv1/products/compute/RouterNat.yaml +++ b/mmv1/products/compute/RouterNat.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,13 +15,60 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'RouterNat' +base_url: projects/{{project}}/regions/{{region}}/routers/{{router}} +self_link: projects/{{project}}/regions/{{region}}/routers/{{router}} +create_url: projects/{{project}}/regions/{{region}}/routers/{{router}} +update_url: projects/{{project}}/regions/{{region}}/routers/{{router}} +delete_url: projects/{{project}}/regions/{{region}}/routers/{{router}} +create_verb: :PATCH +update_verb: :PATCH +delete_verb: :PATCH +identity: + - name +collection_url_key: nats +nested_query: !ruby/object:Api::Resource::NestedQuery + modify_by_patch: true + keys: + - nats +======= --- name: 'RouterNat' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A NAT service created in a router. ~> **Note:** Recreating a `google_compute_address` that is being used by `google_compute_router_nat` will give a `resourceInUseByAnotherResource` error. Use `lifecycle.create_before_destroy` on this address resource to avoid this type of error as shown in the Manual Ips example. +<<<<<<< HEAD +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Google Cloud Router': 'https://cloud.google.com/router/docs/' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/routers' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +exclude_tgc: true +id_format: '{{project}}/{{region}}/{{router}}/{{name}}' +mutex: router/{{region}}/{{router}} +======= references: guides: 'Google Cloud Router': 'https://cloud.google.com/router/docs/' @@ -67,30 +118,52 @@ custom_code: custom_diff: - 'resourceComputeRouterNatDrainNatIpsCustomDiff' exclude_tgc: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 examples: # These examples are not used to autogenerate tests, as fine-grained # resources do not fit the normal test flow - we need to test deletion # in a test step while parent resource still exists vs in CheckDestroy # when all resources have been deleted. +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'router_nat_basic' + primary_resource_id: 'nat' + skip_test: true +======= - name: 'router_nat_basic' primary_resource_id: 'nat' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: router_name: 'my-router' nat_name: 'my-router-nat' network_name: 'my-network' subnet_name: 'my-subnetwork' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'router_nat_manual_ips' + primary_resource_id: 'nat_manual' + skip_test: true +======= exclude_test: true - name: 'router_nat_manual_ips' primary_resource_id: 'nat_manual' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: router_name: 'my-router' nat_name: 'my-router-nat' network_name: 'my-network' subnet_name: 'my-subnetwork' address_name: 'nat-manual-ip' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'router_nat_rules' + primary_resource_id: 'nat_rules' + skip_test: true +======= exclude_test: true - name: 'router_nat_rules' primary_resource_id: 'nat_rules' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: router_name: 'my-router' nat_name: 'my-router-nat' @@ -99,10 +172,18 @@ examples: address_name1: 'nat-address1' address_name2: 'nat-address2' address_name3: 'nat-address3' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'router_nat_private' + primary_resource_id: 'nat_type' + skip_test: true + min_version: beta +======= exclude_test: true - name: 'router_nat_private' primary_resource_id: 'nat_type' min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: router_name: 'my-router' nat_name: 'my-router-nat' @@ -110,6 +191,39 @@ examples: subnet_name: 'my-subnetwork' hub_name: 'my-hub' spoke_name: 'my-spoke' +<<<<<<< HEAD +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: 'templates/terraform/constants/router_nat.go.erb' + pre_create: 'templates/terraform/constants/router_nat_validate_action_active_range.go.erb' + pre_update: 'templates/terraform/constants/router_nat_validate_action_active_range.go.erb' + encoder: 'templates/terraform/encoders/router_nat_set_initial_nat_ips.go.erb' +custom_diff: [ + 'resourceComputeRouterNatDrainNatIpsCustomDiff', +] +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'router' + resource: 'Router' + imports: 'name' + description: | + The name of the Cloud Router in which this NAT will be configured. + required: true + immutable: true + url_param_only: true + - !ruby/object:Api::Type::ResourceRef + name: region + resource: Region + imports: name + description: Region where the router and NAT reside. + immutable: true + required: false + url_param_only: true + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' +properties: + - !ruby/object:Api::Type::String + name: 'name' +======= exclude_test: true parameters: - name: 'router' @@ -134,19 +248,54 @@ parameters: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the NAT service. The name must be 1-63 characters long and comply with RFC1035. required: true immutable: true +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + function: 'verify.ValidateRFC1035Name(2, 63)' + - !ruby/object:Api::Type::Enum + name: 'natIpAllocateOption' + required: false +======= validation: function: 'verify.ValidateRFC1035Name(2, 63)' - name: 'natIpAllocateOption' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | How external IPs should be allocated for this NAT. Valid values are `AUTO_ONLY` for only allowing NAT IPs allocated by Google Cloud Platform, or `MANUAL_ONLY` for only user-allocated NAT IP addresses. +<<<<<<< HEAD + values: + - :MANUAL_ONLY + - :AUTO_ONLY + - !ruby/object:Api::Type::Array + name: 'initialNatIps' + description: | + Self-links of NAT IPs to be used as initial value for creation alongside a RouterNatAddress resource. + Conflicts with natIps and drainNatIps. Only valid if natIpAllocateOption is set to MANUAL_ONLY. + immutable: true + ignore_read: true + conflicts: + - natIps + - drainNatIps + send_empty_value: true + is_set: true + set_hash_func: computeRouterNatIPsHash + item_type: !ruby/object:Api::Type::ResourceRef + name: 'address' + resource: 'Address' + imports: 'selfLink' + description: 'A reference to an address associated with this NAT' + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Array + name: 'natIps' +======= required: false enum_values: - 'MANUAL_ONLY' @@ -173,12 +322,42 @@ properties: imports: 'selfLink' - name: 'natIps' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Self-links of NAT IPs. Only valid if natIpAllocateOption is set to MANUAL_ONLY. If this field is used alongside with a count created list of address resources `google_compute_address.foobar.*.self_link`, the access level resource for the address resource must have a `lifecycle` block with `create_before_destroy = true` so the number of resources can be increased/decreased without triggering the `resourceInUseByAnotherResource` error. +<<<<<<< HEAD + send_empty_value: true + is_set: true + set_hash_func: computeRouterNatIPsHash + item_type: !ruby/object:Api::Type::ResourceRef + name: 'address' + resource: 'Address' + imports: 'selfLink' + description: 'A reference to an address associated with this NAT' + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' + default_from_api: true + - !ruby/object:Api::Type::Array + name: 'drainNatIps' + description: | + A list of URLs of the IP resources to be drained. These IPs must be + valid static external IPs that have been assigned to the NAT. + send_empty_value: true + is_set: true + item_type: !ruby/object:Api::Type::ResourceRef + name: 'address' + resource: 'Address' + imports: 'selfLink' + description: 'A reference to an address associated with this NAT' + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' + default_from_api: true + - !ruby/object:Api::Type::Enum + name: 'sourceSubnetworkIpRangesToNat' + required: true +======= is_set: true default_from_api: true send_empty_value: true @@ -207,6 +386,7 @@ properties: imports: 'selfLink' - name: 'sourceSubnetworkIpRangesToNat' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | How NAT should be configured per Subnetwork. If `ALL_SUBNETWORKS_ALL_IP_RANGES`, all of the @@ -218,6 +398,32 @@ properties: contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other RouterNat section in any Router for this network in this region. +<<<<<<< HEAD + values: + - :ALL_SUBNETWORKS_ALL_IP_RANGES + - :ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES + - :LIST_OF_SUBNETWORKS + - !ruby/object:Api::Type::Array + name: subnetwork + api_name: 'subnetworks' + send_empty_value: true + description: | + One or more subnetwork NAT configurations. Only used if + `source_subnetwork_ip_ranges_to_nat` is set to `LIST_OF_SUBNETWORKS` + is_set: true + set_hash_func: computeRouterNatSubnetworkHash + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::ResourceRef + name: 'name' + resource: 'Subnetwork' + imports: 'selfLink' + description: 'Self-link of subnetwork to NAT' + required: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Array + name: 'sourceIpRangesToNat' +======= required: true enum_values: - 'ALL_SUBNETWORKS_ALL_IP_RANGES' @@ -244,11 +450,20 @@ properties: imports: 'selfLink' - name: 'sourceIpRangesToNat' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | List of options for which source IPs in the subnetwork should have NAT enabled. Supported values include: `ALL_IP_RANGES`, `LIST_OF_SECONDARY_IP_RANGES`, `PRIMARY_IP_RANGE`. +<<<<<<< HEAD + required: true + min_size: 1 + is_set: true + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'secondaryIpRangeNames' +======= is_set: true required: true item_type: @@ -256,12 +471,28 @@ properties: min_size: 1 - name: 'secondaryIpRangeNames' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | List of the secondary ranges of the subnetwork that are allowed to use NAT. This can be populated only if `LIST_OF_SECONDARY_IP_RANGES` is one of the values in sourceIpRangesToNat is_set: true +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Integer + name: minPortsPerVm + description: | + Minimum number of ports allocated to a VM from this NAT. Defaults to 64 for static port allocation and 32 dynamic port allocation if not set. + default_from_api: true + - !ruby/object:Api::Type::Integer + name: maxPortsPerVm + description: | + Maximum number of ports allocated to a VM from this NAT. + This field can only be set when enableDynamicPortAllocation is enabled. + - !ruby/object:Api::Type::Boolean + name: enableDynamicPortAllocation +======= item_type: type: String - name: 'minPortsPerVm' @@ -276,6 +507,7 @@ properties: This field can only be set when enableDynamicPortAllocation is enabled. - name: 'enableDynamicPortAllocation' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Enable Dynamic Port Allocation. If minPortsPerVm is set, minPortsPerVm must be set to a power of two greater than or equal to 32. @@ -286,6 +518,43 @@ properties: Mutually exclusive with enableEndpointIndependentMapping. default_from_api: true send_empty_value: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: udpIdleTimeoutSec + description: | + Timeout (in seconds) for UDP connections. Defaults to 30s if not set. + default_value: 30 + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb' + - !ruby/object:Api::Type::Integer + name: icmpIdleTimeoutSec + description: | + Timeout (in seconds) for ICMP connections. Defaults to 30s if not set. + default_value: 30 + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb' + - !ruby/object:Api::Type::Integer + name: tcpEstablishedIdleTimeoutSec + description: | + Timeout (in seconds) for TCP established connections. + Defaults to 1200s if not set. + default_value: 1200 + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb' + - !ruby/object:Api::Type::Integer + name: tcpTransitoryIdleTimeoutSec + description: | + Timeout (in seconds) for TCP transitory connections. + Defaults to 30s if not set. + default_value: 30 + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb' + - !ruby/object:Api::Type::Integer + name: tcpTimeWaitTimeoutSec + description: | + Timeout (in seconds) for TCP connections that are in TIME_WAIT state. + Defaults to 120s if not set. + default_value: 120 + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb' + - !ruby/object:Api::Type::NestedObject + name: logConfig +======= - name: 'udpIdleTimeoutSec' type: Integer description: | @@ -321,10 +590,31 @@ properties: default_value: 120 - name: 'logConfig' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Configuration for logging on NAT send_empty_value: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'enable' + description: | + Indicates whether or not to export logs. + required: true + - !ruby/object:Api::Type::Enum + name: 'filter' + description: | + Specifies the desired filtering of logs on this NAT. + required: true + values: + - :ERRORS_ONLY + - :TRANSLATIONS_ONLY + - :ALL + - !ruby/object:Api::Type::Array + name: 'endpointTypes' + immutable: true + min_size: 1 +======= - name: 'enable' type: Boolean description: | @@ -341,11 +631,26 @@ properties: - 'ALL' - name: 'endpointTypes' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the endpoint Types supported by the NAT Gateway. Supported values include: `ENDPOINT_TYPE_VM`, `ENDPOINT_TYPE_SWG`, `ENDPOINT_TYPE_MANAGED_PROXY_LB`. +<<<<<<< HEAD + default_from_api: true + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: rules + description: 'A list of rules associated with this NAT.' + send_empty_value: true + is_set: true + set_hash_func: computeRouterNatRulesHash + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Integer + name: 'ruleNumber' +======= immutable: true default_from_api: true item_type: @@ -362,11 +667,21 @@ properties: properties: - name: 'ruleNumber' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An integer uniquely identifying a rule in the list. The rule number must be a positive value between 0 and 65000, and must be unique among rules within a NAT. required: true send_empty_value: true +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + function: validation.IntBetween(0, 65000) + - !ruby/object:Api::Type::String + name: 'description' + description: 'An optional description of this rule.' + - !ruby/object:Api::Type::String + name: 'match' +======= validation: function: 'validation.IntBetween(0, 65000)' - name: 'description' @@ -374,6 +689,7 @@ properties: description: 'An optional description of this rule.' - name: 'match' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. If it evaluates to true, the corresponding action is enforced. @@ -388,20 +704,42 @@ properties: "nexthop.hub == 'https://networkconnectivity.googleapis.com/v1alpha1/projects/my-project/global/hub/hub-1'" required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'action' +======= - name: 'action' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: 'The action to be enforced for traffic that matches this rule.' default_from_api: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'sourceNatActiveIps' +======= - name: 'sourceNatActiveIps' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of URLs of the IP resources used for this NAT rule. These IP addresses must be valid static external IP addresses assigned to the project. This field is used for public NAT. is_set: true set_hash_func: computeRouterNatIPsHash +<<<<<<< HEAD + custom_flatten: 'templates/terraform/custom_flatten/nat_rules_ip_set.erb' + item_type: !ruby/object:Api::Type::ResourceRef + name: 'address' + resource: 'Address' + imports: 'selfLink' + description: + 'A reference to an address associated with this NAT' + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Array + name: 'sourceNatDrainIps' +======= custom_flatten: 'templates/terraform/custom_flatten/nat_rules_ip_set.tmpl' custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.tmpl' item_type: @@ -413,6 +751,7 @@ properties: imports: 'selfLink' - name: 'sourceNatDrainIps' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. @@ -420,6 +759,19 @@ properties: This field is used for public NAT. is_set: true set_hash_func: computeRouterNatIPsHash +<<<<<<< HEAD + custom_flatten: 'templates/terraform/custom_flatten/nat_rules_ip_set.erb' + item_type: !ruby/object:Api::Type::ResourceRef + name: 'address' + resource: 'Address' + imports: 'selfLink' + description: + 'A reference to an address associated with this NAT' + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Array + name: 'sourceNatActiveRanges' + min_version: beta +======= custom_flatten: 'templates/terraform/custom_flatten/nat_rules_ip_set.tmpl' custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.tmpl' item_type: @@ -431,11 +783,26 @@ properties: imports: 'selfLink' - name: 'sourceNatActiveRanges' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of URLs of the subnetworks used as source ranges for this NAT Rule. These subnetworks must have purpose set to PRIVATE_NAT. This field is used for private NAT. is_set: true +<<<<<<< HEAD + set_hash_func: computeRouterNatRulesSubnetHash + custom_flatten: 'templates/terraform/custom_flatten/nat_rules_subnets_set.erb' + item_type: !ruby/object:Api::Type::ResourceRef + name: 'subnet' + resource: 'Subnetwork' + imports: 'selfLink' + description: + 'A reference to a subnetwork address associated with this NAT' + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Array + name: 'sourceNatDrainRanges' + min_version: beta +======= min_version: 'beta' set_hash_func: computeRouterNatRulesSubnetHash custom_flatten: 'templates/terraform/custom_flatten/nat_rules_subnets_set.tmpl' @@ -449,11 +816,25 @@ properties: imports: 'selfLink' - name: 'sourceNatDrainRanges' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of URLs of subnetworks representing source ranges to be drained. This is only supported on patch/update, and these subnetworks must have previously been used as active ranges in this NAT Rule. This field is used for private NAT. is_set: true +<<<<<<< HEAD + set_hash_func: computeRouterNatRulesSubnetHash + custom_flatten: 'templates/terraform/custom_flatten/nat_rules_subnets_set.erb' + item_type: !ruby/object:Api::Type::ResourceRef + name: 'subnet' + resource: 'Subnetwork' + imports: 'selfLink' + description: + 'A reference to a subnetwork address associated with this NAT' + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Boolean + name: enableEndpointIndependentMapping +======= min_version: 'beta' set_hash_func: computeRouterNatRulesSubnetHash custom_flatten: 'templates/terraform/custom_flatten/nat_rules_subnets_set.tmpl' @@ -467,18 +848,34 @@ properties: imports: 'selfLink' - name: 'enableEndpointIndependentMapping' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Enable endpoint independent mapping. For more information see the [official documentation](https://cloud.google.com/nat/docs/overview#specs-rfcs). default_from_api: true send_empty_value: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'type' + immutable: true + min_version: beta +======= - name: 'type' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates whether this NAT is used for public or private IP translation. If unspecified, it defaults to PUBLIC. If `PUBLIC` NAT used for public IP translation. If `PRIVATE` NAT used for private IP translation. +<<<<<<< HEAD + values: + - :PUBLIC + - :PRIVATE + default_value: :PUBLIC + - !ruby/object:Api::Type::Enum + name: 'autoNetworkTier' +======= min_version: 'beta' immutable: true default_value: "PUBLIC" @@ -487,11 +884,19 @@ properties: - 'PRIVATE' - name: 'autoNetworkTier' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The network tier to use when automatically reserving NAT IP addresses. Must be one of: PREMIUM, STANDARD. If not specified, then the current project-level default tier is used. +<<<<<<< HEAD + values: + - :PREMIUM + - :STANDARD + default_from_api: true +======= default_from_api: true enum_values: - 'PREMIUM' - 'STANDARD' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/RouterNatAddress.yaml b/mmv1/products/compute/RouterNatAddress.yaml index 844896518a5e..0a6b074ac0a5 100644 --- a/mmv1/products/compute/RouterNatAddress.yaml +++ b/mmv1/products/compute/RouterNatAddress.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,14 +15,66 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'RouterNatAddress' +base_url: projects/{{project}}/regions/{{region}}/routers/{{router}} +self_link: projects/{{project}}/regions/{{region}}/routers/{{router}} +create_url: projects/{{project}}/regions/{{region}}/routers/{{router}} +update_url: projects/{{project}}/regions/{{region}}/routers/{{router}} +delete_url: projects/{{project}}/regions/{{region}}/routers/{{router}} +create_verb: :PATCH +update_verb: :PATCH +delete_verb: :PATCH +identity: + - routerNat +collection_url_key: nats +nested_query: !ruby/object:Api::Resource::NestedQuery + modify_by_patch: true + keys: + - nats +======= --- name: 'RouterNatAddress' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A resource used to set the list of IP addresses to be used in a NAT service and manage the draining of destroyed IPs. ~> **Note:** This resource is to be used alongside a `google_compute_router_nat` resource, the router nat resource must have no defined `nat_ips` or `drain_nat_ips` parameters, instead using the `initial_nat_ips` parameter to set at least one IP for the creation of the resource. +<<<<<<< HEAD +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Google Cloud Router': 'https://cloud.google.com/router/docs/' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/routers' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'routerNat' + base_url: 'projects/{{project}}/regions/{{regions}}/operations/{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +exclude_tgc: true +id_format: 'projects/{{project}}/regions/{{region}}/routers/{{router}}/{{router_nat}}' +mutex: router/{{region}}/{{router}} +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'router_nat_address_count' + primary_resource_id: 'nat_address' + skip_test: true +======= references: guides: 'Google Cloud Router': 'https://cloud.google.com/router/docs/' @@ -73,12 +129,83 @@ exclude_tgc: true examples: - name: 'router_nat_address_count' primary_resource_id: 'nat_address' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: router_name: 'my-router' nat_name: 'my-router-nat' network_name: 'my-network' subnet_name: 'my-subnetwork' address_name: 'nat-manual-ip' +<<<<<<< HEAD +# ToDo: We use a custom code for CREATE since the generated code is erroneously not replacing the generated encoder with the custom one provided +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: 'templates/terraform/constants/router_nat_address.go.erb' + custom_create: templates/terraform/custom_create/router_nat_address_nested_query_create_encoder.go.erb + pre_delete: templates/terraform/pre_delete/compute_router_nat_address_delete_nat_ips_only.go.erb + encoder: 'templates/terraform/encoders/router_nat_address_patch_on_create.go.erb' + update_encoder: 'templates/terraform/encoders/router_nat_address_update_skip_encoder.go.erb' +custom_diff: [ + 'resourceComputeRouterNatAddressDrainNatIpsCustomDiff', +] +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'router' + resource: 'Router' + imports: 'name' + description: | + The name of the Cloud Router in which the referenced NAT service is configured. + required: true + immutable: true + url_param_only: true + - !ruby/object:Api::Type::ResourceRef + name: 'routerNat' + resource: 'RouterNat' + imports: 'name' + api_name: 'name' + description: | + The name of the Nat service in which this address will be configured. + required: true + immutable: true + - !ruby/object:Api::Type::ResourceRef + name: region + resource: Region + imports: name + description: Region where the NAT service reside. + immutable: true + required: false + url_param_only: true + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' +properties: + - !ruby/object:Api::Type::Array + name: 'natIps' + description: | + Self-links of NAT IPs to be used in a Nat service. Only valid if the referenced RouterNat + natIpAllocateOption is set to MANUAL_ONLY. + send_empty_value: true + required: true + is_set: true + set_hash_func: computeRouterNatIPsHash + item_type: !ruby/object:Api::Type::ResourceRef + name: 'address' + resource: 'Address' + imports: 'selfLink' + description: 'A reference to an address to be associated with this NAT' + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Array + name: 'drainNatIps' + description: | + A list of URLs of the IP resources to be drained. These IPs must be + valid static external IPs that have been assigned to the NAT. + send_empty_value: true + is_set: true + item_type: !ruby/object:Api::Type::ResourceRef + name: 'address' + resource: 'Address' + imports: 'selfLink' + description: 'A reference to an address associated with this NAT' + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' +======= exclude_test: true parameters: - name: 'router' @@ -140,3 +267,4 @@ properties: description: 'A reference to an address associated with this NAT' resource: 'Address' imports: 'selfLink' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/RouterRoutePolicy.yaml b/mmv1/products/compute/RouterRoutePolicy.yaml index d3c15564138f..da32c998e8df 100644 --- a/mmv1/products/compute/RouterRoutePolicy.yaml +++ b/mmv1/products/compute/RouterRoutePolicy.yaml @@ -11,6 +11,48 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'RouterRoutePolicy' +base_url: projects/{{project}}/regions/{{region}}/routers/{{router}} +self_link: projects/{{project}}/regions/{{region}}/routers/{{router}}/getRoutePolicy?policy={{name}} +create_url: projects/{{project}}/regions/{{region}}/routers/{{router}}/updateRoutePolicy +update_url: projects/{{project}}/regions/{{region}}/routers/{{router}}/updateRoutePolicy +delete_url: projects/{{project}}/regions/{{region}}/routers/{{router}}/deleteRoutePolicy?policy={{name}} +create_verb: :POST +update_verb: :POST +update_mask: true +delete_verb: :POST +description: A route policy created in a router +min_version: 'beta' +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Google Cloud Router': 'https://cloud.google.com/router/docs/' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/routers' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +id_format: '{{project}}/{{region}}/{{router}}/routePolicies/{{name}}' +import_format: ['{{project}}/{{region}}/{{router}}/routePolicies/{{name}}'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'router_route_policy_export' +======= --- name: 'RouterRoutePolicy' description: A route policy created in a router @@ -53,19 +95,131 @@ custom_code: decoder: 'templates/terraform/decoders/unwrap_route_policy_resource.go.tmpl' examples: - name: 'router_route_policy_export' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'rp-export' vars: router_name: 'my-router' network_name: 'my-network' subnet_name: 'my-subnetwork' route_policy_name: 'my-rp1' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'router_route_policy_import' +======= - name: 'router_route_policy_import' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'rp-import' vars: router_name: 'my-router' network_name: 'my-network' subnet_name: 'my-subnetwork' route_policy_name: 'my-rp2' +<<<<<<< HEAD +custom_code: !ruby/object:Provider::Terraform::CustomCode + decoder: templates/terraform/decoders/unwrap_route_policy_resource.go.erb +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'router' + resource: 'Router' + imports: name + description: | + The name of the Cloud Router in which this route policy will be configured. + required: true + immutable: true + url_param_only: true + - !ruby/object:Api::Type::ResourceRef + name: region + resource: Region + imports: name + description: Region where the router and NAT reside. + immutable: true + required: false + url_param_only: true + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + - !ruby/object:Api::Type::String + name: name + description: | + Name of the route policy. This policy's name, which must be a resource ID segment and unique within all policies owned by the Router + required: true + immutable: true +properties: + - !ruby/object:Api::Type::Enum + name: type + description: | + This is policy's type, which is one of IMPORT or EXPORT + values: + - :ROUTE_POLICY_TYPE_IMPORT + - :ROUTE_POLICY_TYPE_EXPORT + - !ruby/object:Api::Type::Array + name: terms + description: | + List of terms (the order in the list is not important, they are evaluated in order of priority). + required: true + immutable: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Integer + name: priority + description: | + The evaluation priority for this term, which must be between 0 (inclusive) and 231 (exclusive), and unique within the list. + required: true + - !ruby/object:Api::Type::NestedObject + name: match + description: | + CEL expression evaluated against a route to determine if this term applies (see Policy Language). When not set, the term applies to all routes. + properties: + - !ruby/object:Api::Type::String + name: 'expression' + required: true + description: + Textual representation of an expression in Common Expression + Language syntax. + - !ruby/object:Api::Type::String + name: 'title' + description: + Title for the expression, i.e. a short string describing its + purpose. + - !ruby/object:Api::Type::String + name: 'description' + description: Description of the expression + - !ruby/object:Api::Type::String + name: 'location' + description: + String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file + - !ruby/object:Api::Type::Array + name: actions + description: | + 'CEL expressions to evaluate to modify a route when this term matches.'\ + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'expression' + required: true + description: | + Textual representation of an expression in Common Expression + Language syntax. + - !ruby/object:Api::Type::String + name: 'title' + description: | + Title for the expression, i.e. a short string describing its + purpose. + - !ruby/object:Api::Type::String + name: 'description' + description: | + Description of the expression + - !ruby/object:Api::Type::String + name: 'location' + description: | + String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file + - !ruby/object:Api::Type::Fingerprint + name: 'fingerprint' + description: | + The fingerprint used for optimistic locking of this resource. Used + internally during updates. +======= parameters: - name: 'router' type: ResourceRef @@ -187,4 +341,5 @@ properties: The fingerprint used for optimistic locking of this resource. Used internally during updates. min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 output: true diff --git a/mmv1/products/compute/SecurityPolicyRule.yaml b/mmv1/products/compute/SecurityPolicyRule.yaml index 85d3067fd82c..065b587e759b 100644 --- a/mmv1/products/compute/SecurityPolicyRule.yaml +++ b/mmv1/products/compute/SecurityPolicyRule.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,60 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'SecurityPolicyRule' +base_url: 'projects/{{project}}/global/securityPolicies/{{security_policy}}' +self_link: 'projects/{{project}}/global/securityPolicies/{{security_policy}}/getRule?priority={{priority}}' +create_url: 'projects/{{project}}/global/securityPolicies/{{security_policy}}/addRule?priority={{priority}}' +update_verb: :POST +update_mask: true +update_url: 'projects/{{project}}/global/securityPolicies/{{security_policy}}/patchRule?priority={{priority}}' +delete_verb: :POST +delete_url: 'projects/{{project}}/global/securityPolicies/{{security_policy}}/removeRule?priority={{priority}}' +description: | + A rule for the SecurityPolicy. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Creating global security policy rules': 'https://cloud.google.com/armor/docs/configure-security-policies' + api: + 'https://cloud.google.com/compute/docs/reference/rest/v1/securityPolicies/addRule' +id_format: 'projects/{{project}}/global/securityPolicies/{{security_policy}}/priority/{{priority}}' +import_format: ['projects/{{project}}/global/securityPolicies/{{security_policy}}/priority/{{priority}}'] +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'security_policy_rule_basic' + primary_resource_id: 'policy_rule' + vars: + sec_policy_name: 'policyruletest' + - !ruby/object:Provider::Terraform::Examples + name: 'security_policy_rule_default_rule' + primary_resource_id: 'policy_rule' + skip_test: true + vars: + sec_policy_name: 'policyruletest' + project_id: :PROJECT_NAME + - !ruby/object:Provider::Terraform::Examples + name: 'security_policy_rule_multiple_rules' +======= --- name: 'SecurityPolicyRule' description: | @@ -62,10 +120,27 @@ examples: project_id: 'PROJECT_NAME' exclude_test: true - name: 'security_policy_rule_multiple_rules' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'policy_rule_one' vars: sec_policy_name: 'policywithmultiplerules' parameters: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'security_policy' + required: true + immutable: true + description: | + The name of the security policy this rule belongs to. + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'description' + description: | + An optional description of this resource. Provide this property when you create the resource. + - !ruby/object:Api::Type::Integer + name: 'priority' +======= - name: 'security_policy' type: String description: | @@ -80,18 +155,43 @@ properties: An optional description of this resource. Provide this property when you create the resource. - name: 'priority' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority. required: true immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'match' +======= - name: 'match' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'versionedExpr' + description: | + Preconfigured versioned expression. If this field is specified, config must also be specified. + Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding srcIpRange field in config. + values: + - :SRC_IPS_V1 + - !ruby/object:Api::Type::NestedObject + name: 'expr' + description: | + User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header. + properties: + - !ruby/object:Api::Type::String + name: 'expression' + required: true + description: | + Textual representation of an expression in Common Expression Language syntax. The application context of the containing message determines which well-known feature set of CEL is supported. +======= - name: 'versionedExpr' type: Enum description: | @@ -109,6 +209,7 @@ properties: description: | Textual representation of an expression in Common Expression Language syntax. The application context of the containing message determines which well-known feature set of CEL is supported. required: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # >> These fields are not yet supported, following the global security policy resource. # - !ruby/object:Api::Type::String # name: 'title' @@ -122,6 +223,31 @@ properties: # name: 'location' # description: | # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'exprOptions' + description: | + The configuration options available when specifying a user defined CEVAL expression (i.e., 'expr'). + properties: + - !ruby/object:Api::Type::NestedObject + name: 'recaptchaOptions' + required: true + description: | + reCAPTCHA configuration options to be applied for the rule. If the rule does not evaluate reCAPTCHA tokens, this field has no effect. + properties: + - !ruby/object:Api::Type::Array + name: 'actionTokenSiteKeys' + description: | + A list of site keys to be used during the validation of reCAPTCHA action-tokens. The provided site keys need to be created from reCAPTCHA API under the same project where the security policy is created. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'sessionTokenSiteKeys' + description: | + A list of site keys to be used during the validation of reCAPTCHA session-tokens. The provided site keys need to be created from reCAPTCHA API under the same project where the security policy is created. + item_type: Api::Type::String + - !ruby/object:Api::Type::NestedObject + name: 'config' +======= - name: 'exprOptions' type: NestedObject description: | @@ -147,10 +273,20 @@ properties: type: String - name: 'config' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The configuration options available when specifying versionedExpr. This field must be specified if versionedExpr is specified and cannot be specified if versionedExpr is not specified. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'srcIpRanges' + description: | + CIDR IP address range. Maximum number of srcIpRanges allowed is 10. + item_type: Api::Type::String + - !ruby/object:Api::Type::NestedObject + name: 'preconfiguredWafConfig' +======= - name: 'srcIpRanges' type: Array description: | @@ -159,10 +295,31 @@ properties: type: String - name: 'preconfiguredWafConfig' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Preconfigured WAF configuration to be applied for the rule. If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'exclusion' + api_name: 'exclusions' + description: | + An exclusion to apply during preconfigured WAF evaluation. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Array + name: 'requestHeader' + api_name: 'requestHeadersToExclude' + description: | + Request header whose value will be excluded from inspection during preconfigured WAF evaluation. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'operator' + api_name: 'op' + required: true +======= - name: 'exclusion' type: Array description: | @@ -181,6 +338,7 @@ properties: properties: - name: 'operator' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | You can specify an exact match or a partial match by using a field operator and a field value. Available options: @@ -189,6 +347,27 @@ properties: ENDS_WITH: The operator matches if the field value ends with the specified value. CONTAINS: The operator matches if the field value contains the specified value. EQUALS_ANY: The operator matches if the field value is any value. +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + function: validation.StringInSlice([]string{"EQUALS", "STARTS_WITH", "ENDS_WITH", "CONTAINS", "EQUALS_ANY"}, false) + - !ruby/object:Api::Type::String + name: 'value' + api_name: 'val' + description: | + A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation. + The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY. + - !ruby/object:Api::Type::Array + name: 'requestCookie' + api_name: 'requestCookiesToExclude' + description: | + Request cookie whose value will be excluded from inspection during preconfigured WAF evaluation. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'operator' + api_name: 'op' + required: true +======= api_name: op required: true validation: @@ -209,6 +388,7 @@ properties: properties: - name: 'operator' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | You can specify an exact match or a partial match by using a field operator and a field value. Available options: @@ -217,6 +397,28 @@ properties: ENDS_WITH: The operator matches if the field value ends with the specified value. CONTAINS: The operator matches if the field value contains the specified value. EQUALS_ANY: The operator matches if the field value is any value. +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + function: validation.StringInSlice([]string{"EQUALS", "STARTS_WITH", "ENDS_WITH", "CONTAINS", "EQUALS_ANY"}, false) + - !ruby/object:Api::Type::String + name: 'value' + api_name: 'val' + description: | + A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation. + The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY. + - !ruby/object:Api::Type::Array + name: 'requestUri' + api_name: 'requestUrisToExclude' + description: | + Request URI from the request line to be excluded from inspection during preconfigured WAF evaluation. + When specifying this field, the query or fragment part should be excluded. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'operator' + api_name: 'op' + required: true +======= api_name: op required: true validation: @@ -238,6 +440,7 @@ properties: properties: - name: 'operator' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | You can specify an exact match or a partial match by using a field operator and a field value. Available options: @@ -246,6 +449,28 @@ properties: ENDS_WITH: The operator matches if the field value ends with the specified value. CONTAINS: The operator matches if the field value contains the specified value. EQUALS_ANY: The operator matches if the field value is any value. +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + function: validation.StringInSlice([]string{"EQUALS", "STARTS_WITH", "ENDS_WITH", "CONTAINS", "EQUALS_ANY"}, false) + - !ruby/object:Api::Type::String + name: 'value' + api_name: 'val' + description: | + A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation. + The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY. + - !ruby/object:Api::Type::Array + name: 'requestQueryParam' + api_name: 'requestQueryParamsToExclude' + description: | + Request query parameter whose value will be excluded from inspection during preconfigured WAF evaluation. + Note that the parameter can be in the query string or in the POST body. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'operator' + api_name: 'op' + required: true +======= api_name: op required: true validation: @@ -267,6 +492,7 @@ properties: properties: - name: 'operator' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | You can specify an exact match or a partial match by using a field operator and a field value. Available options: @@ -275,6 +501,29 @@ properties: ENDS_WITH: The operator matches if the field value ends with the specified value. CONTAINS: The operator matches if the field value contains the specified value. EQUALS_ANY: The operator matches if the field value is any value. +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + function: validation.StringInSlice([]string{"EQUALS", "STARTS_WITH", "ENDS_WITH", "CONTAINS", "EQUALS_ANY"}, false) + - !ruby/object:Api::Type::String + name: 'value' + api_name: 'val' + description: | + A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation. + The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY. + - !ruby/object:Api::Type::String + name: 'targetRuleSet' + required: true + description: | + Target WAF rule set to apply the preconfigured WAF exclusion. + - !ruby/object:Api::Type::Array + name: 'targetRuleIds' + description: | + A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. + If omitted, it refers to all the rule IDs under the WAF rule set. + item_type: Api::Type::String + - !ruby/object:Api::Type::String + name: 'action' +======= api_name: op required: true validation: @@ -299,6 +548,7 @@ properties: type: String - name: 'action' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The Action to perform when the rule is matched. The following are the valid actions: @@ -312,8 +562,13 @@ properties: * throttle: limit client traffic to the configured threshold. Configure parameters for this action in rateLimitOptions. Requires rateLimitOptions to be set for this. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'rateLimitOptions' +======= - name: 'rateLimitOptions' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions. update_mask_fields: @@ -327,6 +582,46 @@ properties: - 'rateLimitOptions.banThreshold' - 'rateLimitOptions.banDurationSec' properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'rateLimitThreshold' + description: | + Threshold at which to begin ratelimiting. + properties: + - !ruby/object:Api::Type::Integer + name: 'count' + description: | + Number of HTTP(S) requests for calculating the threshold. + - !ruby/object:Api::Type::Integer + name: 'intervalSec' + description: | + Interval over which the threshold is computed. + - !ruby/object:Api::Type::String + name: 'conformAction' + description: | + Action to take for requests that are under the configured rate limit threshold. + Valid option is "allow" only. + - !ruby/object:Api::Type::NestedObject + name: 'exceedRedirectOptions' + description: | + Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. This field is only supported in Global Security Policies of type CLOUD_ARMOR. + properties: + - !ruby/object:Api::Type::String + name: 'type' + description: | + Type of the redirect action. + - !ruby/object:Api::Type::String + name: 'target' + description: | + Target for the redirect action. This is required if the type is EXTERNAL_302 and cannot be specified for GOOGLE_RECAPTCHA. + - !ruby/object:Api::Type::String + name: 'exceedAction' + description: | + Action to take for requests that are above the configured rate limit threshold, to either deny with a specified HTTP response code, or redirect to a different endpoint. + Valid options are deny(STATUS), where valid values for STATUS are 403, 404, 429, and 502. + - !ruby/object:Api::Type::Enum + name: 'enforceOnKey' +======= - name: 'rateLimitThreshold' type: NestedObject description: | @@ -365,6 +660,7 @@ properties: Valid options are deny(STATUS), where valid values for STATUS are 403, 404, 429, and 502. - name: 'enforceOnKey' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Determines the key to enforce the rateLimitThreshold on. Possible values are: * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKey" is not configured. @@ -377,6 +673,21 @@ properties: * REGION_CODE: The country/region from which the request originates. * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. +<<<<<<< HEAD + values: + - :ALL + - :IP + - :HTTP_HEADER + - :XFF_IP + - :HTTP_COOKIE + - :HTTP_PATH + - :SNI + - :REGION_CODE + - :TLS_JA3_FINGERPRINT + - :USER_IP + - !ruby/object:Api::Type::String + name: 'enforceOnKeyName' +======= enum_values: - 'ALL' - 'IP' @@ -390,21 +701,34 @@ properties: - 'USER_IP' - name: 'enforceOnKeyName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Rate limit key name applicable only for the following key types: HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'enforceOnKeyConfigs' +======= - name: 'enforceOnKeyConfigs' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If specified, any combination of values of enforceOnKeyType/enforceOnKeyName is treated as the key on which ratelimit threshold/action is enforced. You can specify up to 3 enforceOnKeyConfigs. If enforceOnKeyConfigs is specified, enforceOnKey must not be specified. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Enum + name: 'enforceOnKeyType' +======= item_type: type: NestedObject properties: - name: 'enforceOnKeyType' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Determines the key to enforce the rateLimitThreshold on. Possible values are: * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKeyConfigs" is not configured. @@ -417,6 +741,21 @@ properties: * REGION_CODE: The country/region from which the request originates. * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. +<<<<<<< HEAD + values: + - :ALL + - :IP + - :HTTP_HEADER + - :XFF_IP + - :HTTP_COOKIE + - :HTTP_PATH + - :SNI + - :REGION_CODE + - :TLS_JA3_FINGERPRINT + - :USER_IP + - !ruby/object:Api::Type::String + name: 'enforceOnKeyName' +======= enum_values: - 'ALL' - 'IP' @@ -430,16 +769,39 @@ properties: - 'USER_IP' - name: 'enforceOnKeyName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Rate limit key name applicable only for the following key types: HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'banThreshold' +======= - name: 'banThreshold' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Can only be specified if the action for the rule is "rate_based_ban". If specified, the key will be banned for the configured 'banDurationSec' when the number of requests that exceed the 'rateLimitThreshold' also exceed this 'banThreshold'. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'count' + description: | + Number of HTTP(S) requests for calculating the threshold. + - !ruby/object:Api::Type::Integer + name: 'intervalSec' + description: | + Interval over which the threshold is computed. + - !ruby/object:Api::Type::Integer + name: 'banDurationSec' + description: | + Can only be specified if the action for the rule is "rate_based_ban". + If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold. + - !ruby/object:Api::Type::Boolean + name: 'preview' +======= - name: 'count' type: Integer description: | @@ -455,5 +817,6 @@ properties: If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold. - name: 'preview' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If set to true, the specified action is not enforced. diff --git a/mmv1/products/compute/ServiceAttachment.yaml b/mmv1/products/compute/ServiceAttachment.yaml index 8d6650c63704..3c20d37c6510 100644 --- a/mmv1/products/compute/ServiceAttachment.yaml +++ b/mmv1/products/compute/ServiceAttachment.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,41 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'ServiceAttachment' +kind: 'compute#ServiceAttachment' +base_url: projects/{{project}}/regions/{{region}}/serviceAttachments +has_self_link: true +update_verb: :PATCH +description: | + Represents a ServiceAttachment resource. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Configuring Private Service Connect to access services': 'https://cloud.google.com/vpc/docs/configure-private-service-connect-services' + api: 'https://cloud.google.com/compute/docs/reference/beta/serviceAttachments' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'service_attachment_basic' +======= --- name: 'ServiceAttachment' kind: 'compute#ServiceAttachment' @@ -47,6 +86,7 @@ custom_code: update_encoder: 'templates/terraform/update_encoder/compute_service_attachment.go.tmpl' examples: - name: 'service_attachment_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'psc_ilb_service_attachment' vars: service_attachment_name: 'my-psc-ilb' @@ -58,7 +98,12 @@ examples: producer_forwarding_rule_name: 'producer-forwarding-rule' consumer_address_name: 'psc-ilb-consumer-address' consumer_forwarding_rule_name: 'psc-ilb-consumer-forwarding-rule' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'service_attachment_explicit_projects' +======= - name: 'service_attachment_explicit_projects' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'psc_ilb_service_attachment' vars: service_attachment_name: 'my-psc-ilb' @@ -70,7 +115,12 @@ examples: producer_forwarding_rule_name: 'producer-forwarding-rule' consumer_address_name: 'psc-ilb-consumer-address' consumer_forwarding_rule_name: 'psc-ilb-consumer-forwarding-rule' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'service_attachment_explicit_networks' +======= - name: 'service_attachment_explicit_networks' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'psc_ilb_service_attachment' vars: service_attachment_name: 'my-psc-ilb' @@ -83,7 +133,12 @@ examples: consumer_network_name: 'psc-ilb-consumer-network' consumer_address_name: 'psc-ilb-consumer-address' consumer_forwarding_rule_name: 'psc-ilb-consumer-forwarding-rule' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'service_attachment_reconcile_connections' +======= - name: 'service_attachment_reconcile_connections' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'psc_ilb_service_attachment' vars: service_attachment_name: 'my-psc-ilb' @@ -95,13 +150,33 @@ examples: producer_forwarding_rule_name: 'producer-forwarding-rule' consumer_address_name: 'psc-ilb-consumer-address' consumer_forwarding_rule_name: 'psc-ilb-consumer-forwarding-rule' +<<<<<<< HEAD +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: templates/terraform/constants/compute_service_attachment.go.erb + update_encoder: 'templates/terraform/update_encoder/compute_service_attachment.go.erb' +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'region' + resource: 'Region' + imports: 'name' +======= parameters: - name: 'region' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | URL of the region where the resource resides. required: false immutable: true +<<<<<<< HEAD + default_from_api: true + ignore_read: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::String + name: 'name' + required: true +======= ignore_read: true default_from_api: true custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' @@ -110,6 +185,7 @@ parameters: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters @@ -117,6 +193,82 @@ properties: which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. +<<<<<<< HEAD + immutable: true + - !ruby/object:Api::Type::String + name: 'description' + description: | + An optional description of this resource. + - !ruby/object:Api::Type::Fingerprint + name: 'fingerprint' + description: | + Fingerprint of this resource. This field is used internally during + updates of this resource. + - !ruby/object:Api::Type::String + name: 'connectionPreference' + required: true + description: | + The connection preference to use for this service attachment. Valid + values include "ACCEPT_AUTOMATIC", "ACCEPT_MANUAL". + - !ruby/object:Api::Type::Array + name: 'connectedEndpoints' + output: true + description: | + An array of the consumer forwarding rules connected to this service + attachment. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'endpoint' + output: true + description: | + The URL of the consumer forwarding rule. + - !ruby/object:Api::Type::String + name: 'status' + output: true + description: | + The status of the connection from the consumer forwarding rule to + this service attachment. + - !ruby/object:Api::Type::String + name: 'consumerNetwork' + output: true + description: | + The url of the consumer network. + - !ruby/object:Api::Type::String + name: 'pscConnectionId' + output: true + description: | + The PSC connection id of the connected endpoint. + - !ruby/object:Api::Type::Integer + name: 'propagatedConnectionCount' + min_version: 'beta' + output: true + description: | + The number of consumer Network Connectivity Center spokes that the connected Private Service Connect endpoint has propagated to. + - !ruby/object:Api::Type::String + name: targetService + required: true + immutable: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + description: | + The URL of a service serving the endpoint identified by this service attachment. + - !ruby/object:Api::Type::Array + name: 'natSubnets' + required: true + send_empty_value: true + description: | + An array of subnets that is provided for NAT in this service attachment. + item_type: !ruby/object:Api::Type::ResourceRef + name: 'subnet' + resource: 'Subnetwork' + imports: 'selfLink' + description: | + A subnet that is provided for NAT in this service attachment. + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Boolean + name: 'enableProxyProtocol' + required: true +======= required: true immutable: true - name: 'description' @@ -194,18 +346,47 @@ properties: imports: 'selfLink' - name: 'enableProxyProtocol' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If true, enable the proxy protocol which is for supplying client TCP/IP address data in TCP connections that traverse proxies on their way to destination servers. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'domainNames' + immutable: true + item_type: Api::Type::String +======= required: true - name: 'domainNames' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If specified, the domain name will be used during the integration between the PSC connected endpoints and the Cloud DNS. For example, this is a valid domain name: "p.mycompany.com.". Current max number of domain names supported is 1. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'consumerRejectLists' + item_type: Api::Type::String + send_empty_value: true + description: | + An array of projects that are not allowed to connect to this service + attachment. + - !ruby/object:Api::Type::Array + name: 'consumerAcceptLists' + description: | + An array of projects that are allowed to connect to this service + attachment. + send_empty_value: true + is_set: true + set_hash_func: computeServiceAttachmentConsumerAcceptListsHash + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'projectIdOrNum' +======= immutable: true item_type: type: String @@ -230,17 +411,35 @@ properties: properties: - name: 'projectIdOrNum' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # TODO (laurensknoll): add exactly_one_of when it can be applied to lists (https://github.com/hashicorp/terraform-plugin-sdk/issues/470) description: | A project that is allowed to connect to this service attachment. Only one of project_id_or_num and network_url may be set. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'networkUrl' +======= - name: 'networkUrl' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # TODO (laurensknoll): add exactly_one_of when it can be applied to lists (https://github.com/hashicorp/terraform-plugin-sdk/issues/470) description: | The network that is allowed to connect to this service attachment. Only one of project_id_or_num and network_url may be set. diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'connectionLimit' + required: true + description: | + The number of consumer forwarding rules the consumer project can + create. + - !ruby/object:Api::Type::Boolean + name: reconcileConnections + default_from_api: true + send_empty_value: true +======= - name: 'connectionLimit' type: Integer description: | @@ -249,15 +448,23 @@ properties: required: true - name: 'reconcileConnections' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This flag determines whether a consumer accept/reject list change can reconcile the statuses of existing ACCEPTED or REJECTED PSC endpoints. If false, connection policy update will only affect existing PENDING PSC endpoints. Existing ACCEPTED/REJECTED endpoints will remain untouched regardless how the connection policy is modified . If true, update will affect both PENDING and ACCEPTED/REJECTED PSC endpoints. For example, an ACCEPTED PSC endpoint will be moved to REJECTED if its project is added to the reject list. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'propagatedConnectionLimit' + min_version: 'beta' + default_from_api: true +======= default_from_api: true send_empty_value: true - name: 'propagatedConnectionLimit' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The number of consumer spokes that connected Private Service Connect endpoints can be propagated to through Network Connectivity Center. This limit lets the service producer limit how many propagated Private Service Connect connections can be established to this service attachment from a single consumer. @@ -266,5 +473,8 @@ properties: If the connection preference of the service attachment is ACCEPT_AUTOMATIC, the limit applies to each project that contains a connected endpoint. If unspecified, the default propagated connection limit is 250. +<<<<<<< HEAD +======= min_version: 'beta' default_from_api: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/Snapshot.yaml b/mmv1/products/compute/Snapshot.yaml index f3db7a1ee1e4..eec18e126813 100644 --- a/mmv1/products/compute/Snapshot.yaml +++ b/mmv1/products/compute/Snapshot.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,9 +15,27 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Snapshot' +kind: 'compute#snapshot' +immutable: true +base_url: projects/{{project}}/global/snapshots +create_url: PRE_CREATE_REPLACE_ME/createSnapshot +collection_url_key: 'items' +has_self_link: true +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/compute/docs/disks/create-snapshots' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/snapshots' +iam_policy: !ruby/object:Api::Resource::IamPolicy + parent_resource_attribute: 'name' + import_format: ['projects/{{project}}/global/snapshots/{{name}}', '{{name}}'] +======= --- name: 'Snapshot' kind: 'compute#snapshot' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Represents a Persistent Disk Snapshot resource. @@ -27,6 +49,45 @@ description: | Snapshots are incremental, so you can create regular snapshots on a persistent disk faster and at a much lower cost than if you regularly created a full image of the disk. +<<<<<<< HEAD +# 'createSnapshot' is a zonal operation while 'snapshot.delete' is a global +# operation. we'll leave the object as global operation and use the disk's +# zonal operation for the create action. +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + full_url: 'selfLink' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'snapshot_basic' + primary_resource_id: 'snapshot' + primary_resource_name: "fmt.Sprintf(\"tf-test-my-snapshot%s\", + context[\"random_suffix\"\ + ])" + vars: + snapshot_name: 'my-snapshot' + disk_name: 'debian-disk' + - !ruby/object:Provider::Terraform::Examples + name: 'snapshot_chainname' + primary_resource_id: 'snapshot' + primary_resource_name: "fmt.Sprintf(\"tf-test-snapshot-chainname%s\", + context[\"\ + random_suffix\"])" +======= references: guides: 'Official Documentation': 'https://cloud.google.com/compute/docs/disks/create-snapshots' @@ -77,10 +138,39 @@ examples: - name: 'snapshot_chainname' primary_resource_id: 'snapshot' primary_resource_name: 'fmt.Sprintf("tf-test-snapshot-chainname%s", context["random_suffix"])' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: snapshot_name: 'my-snapshot' disk_name: 'debian-disk' chain_name: 'snapshot-chain' +<<<<<<< HEAD +custom_code: !ruby/object:Provider::Terraform::CustomCode + decoder: templates/terraform/decoders/snapshot.go.erb + pre_create: templates/terraform/pre_create/compute_snapshot_precreate_url.go.erb +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'sourceDisk' + resource: 'Disk' + imports: 'name' + description: 'A reference to the disk used to create this snapshot.' + immutable: true + required: true + # ignore_read in providers - this is only used in Create + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::ResourceRef + name: 'zone' + resource: 'Zone' + imports: 'name' + description: 'A reference to the zone where the disk is hosted.' + immutable: true + ignore_read: true + default_from_api: true + required: false + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::NestedObject + name: 'snapshotEncryptionKey' +======= parameters: - name: 'sourceDisk' type: ResourceRef @@ -104,6 +194,7 @@ parameters: imports: 'name' - name: 'snapshotEncryptionKey' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Encrypts the snapshot using a customer-supplied encryption key. @@ -119,21 +210,41 @@ parameters: then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'rawKey' +======= - name: 'rawKey' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. ignore_read: true sensitive: true +<<<<<<< HEAD + custom_flatten: templates/terraform/custom_flatten/compute_snapshot_snapshot_encryption_raw_key.go.erb + - !ruby/object:Api::Type::String + name: 'sha256' +======= custom_flatten: 'templates/terraform/custom_flatten/compute_snapshot_snapshot_encryption_raw_key.go.tmpl' - name: 'sha256' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource. output: true # TODO(chrisst) Change to ResourceRef once KMS is in Magic Modules +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'kmsKeySelfLink' + api_name: 'kmsKeyName' + description: | + The name of the encryption key that is stored in Google Cloud KMS. + - !ruby/object:Api::Type::String + name: 'kmsKeyServiceAccount' +======= - name: 'kmsKeySelfLink' type: String description: | @@ -141,31 +252,65 @@ parameters: api_name: kmsKeyName - name: 'kmsKeyServiceAccount' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The service account used for the encryption request for the given KMS key. If absent, the Compute Engine Service Agent service account is used. # ignore_read in providers - this is only used in Create +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'sourceDiskEncryptionKey' +======= - name: 'sourceDiskEncryptionKey' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key. ignore_read: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'rawKey' +======= - name: 'rawKey' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. # The docs list this field but it is never returned. sensitive: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'kmsKeyServiceAccount' +======= - name: 'kmsKeyServiceAccount' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The service account used for the encryption request for the given KMS key. If absent, the Compute Engine Service Agent service account is used. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::Integer + name: 'snapshot_id' + api_name: 'id' + description: 'The unique identifier for the resource.' + output: true + # 'status' not useful for object convergence. + - !ruby/object:Api::Type::Integer + name: 'diskSizeGb' + description: 'Size of the snapshot, specified in GB.' + output: true + - !ruby/object:Api::Type::String + name: 'chainName' +======= - name: 'creationTimestamp' type: Time description: 'Creation timestamp in RFC3339 text format.' @@ -182,6 +327,7 @@ properties: output: true - name: 'chainName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Creates the new snapshot in the snapshot chain labeled with the specified name. The chain name must be 1-63 characters long and @@ -189,8 +335,15 @@ properties: service owners who needs to create separate snapshot chains, for example, for chargeback tracking. When you describe your snapshot resource, this field is visible only if it has a non-empty value. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'name' + required: true + immutable: true +======= - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -199,6 +352,15 @@ properties: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'description' + immutable: true + description: 'An optional description of this resource.' + # 'sourceDiskId' not useful for object convergence. + - !ruby/object:Api::Type::Integer + name: 'storageBytes' +======= required: true immutable: true - name: 'description' @@ -208,12 +370,24 @@ properties: # 'sourceDiskId' not useful for object convergence. - name: 'storageBytes' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A size of the storage used by the snapshot. As snapshots share storage, this number is expected to change with snapshot creation/deletion. output: true # 'storageBytesStatus' not useful for object convergence. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'storageLocations' + description: | + Cloud Storage bucket storage location of the snapshot (regional or multi-regional). + default_from_api: true + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'licenses' + output: true +======= - name: 'storageLocations' type: Array description: | @@ -223,11 +397,32 @@ properties: type: String - name: 'licenses' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of public visible licenses that apply to this snapshot. This can be because the original image had licenses attached (such as a Windows image). snapshotEncryptionKey nested object Encrypts the snapshot using a customer-supplied encryption key. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::ResourceRef + name: 'license' + resource: 'License' + imports: 'selfLink' + description: 'A reference to a license associated with this snapshot' + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: Labels to apply to this Snapshot. + update_verb: :POST + update_url: 'projects/{{project}}/global/snapshots/{{name}}/setLabels' + - !ruby/object:Api::Type::Fingerprint + name: 'labelFingerprint' + description: | + The fingerprint used for optimistic locking of this resource. Used + internally during updates. + update_url: 'projects/{{project}}/global/snapshots/{{name}}/setLabels' + update_verb: :POST +======= output: true custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.tmpl' item_type: @@ -250,3 +445,4 @@ properties: update_url: 'projects/{{project}}/global/snapshots/{{name}}/setLabels' update_verb: 'POST' key_expander: '' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/SslCertificate.yaml b/mmv1/products/compute/SslCertificate.yaml index a4e3e2a762cd..119d5c1343eb 100644 --- a/mmv1/products/compute/SslCertificate.yaml +++ b/mmv1/products/compute/SslCertificate.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,18 +15,54 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'SslCertificate' +kind: 'compute#sslCertificate' +base_url: projects/{{project}}/global/sslCertificates +collection_url_key: 'items' +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/ssl-certificates' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/sslCertificates' +immutable: true +has_self_link: true +======= --- name: 'SslCertificate' kind: 'compute#sslCertificate' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An SslCertificate resource, used for HTTPS load balancing. This resource provides a mechanism to upload an SSL key and certificate to the load balancer to serve secure connections from the user. +<<<<<<< HEAD +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +docs: !ruby/object:Provider::Terraform::Docs +======= references: guides: 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/ssl-certificates' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/sslCertificates' docs: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 optional_properties: | * `name_prefix` - (Optional) Creates a unique name beginning with the specified prefix. Conflicts with `name`. Max length is 54 characters. @@ -32,6 +72,30 @@ docs: `name_prefix` + YYYYmmddHHSSssss + 8 digit incremental counter Resulting name for a `name_prefix` 38 - 54 characters: `name_prefix` + YYmmdd + 3 digit incremental counter +<<<<<<< HEAD +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'ssl_certificate_basic' + primary_resource_id: + 'default' + # Uses id.UniqueId + skip_vcr: true + ignore_read_extra: + - 'name_prefix' + - !ruby/object:Provider::Terraform::Examples + name: 'ssl_certificate_random_provider' + external_providers: ["random", "time"] + primary_resource_id: + 'default' + # Uses id.UniqueId + skip_vcr: true + - !ruby/object:Provider::Terraform::Examples + name: 'ssl_certificate_target_https_proxies' + primary_resource_id: + 'default' + # Uses id.UniqueId + skip_vcr: true +======= base_url: 'projects/{{project}}/global/sslCertificates' has_self_link: true immutable: true @@ -70,6 +134,7 @@ examples: skip_vcr: true - name: 'ssl_certificate_target_https_proxies' primary_resource_id: 'default' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: target_https_proxy_name: 'test-proxy' url_map_name: 'url-map' @@ -77,18 +142,46 @@ examples: http_health_check_name: 'http-health-check' ignore_read_extra: - 'name_prefix' +<<<<<<< HEAD +custom_code: !ruby/object:Provider::Terraform::CustomCode + extra_schema_entry: templates/terraform/extra_schema_entry/ssl_certificate.erb +properties: + - !ruby/object:Api::Type::String + name: 'certificate' +======= # Uses id.UniqueId skip_vcr: true parameters: properties: - name: 'certificate' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. required: true sensitive: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::String + name: 'description' + description: 'An optional description of this resource.' + - !ruby/object:Api::Type::String + name: 'expireTime' + output: true + description: 'Expire time of the certificate in RFC3339 text format.' + - !ruby/object:Api::Type::Integer + name: 'certificate_id' + api_name: 'id' + description: 'The unique identifier for the resource.' + output: true + - !ruby/object:Api::Type::String + name: 'name' +======= - name: 'creationTimestamp' type: Time description: 'Creation timestamp in RFC3339 text format.' @@ -107,6 +200,7 @@ properties: output: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -118,6 +212,20 @@ properties: These are in the same namespace as the managed SSL certificates. default_from_api: true +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/name_or_name_prefix.go.erb' + validation: !ruby/object:Provider::Terraform::Validation + function: 'verify.ValidateGCEName' + - !ruby/object:Api::Type::String + name: 'privateKey' + description: 'The write-only private key in PEM format.' + required: true + immutable: true + sensitive: true + ignore_read: true + custom_flatten: 'templates/terraform/custom_flatten/sha256.erb' + diff_suppress_func: 'sha256DiffSuppress' +======= custom_expand: 'templates/terraform/custom_expand/name_or_name_prefix.go.tmpl' validation: function: 'verify.ValidateGCEName' @@ -130,3 +238,4 @@ properties: sensitive: true diff_suppress_func: 'sha256DiffSuppress' custom_flatten: 'templates/terraform/custom_flatten/sha256.tmpl' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/SslPolicy.yaml b/mmv1/products/compute/SslPolicy.yaml index c78369eee147..56642c2b4b8e 100644 --- a/mmv1/products/compute/SslPolicy.yaml +++ b/mmv1/products/compute/SslPolicy.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,43 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'SslPolicy' +kind: 'compute#sslPolicy' +base_url: projects/{{project}}/global/sslPolicies +collection_url_key: 'items' +update_verb: :PATCH +has_self_link: true +description: | + Represents a SSL policy. SSL policies give you the ability to control the + features of SSL that your SSL proxy or HTTPS load balancer negotiates. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Using SSL Policies': 'https://cloud.google.com/compute/docs/load-balancing/ssl-policies' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/sslPolicies' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'ssl_policy_basic' +======= --- name: 'SslPolicy' kind: 'compute#sslPolicy' @@ -51,11 +92,31 @@ custom_diff: - 'sslPolicyCustomizeDiff' examples: - name: 'ssl_policy_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'prod-ssl-policy' vars: production_ssl_policy_name: 'production-ssl-policy' nonprod_ssl_policy_name: 'nonprod-ssl-policy' custom_ssl_policy_name: 'custom-ssl-policy' +<<<<<<< HEAD +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: 'templates/terraform/constants/ssl_policy.erb' + update_encoder: 'templates/terraform/update_encoder/ssl_policy.erb' +custom_diff: [ + 'sslPolicyCustomizeDiff', +] +properties: + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::String + name: 'description' + description: 'An optional description of this resource.' + immutable: true + - !ruby/object:Api::Type::String + name: 'name' +======= parameters: properties: - name: 'creationTimestamp' @@ -68,6 +129,7 @@ properties: immutable: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -76,11 +138,19 @@ properties: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. +<<<<<<< HEAD + immutable: true + required: true + # TODO: profile, minTlsVersion, enabledFeatures, customFeatures, fingerprint, warnings, kind + - !ruby/object:Api::Type::Enum + name: 'profile' +======= required: true immutable: true # TODO: profile, minTlsVersion, enabledFeatures, customFeatures, fingerprint, warnings, kind - name: 'profile' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. If using `CUSTOM`, @@ -90,6 +160,32 @@ properties: See the [official documentation](https://cloud.google.com/compute/docs/load-balancing/ssl-policies#profilefeaturesupport) for information on what cipher suites each profile provides. If `CUSTOM` is used, the `custom_features` attribute **must be set**. +<<<<<<< HEAD + values: + - :COMPATIBLE + - :MODERN + - :RESTRICTED + - :CUSTOM + default_value: :COMPATIBLE + - !ruby/object:Api::Type::Enum + name: 'minTlsVersion' + description: | + The minimum version of SSL protocol that can be used by the clients + to establish a connection with the load balancer. + values: + - :TLS_1_0 + - :TLS_1_1 + - :TLS_1_2 + default_value: :TLS_1_0 + - !ruby/object:Api::Type::Array + name: 'enabledFeatures' + description: 'The list of features enabled in the SSL policy.' + output: true + is_set: true + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'customFeatures' +======= default_value: "COMPATIBLE" enum_values: - 'COMPATIBLE' @@ -115,6 +211,7 @@ properties: type: String - name: 'customFeatures' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. This can be one of @@ -127,10 +224,16 @@ properties: *must* be present when using the `CUSTOM` profile. This argument *must not* be present when using any other profile. is_set: true +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::String + name: 'fingerprint' +======= item_type: type: String - name: 'fingerprint' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. diff --git a/mmv1/products/compute/Subnetwork.yaml b/mmv1/products/compute/Subnetwork.yaml index 7c69292e772d..6519853c7920 100644 --- a/mmv1/products/compute/Subnetwork.yaml +++ b/mmv1/products/compute/Subnetwork.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,9 +15,19 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Subnetwork' +kind: 'compute#subnetwork' +base_url: projects/{{project}}/regions/{{region}}/subnetworks +collection_url_key: 'items' +immutable: true +has_self_link: true +======= --- name: 'Subnetwork' kind: 'compute#subnetwork' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A VPC network is a virtual version of the traditional physical networks that exist within and between physical data centers. A VPC network @@ -37,11 +51,59 @@ description: | instances in all other subnets of the same VPC network, regardless of region, using their RFC1918 private IP addresses. You can isolate portions of the network, even entire subnets, using firewall rules. +<<<<<<< HEAD +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +references: !ruby/object:Api::Resource::ReferenceLinks +======= references: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 guides: 'Private Google Access': 'https://cloud.google.com/vpc/docs/configure-private-google-access' 'Cloud Networking': 'https://cloud.google.com/vpc/docs/using-vpc' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks' +<<<<<<< HEAD +iam_policy: !ruby/object:Api::Resource::IamPolicy + allowed_iam_role: 'roles/compute.networkUser' + parent_resource_attribute: 'subnetwork' + iam_conditions_request_type: :QUERY_PARAM +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: templates/terraform/constants/subnetwork.erb + extra_schema_entry: templates/terraform/extra_schema_entry/subnetwork.erb + post_update: templates/terraform/post_update/compute_subnetwork.go.erb +custom_diff: [ + 'customdiff.ForceNewIfChange("ip_cidr_range", IsShrinkageIpCidr)', + 'sendSecondaryIpRangeIfEmptyDiff', +] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'subnetwork_basic' + primary_resource_id: 'network-with-private-secondary-ip-ranges' + vars: + subnetwork_name: 'test-subnetwork' + network_name: 'test-network' + primary_resource_name: "fmt.Sprintf(\"tf-test-test-subnetwork%s\", + context[\"\ + random_suffix\"])" + - !ruby/object:Provider::Terraform::Examples + name: 'subnetwork_logging_config' +======= docs: base_url: 'projects/{{project}}/regions/{{region}}/subnetworks' has_self_link: true @@ -85,10 +147,22 @@ examples: subnetwork_name: 'test-subnetwork' network_name: 'test-network' - name: 'subnetwork_logging_config' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'subnet-with-logging' vars: subnetwork_name: 'log-test-subnetwork' network_name: 'log-test-network' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'subnetwork_internal_l7lb' + min_version: beta + primary_resource_id: 'network-for-l7lb' + vars: + subnetwork_name: 'l7lb-test-subnetwork' + network_name: 'l7lb-test-network' + - !ruby/object:Provider::Terraform::Examples + name: 'subnetwork_ipv6' +======= - name: 'subnetwork_internal_l7lb' primary_resource_id: 'network-for-l7lb' min_version: 'beta' @@ -96,15 +170,48 @@ examples: subnetwork_name: 'l7lb-test-subnetwork' network_name: 'l7lb-test-network' - name: 'subnetwork_ipv6' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'subnetwork-ipv6' vars: subnetwork_name: 'ipv6-test-subnetwork' network_name: 'ipv6-test-network' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'subnetwork_internal_ipv6' +======= - name: 'subnetwork_internal_ipv6' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'subnetwork-internal-ipv6' vars: subnetwork_name: 'internal-ipv6-test-subnetwork' network_name: 'internal-ipv6-test-network' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'subnetwork_purpose_private_nat' + min_version: beta + primary_resource_id: 'subnetwork-purpose-private-nat' + vars: + subnetwork_name: 'subnet-purpose-test-subnetwork' + network_name: 'subnet-purpose-test-network' + - !ruby/object:Provider::Terraform::Examples + name: 'subnetwork_cidr_overlap' + min_version: beta + primary_resource_id: 'subnetwork-cidr-overlap' + vars: + subnetwork_name: 'subnet-cidr-overlap' + network_name: 'net-cidr-overlap' + - !ruby/object:Provider::Terraform::Examples + name: 'subnetwork_reserved_internal_range' + min_version: beta + primary_resource_id: 'subnetwork-reserved-internal-range' + vars: + subnetwork_name: 'subnetwork-reserved-internal-range' + network_name: 'network-reserved-internal-range' + - !ruby/object:Provider::Terraform::Examples + name: 'subnetwork_reserved_secondary_range' + min_version: beta + primary_resource_id: 'subnetwork-reserved-secondary-range' +======= - name: 'subnetwork_purpose_private_nat' primary_resource_id: 'subnetwork-purpose-private-nat' min_version: 'beta' @@ -126,11 +233,17 @@ examples: - name: 'subnetwork_reserved_secondary_range' primary_resource_id: 'subnetwork-reserved-secondary-range' min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: subnetwork_name: 'subnetwork-reserved-secondary-range' network_name: 'network-reserved-secondary-range' virtual_fields: +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'send_secondary_ip_range_if_empty' +======= - name: 'send_secondary_ip_range_if_empty' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Controls the removal behavior of secondary_ip_range. When false, removing secondary_ip_range from config will not produce a diff as @@ -138,6 +251,15 @@ virtual_fields: When true, the provider will treat removing secondary_ip_range as sending an empty list of secondary IP ranges to the API. Defaults to false. +<<<<<<< HEAD +properties: + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::String + name: 'description' +======= type: Boolean parameters: properties: @@ -147,18 +269,30 @@ properties: output: true - name: 'description' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional description of this resource. Provide this property when you create the resource. This field can be set only at resource creation time. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'gatewayAddress' +======= - name: 'gatewayAddress' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The gateway address for default routes to reach destination addresses outside this subnetwork. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'ipCidrRange' + default_from_api: true +======= - name: 'ipCidrRange' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The range of internal addresses that are owned by this subnetwork. Provide this property when you create the subnetwork. For example, @@ -166,6 +300,14 @@ properties: non-overlapping within a network. Only IPv4 is supported. Field is optional when `reserved_internal_range` is defined, otherwise required. required: false +<<<<<<< HEAD + update_verb: :POST + update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}/expandIpCidrRange' + validation: !ruby/object:Provider::Terraform::Validation + function: 'verify.ValidateIpCidrRange' + - !ruby/object:Api::Type::ResourceRef + name: 'reservedInternalRange' +======= default_from_api: true update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}/expandIpCidrRange' update_verb: 'POST' @@ -173,13 +315,19 @@ properties: function: 'verify.ValidateIpCidrRange' - name: 'reservedInternalRange' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The ID of the reserved internal range. Must be prefixed with `networkconnectivity.googleapis.com` E.g. `networkconnectivity.googleapis.com/projects/{project}/locations/global/internalRanges/{rangeId}` resource: 'InternalRange' imports: 'selfLink' +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'name' +======= - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the resource, provided by the client when initially creating the resource. The name must be 1-63 characters long, and @@ -189,6 +337,23 @@ properties: following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + function: 'verify.ValidateGCEName' + - !ruby/object:Api::Type::ResourceRef + name: 'network' + resource: 'Network' + imports: 'selfLink' + description: | + The network this subnet belongs to. + Only networks that are in the distributed mode can have subnetworks. + immutable: true + required: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::String + name: 'purpose' + immutable: true +======= validation: function: 'verify.ValidateGCEName' - name: 'network' @@ -203,6 +368,7 @@ properties: imports: 'selfLink' - name: 'purpose' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The purpose of the resource. This field can be either `PRIVATE`, `REGIONAL_MANAGED_PROXY`, `GLOBAL_MANAGED_PROXY`, `PRIVATE_SERVICE_CONNECT` or `PRIVATE_NAT`([Beta](https://terraform.io/docs/providers/google/guides/provider_versions.html)). A subnet with purpose set to `REGIONAL_MANAGED_PROXY` is a user-created subnetwork that is reserved for regional Envoy-based load balancers. @@ -211,16 +377,37 @@ properties: A subnetwork with purpose set to `PRIVATE_NAT` is used as source range for Private NAT gateways. Note that `REGIONAL_MANAGED_PROXY` is the preferred setting for all regional Envoy load balancers. If unspecified, the purpose defaults to `PRIVATE`. +<<<<<<< HEAD + default_from_api: true + - !ruby/object:Api::Type::Enum + name: 'role' + update_verb: :PATCH + update_url: projects/{{project}}/regions/{{region}}/subnetworks/{{name}} + update_id: 'role' + fingerprint_name: 'fingerprint' + values: + - :ACTIVE + - :BACKUP +======= immutable: true default_from_api: true - name: 'role' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The role of subnetwork. Currently, this field is only used when `purpose` is `REGIONAL_MANAGED_PROXY`. The value can be set to `ACTIVE` or `BACKUP`. An `ACTIVE` subnetwork is one that is currently being used for Envoy-based load balancers in a region. A `BACKUP` subnetwork is one that is ready to be promoted to `ACTIVE` or is currently draining. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'secondaryIpRange' + api_name: secondaryIpRanges + unordered_list: true + default_from_api: true + send_empty_value: true +======= update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}' update_verb: 'PATCH' update_id: 'role' @@ -230,6 +417,7 @@ properties: - 'BACKUP' - name: 'secondaryIpRange' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An array of configurations for secondary IP ranges for VM instances contained in this subnetwork. The primary IP of such VM must belong @@ -239,6 +427,19 @@ properties: **Note**: This field uses [attr-as-block mode](https://www.terraform.io/docs/configuration/attr-as-blocks.html) to avoid breaking users during the 0.12 upgrade. To explicitly send a list of zero objects, set `send_secondary_ip_range_if_empty = true` +<<<<<<< HEAD + update_verb: :PATCH + update_url: projects/{{project}}/regions/{{region}}/subnetworks/{{name}} + update_id: 'secondaryIpRanges' + fingerprint_name: 'fingerprint' + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'rangeName' + required: true + validation: !ruby/object:Provider::Terraform::Validation + function: 'verify.ValidateGCEName' +======= api_name: secondaryIpRanges unordered_list: true default_from_api: true @@ -252,33 +453,69 @@ properties: properties: - name: 'rangeName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name associated with this subnetwork secondary range, used when adding an alias IP range to a VM instance. The name must be 1-63 characters long, and comply with RFC1035. The name must be unique within the subnetwork. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'ipCidrRange' + required: false + default_from_api: true + validation: !ruby/object:Provider::Terraform::Validation + function: 'verify.ValidateIpCidrRange' +======= required: true validation: function: 'verify.ValidateGCEName' - name: 'ipCidrRange' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The range of IP addresses belonging to this subnetwork secondary range. Provide this property when you create the subnetwork. Ranges must be unique and non-overlapping with all primary and secondary IP ranges within a network. Only IPv4 is supported. Field is optional when `reserved_internal_range` is defined, otherwise required. +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: 'reservedInternalRange' +======= required: false default_from_api: true validation: function: 'verify.ValidateIpCidrRange' - name: 'reservedInternalRange' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The ID of the reserved internal range. Must be prefixed with `networkconnectivity.googleapis.com` E.g. `networkconnectivity.googleapis.com/projects/{project}/locations/global/internalRanges/{rangeId}` resource: 'InternalRange' imports: 'selfLink' +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'privateIpGoogleAccess' + description: | + When enabled, VMs in this subnetwork without external IP addresses can + access Google APIs and services by using Private Google Access. + update_verb: :POST + update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}/setPrivateIpGoogleAccess' + default_from_api: true + - !ruby/object:Api::Type::String + name: 'privateIpv6GoogleAccess' + update_verb: :PATCH + update_url: projects/{{project}}/regions/{{region}}/subnetworks/{{name}} + description: The private IPv6 google access type for the VMs in this subnet. + fingerprint_name: 'fingerprint' + default_from_api: true + - !ruby/object:Api::Type::ResourceRef + name: 'region' + resource: 'Region' + imports: 'name' +======= - name: 'privateIpGoogleAccess' type: Boolean description: | @@ -296,23 +533,47 @@ properties: fingerprint_name: 'fingerprint' - name: 'region' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The GCP region for this subnetwork. required: false immutable: true default_from_api: true +<<<<<<< HEAD + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::NestedObject + name: 'logConfig' + update_verb: :PATCH + update_url: projects/{{project}}/regions/{{region}}/subnetworks/{{name}} + fingerprint_name: 'fingerprint' + update_id: 'logConfig' +======= custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Region' imports: 'name' - name: 'logConfig' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This field denotes the VPC flow logging options for this subnetwork. If logging is enabled, logs are exported to Cloud Logging. Flow logging isn't supported if the subnet `purpose` field is set to subnetwork is `REGIONAL_MANAGED_PROXY` or `GLOBAL_MANAGED_PROXY`. send_empty_value: true +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/subnetwork_log_config.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/subnetwork_log_config.go.erb' + properties: + - !ruby/object:Api::Type::Enum + name: 'aggregationInterval' + at_least_one_of: + - log_config.0.aggregation_interval + - log_config.0.flow_sampling + - log_config.0.metadata + - log_config.0.filterExpr +======= update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}' update_verb: 'PATCH' update_id: 'logConfig' @@ -322,11 +583,29 @@ properties: properties: - name: 'aggregationInterval' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Can only be specified if VPC flow logging for this subnetwork is enabled. Toggles the aggregation interval for collecting flow logs. Increasing the interval time will reduce the amount of generated flow logs for long lasting connections. Default is an interval of 5 seconds per connection. +<<<<<<< HEAD + values: + - :INTERVAL_5_SEC + - :INTERVAL_30_SEC + - :INTERVAL_1_MIN + - :INTERVAL_5_MIN + - :INTERVAL_10_MIN + - :INTERVAL_15_MIN + default_value: :INTERVAL_5_SEC + - !ruby/object:Api::Type::Double + name: 'flowSampling' + at_least_one_of: + - log_config.0.aggregation_interval + - log_config.0.flow_sampling + - log_config.0.metadata + - log_config.0.filterExpr +======= at_least_one_of: - 'log_config.0.aggregation_interval' - 'log_config.0.flow_sampling' @@ -342,12 +621,23 @@ properties: - 'INTERVAL_15_MIN' - name: 'flowSampling' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Can only be specified if VPC flow logging for this subnetwork is enabled. The value of the field must be in [0, 1]. Set the sampling rate of VPC flow logs within the subnetwork where 1.0 means all collected logs are reported and 0.0 means no logs are reported. Default is 0.5 which means half of all collected logs are reported. +<<<<<<< HEAD + default_value: 0.5 + - !ruby/object:Api::Type::Enum + name: 'metadata' + at_least_one_of: + - log_config.0.aggregation_interval + - log_config.0.flow_sampling + - log_config.0.metadata + - log_config.0.filterExpr +======= at_least_one_of: - 'log_config.0.aggregation_interval' - 'log_config.0.flow_sampling' @@ -356,10 +646,20 @@ properties: default_value: 0.5 - name: 'metadata' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Can only be specified if VPC flow logging for this subnetwork is enabled. Configures whether metadata fields should be added to the reported VPC flow logs. +<<<<<<< HEAD + values: + - :EXCLUDE_ALL_METADATA + - :INCLUDE_ALL_METADATA + - :CUSTOM_METADATA + default_value: :INCLUDE_ALL_METADATA + - !ruby/object:Api::Type::Array + name: 'metadataFields' +======= at_least_one_of: - 'log_config.0.aggregation_interval' - 'log_config.0.flow_sampling' @@ -372,18 +672,41 @@ properties: - 'CUSTOM_METADATA' - name: 'metadataFields' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | List of metadata fields that should be added to reported logs. Can only be specified if VPC flow logs for this subnetwork is enabled and "metadata" is set to CUSTOM_METADATA. is_set: true +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::String + name: 'filterExpr' + at_least_one_of: + - log_config.0.aggregation_interval + - log_config.0.flow_sampling + - log_config.0.metadata + - log_config.0.filterExpr +======= item_type: type: String - name: 'filterExpr' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Export filter used to define which VPC flow logs should be logged, as as CEL expression. See https://cloud.google.com/vpc/docs/flow-logs#filtering for details on how to format this field. The default value is 'true', which evaluates to include everything. +<<<<<<< HEAD + default_value: 'true' + - !ruby/object:Api::Type::Enum + name: 'stackType' + update_verb: :PATCH + update_url: projects/{{project}}/regions/{{region}}/subnetworks/{{name}} + fingerprint_name: 'fingerprint' + values: + - :IPV4_ONLY + - :IPV4_IPV6 +======= at_least_one_of: - 'log_config.0.aggregation_interval' - 'log_config.0.flow_sampling' @@ -392,10 +715,21 @@ properties: default_value: "true" - name: 'stackType' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The stack type for this subnet to identify whether the IPv6 feature is enabled or not. If not specified IPV4_ONLY will be used. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'ipv6AccessType' + update_verb: :PATCH + update_url: projects/{{project}}/regions/{{region}}/subnetworks/{{name}} + fingerprint_name: 'fingerprint' + values: + - :EXTERNAL + - :INTERNAL +======= update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}' update_verb: 'PATCH' fingerprint_name: 'fingerprint' @@ -404,10 +738,36 @@ properties: - 'IPV4_IPV6' - name: 'ipv6AccessType' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The access type of IPv6 address this subnet holds. It's immutable and can only be specified during creation or the first time the subnet is updated into IPV4_IPV6 dual stack. If the ipv6_type is EXTERNAL then this subnet cannot enable direct path. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'ipv6CidrRange' + output: true + description: | + The range of internal IPv6 addresses that are owned by this subnetwork. + - !ruby/object:Api::Type::String + name: 'internalIpv6Prefix' + output: true + description: | + The internal IPv6 address range that is assigned to this subnetwork. + - !ruby/object:Api::Type::String + name: 'externalIpv6Prefix' + default_from_api: true + description: | + The range of external IPv6 addresses that are owned by this subnetwork. + - !ruby/object:Api::Type::Boolean + name: 'allowSubnetCidrRoutesOverlap' + default_from_api: true + update_verb: :PATCH + update_url: projects/{{project}}/regions/{{region}}/subnetworks/{{name}} + fingerprint_name: 'fingerprint' + send_empty_value: true + min_version: beta +======= update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}' update_verb: 'PATCH' fingerprint_name: 'fingerprint' @@ -431,14 +791,18 @@ properties: default_from_api: true - name: 'allowSubnetCidrRoutesOverlap' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Typically packets destined to IPs within the subnetwork range that do not match existing resources are dropped and prevented from leaving the VPC. Setting this field to true will allow these packets to match dynamic routes injected via BGP even if their destinations match existing subnet ranges. +<<<<<<< HEAD +======= min_version: 'beta' default_from_api: true send_empty_value: true update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}' update_verb: 'PATCH' fingerprint_name: 'fingerprint' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/TargetGrpcProxy.yaml b/mmv1/products/compute/TargetGrpcProxy.yaml index a8ea91e0905e..07efbaf0b09d 100644 --- a/mmv1/products/compute/TargetGrpcProxy.yaml +++ b/mmv1/products/compute/TargetGrpcProxy.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,14 +15,51 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'TargetGrpcProxy' +kind: 'compute#targetGrpcProxy' +base_url: projects/{{project}}/global/targetGrpcProxies +collection_url_key: 'items' +update_verb: :PATCH +has_self_link: true +======= --- name: 'TargetGrpcProxy' kind: 'compute#targetGrpcProxy' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Represents a Target gRPC Proxy resource. A target gRPC proxy is a component of load balancers intended for load balancing gRPC traffic. Global forwarding rules reference a target gRPC proxy. The Target gRPC Proxy references a URL map which specifies how traffic routes to gRPC backend services. +<<<<<<< HEAD +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Using Target gRPC Proxies': 'https://cloud.google.com/traffic-director/docs/proxyless-overview' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/targetGrpcProxies' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'target_grpc_proxy_basic' +======= references: guides: 'Using Target gRPC Proxies': 'https://cloud.google.com/traffic-director/docs/proxyless-overview' @@ -49,12 +90,22 @@ collection_url_key: 'items' custom_code: examples: - name: 'target_grpc_proxy_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: proxy_name: 'proxy' urlmap_name: 'urlmap' backend_name: 'backend' healthcheck_name: 'healthcheck' +<<<<<<< HEAD +properties: + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::String + name: 'name' +======= parameters: properties: - name: 'creationTimestamp' @@ -63,6 +114,7 @@ properties: output: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply @@ -71,6 +123,19 @@ properties: means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. +<<<<<<< HEAD + immutable: true + required: true + - !ruby/object:Api::Type::String + name: 'description' + description: 'An optional description of this resource.' + - !ruby/object:Api::Type::String + name: 'selfLinkWithId' + description: 'Server-defined URL with id for the resource.' + output: true + - !ruby/object:Api::Type::String + name: 'urlMap' +======= required: true immutable: true - name: 'description' @@ -82,6 +147,7 @@ properties: output: true - name: 'urlMap' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | URL to the UrlMap resource that defines the mapping from URL to the BackendService. The protocol field in the BackendService @@ -90,8 +156,14 @@ properties: update_id: 'urlMap' fingerprint_name: 'fingerprint' diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'validateForProxyless' + immutable: true +======= - name: 'validateForProxyless' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If true, indicates that the BackendServices referenced by the urlMap may be accessed by gRPC applications without using @@ -103,9 +175,14 @@ properties: applications via a sidecar proxy. In this case, a gRPC application must not use "xds:///" scheme in the target URI of the service it is connecting to +<<<<<<< HEAD + - !ruby/object:Api::Type::Fingerprint + name: 'fingerprint' +======= immutable: true - name: 'fingerprint' type: Fingerprint +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field @@ -114,4 +191,7 @@ properties: TargetGrpcProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetGrpcProxy. A base64-encoded string. +<<<<<<< HEAD +======= output: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/TargetHttpProxy.yaml b/mmv1/products/compute/TargetHttpProxy.yaml index b8f8d271d0e0..31874c1352cb 100644 --- a/mmv1/products/compute/TargetHttpProxy.yaml +++ b/mmv1/products/compute/TargetHttpProxy.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,43 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'TargetHttpProxy' +kind: 'compute#targetHttpProxy' +base_url: projects/{{project}}/global/targetHttpProxies +collection_url_key: 'items' +has_self_link: true +immutable: true +description: | + Represents a TargetHttpProxy resource, which is used by one or more global + forwarding rule to route incoming HTTP requests to a URL map. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/compute/docs/load-balancing/http/target-proxies' + api: 'https://cloud.google.com/compute/docs/reference/v1/targetHttpProxies' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'target_http_proxy_basic' +======= --- name: 'TargetHttpProxy' kind: 'compute#targetHttpProxy' @@ -47,24 +88,52 @@ collection_url_key: 'items' custom_code: examples: - name: 'target_http_proxy_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: target_http_proxy_name: 'test-proxy' url_map_name: 'url-map' backend_service_name: 'backend-service' http_health_check_name: 'http-health-check' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'target_http_proxy_http_keep_alive_timeout' +======= - name: 'target_http_proxy_http_keep_alive_timeout' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: target_http_proxy_name: 'test-http-keep-alive-timeout-proxy' url_map_name: 'url-map' backend_service_name: 'backend-service' http_health_check_name: 'http-health-check' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'target_http_proxy_https_redirect' +======= - name: 'target_http_proxy_https_redirect' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: target_http_proxy_name: 'test-https-redirect-proxy' url_map_name: 'url-map' +<<<<<<< HEAD +properties: + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::String + name: 'description' + description: 'An optional description of this resource.' + - !ruby/object:Api::Type::Integer + name: 'proxyId' + api_name: 'id' + description: 'The unique identifier for the resource.' + output: true + - !ruby/object:Api::Type::String + name: 'name' +======= parameters: properties: - name: 'creationTimestamp' @@ -81,6 +150,7 @@ properties: output: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -90,12 +160,26 @@ properties: characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: 'urlMap' + resource: 'UrlMap' + imports: 'selfLink' +======= - name: 'urlMap' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A reference to the UrlMap resource that defines the mapping from URL to the BackendService. required: true +<<<<<<< HEAD + update_verb: :POST + update_url: 'projects/{{project}}/targetHttpProxies/{{name}}/setUrlMap' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Boolean + name: 'proxyBind' +======= update_url: 'projects/{{project}}/targetHttpProxies/{{name}}/setUrlMap' update_verb: 'POST' custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' @@ -103,12 +187,18 @@ properties: imports: 'selfLink' - name: 'proxyBind' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'httpKeepAliveTimeoutSec' +======= - name: 'httpKeepAliveTimeoutSec' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies how long to keep a connection open, after completing a response, while there is no matching traffic (in seconds). If an HTTP keepalive is diff --git a/mmv1/products/compute/TargetHttpsProxy.yaml b/mmv1/products/compute/TargetHttpsProxy.yaml index e8de3f3bc99b..b0e2e850fee7 100644 --- a/mmv1/products/compute/TargetHttpsProxy.yaml +++ b/mmv1/products/compute/TargetHttpsProxy.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,50 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'TargetHttpsProxy' +kind: 'compute#targetHttpsProxy' +base_url: projects/{{project}}/global/targetHttpsProxies +collection_url_key: 'items' +has_self_link: true +immutable: true +description: | + Represents a TargetHttpsProxy resource, which is used by one or more + global forwarding rule to route incoming HTTPS requests to a URL map. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/compute/docs/load-balancing/http/target-proxies' + api: 'https://cloud.google.com/compute/docs/reference/v1/targetHttpsProxies' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +custom_code: !ruby/object:Provider::Terraform::CustomCode + encoder: templates/terraform/encoders/compute_target_https_proxy.go.erb + # update_encoder is usually the same as encoder by default. This resource is an uncommon case where the whole resource + # is marked to be immutable, but we have a field specific update that overrides it (e.g certifiacteManagerCertificates). + # This causes the encoder logic to not be applied during update. + update_encoder: templates/terraform/encoders/compute_target_https_proxy.go.erb + decoder: templates/terraform/decoders/compute_target_https_proxy.go.erb +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'target_https_proxy_basic' +======= --- name: 'TargetHttpsProxy' kind: 'compute#targetHttpsProxy' @@ -53,6 +101,7 @@ custom_code: decoder: 'templates/terraform/decoders/compute_target_https_proxy.go.tmpl' examples: - name: 'target_https_proxy_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: target_https_proxy_name: 'test-proxy' @@ -60,7 +109,12 @@ examples: url_map_name: 'url-map' backend_service_name: 'backend-service' http_health_check_name: 'http-health-check' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'target_https_proxy_http_keep_alive_timeout' +======= - name: 'target_https_proxy_http_keep_alive_timeout' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: target_https_proxy_name: 'test-http-keep-alive-timeout-proxy' @@ -68,7 +122,12 @@ examples: url_map_name: 'url-map' backend_service_name: 'backend-service' http_health_check_name: 'http-health-check' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'target_https_proxy_mtls' +======= - name: 'target_https_proxy_mtls' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' min_version: 'beta' vars: @@ -79,13 +138,36 @@ examples: http_health_check_name: 'http-health-check' server_tls_policy_name: 'my-tls-policy' trust_config_name: 'my-trust-config' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'target_https_proxy_certificate_manager_certificate' +======= - name: 'target_https_proxy_certificate_manager_certificate' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: target_https_proxy_name: 'target-http-proxy' certificate_manager_certificate_name: 'my-certificate' url_map_name: 'url-map' backend_service_name: 'backend-service' +<<<<<<< HEAD +properties: + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::String + name: 'description' + description: 'An optional description of this resource.' + immutable: true + - !ruby/object:Api::Type::Integer + name: 'proxyId' + api_name: 'id' + description: 'The unique identifier for the resource.' + output: true + - !ruby/object:Api::Type::String + name: 'name' +======= parameters: properties: - name: 'creationTimestamp' @@ -103,6 +185,7 @@ properties: output: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -111,15 +194,34 @@ properties: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. +<<<<<<< HEAD + immutable: true + required: true + - !ruby/object:Api::Type::Enum + name: 'quicOverride' +======= required: true immutable: true - name: 'quicOverride' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the QUIC override policy for this resource. This determines whether the load balancer will attempt to negotiate QUIC with clients or not. Can specify one of NONE, ENABLE, or DISABLE. If NONE is specified, Google manages whether QUIC is used. +<<<<<<< HEAD + values: + - :NONE + - :ENABLE + - :DISABLE + update_verb: :POST + update_url: 'projects/{{project}}/global/targetHttpsProxies/{{name}}/setQuicOverride' + default_value: :NONE + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb' + - !ruby/object:Api::Type::Enum + name: 'tlsEarlyData' +======= update_url: 'projects/{{project}}/global/targetHttpsProxies/{{name}}/setQuicOverride' update_verb: 'POST' custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' @@ -130,11 +232,21 @@ properties: - 'DISABLE' - name: 'tlsEarlyData' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies whether TLS 1.3 0-RTT Data (“Early Data”) should be accepted for this service. Early Data allows a TLS resumption handshake to include the initial application payload (a HTTP request) alongside the handshake, reducing the effective round trips to “zero”. This applies to TLS 1.3 connections over TCP (HTTP/2) as well as over UDP (QUIC/h3). +<<<<<<< HEAD + values: + - :STRICT + - :PERMISSIVE + - :DISABLED + default_from_api: true + - !ruby/object:Api::Type::Array + name: 'certificateManagerCertificates' +======= default_from_api: true enum_values: - 'STRICT' @@ -142,12 +254,24 @@ properties: - 'DISABLED' - name: 'certificateManagerCertificates' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer. Certificate manager certificates only apply when the load balancing scheme is set to INTERNAL_MANAGED. For EXTERNAL and EXTERNAL_MANAGED, use certificate_map instead. sslCertificates and certificateManagerCertificates fields can not be defined together. Accepted format is `//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName}` or just the self_link `projects/{project}/locations/{location}/certificates/{resourceName}` +<<<<<<< HEAD + update_verb: :POST + update_url: 'projects/{{project}}/targetHttpsProxies/{{name}}/setSslCertificates' + item_type: Api::Type::String + custom_expand: 'templates/terraform/custom_expand/certificate_manager_certificate_construct_full_url.go.erb' + diff_suppress_func: 'tpgresource.CompareResourceNames' + conflicts: + - ssl_certificates + - !ruby/object:Api::Type::Array + name: 'sslCertificates' +======= update_url: 'projects/{{project}}/targetHttpsProxies/{{name}}/setSslCertificates' update_verb: 'POST' conflicts: @@ -158,10 +282,25 @@ properties: type: String - name: 'sslCertificates' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED. sslCertificates and certificateManagerCertificates can not be defined together. +<<<<<<< HEAD + update_verb: :POST + update_url: 'projects/{{project}}/targetHttpsProxies/{{name}}/setSslCertificates' + item_type: !ruby/object:Api::Type::ResourceRef + name: 'sslCertificate' + resource: 'SslCertificate' + imports: 'selfLink' + description: 'The SSL certificate URL used by this TargetHttpsProxy' + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' + conflicts: + - certificate_manager_certificates + - !ruby/object:Api::Type::String + name: 'certificateMap' +======= update_url: 'projects/{{project}}/targetHttpsProxies/{{name}}/setSslCertificates' update_verb: 'POST' conflicts: @@ -175,19 +314,38 @@ properties: imports: 'selfLink' - name: 'certificateMap' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A reference to the CertificateMap resource uri that identifies a certificate map associated with the given target proxy. This field is only supported for EXTERNAL and EXTERNAL_MANAGED load balancing schemes. For INTERNAL_MANAGED, use certificate_manager_certificates instead. Accepted format is `//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificateMaps/{resourceName}`. +<<<<<<< HEAD + update_verb: :POST + update_url: 'projects/{{project}}/global/targetHttpsProxies/{{name}}/setCertificateMap' + - !ruby/object:Api::Type::ResourceRef + name: 'sslPolicy' + resource: 'SslPolicy' + imports: 'selfLink' +======= update_url: 'projects/{{project}}/global/targetHttpsProxies/{{name}}/setCertificateMap' update_verb: 'POST' - name: 'sslPolicy' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A reference to the SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured. +<<<<<<< HEAD + update_verb: :POST + update_url: 'projects/{{project}}/global/targetHttpsProxies/{{name}}/setSslPolicy' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::ResourceRef + name: 'urlMap' + resource: 'UrlMap' + imports: 'selfLink' +======= update_url: 'projects/{{project}}/global/targetHttpsProxies/{{name}}/setSslPolicy' update_verb: 'POST' custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' @@ -195,10 +353,18 @@ properties: imports: 'selfLink' - name: 'urlMap' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A reference to the UrlMap resource that defines the mapping from URL to the BackendService. required: true +<<<<<<< HEAD + update_verb: :POST + update_url: 'projects/{{project}}/targetHttpsProxies/{{name}}/setUrlMap' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Boolean + name: 'proxyBind' +======= update_url: 'projects/{{project}}/targetHttpsProxies/{{name}}/setUrlMap' update_verb: 'POST' custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' @@ -206,12 +372,18 @@ properties: imports: 'selfLink' - name: 'proxyBind' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'httpKeepAliveTimeoutSec' +======= - name: 'httpKeepAliveTimeoutSec' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies how long to keep a connection open, after completing a response, while there is no matching traffic (in seconds). If an HTTP keepalive is @@ -222,8 +394,15 @@ properties: value is 600 seconds, the minimum allowed value is 5 seconds, and the maximum allowed value is 600 seconds. For Global external HTTP(S) load balancer (classic), this option is not available publicly. +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: 'serverTlsPolicy' + resource: 'ServerTlsPolicy' + imports: 'selfLink' +======= - name: 'serverTlsPolicy' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound @@ -239,8 +418,14 @@ properties: deleting or recreating a referenced ServerTlsPolicy resource, you will receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy within the ServerTlsPolicy resource to avoid this. +<<<<<<< HEAD + update_verb: :PATCH + update_url: 'projects/{{project}}/global/targetHttpsProxies/{{name}}' + fingerprint_name: 'fingerprint' +======= update_url: 'projects/{{project}}/global/targetHttpsProxies/{{name}}' update_verb: 'PATCH' fingerprint_name: 'fingerprint' resource: 'ServerTlsPolicy' imports: 'selfLink' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/TargetInstance.yaml b/mmv1/products/compute/TargetInstance.yaml index 24462fdea0f8..1933e38f1519 100644 --- a/mmv1/products/compute/TargetInstance.yaml +++ b/mmv1/products/compute/TargetInstance.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,9 +15,19 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'TargetInstance' +kind: 'compute#targetInstance' +base_url: projects/{{project}}/zones/{{zone}}/targetInstances +collection_url_key: 'items' +has_self_link: true +immutable: true +======= --- name: 'TargetInstance' kind: 'compute#targetInstance' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Represents a TargetInstance resource which defines an endpoint instance that terminates traffic of certain protocols. In particular, they are used @@ -21,6 +35,33 @@ description: | non-NAT'ed target instance. Each target instance contains a single virtual machine instance that receives and handles traffic from the corresponding forwarding rules. +<<<<<<< HEAD +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Using Protocol Forwarding': 'https://cloud.google.com/compute/docs/protocol-forwarding' + api: 'https://cloud.google.com/compute/docs/reference/v1/targetInstances' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'target_instance_basic' +======= references: guides: 'Using Protocol Forwarding': 'https://cloud.google.com/compute/docs/protocol-forwarding' @@ -52,10 +93,24 @@ custom_code: post_create: 'templates/terraform/post_create/compute_target_instance_security_policy.go.tmpl' examples: - name: 'target_instance_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: target_name: 'target' instance_name: 'target-vm' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + min_version: beta + name: 'target_instance_custom_network' + primary_resource_id: 'custom_network' + vars: + target_name: 'custom-network' + instance_name: 'custom-network-target-vm' + - !ruby/object:Provider::Terraform::Examples + min_version: beta + name: 'target_instance_with_security_policy' + primary_resource_id: 'default' +======= - name: 'target_instance_custom_network' primary_resource_id: 'custom_network' min_version: 'beta' @@ -65,26 +120,44 @@ examples: - name: 'target_instance_with_security_policy' primary_resource_id: 'default' min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: network_name: 'custom-default-network' subnetname_name: 'custom-default-subnet' instance_name: 'target-vm' region_sec_policy: 'region-secpolicy' target_name: 'target-instance' +<<<<<<< HEAD +custom_code: !ruby/object:Provider::Terraform::CustomCode + post_create: 'templates/terraform/post_create/compute_target_instance_security_policy.go.erb' +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'zone' + resource: 'Zone' + imports: 'name' +======= parameters: - name: 'zone' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | URL of the zone where the target instance resides. required: false immutable: true default_from_api: true +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::String + name: 'name' +======= custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Zone' imports: 'name' properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -94,16 +167,36 @@ properties: characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::String + name: 'network' +======= - name: 'creationTimestamp' type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - name: 'network' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: 'The URL of the network this target instance uses to forward traffic. If not specified, the traffic will be forwarded to the network that the default network interface belongs to.' +<<<<<<< HEAD + immutable: true + min_version: beta + - !ruby/object:Api::Type::String + name: 'description' + description: 'An optional description of this resource.' + - !ruby/object:Api::Type::ResourceRef + name: 'instance' + resource: 'Instance' + imports: 'selfLink' +======= min_version: 'beta' immutable: true - name: 'description' @@ -111,6 +204,7 @@ properties: description: 'An optional description of this resource.' - name: 'instance' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The Compute instance VM handling traffic for this target instance. Accepts the instance self-link, relative path @@ -121,15 +215,33 @@ properties: required: true immutable: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/self_link_from_name.erb' + - !ruby/object:Api::Type::Enum + name: 'natPolicy' +======= custom_expand: 'templates/terraform/custom_expand/self_link_from_name.tmpl' resource: 'Instance' imports: 'selfLink' - name: 'natPolicy' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | NAT option controlling how IPs are NAT'ed to the instance. Currently only NO_NAT (default value) is supported. immutable: true +<<<<<<< HEAD + default_value: :NO_NAT + values: + - :NO_NAT + - !ruby/object:Api::Type::String + name: 'securityPolicy' + min_version: beta + description: | + The resource URL for the security policy associated with this target instance. + update_url: projects/{{project}}/zones/{{zone}}/targetInstances/{{name}}/setSecurityPolicy + update_verb: :POST +======= default_value: "NO_NAT" enum_values: - 'NO_NAT' @@ -140,3 +252,4 @@ properties: min_version: 'beta' update_url: 'projects/{{project}}/zones/{{zone}}/targetInstances/{{name}}/setSecurityPolicy' update_verb: 'POST' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/TargetSslProxy.yaml b/mmv1/products/compute/TargetSslProxy.yaml index 77c2e5fe4019..881a4ea52034 100644 --- a/mmv1/products/compute/TargetSslProxy.yaml +++ b/mmv1/products/compute/TargetSslProxy.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,13 +15,50 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'TargetSslProxy' +kind: 'compute#targetSslProxy' +base_url: projects/{{project}}/global/targetSslProxies +collection_url_key: 'items' +immutable: true +has_self_link: true +======= --- name: 'TargetSslProxy' kind: 'compute#targetSslProxy' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Represents a TargetSslProxy resource, which is used by one or more global forwarding rule to route incoming SSL requests to a backend service. +<<<<<<< HEAD +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Setting Up SSL proxy for Google Cloud Load Balancing': 'https://cloud.google.com/compute/docs/load-balancing/tcp-ssl/' + api: 'https://cloud.google.com/compute/docs/reference/v1/targetSslProxies' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'target_ssl_proxy_basic' +======= references: guides: 'Setting Up SSL proxy for Google Cloud Load Balancing': 'https://cloud.google.com/compute/docs/load-balancing/tcp-ssl/' @@ -48,12 +89,31 @@ collection_url_key: 'items' custom_code: examples: - name: 'target_ssl_proxy_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: target_ssl_proxy_name: 'test-proxy' ssl_certificate_name: 'default-cert' backend_service_name: 'backend-service' health_check_name: 'health-check' +<<<<<<< HEAD +properties: + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::String + name: 'description' + description: 'An optional description of this resource.' + immutable: true + - !ruby/object:Api::Type::Integer + name: 'proxyId' + api_name: 'id' + description: 'The unique identifier for the resource.' + output: true + - !ruby/object:Api::Type::String + name: 'name' +======= parameters: properties: - name: 'creationTimestamp' @@ -71,6 +131,7 @@ properties: output: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -79,6 +140,34 @@ properties: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. +<<<<<<< HEAD + immutable: true + required: true + - !ruby/object:Api::Type::Enum + name: 'proxyHeader' + description: | + Specifies the type of proxy header to append before sending data to + the backend. + values: + - :NONE + - :PROXY_V1 + update_verb: :POST + update_url: 'projects/{{project}}/global/targetSslProxies/{{name}}/setProxyHeader' + default_value: :NONE + - !ruby/object:Api::Type::ResourceRef + name: 'backendService' + api_name: service + resource: 'BackendService' + imports: 'selfLink' + description: | + A reference to the BackendService resource. + required: true + update_verb: :POST + update_url: 'projects/{{project}}/global/targetSslProxies/{{name}}/setBackendService' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Array + name: 'sslCertificates' +======= required: true immutable: true - name: 'proxyHeader' @@ -105,10 +194,26 @@ properties: imports: 'selfLink' - name: 'sslCertificates' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. +<<<<<<< HEAD + exactly_one_of: + - sslCertificates + - certificateMap + update_verb: :POST + update_url: 'projects/{{project}}/global/targetSslProxies/{{name}}/setSslCertificates' + item_type: !ruby/object:Api::Type::ResourceRef + name: 'sslCertificate' + resource: 'SslCertificate' + imports: 'selfLink' + description: 'The SSL certificates used by this TargetSslProxy' + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::String + name: 'certificateMap' +======= update_url: 'projects/{{project}}/global/targetSslProxies/{{name}}/setSslCertificates' update_verb: 'POST' exactly_one_of: @@ -123,10 +228,22 @@ properties: imports: 'selfLink' - name: 'certificateMap' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A reference to the CertificateMap resource uri that identifies a certificate map associated with the given target proxy. This field can only be set for global target proxies. Accepted format is `//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificateMaps/{resourceName}`. +<<<<<<< HEAD + exactly_one_of: + - sslCertificates + - certificateMap + update_verb: :POST + update_url: 'projects/{{project}}/global/targetSslProxies/{{name}}/setCertificateMap' + - !ruby/object:Api::Type::ResourceRef + name: 'sslPolicy' + resource: 'SslPolicy' + imports: 'selfLink' +======= update_url: 'projects/{{project}}/global/targetSslProxies/{{name}}/setCertificateMap' update_verb: 'POST' exactly_one_of: @@ -134,12 +251,19 @@ properties: - 'certificateMap' - name: 'sslPolicy' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A reference to the SslPolicy resource that will be associated with the TargetSslProxy resource. If not set, the TargetSslProxy resource will not have any SSL policy configured. +<<<<<<< HEAD + update_verb: :POST + update_url: 'projects/{{project}}/global/targetSslProxies/{{name}}/setSslPolicy' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +======= update_url: 'projects/{{project}}/global/targetSslProxies/{{name}}/setSslPolicy' update_verb: 'POST' custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'SslPolicy' imports: 'selfLink' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/TargetTcpProxy.yaml b/mmv1/products/compute/TargetTcpProxy.yaml index b907719fec98..e73bb02a5a33 100644 --- a/mmv1/products/compute/TargetTcpProxy.yaml +++ b/mmv1/products/compute/TargetTcpProxy.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,13 +15,50 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'TargetTcpProxy' +kind: 'compute#targetTcpProxy' +base_url: projects/{{project}}/global/targetTcpProxies +collection_url_key: 'items' +immutable: true +has_self_link: true +======= --- name: 'TargetTcpProxy' kind: 'compute#targetTcpProxy' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Represents a TargetTcpProxy resource, which is used by one or more global forwarding rule to route incoming TCP requests to a Backend service. +<<<<<<< HEAD +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Setting Up TCP proxy for Google Cloud Load Balancing': 'https://cloud.google.com/compute/docs/load-balancing/tcp-ssl/tcp-proxy' + api: 'https://cloud.google.com/compute/docs/reference/v1/targetTcpProxies' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'target_tcp_proxy_basic' +======= references: guides: 'Setting Up TCP proxy for Google Cloud Load Balancing': 'https://cloud.google.com/compute/docs/load-balancing/tcp-ssl/tcp-proxy' @@ -48,11 +89,30 @@ collection_url_key: 'items' custom_code: examples: - name: 'target_tcp_proxy_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: target_tcp_proxy_name: 'test-proxy' backend_service_name: 'backend-service' health_check_name: 'health-check' +<<<<<<< HEAD +properties: + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::String + name: 'description' + description: 'An optional description of this resource.' + immutable: true + - !ruby/object:Api::Type::Integer + name: 'proxyId' + api_name: 'id' + description: 'The unique identifier for the resource.' + output: true + - !ruby/object:Api::Type::String + name: 'name' +======= parameters: properties: - name: 'creationTimestamp' @@ -70,6 +130,7 @@ properties: output: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -78,6 +139,34 @@ properties: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. +<<<<<<< HEAD + immutable: true + required: true + - !ruby/object:Api::Type::Enum + name: 'proxyHeader' + description: | + Specifies the type of proxy header to append before sending data to + the backend. + values: + - :NONE + - :PROXY_V1 + update_verb: :POST + update_url: 'projects/{{project}}/global/targetTcpProxies/{{name}}/setProxyHeader' + default_value: :NONE + - !ruby/object:Api::Type::ResourceRef + name: 'backendService' + api_name: 'service' + resource: 'BackendService' + imports: 'selfLink' + description: | + A reference to the BackendService resource. + required: true + update_verb: :POST + update_url: 'projects/{{project}}/global/targetTcpProxies/{{name}}/setBackendService' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Boolean + name: 'proxyBind' +======= required: true immutable: true - name: 'proxyHeader' @@ -104,6 +193,7 @@ properties: imports: 'selfLink' - name: 'proxyBind' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. diff --git a/mmv1/products/compute/UrlMap.yaml b/mmv1/products/compute/UrlMap.yaml index faf41b8a315a..a0dc6fc87df8 100644 --- a/mmv1/products/compute/UrlMap.yaml +++ b/mmv1/products/compute/UrlMap.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,164 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'UrlMap' +kind: 'compute#urlMap' +base_url: projects/{{project}}/global/urlMaps +collection_url_key: 'items' +has_self_link: true +description: | + UrlMaps are used to route requests to a backend service based on rules + that you define for the host and path of an incoming URL. +references: !ruby/object:Api::Resource::ReferenceLinks + api: https://cloud.google.com/compute/docs/reference/rest/v1/urlMaps +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: "url_map_bucket_and_service" + primary_resource_id: "urlmap" + vars: + url_map_name: "urlmap" + login_backend_service_name: "login" + http_health_check_name: "health-check" + backend_bucket_name: "static-asset-backend-bucket" + storage_bucket_name: "static-asset-bucket" + - !ruby/object:Provider::Terraform::Examples + name: "url_map_traffic_director_route" + primary_resource_id: "urlmap" + vars: + url_map_name: "urlmap" + home_backend_service_name: "home" + health_check_name: "health-check" + - !ruby/object:Provider::Terraform::Examples + name: "url_map_traffic_director_route_partial" + primary_resource_id: "urlmap" + vars: + url_map_name: "urlmap" + home_backend_service_name: "home" + health_check_name: "health-check" + - !ruby/object:Provider::Terraform::Examples + name: "url_map_traffic_director_path" + primary_resource_id: "urlmap" + vars: + url_map_name: "urlmap" + home_backend_service_name: "home" + health_check_name: "health-check" + - !ruby/object:Provider::Terraform::Examples + name: "url_map_traffic_director_path_partial" + primary_resource_id: "urlmap" + vars: + url_map_name: "urlmap" + home_backend_service_name: "home" + health_check_name: "health-check" + - !ruby/object:Provider::Terraform::Examples + name: "url_map_header_based_routing" + primary_resource_id: "urlmap" + vars: + url_map_name: "urlmap" + default_backend_service_name: "default" + service_a_backend_service_name: "service-a" + service_b_backend_service_name: "service-b" + health_check_name: "health-check" + - !ruby/object:Provider::Terraform::Examples + name: "url_map_parameter_based_routing" + primary_resource_id: "urlmap" + vars: + url_map_name: "urlmap" + default_backend_service_name: "default" + service_a_backend_service_name: "service-a" + service_b_backend_service_name: "service-b" + health_check_name: "health-check" + - !ruby/object:Provider::Terraform::Examples + name: "external_http_lb_mig_backend" + primary_resource_id: "default" + vars: + lb_backend_template: "lb-backend-template" + lb_backend_example: "lb-backend-example" + fw_allow_health_check: "fw-allow-health-check" + lb_ipv4_1: "lb-ipv4-1" + http_basic_check: "http-basic-check" + web_backend_service: "web-backend-service" + web_map_http: "web-map-http" + http_lb_proxy: "http-lb-proxy" + http_content_rule: "http-content-rule" + skip_docs: true + skip_test: true # Very similar to external_http_lb_mig_backend_custom_header + ignore_read_extra: + - "metadata" + - "metadata_startup_script" + - !ruby/object:Provider::Terraform::Examples + name: "url_map_path_template_match" + primary_resource_id: "urlmap" + vars: + url_map_name: "urlmap" + cart_backend_service_name: "cart-service" + user_backend_service_name: "user-service" + http_health_check_name: "health-check" + backend_bucket_name: "static-asset-backend-bucket" + storage_bucket_name: "static-asset-bucket" + - !ruby/object:Provider::Terraform::Examples + name: "url_map_custom_error_response_policy" + primary_resource_id: "urlmap" + min_version: beta + vars: + url_map_name: "urlmap" + backend_service_name: "login" + http_health_check_name: "health-check" + storage_bucket_name: "static-asset-bucket" + error_backend_bucket_name: "error-backend-bucket" +properties: + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::ResourceRef + name: 'defaultService' + exactly_one_of: + - default_service + - default_url_redirect + - default_route_action.0.weighted_backend_services + resource: 'BackendService' + imports: 'selfLink' + description: |- + The backend service or backend bucket to use when none of the given rules match. + custom_expand: 'templates/terraform/custom_expand/reference_to_backend.erb' + - !ruby/object:Api::Type::String + name: 'description' + description: | + An optional description of this resource. Provide this property when you create + the resource. + - !ruby/object:Api::Type::Integer + name: 'map_id' + api_name: 'id' + description: 'The unique identifier for the resource.' + output: true + - !ruby/object:Api::Type::Fingerprint + name: 'fingerprint' + description: | + Fingerprint of this resource. A hash of the contents stored in this object. This + field is used in optimistic locking. + - !ruby/object:Api::Type::NestedObject + name: 'headerAction' +======= --- name: 'UrlMap' kind: 'compute#urlMap' @@ -163,11 +325,39 @@ properties: output: true - name: 'headerAction' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'requestHeadersToAdd' + at_least_one_of: + - header_action.0.request_headers_to_add + - header_action.0.request_headers_to_remove + - header_action.0.response_headers_to_add + - header_action.0.response_headers_to_remove + description: | + Headers to add to a matching request prior to forwarding the request to the + backendService. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'headerName' + required: true + description: | + The name of the header. + - !ruby/object:Api::Type::String + name: 'headerValue' + required: true + description: | + The value of the header to add. + - !ruby/object:Api::Type::Boolean + name: 'replace' + required: true +======= - name: 'requestHeadersToAdd' type: Array description: | @@ -193,10 +383,48 @@ properties: required: true - name: 'replace' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'requestHeadersToRemove' + item_type: Api::Type::String + at_least_one_of: + - header_action.0.request_headers_to_add + - header_action.0.request_headers_to_remove + - header_action.0.response_headers_to_add + - header_action.0.response_headers_to_remove + description: | + A list of header names for headers that need to be removed from the request + prior to forwarding the request to the backendService. + - !ruby/object:Api::Type::Array + name: 'responseHeadersToAdd' + at_least_one_of: + - header_action.0.request_headers_to_add + - header_action.0.request_headers_to_remove + - header_action.0.response_headers_to_add + - header_action.0.response_headers_to_remove + description: | + Headers to add the response prior to sending the response back to the client. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'headerName' + required: true + description: | + The name of the header. + - !ruby/object:Api::Type::String + name: 'headerValue' + required: true + description: | + The value of the header to add. + - !ruby/object:Api::Type::Boolean + name: 'replace' + required: true +======= required: true - name: 'requestHeadersToRemove' type: Array @@ -234,10 +462,42 @@ properties: required: true - name: 'replace' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'responseHeadersToRemove' + item_type: Api::Type::String + at_least_one_of: + - header_action.0.request_headers_to_add + - header_action.0.request_headers_to_remove + - header_action.0.response_headers_to_add + - header_action.0.response_headers_to_remove + description: | + A list of header names for headers that need to be removed from the response + prior to sending the response back to the client. + - !ruby/object:Api::Type::Array + name: "host_rule" + api_name: 'hostRules' + is_set: true + description: | + The list of HostRules to use against the URL. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'description' + description: | + An optional description of this resource. Provide this property when you create + the resource. + - !ruby/object:Api::Type::Array + name: 'hosts' + required: true + is_set: true + item_type: Api::Type::String +======= required: true - name: 'responseHeadersToRemove' type: Array @@ -267,10 +527,23 @@ properties: the resource. - name: 'hosts' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The list of host patterns to match. They must be valid hostnames, except * will match any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'pathMatcher' + required: true + description: | + The name of the PathMatcher to use to match the path portion of the URL if the + hostRule matches the URL's host portion. + - !ruby/object:Api::Type::String + name: 'name' + required: true + immutable: true +======= is_set: true required: true item_type: @@ -283,6 +556,7 @@ properties: required: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the @@ -290,6 +564,17 @@ properties: `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: "path_matcher" + api_name: 'pathMatchers' + description: | + The list of named PathMatchers to use against the URL. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::ResourceRef + name: 'defaultService' +======= required: true immutable: true - name: 'path_matcher' @@ -303,12 +588,27 @@ properties: - name: 'defaultService' type: ResourceRef description: The backend service or backend bucket to use when none of the given paths match. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # TODO: (mbang) won't work for array path matchers yet, uncomment here once they are supported. # (github.com/hashicorp/terraform-plugin-sdk/issues/470) # exactly_one_of: # - path_matchers.0.default_service # - path_matchers.0.default_url_redirect # - path_matchers.0.default_route_action.0.weighted_backend_services +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/reference_to_backend.erb' + description: The backend service or backend bucket to use when none of the given paths match. + resource: 'BackendService' + imports: 'selfLink' + - !ruby/object:Api::Type::String + name: 'description' + description: | + An optional description of this resource. Provide this property when you create + the resource. + - !ruby/object:Api::Type::NestedObject + name: 'defaultCustomErrorResponsePolicy' + min_version: beta +======= custom_expand: 'templates/terraform/custom_expand/reference_to_backend.tmpl' resource: 'BackendService' imports: 'selfLink' @@ -319,6 +619,7 @@ properties: the resource. - name: 'defaultCustomErrorResponsePolicy' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | defaultCustomErrorResponsePolicy specifies how the Load Balancer returns error responses when BackendServiceor BackendBucket responds with an error. @@ -333,36 +634,67 @@ properties: When used in conjunction with pathMatcher.defaultRouteAction.retryPolicy, retries take precedence. Only once all retries are exhausted, the defaultCustomErrorResponsePolicy is applied. While attempting a retry, if load balancer is successful in reaching the service, the defaultCustomErrorResponsePolicy is ignored and the response from the service is returned to the client. defaultCustomErrorResponsePolicy is supported only for global external Application Load Balancers. +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::Array + name: 'errorResponseRule' + api_name: errorResponseRules +======= min_version: 'beta' properties: - name: 'errorResponseRule' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies rules for returning error responses. In a given policy, if you specify rules for both a range of error codes as well as rules for specific error codes then rules with specific error codes have a higher priority. For example, assume that you configure a rule for 401 (Un-authorized) code, and another for all 4 series error codes (4XX). If the backend service returns a 401, then the rule for 401 will be applied. However if the backend service returns a 403, the rule for 4xx takes effect. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Array + name: 'matchResponseCodes' +======= api_name: errorResponseRules item_type: type: NestedObject properties: - name: 'matchResponseCodes' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Valid values include: - A number between 400 and 599: For example 401 or 503, in which case the load balancer applies the policy if the error code exactly matches this value. - 5xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of 500 to 599. - 4xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of 400 to 499. Values must be unique within matchResponseCodes and across all errorResponseRules of CustomErrorResponsePolicy. +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::String + name: 'path' +======= item_type: type: String - name: 'path' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The full path to a file within backendBucket . For example: /errors/defaultError.html path must start with a leading slash. path cannot have trailing slashes. If the file is not available in backendBucket or the load balancer cannot reach the BackendBucket, a simple Not Found Error is returned to the client. The value must be from 1 to 1024 characters +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'overrideResponseCode' + description: | + The HTTP status code returned with the response containing the custom error content. + If overrideResponseCode is not supplied, the same response code returned by the original backend bucket or backend service is returned to the client. + - !ruby/object:Api::Type::ResourceRef + name: 'errorService' + resource: 'BackendBucket' + imports: 'selfLink' +======= - name: 'overrideResponseCode' type: Integer description: | @@ -370,6 +702,7 @@ properties: If overrideResponseCode is not supplied, the same response code returned by the original backend bucket or backend service is returned to the client. - name: 'errorService' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The full or partial URL to the BackendBucket resource that contains the custom error content. Examples are: https://www.googleapis.com/compute/v1/projects/project/global/backendBuckets/myBackendBucket @@ -377,15 +710,42 @@ properties: global/backendBuckets/myBackendBucket If errorService is not specified at lower levels like pathMatcher, pathRule and routeRule, an errorService specified at a higher level in the UrlMap will be used. If UrlMap.defaultCustomErrorResponsePolicy contains one or more errorResponseRules[], it must specify errorService. If load balancer cannot reach the backendBucket, a simple Not Found Error will be returned, with the original response code (or overrideResponseCode if configured). +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'headerAction' +======= resource: 'BackendBucket' imports: 'selfLink' - name: 'headerAction' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'requestHeadersToAdd' + description: | + Headers to add to a matching request prior to forwarding the request to the + backendService. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'headerName' + required: true + description: | + The name of the header. + - !ruby/object:Api::Type::String + name: 'headerValue' + required: true + description: | + The value of the header to add. + - !ruby/object:Api::Type::Boolean + name: 'replace' + required: true +======= - name: 'requestHeadersToAdd' type: Array description: | @@ -406,10 +766,38 @@ properties: required: true - name: 'replace' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'requestHeadersToRemove' + item_type: Api::Type::String + description: | + A list of header names for headers that need to be removed from the request + prior to forwarding the request to the backendService. + - !ruby/object:Api::Type::Array + name: 'responseHeadersToAdd' + description: | + Headers to add the response prior to sending the response back to the client. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'headerName' + required: true + description: | + The name of the header. + - !ruby/object:Api::Type::String + name: 'headerValue' + required: true + description: | + The value of the header to add. + - !ruby/object:Api::Type::Boolean + name: 'replace' + required: true +======= required: true - name: 'requestHeadersToRemove' type: Array @@ -437,10 +825,27 @@ properties: required: true - name: 'replace' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'responseHeadersToRemove' + item_type: Api::Type::String + description: | + A list of header names for headers that need to be removed from the response + prior to sending the response back to the client. + - !ruby/object:Api::Type::String + name: 'name' + required: true + description: | + The name to which this PathMatcher is referred by the HostRule. + - !ruby/object:Api::Type::Array + name: 'path_rule' + api_name: pathRules +======= required: true - name: 'responseHeadersToRemove' type: Array @@ -456,6 +861,7 @@ properties: required: true - name: 'path_rule' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules @@ -463,6 +869,21 @@ properties: basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::ResourceRef + name: 'service' + resource: 'BackendService' + custom_expand: 'templates/terraform/custom_expand/reference_to_backend.erb' + imports: 'selfLink' + description: The backend service or backend bucket to use if any of the given paths match. + - !ruby/object:Api::Type::Array + name: 'paths' + is_set: true + required: true + item_type: Api::Type::String +======= api_name: pathRules item_type: type: NestedObject @@ -475,17 +896,24 @@ properties: imports: 'selfLink' - name: 'paths' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The list of path patterns to match. Each must start with / and the only place a \* is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'customErrorResponsePolicy' + min_version: beta +======= is_set: true required: true item_type: type: String - name: 'customErrorResponsePolicy' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | customErrorResponsePolicy specifies how the Load Balancer returns error responses when BackendServiceor BackendBucket responds with an error. If a policy for an error code is not configured for the PathRule, a policy for the error code configured in pathMatcher.defaultCustomErrorResponsePolicy is applied. If one is not specified in pathMatcher.defaultCustomErrorResponsePolicy, the policy configured in UrlMap.defaultCustomErrorResponsePolicy takes effect. @@ -494,21 +922,35 @@ properties: A PathRule for /coming_soon/ is configured for the error code 404. If the request is for www.myotherdomain.com and a 404 is encountered, the policy under UrlMap.defaultCustomErrorResponsePolicy takes effect. If a 404 response is encountered for the request www.example.com/current_events/, the pathMatcher's policy takes effect. If however, the request for www.example.com/coming_soon/ encounters a 404, the policy in PathRule.customErrorResponsePolicy takes effect. If any of the requests in this example encounter a 500 error code, the policy at UrlMap.defaultCustomErrorResponsePolicy takes effect. customErrorResponsePolicy is supported only for global external Application Load Balancers. +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::Array + name: 'errorResponseRule' + api_name: errorResponseRules +======= min_version: 'beta' properties: - name: 'errorResponseRule' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies rules for returning error responses. In a given policy, if you specify rules for both a range of error codes as well as rules for specific error codes then rules with specific error codes have a higher priority. For example, assume that you configure a rule for 401 (Un-authorized) code, and another for all 4 series error codes (4XX). If the backend service returns a 401, then the rule for 401 will be applied. However if the backend service returns a 403, the rule for 4xx takes effect. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Array + name: 'matchResponseCodes' +======= api_name: errorResponseRules item_type: type: NestedObject properties: - name: 'matchResponseCodes' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Valid values include: @@ -517,15 +959,32 @@ properties: - 4xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of 400 to 499. Values must be unique within matchResponseCodes and across all errorResponseRules of CustomErrorResponsePolicy. +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::String + name: 'path' +======= item_type: type: String - name: 'path' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The full path to a file within backendBucket . For example: /errors/defaultError.html path must start with a leading slash. path cannot have trailing slashes. If the file is not available in backendBucket or the load balancer cannot reach the BackendBucket, a simple Not Found Error is returned to the client. The value must be from 1 to 1024 characters +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'overrideResponseCode' + description: | + The HTTP status code returned with the response containing the custom error content. + If overrideResponseCode is not supplied, the same response code returned by the original backend bucket or backend service is returned to the client. + - !ruby/object:Api::Type::ResourceRef + name: "errorService" + resource: "BackendBucket" + imports: 'selfLink' +======= - name: 'overrideResponseCode' type: Integer description: | @@ -533,6 +992,7 @@ properties: If overrideResponseCode is not supplied, the same response code returned by the original backend bucket or backend service is returned to the client. - name: 'errorService' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The full or partial URL to the BackendBucket resource that contains the custom error content. Examples are: @@ -542,10 +1002,15 @@ properties: If errorService is not specified at lower levels like pathMatcher, pathRule and routeRule, an errorService specified at a higher level in the UrlMap will be used. If UrlMap.defaultCustomErrorResponsePolicy contains one or more errorResponseRules[], it must specify errorService. If load balancer cannot reach the backendBucket, a simple Not Found Error will be returned, with the original response code (or overrideResponseCode if configured). +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'routeAction' +======= resource: 'BackendBucket' imports: 'selfLink' - name: 'routeAction' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the @@ -554,18 +1019,44 @@ properties: routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'corsPolicy' +======= - name: 'corsPolicy' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'allowCredentials' + default_value: false +======= - name: 'allowCredentials' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access- Control-Allow-Credentials header. Defaults to false. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'allowHeaders' + item_type: Api::Type::String + description: | + Specifies the content for the Access-Control-Allow-Headers header. + - !ruby/object:Api::Type::Array + name: 'allowMethods' + item_type: Api::Type::String + description: | + Specifies the content for the Access-Control-Allow-Methods header. + - !ruby/object:Api::Type::Array + name: 'allowOriginRegexes' + item_type: Api::Type::String +======= default_value: false - name: 'allowHeaders' type: Array @@ -581,10 +1072,36 @@ properties: type: String - name: 'allowOriginRegexes' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the regular expression patterns that match allowed origins. For regular expression grammar please see en.cppreference.com/w/cpp/regex/ecmascript An origin is allowed if it matches either allow_origins or allow_origin_regex. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'allowOrigins' + item_type: Api::Type::String + description: | + Specifies the list of origins that will be allowed to do CORS requests. An + origin is allowed if it matches either allow_origins or allow_origin_regex. + - !ruby/object:Api::Type::Boolean + name: 'disabled' + required: true + description: | + If true, specifies the CORS policy is disabled. + - !ruby/object:Api::Type::Array + name: 'exposeHeaders' + item_type: Api::Type::String + description: | + Specifies the content for the Access-Control-Expose-Headers header. + - !ruby/object:Api::Type::Integer + name: 'maxAge' + description: | + Specifies how long the results of a preflight request can be cached. This + translates to the content for the Access-Control-Max-Age header. + - !ruby/object:Api::Type::NestedObject + name: 'faultInjectionPolicy' +======= item_type: type: String - name: 'allowOrigins' @@ -612,6 +1129,7 @@ properties: translates to the content for the Access-Control-Max-Age header. - name: 'faultInjectionPolicy' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, @@ -621,12 +1139,28 @@ properties: Loadbalancer for a percentage of requests. timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'abort' +======= - name: 'abort' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The specification for how client requests are aborted as part of fault injection. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'httpStatus' + required: true + description: | + The HTTP status code used to abort the request. The value must be between 200 + and 599 inclusive. + - !ruby/object:Api::Type::Double + name: 'percentage' + required: true +======= - name: 'httpStatus' type: Integer description: | @@ -635,17 +1169,33 @@ properties: required: true - name: 'percentage' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'delay' +======= required: true - name: 'delay' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The specification for how client requests are delayed as part of fault injection, before being sent to a backend service. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'fixedDelay' + required: true + description: | + Specifies the value of the fixed delay interval. + properties: + - !ruby/object:Api::Type::Integer + name: 'nanos' +======= - name: 'fixedDelay' type: NestedObject description: | @@ -654,10 +1204,22 @@ properties: properties: - name: 'nanos' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'seconds' + required: true + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 + inclusive. + - !ruby/object:Api::Type::Double + name: 'percentage' + required: true +======= - name: 'seconds' type: String description: | @@ -666,19 +1228,51 @@ properties: required: true - name: 'percentage' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'requestMirrorPolicy' +======= required: true - name: 'requestMirrorPolicy' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: 'backendService' + custom_expand: 'templates/terraform/custom_expand/reference_to_backend.erb' + required: true + resource: 'BackendService' + imports: 'selfLink' + description: | + The BackendService resource being mirrored to. + - !ruby/object:Api::Type::NestedObject + name: 'retryPolicy' + description: | + Specifies the retry policy associated with this route. + properties: + - !ruby/object:Api::Type::Integer + name: 'numRetries' + description: | + Specifies the allowed number retries. This number must be > 0. + - !ruby/object:Api::Type::NestedObject + name: 'perTryTimeout' + description: | + Specifies a non-zero timeout per retry attempt. + properties: + - !ruby/object:Api::Type::Integer + name: 'nanos' +======= - name: 'backendService' type: ResourceRef description: | @@ -703,10 +1297,22 @@ properties: properties: - name: 'nanos' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'seconds' + required: true + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 + inclusive. + - !ruby/object:Api::Type::Array + name: 'retryConditions' + item_type: Api::Type::String +======= - name: 'seconds' type: String description: | @@ -715,6 +1321,7 @@ properties: required: true - name: 'retryConditions' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies one or more conditions when this retry rule applies. Valid values are: @@ -738,22 +1345,42 @@ properties: header is set to resource-exhausted * unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'timeout' +======= item_type: type: String - name: 'timeout' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the timeout for the selected route. Timeout is computed from the time the request is has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, the default value is 15 seconds. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'nanos' +======= - name: 'nanos' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'seconds' + required: true + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 + inclusive. + - !ruby/object:Api::Type::NestedObject + name: 'urlRewrite' +======= - name: 'seconds' type: String description: | @@ -762,24 +1389,40 @@ properties: required: true - name: 'urlRewrite' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The spec to modify the URL of the request, prior to forwarding the request to the matched service properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'hostRewrite' +======= - name: 'hostRewrite' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'pathPrefixRewrite' +======= - name: 'pathPrefixRewrite' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'weightedBackendServices' +======= - name: 'weightedBackendServices' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their @@ -789,26 +1432,64 @@ properties: the backend service, advanced routing actions like Url rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::ResourceRef + name: 'backendService' + required: true + custom_expand: 'templates/terraform/custom_expand/reference_to_backend.erb' + resource: 'BackendService' + imports: 'selfLink' +======= item_type: type: NestedObject properties: - name: 'backendService' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'headerAction' +======= required: true custom_expand: 'templates/terraform/custom_expand/reference_to_backend.tmpl' resource: 'BackendService' imports: 'selfLink' - name: 'headerAction' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'requestHeadersToAdd' + description: | + Headers to add to a matching request prior to forwarding the request to the + backendService. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'headerName' + required: true + description: | + The name of the header. + - !ruby/object:Api::Type::String + name: 'headerValue' + required: true + description: | + The value of the header to add. + - !ruby/object:Api::Type::Boolean + name: 'replace' + required: true +======= - name: 'requestHeadersToAdd' type: Array description: | @@ -829,10 +1510,38 @@ properties: required: true - name: 'replace' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'requestHeadersToRemove' + item_type: Api::Type::String + description: | + A list of header names for headers that need to be removed from the request + prior to forwarding the request to the backendService. + - !ruby/object:Api::Type::Array + name: 'responseHeadersToAdd' + description: | + Headers to add the response prior to sending the response back to the client. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'headerName' + required: true + description: | + The name of the header. + - !ruby/object:Api::Type::String + name: 'headerValue' + required: true + description: | + The value of the header to add. + - !ruby/object:Api::Type::Boolean + name: 'replace' + required: true +======= required: true - name: 'requestHeadersToRemove' type: Array @@ -860,10 +1569,22 @@ properties: required: true - name: 'replace' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'responseHeadersToRemove' + item_type: Api::Type::String + description: | + A list of header names for headers that need to be removed from the response + prior to sending the response back to the client. + - !ruby/object:Api::Type::Integer + name: 'weight' + required: true +======= required: true - name: 'responseHeadersToRemove' type: Array @@ -874,6 +1595,7 @@ properties: type: String - name: 'weight' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a @@ -881,39 +1603,65 @@ properties: been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000 +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'urlRedirect' +======= required: true - name: 'urlRedirect' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'hostRedirect' +======= - name: 'hostRedirect' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'httpsRedirect' + default_value: false +======= - name: 'httpsRedirect' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'pathRedirect' +======= default_value: false - name: 'pathRedirect' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'prefixRedirect' +======= - name: 'prefixRedirect' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before @@ -921,8 +1669,13 @@ properties: pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters. +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'redirectResponseCode' +======= - name: 'redirectResponseCode' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The HTTP Status code to use for this RedirectAction. Supported values are: @@ -937,6 +1690,18 @@ properties: * PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained. +<<<<<<< HEAD + skip_docs_values: true + values: + - :FOUND + - :MOVED_PERMANENTLY_DEFAULT + - :PERMANENT_REDIRECT + - :SEE_OTHER + - :TEMPORARY_REDIRECT + - !ruby/object:Api::Type::Boolean + name: 'stripQuery' + required: true +======= enum_values: - 'FOUND' - 'MOVED_PERMANENTLY_DEFAULT' @@ -946,14 +1711,20 @@ properties: exclude_docs_values: true - name: 'stripQuery' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. This field is required to ensure an empty block is not set. The normal default value is false. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'routeRules' +======= required: true - name: 'routeRules' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The list of ordered HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. The order of specifying @@ -961,11 +1732,19 @@ properties: action to take effect. Within a given pathMatcher, only one of pathRules or routeRules must be set. routeRules are not supported in UrlMaps intended for External load balancers. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Integer + name: 'priority' + required: true +======= item_type: type: NestedObject properties: - name: 'priority' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated @@ -982,9 +1761,17 @@ properties: 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules. +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: 'service' + resource: 'BackendService' + custom_expand: 'templates/terraform/custom_expand/reference_to_backend.erb' + imports: 'selfLink' +======= required: true - name: 'service' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, @@ -993,17 +1780,44 @@ properties: contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'headerAction' +======= custom_expand: 'templates/terraform/custom_expand/reference_to_backend.tmpl' resource: 'BackendService' imports: 'selfLink' - name: 'headerAction' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].r outeAction.weightedBackendService.backendServiceWeightAction[].headerAction properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'requestHeadersToAdd' + description: | + Headers to add to a matching request prior to forwarding the request to the + backendService. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'headerName' + required: true + description: | + The name of the header. + - !ruby/object:Api::Type::String + name: 'headerValue' + required: true + description: | + The value of the header to add. + - !ruby/object:Api::Type::Boolean + name: 'replace' + required: true +======= - name: 'requestHeadersToAdd' type: Array description: | @@ -1024,10 +1838,38 @@ properties: required: true - name: 'replace' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'requestHeadersToRemove' + item_type: Api::Type::String + description: | + A list of header names for headers that need to be removed from the request + prior to forwarding the request to the backendService. + - !ruby/object:Api::Type::Array + name: 'responseHeadersToAdd' + description: | + Headers to add the response prior to sending the response back to the client. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'headerName' + required: true + description: | + The name of the header. + - !ruby/object:Api::Type::String + name: 'headerValue' + required: true + description: | + The value of the header to add. + - !ruby/object:Api::Type::Boolean + name: 'replace' + required: true +======= required: true - name: 'requestHeadersToRemove' type: Array @@ -1055,10 +1897,27 @@ properties: required: true - name: 'replace' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'responseHeadersToRemove' + item_type: Api::Type::String + description: | + A list of header names for headers that need to be removed from the response + prior to sending the response back to the client. + - !ruby/object:Api::Type::Array + name: 'matchRules' + description: | + The rules for determining a match. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'fullPathMatch' +======= required: true - name: 'responseHeadersToRemove' type: Array @@ -1076,12 +1935,30 @@ properties: properties: - name: 'fullPathMatch' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. FullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'headerMatches' + description: | + Specifies a list of header match criteria, all of which must match corresponding + headers in the request. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'exactMatch' + description: | + The value should exactly match contents of exactMatch. Only one of exactMatch, + prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. + - !ruby/object:Api::Type::String + name: 'headerName' + required: true +======= - name: 'headerMatches' type: Array description: | @@ -1097,32 +1974,54 @@ properties: prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. - name: 'headerName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'invertMatch' + default_value: false +======= required: true - name: 'invertMatch' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. Defaults to false. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'prefixMatch' +======= default_value: false - name: 'prefixMatch' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'presentMatch' +======= - name: 'presentMatch' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value or not. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'rangeMatch' +======= - name: 'rangeMatch' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, @@ -1131,6 +2030,20 @@ properties: exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'rangeEnd' + required: true + description: | + The end of the range (exclusive). + - !ruby/object:Api::Type::Integer + name: 'rangeStart' + required: true + description: | + The start of the range (inclusive). + - !ruby/object:Api::Type::String + name: 'regexMatch' +======= - name: 'rangeEnd' type: Integer description: | @@ -1143,6 +2056,7 @@ properties: required: true - name: 'regexMatch' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: @@ -1151,12 +2065,27 @@ properties: a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'suffixMatch' +======= - name: 'suffixMatch' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'ignoreCase' + default_value: false + description: | + Specifies that prefixMatch and fullPathMatch matches are case sensitive. + Defaults to false. + - !ruby/object:Api::Type::Array + name: 'metadataFilters' +======= - name: 'ignoreCase' type: Boolean description: | @@ -1165,6 +2094,7 @@ properties: default_value: false - name: 'metadataFilters' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set xDS compliant clients. In their xDS requests to Loadbalancer, xDS @@ -1177,15 +2107,44 @@ properties: here can be overrides those specified in ForwardingRule that refers to this UrlMap. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Array + name: 'filterLabels' + min_size: 1 + max_size: 64 + required: true +======= item_type: type: NestedObject properties: - name: 'filterLabels' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + required: true + description: | + Name of metadata label. The name can have a maximum length of 1024 characters + and must be at least 1 character long. + - !ruby/object:Api::Type::String + name: 'value' + required: true + description: | + The value of the label must match the specified value. value can have a maximum + length of 1024 characters. + - !ruby/object:Api::Type::Enum + name: 'filterMatchCriteria' + required: true +======= required: true item_type: type: NestedObject @@ -1206,6 +2165,7 @@ properties: max_size: 64 - name: 'filterMatchCriteria' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: @@ -1213,17 +2173,36 @@ properties: provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata. +<<<<<<< HEAD + values: + - :MATCH_ALL + - :MATCH_ANY + - !ruby/object:Api::Type::String + name: 'prefixMatch' +======= required: true enum_values: - 'MATCH_ALL' - 'MATCH_ANY' - name: 'prefixMatch' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'queryParameterMatches' + description: | + Specifies a list of query parameter match criteria, all of which must match + corresponding query parameters in the request. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'exactMatch' +======= - name: 'queryParameterMatches' type: Array description: | @@ -1234,10 +2213,21 @@ properties: properties: - name: 'exactMatch' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch and regexMatch must be set. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'name' + required: true + description: | + The name of the query parameter to match. The query parameter must exist in the + request, in the absence of which the request match fails. + - !ruby/object:Api::Type::Boolean + name: 'presentMatch' +======= - name: 'name' type: String description: | @@ -1246,27 +2236,43 @@ properties: required: true - name: 'presentMatch' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch and regexMatch must be set. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'regexMatch' +======= - name: 'regexMatch' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see en.cppreference.com/w/cpp/regex/ecmascript Only one of presentMatch, exactMatch and regexMatch must be set. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'regexMatch' +======= - name: 'regexMatch' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see en.cppreference.com/w/cpp/regex/ecmascript Only one of prefixMatch, fullPathMatch or regexMatch must be specified. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: pathTemplateMatch +======= - name: 'pathTemplateMatch' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | For satisfying the matchRule condition, the path of the request must match the wildcard pattern specified in pathTemplateMatch @@ -1277,8 +2283,13 @@ properties: (inclusive). The pattern specified by pathTemplateMatch may have at most 5 wildcard operators and at most 5 variable captures in total. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'routeAction' +======= - name: 'routeAction' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the @@ -1287,18 +2298,44 @@ properties: routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'corsPolicy' +======= - name: 'corsPolicy' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'allowCredentials' + default_value: false +======= - name: 'allowCredentials' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access- Control-Allow-Credentials header. Defaults to false. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'allowHeaders' + item_type: Api::Type::String + description: | + Specifies the content for the Access-Control-Allow-Headers header. + - !ruby/object:Api::Type::Array + name: 'allowMethods' + item_type: Api::Type::String + description: | + Specifies the content for the Access-Control-Allow-Methods header. + - !ruby/object:Api::Type::Array + name: 'allowOriginRegexes' + item_type: Api::Type::String +======= default_value: false - name: 'allowHeaders' type: Array @@ -1314,10 +2351,37 @@ properties: type: String - name: 'allowOriginRegexes' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the regular expression patterns that match allowed origins. For regular expression grammar please see en.cppreference.com/w/cpp/regex/ecmascript An origin is allowed if it matches either allow_origins or allow_origin_regex. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'allowOrigins' + item_type: Api::Type::String + description: | + Specifies the list of origins that will be allowed to do CORS requests. An + origin is allowed if it matches either allow_origins or allow_origin_regex. + - !ruby/object:Api::Type::Boolean + name: 'disabled' + default_value: false + description: | + If true, specifies the CORS policy is disabled. + which indicates that the CORS policy is in effect. Defaults to false. + - !ruby/object:Api::Type::Array + name: 'exposeHeaders' + item_type: Api::Type::String + description: | + Specifies the content for the Access-Control-Expose-Headers header. + - !ruby/object:Api::Type::Integer + name: 'maxAge' + description: | + Specifies how long the results of a preflight request can be cached. This + translates to the content for the Access-Control-Max-Age header. + - !ruby/object:Api::Type::NestedObject + name: 'faultInjectionPolicy' +======= item_type: type: String - name: 'allowOrigins' @@ -1346,6 +2410,7 @@ properties: translates to the content for the Access-Control-Max-Age header. - name: 'faultInjectionPolicy' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, @@ -1355,12 +2420,26 @@ properties: Loadbalancer for a percentage of requests. timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'abort' +======= - name: 'abort' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The specification for how client requests are aborted as part of fault injection. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'httpStatus' + description: | + The HTTP status code used to abort the request. The value must be between 200 + and 599 inclusive. + - !ruby/object:Api::Type::Double + name: 'percentage' +======= - name: 'httpStatus' type: Integer description: | @@ -1368,16 +2447,31 @@ properties: and 599 inclusive. - name: 'percentage' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'delay' +======= - name: 'delay' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The specification for how client requests are delayed as part of fault injection, before being sent to a backend service. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'fixedDelay' + description: | + Specifies the value of the fixed delay interval. + properties: + - !ruby/object:Api::Type::Integer + name: 'nanos' +======= - name: 'fixedDelay' type: NestedObject description: | @@ -1385,10 +2479,21 @@ properties: properties: - name: 'nanos' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'seconds' + required: true + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 + inclusive. + - !ruby/object:Api::Type::Double + name: 'percentage' +======= - name: 'seconds' type: String description: | @@ -1397,18 +2502,46 @@ properties: required: true - name: 'percentage' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'requestMirrorPolicy' +======= - name: 'requestMirrorPolicy' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: 'backendService' + required: true + custom_expand: 'templates/terraform/custom_expand/reference_to_backend.erb' + resource: 'BackendService' + imports: 'selfLink' + description: | + The BackendService resource being mirrored to. + - !ruby/object:Api::Type::NestedObject + name: 'retryPolicy' + description: | + Specifies the retry policy associated with this route. + properties: + - !ruby/object:Api::Type::Integer + name: 'numRetries' + required: true + description: | + Specifies the allowed number retries. This number must be > 0. + - !ruby/object:Api::Type::NestedObject + name: 'perTryTimeout' +======= - name: 'backendService' type: ResourceRef description: | @@ -1429,17 +2562,34 @@ properties: required: true - name: 'perTryTimeout' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'nanos' +======= - name: 'nanos' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'seconds' + required: true + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 + inclusive. + - !ruby/object:Api::Type::Array + name: 'retryConditions' + item_type: Api::Type::String +======= - name: 'seconds' type: String description: | @@ -1448,6 +2598,7 @@ properties: required: true - name: 'retryConditions' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specfies one or more conditions when this retry rule applies. Valid values are: @@ -1471,22 +2622,42 @@ properties: header is set to resource-exhausted * unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'timeout' +======= item_type: type: String - name: 'timeout' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the timeout for the selected route. Timeout is computed from the time the request is has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, the default value is 15 seconds. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'nanos' +======= - name: 'nanos' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'seconds' + required: true + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 + inclusive. + - !ruby/object:Api::Type::NestedObject + name: 'urlRewrite' +======= - name: 'seconds' type: String description: | @@ -1495,24 +2666,40 @@ properties: required: true - name: 'urlRewrite' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The spec to modify the URL of the request, prior to forwarding the request to the matched service properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'hostRewrite' +======= - name: 'hostRewrite' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'pathPrefixRewrite' +======= - name: 'pathPrefixRewrite' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'pathTemplateRewrite' +======= - name: 'pathTemplateRewrite' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Prior to forwarding the request to the selected origin, if the request matched a pathTemplateMatch, the matching portion of the @@ -1528,8 +2715,13 @@ properties: Only one of pathPrefixRewrite and pathTemplateRewrite may be specified. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'weightedBackendServices' +======= - name: 'weightedBackendServices' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their @@ -1539,26 +2731,64 @@ properties: the backend service, advanced routing actions like Url rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::ResourceRef + name: 'backendService' + required: true + resource: 'BackendService' + custom_expand: 'templates/terraform/custom_expand/reference_to_backend.erb' + imports: 'selfLink' +======= item_type: type: NestedObject properties: - name: 'backendService' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'headerAction' +======= required: true custom_expand: 'templates/terraform/custom_expand/reference_to_backend.tmpl' resource: 'BackendService' imports: 'selfLink' - name: 'headerAction' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'requestHeadersToAdd' + description: | + Headers to add to a matching request prior to forwarding the request to the + backendService. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'headerName' + required: true + description: | + The name of the header. + - !ruby/object:Api::Type::String + name: 'headerValue' + required: true + description: | + The value of the header to add. + - !ruby/object:Api::Type::Boolean + name: 'replace' + required: true +======= - name: 'requestHeadersToAdd' type: Array description: | @@ -1579,10 +2809,38 @@ properties: required: true - name: 'replace' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'requestHeadersToRemove' + item_type: Api::Type::String + description: | + A list of header names for headers that need to be removed from the request + prior to forwarding the request to the backendService. + - !ruby/object:Api::Type::Array + name: 'responseHeadersToAdd' + description: | + Headers to add the response prior to sending the response back to the client. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'headerName' + required: true + description: | + The name of the header. + - !ruby/object:Api::Type::String + name: 'headerValue' + required: true + description: | + The value of the header to add. + - !ruby/object:Api::Type::Boolean + name: 'replace' + required: true +======= required: true - name: 'requestHeadersToRemove' type: Array @@ -1610,10 +2868,22 @@ properties: required: true - name: 'replace' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'responseHeadersToRemove' + item_type: Api::Type::String + description: | + A list of header names for headers that need to be removed from the response + prior to sending the response back to the client. + - !ruby/object:Api::Type::Integer + name: 'weight' + required: true +======= required: true - name: 'responseHeadersToRemove' type: Array @@ -1624,6 +2894,7 @@ properties: type: String - name: 'weight' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a @@ -1631,14 +2902,29 @@ properties: been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000 +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'urlRedirect' +======= required: true - name: 'urlRedirect' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'hostRedirect' + description: | + The host that will be used in the redirect response instead of the one that was + supplied in the request. The value must be between 1 and 255 characters. + - !ruby/object:Api::Type::Boolean + name: 'httpsRedirect' + default_value: false +======= - name: 'hostRedirect' type: String description: | @@ -1646,18 +2932,33 @@ properties: supplied in the request. The value must be between 1 and 255 characters. - name: 'httpsRedirect' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. Defaults to false. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'pathRedirect' +======= default_value: false - name: 'pathRedirect' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The path that will be used in the redirect response instead of the one that was supplied in the request. Only one of pathRedirect or prefixRedirect must be specified. The value must be between 1 and 1024 characters. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'prefixRedirect' + description: | + The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, + retaining the remaining portion of the URL before redirecting the request. + - !ruby/object:Api::Type::Enum + name: 'redirectResponseCode' +======= - name: 'prefixRedirect' type: String description: | @@ -1665,6 +2966,7 @@ properties: retaining the remaining portion of the URL before redirecting the request. - name: 'redirectResponseCode' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The HTTP Status code to use for this RedirectAction. Supported values are: @@ -1677,6 +2979,18 @@ properties: * TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. * PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained. +<<<<<<< HEAD + skip_docs_values: true + values: + - :FOUND + - :MOVED_PERMANENTLY_DEFAULT + - :PERMANENT_REDIRECT + - :SEE_OTHER + - :TEMPORARY_REDIRECT + - !ruby/object:Api::Type::Boolean + name: 'stripQuery' + default_value: false +======= enum_values: - 'FOUND' - 'MOVED_PERMANENTLY_DEFAULT' @@ -1686,13 +3000,19 @@ properties: exclude_docs_values: true - name: 'stripQuery' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. Defaults to false. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'defaultUrlRedirect' +======= default_value: false - name: 'defaultUrlRedirect' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # TODO: (mbang) won't work for array path matchers yet, uncomment here once they are supported. # (github.com/hashicorp/terraform-plugin-sdk/issues/470) # exactly_one_of: @@ -1704,6 +3024,16 @@ properties: by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'hostRedirect' + description: | + The host that will be used in the redirect response instead of the one that was + supplied in the request. The value must be between 1 and 255 characters. + - !ruby/object:Api::Type::Boolean + name: 'httpsRedirect' + default_value: false +======= - name: 'hostRedirect' type: String description: | @@ -1711,30 +3041,46 @@ properties: supplied in the request. The value must be between 1 and 255 characters. - name: 'httpsRedirect' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'pathRedirect' +======= default_value: false - name: 'pathRedirect' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'prefixRedirect' +======= - name: 'prefixRedirect' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters. +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'redirectResponseCode' +======= - name: 'redirectResponseCode' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The HTTP Status code to use for this RedirectAction. Supported values are: @@ -1749,6 +3095,18 @@ properties: * PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained. +<<<<<<< HEAD + skip_docs_values: true + values: + - :FOUND + - :MOVED_PERMANENTLY_DEFAULT + - :PERMANENT_REDIRECT + - :SEE_OTHER + - :TEMPORARY_REDIRECT + - !ruby/object:Api::Type::Boolean + name: 'stripQuery' + required: true +======= enum_values: - 'FOUND' - 'MOVED_PERMANENTLY_DEFAULT' @@ -1758,14 +3116,20 @@ properties: exclude_docs_values: true - name: 'stripQuery' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. This field is required to ensure an empty block is not set. The normal default value is false. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'defaultRouteAction' +======= required: true - name: 'defaultRouteAction' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # TODO: (mbang) conflicts also won't work for array path matchers yet, uncomment here once supported. # conflicts: # - path_matcher.path_matcher.default_url_redirect @@ -1777,8 +3141,13 @@ properties: Only one of defaultRouteAction or defaultUrlRedirect must be set. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'weightedBackendServices' +======= - name: 'weightedBackendServices' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # TODO: (mbang) won't work for array path matchers yet, uncomment here once they are supported. # (github.com/hashicorp/terraform-plugin-sdk/issues/470) # exactly_one_of: @@ -1794,20 +3163,37 @@ properties: Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions like Url rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::ResourceRef + name: 'backendService' + resource: 'BackendService' + custom_expand: 'templates/terraform/custom_expand/reference_to_backend.erb' + imports: 'selfLink' +======= item_type: type: NestedObject properties: - name: 'backendService' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'weight' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.IntBetween(0, 1000)' +======= custom_expand: 'templates/terraform/custom_expand/reference_to_backend.tmpl' resource: 'BackendService' imports: 'selfLink' - name: 'weight' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . @@ -1817,10 +3203,15 @@ properties: as determined by the BackendService's session affinity policy. The value must be between 0 and 1000 +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'headerAction' +======= validation: function: 'validation.IntBetween(0, 1000)' - name: 'headerAction' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies changes to request and response headers that need to take effect for the selected backendService. @@ -1828,6 +3219,30 @@ properties: headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'requestHeadersToRemove' + description: | + A list of header names for headers that need to be removed from the request prior to + forwarding the request to the backendService. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'requestHeadersToAdd' + description: | + Headers to add to a matching request prior to forwarding the request to the backendService. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'headerName' + description: | + The name of the header to add. + - !ruby/object:Api::Type::String + name: 'headerValue' + description: | + The value of the header to add. + - !ruby/object:Api::Type::Boolean + name: 'replace' +======= - name: 'requestHeadersToRemove' type: Array description: | @@ -1852,10 +3267,35 @@ properties: The value of the header to add. - name: 'replace' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. default_value: false +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'responseHeadersToRemove' + description: | + A list of header names for headers that need to be removed from the response prior to sending the + response back to the client. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'responseHeadersToAdd' + description: | + Headers to add the response prior to sending the response back to the client. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'headerName' + description: | + The name of the header to add. + - !ruby/object:Api::Type::String + name: 'headerValue' + description: | + The value of the header to add. + - !ruby/object:Api::Type::Boolean + name: 'replace' +======= - name: 'responseHeadersToRemove' type: Array description: | @@ -1880,10 +3320,20 @@ properties: The value of the header to add. - name: 'replace' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. default_value: false +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'urlRewrite' + description: | + The spec to modify the URL of the request, prior to forwarding the request to the matched service. + properties: + - !ruby/object:Api::Type::String + name: 'pathPrefixRewrite' +======= - name: 'urlRewrite' type: NestedObject description: | @@ -1891,25 +3341,57 @@ properties: properties: - name: 'pathPrefixRewrite' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'hostRewrite' +======= - name: 'hostRewrite' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'timeout' + default_from_api: true +======= - name: 'timeout' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::String + name: 'seconds' + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. + Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years + - !ruby/object:Api::Type::Integer + name: 'nanos' + description: | + Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented + with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. + - !ruby/object:Api::Type::NestedObject + name: 'retryPolicy' + description: | + Specifies the retry policy associated with this route. + properties: + - !ruby/object:Api::Type::Array + name: 'retryConditions' +======= default_from_api: true properties: - name: 'seconds' @@ -1929,6 +3411,7 @@ properties: properties: - name: 'retryConditions' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specfies one or more conditions when this retry rule applies. Valid values are: @@ -1946,6 +3429,18 @@ properties: * deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded * resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted * unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Integer + name: 'numRetries' + description: | + Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1. + default_value: 1 + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.IntAtLeast(1)' + - !ruby/object:Api::Type::NestedObject + name: 'perTryTimeout' +======= item_type: type: String - name: 'numRetries' @@ -1957,12 +3452,27 @@ properties: default_value: 1 - name: 'perTryTimeout' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'seconds' + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. + Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years + - !ruby/object:Api::Type::Integer + name: 'nanos' + description: | + Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are + represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. + - !ruby/object:Api::Type::NestedObject + name: 'requestMirrorPolicy' +======= - name: 'seconds' type: String description: | @@ -1975,11 +3485,24 @@ properties: represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. - name: 'requestMirrorPolicy' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: 'backendService' + resource: 'BackendService' + custom_expand: 'templates/terraform/custom_expand/reference_to_backend.erb' + imports: 'selfLink' + description: | + The full or partial URL to the BackendService resource being mirrored to. + required: true + - !ruby/object:Api::Type::NestedObject + name: 'corsPolicy' +======= - name: 'backendService' type: ResourceRef description: | @@ -1990,10 +3513,21 @@ properties: imports: 'selfLink' - name: 'corsPolicy' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The specification for allowing client side cross-origin requests. Please see [W3C Recommendation for Cross Origin Resource Sharing](https://www.w3.org/TR/cors/) properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'allowOrigins' + description: | + Specifies the list of origins that will be allowed to do CORS requests. + An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'allowOriginRegexes' +======= - name: 'allowOrigins' type: Array description: | @@ -2003,10 +3537,36 @@ properties: type: String - name: 'allowOriginRegexes' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the regular expression patterns that match allowed origins. For regular expression grammar please see en.cppreference.com/w/cpp/regex/ecmascript An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'allowMethods' + description: | + Specifies the content for the Access-Control-Allow-Methods header. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'allowHeaders' + description: | + Specifies the content for the Access-Control-Allow-Headers header. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'exposeHeaders' + description: | + Specifies the content for the Access-Control-Expose-Headers header. + item_type: Api::Type::String + - !ruby/object:Api::Type::Integer + name: 'maxAge' + description: | + Specifies how long results of a preflight request can be cached in seconds. + This translates to the Access-Control-Max-Age header. + - !ruby/object:Api::Type::Boolean + name: 'allowCredentials' +======= item_type: type: String - name: 'allowMethods' @@ -2034,10 +3594,20 @@ properties: This translates to the Access-Control-Max-Age header. - name: 'allowCredentials' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. default_value: false +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'disabled' + description: | + If true, specifies the CORS policy is disabled. The default value is false, which indicates that the CORS policy is in effect. + default_value: false + - !ruby/object:Api::Type::NestedObject + name: 'faultInjectionPolicy' +======= - name: 'disabled' type: Boolean description: | @@ -2045,6 +3615,7 @@ properties: default_value: false - name: 'faultInjectionPolicy' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a @@ -2053,6 +3624,57 @@ properties: timeout and retryPolicy will be ignored by clients that are configured with a faultInjectionPolicy. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'delay' + description: | + The specification for how client requests are delayed as part of fault injection, before being sent to a backend service. + properties: + - !ruby/object:Api::Type::NestedObject + name: 'fixedDelay' + description: | + Specifies the value of the fixed delay interval. + properties: + - !ruby/object:Api::Type::String + name: 'seconds' + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. + Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years + - !ruby/object:Api::Type::Integer + name: 'nanos' + description: | + Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are + represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. + - !ruby/object:Api::Type::Double + name: 'percentage' + description: | + The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. + The value must be between 0.0 and 100.0 inclusive. + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.FloatBetween(0, 100)' + - !ruby/object:Api::Type::NestedObject + name: 'abort' + description: | + The specification for how client requests are aborted as part of fault injection. + properties: + - !ruby/object:Api::Type::Integer + name: 'httpStatus' + description: | + The HTTP status code used to abort the request. + The value must be between 200 and 599 inclusive. + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.IntBetween(200, 599)' + - !ruby/object:Api::Type::Double + name: 'percentage' + description: | + The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. + The value must be between 0.0 and 100.0 inclusive. + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.FloatBetween(0, 100)' + - !ruby/object:Api::Type::NestedObject + name: 'defaultCustomErrorResponsePolicy' + min_version: beta +======= - name: 'delay' type: NestedObject description: | @@ -2101,6 +3723,7 @@ properties: function: 'validation.FloatBetween(0, 100)' - name: 'defaultCustomErrorResponsePolicy' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | defaultCustomErrorResponsePolicy specifies how the Load Balancer returns error responses when BackendServiceor BackendBucket responds with an error. @@ -2115,36 +3738,67 @@ properties: When used in conjunction with pathMatcher.defaultRouteAction.retryPolicy, retries take precedence. Only once all retries are exhausted, the defaultCustomErrorResponsePolicy is applied. While attempting a retry, if load balancer is successful in reaching the service, the defaultCustomErrorResponsePolicy is ignored and the response from the service is returned to the client. defaultCustomErrorResponsePolicy is supported only for global external Application Load Balancers. +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::Array + name: 'errorResponseRule' + api_name: errorResponseRules +======= min_version: 'beta' properties: - name: 'errorResponseRule' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies rules for returning error responses. In a given policy, if you specify rules for both a range of error codes as well as rules for specific error codes then rules with specific error codes have a higher priority. For example, assume that you configure a rule for 401 (Un-authorized) code, and another for all 4 series error codes (4XX). If the backend service returns a 401, then the rule for 401 will be applied. However if the backend service returns a 403, the rule for 4xx takes effect. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Array + name: 'matchResponseCodes' +======= api_name: errorResponseRules item_type: type: NestedObject properties: - name: 'matchResponseCodes' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Valid values include: - A number between 400 and 599: For example 401 or 503, in which case the load balancer applies the policy if the error code exactly matches this value. - 5xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of 500 to 599. - 4xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of 400 to 499. Values must be unique within matchResponseCodes and across all errorResponseRules of CustomErrorResponsePolicy. +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::String + name: 'path' +======= item_type: type: String - name: 'path' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The full path to a file within backendBucket. For example: /errors/defaultError.html path must start with a leading slash. path cannot have trailing slashes. If the file is not available in backendBucket or the load balancer cannot reach the BackendBucket, a simple Not Found Error is returned to the client. The value must be from 1 to 1024 characters. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'overrideResponseCode' + description: | + The HTTP status code returned with the response containing the custom error content. + If overrideResponseCode is not supplied, the same response code returned by the original backend bucket or backend service is returned to the client. + - !ruby/object:Api::Type::ResourceRef + name: "errorService" + resource: "BackendBucket" + imports: 'selfLink' +======= - name: 'overrideResponseCode' type: Integer description: | @@ -2152,6 +3806,7 @@ properties: If overrideResponseCode is not supplied, the same response code returned by the original backend bucket or backend service is returned to the client. - name: 'errorService' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The full or partial URL to the BackendBucket resource that contains the custom error content. Examples are: @@ -2161,14 +3816,53 @@ properties: If errorService is not specified at lower levels like pathMatcher, pathRule and routeRule, an errorService specified at a higher level in the UrlMap will be used. If UrlMap.defaultCustomErrorResponsePolicy contains one or more errorResponseRules[], it must specify errorService. If load balancer cannot reach the backendBucket, a simple Not Found Error will be returned, with the original response code (or overrideResponseCode if configured). +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: "test" + api_name: tests +======= resource: 'BackendBucket' imports: 'selfLink' - name: 'test' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'description' + description: | + Description of this test case. + - !ruby/object:Api::Type::String + name: 'host' + required: true + description: | + Host portion of the URL. + - !ruby/object:Api::Type::String + name: 'path' + required: true + description: | + Path portion of the URL. + - !ruby/object:Api::Type::ResourceRef + name: 'service' + resource: 'BackendService' + imports: 'selfLink' + required: true + description: The backend service or backend bucket link that should be matched by this test. + custom_expand: 'templates/terraform/custom_expand/reference_to_backend.erb' + - !ruby/object:Api::Type::NestedObject + name: 'defaultUrlRedirect' + exactly_one_of: + - default_service + - default_url_redirect + - default_route_action.0.weighted_backend_services + conflicts: + - default_route_action +======= api_name: tests item_type: type: NestedObject @@ -2196,10 +3890,22 @@ properties: imports: 'selfLink' - name: 'defaultUrlRedirect' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::String + name: 'hostRedirect' + description: | + The host that will be used in the redirect response instead of the one that was + supplied in the request. The value must be between 1 and 255 characters. + - !ruby/object:Api::Type::Boolean + name: 'httpsRedirect' + default_value: false +======= conflicts: - default_route_action exactly_one_of: @@ -2214,30 +3920,46 @@ properties: supplied in the request. The value must be between 1 and 255 characters. - name: 'httpsRedirect' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'pathRedirect' +======= default_value: false - name: 'pathRedirect' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'prefixRedirect' +======= - name: 'prefixRedirect' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters. +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'redirectResponseCode' +======= - name: 'redirectResponseCode' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The HTTP Status code to use for this RedirectAction. Supported values are: @@ -2252,6 +3974,18 @@ properties: * PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained. +<<<<<<< HEAD + skip_docs_values: true + values: + - :FOUND + - :MOVED_PERMANENTLY_DEFAULT + - :PERMANENT_REDIRECT + - :SEE_OTHER + - :TEMPORARY_REDIRECT + - !ruby/object:Api::Type::Boolean + name: 'stripQuery' + required: true +======= enum_values: - 'FOUND' - 'MOVED_PERMANENTLY_DEFAULT' @@ -2261,14 +3995,22 @@ properties: exclude_docs_values: true - name: 'stripQuery' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false. This field is required to ensure an empty block is not set. The normal default value is false. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'defaultRouteAction' + conflicts: + - default_url_redirect +======= required: true - name: 'defaultRouteAction' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. @@ -2276,11 +4018,21 @@ properties: is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. +<<<<<<< HEAD + properties: + - !ruby/object:Api::Type::Array + name: 'weightedBackendServices' + exactly_one_of: + - default_service + - default_url_redirect + - default_route_action.0.weighted_backend_services +======= conflicts: - default_url_redirect properties: - name: 'weightedBackendServices' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. @@ -2291,6 +4043,22 @@ properties: advanced routing actions like Url rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction. at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.weighted_backend_services + - default_route_action.0.url_rewrite + - default_route_action.0.timeout + - default_route_action.0.retry_policy + - default_route_action.0.request_mirror_policy + - default_route_action.0.cors_policy + - default_route_action.0.fault_injection_policy + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::ResourceRef + name: 'backendService' + resource: 'BackendService' + custom_expand: 'templates/terraform/custom_expand/reference_to_backend.erb' + imports: 'selfLink' +======= - 'default_route_action.0.weighted_backend_services' - 'default_route_action.0.url_rewrite' - 'default_route_action.0.timeout' @@ -2307,15 +4075,21 @@ properties: properties: - name: 'backendService' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'weight' +======= custom_expand: 'templates/terraform/custom_expand/reference_to_backend.tmpl' resource: 'BackendService' imports: 'selfLink' - name: 'weight' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . @@ -2325,10 +4099,17 @@ properties: as determined by the BackendService's session affinity policy. The value must be between 0 and 1000 +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.IntBetween(0, 1000)' + - !ruby/object:Api::Type::NestedObject + name: 'headerAction' +======= validation: function: 'validation.IntBetween(0, 1000)' - name: 'headerAction' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies changes to request and response headers that need to take effect for the selected backendService. @@ -2336,6 +4117,30 @@ properties: headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'requestHeadersToRemove' + description: | + A list of header names for headers that need to be removed from the request prior to + forwarding the request to the backendService. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'requestHeadersToAdd' + description: | + Headers to add to a matching request prior to forwarding the request to the backendService. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'headerName' + description: | + The name of the header to add. + - !ruby/object:Api::Type::String + name: 'headerValue' + description: | + The value of the header to add. + - !ruby/object:Api::Type::Boolean + name: 'replace' +======= - name: 'requestHeadersToRemove' type: Array description: | @@ -2360,10 +4165,35 @@ properties: The value of the header to add. - name: 'replace' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. default_value: false +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'responseHeadersToRemove' + description: | + A list of header names for headers that need to be removed from the response prior to sending the + response back to the client. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'responseHeadersToAdd' + description: | + Headers to add the response prior to sending the response back to the client. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'headerName' + description: | + The name of the header to add. + - !ruby/object:Api::Type::String + name: 'headerValue' + description: | + The value of the header to add. + - !ruby/object:Api::Type::Boolean + name: 'replace' +======= - name: 'responseHeadersToRemove' type: Array description: | @@ -2388,10 +4218,28 @@ properties: The value of the header to add. - name: 'replace' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. default_value: false +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'urlRewrite' + description: | + The spec to modify the URL of the request, prior to forwarding the request to the matched service. + at_least_one_of: + - default_route_action.0.weighted_backend_services + - default_route_action.0.url_rewrite + - default_route_action.0.timeout + - default_route_action.0.retry_policy + - default_route_action.0.request_mirror_policy + - default_route_action.0.cors_policy + - default_route_action.0.fault_injection_policy + properties: + - !ruby/object:Api::Type::String + name: 'pathPrefixRewrite' +======= - name: 'urlRewrite' type: NestedObject description: | @@ -2407,31 +4255,60 @@ properties: properties: - name: 'pathPrefixRewrite' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters. at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.url_rewrite.0.path_prefix_rewrite + - default_route_action.0.url_rewrite.0.host_rewrite + - !ruby/object:Api::Type::String + name: 'hostRewrite' +======= - 'default_route_action.0.url_rewrite.0.path_prefix_rewrite' - 'default_route_action.0.url_rewrite.0.host_rewrite' - name: 'hostRewrite' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters. at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.url_rewrite.0.path_prefix_rewrite + - default_route_action.0.url_rewrite.0.host_rewrite + - !ruby/object:Api::Type::NestedObject + name: 'timeout' + default_from_api: true +======= - 'default_route_action.0.url_rewrite.0.path_prefix_rewrite' - 'default_route_action.0.url_rewrite.0.host_rewrite' - name: 'timeout' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. +<<<<<<< HEAD + at_least_one_of: + - default_route_action.0.weighted_backend_services + - default_route_action.0.url_rewrite + - default_route_action.0.timeout + - default_route_action.0.retry_policy + - default_route_action.0.request_mirror_policy + - default_route_action.0.cors_policy + - default_route_action.0.fault_injection_policy + properties: + - !ruby/object:Api::Type::String + name: 'seconds' +======= default_from_api: true at_least_one_of: - 'default_route_action.0.weighted_backend_services' @@ -2444,18 +4321,45 @@ properties: properties: - name: 'seconds' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.timeout.0.seconds + - default_route_action.0.timeout.0.nanos + - !ruby/object:Api::Type::Integer + name: 'nanos' +======= - 'default_route_action.0.timeout.0.seconds' - 'default_route_action.0.timeout.0.nanos' - name: 'nanos' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.timeout.0.seconds + - default_route_action.0.timeout.0.nanos + - !ruby/object:Api::Type::NestedObject + name: 'retryPolicy' + description: | + Specifies the retry policy associated with this route. + at_least_one_of: + - default_route_action.0.weighted_backend_services + - default_route_action.0.url_rewrite + - default_route_action.0.timeout + - default_route_action.0.retry_policy + - default_route_action.0.request_mirror_policy + - default_route_action.0.cors_policy + - default_route_action.0.fault_injection_policy + properties: + - !ruby/object:Api::Type::Array + name: 'retryConditions' +======= - 'default_route_action.0.timeout.0.seconds' - 'default_route_action.0.timeout.0.nanos' - name: 'retryPolicy' @@ -2473,6 +4377,7 @@ properties: properties: - name: 'retryConditions' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specfies one or more conditions when this retry rule applies. Valid values are: @@ -2491,6 +4396,25 @@ properties: * resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted * unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.retry_policy.0.retry_conditions + - default_route_action.0.retry_policy.0.num_retries + - default_route_action.0.retry_policy.0.per_try_timeout + item_type: Api::Type::String + - !ruby/object:Api::Type::Integer + name: 'numRetries' + description: | + Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1. + at_least_one_of: + - default_route_action.0.retry_policy.0.retry_conditions + - default_route_action.0.retry_policy.0.num_retries + - default_route_action.0.retry_policy.0.per_try_timeout + default_value: 1 + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.IntAtLeast(1)' + - !ruby/object:Api::Type::NestedObject + name: 'perTryTimeout' +======= - 'default_route_action.0.retry_policy.0.retry_conditions' - 'default_route_action.0.retry_policy.0.num_retries' - 'default_route_action.0.retry_policy.0.per_try_timeout' @@ -2509,39 +4433,83 @@ properties: default_value: 1 - name: 'perTryTimeout' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route. at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.retry_policy.0.retry_conditions + - default_route_action.0.retry_policy.0.num_retries + - default_route_action.0.retry_policy.0.per_try_timeout + properties: + - !ruby/object:Api::Type::String + name: 'seconds' +======= - 'default_route_action.0.retry_policy.0.retry_conditions' - 'default_route_action.0.retry_policy.0.num_retries' - 'default_route_action.0.retry_policy.0.per_try_timeout' properties: - name: 'seconds' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.retry_policy.0.per_try_timeout.0.seconds + - default_route_action.0.retry_policy.0.per_try_timeout.0.nanos + - !ruby/object:Api::Type::Integer + name: 'nanos' +======= - 'default_route_action.0.retry_policy.0.per_try_timeout.0.seconds' - 'default_route_action.0.retry_policy.0.per_try_timeout.0.nanos' - name: 'nanos' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.retry_policy.0.per_try_timeout.0.seconds + - default_route_action.0.retry_policy.0.per_try_timeout.0.nanos + - !ruby/object:Api::Type::NestedObject + name: 'requestMirrorPolicy' +======= - 'default_route_action.0.retry_policy.0.per_try_timeout.0.seconds' - 'default_route_action.0.retry_policy.0.per_try_timeout.0.nanos' - name: 'requestMirrorPolicy' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.weighted_backend_services + - default_route_action.0.url_rewrite + - default_route_action.0.timeout + - default_route_action.0.retry_policy + - default_route_action.0.request_mirror_policy + - default_route_action.0.cors_policy + - default_route_action.0.fault_injection_policy + properties: + - !ruby/object:Api::Type::ResourceRef + name: 'backendService' + resource: 'BackendService' + custom_expand: 'templates/terraform/custom_expand/reference_to_backend.erb' + imports: 'selfLink' + description: | + The full or partial URL to the BackendService resource being mirrored to. + required: true + - !ruby/object:Api::Type::NestedObject + name: 'corsPolicy' +======= - 'default_route_action.0.weighted_backend_services' - 'default_route_action.0.url_rewrite' - 'default_route_action.0.timeout' @@ -2560,10 +4528,23 @@ properties: imports: 'selfLink' - name: 'corsPolicy' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The specification for allowing client side cross-origin requests. Please see [W3C Recommendation for Cross Origin Resource Sharing](https://www.w3.org/TR/cors/) at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.weighted_backend_services + - default_route_action.0.url_rewrite + - default_route_action.0.timeout + - default_route_action.0.retry_policy + - default_route_action.0.request_mirror_policy + - default_route_action.0.cors_policy + - default_route_action.0.fault_injection_policy + properties: + - !ruby/object:Api::Type::Array + name: 'allowOrigins' +======= - 'default_route_action.0.weighted_backend_services' - 'default_route_action.0.url_rewrite' - 'default_route_action.0.timeout' @@ -2574,10 +4555,24 @@ properties: properties: - name: 'allowOrigins' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.cors_policy.0.allow_origins + - default_route_action.0.cors_policy.0.allow_origin_regexes + - default_route_action.0.cors_policy.0.allow_methods + - default_route_action.0.cors_policy.0.allow_headers + - default_route_action.0.cors_policy.0.expose_headers + - default_route_action.0.cors_policy.0.max_age + - default_route_action.0.cors_policy.0.allow_credentials + - default_route_action.0.cors_policy.0.disabled + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'allowOriginRegexes' +======= - 'default_route_action.0.cors_policy.0.allow_origins' - 'default_route_action.0.cors_policy.0.allow_origin_regexes' - 'default_route_action.0.cors_policy.0.allow_methods' @@ -2590,11 +4585,67 @@ properties: type: String - name: 'allowOriginRegexes' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies the regular expression patterns that match allowed origins. For regular expression grammar please see en.cppreference.com/w/cpp/regex/ecmascript An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.cors_policy.0.allow_origins + - default_route_action.0.cors_policy.0.allow_origin_regexes + - default_route_action.0.cors_policy.0.allow_methods + - default_route_action.0.cors_policy.0.allow_headers + - default_route_action.0.cors_policy.0.expose_headers + - default_route_action.0.cors_policy.0.max_age + - default_route_action.0.cors_policy.0.allow_credentials + - default_route_action.0.cors_policy.0.disabled + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'allowMethods' + description: | + Specifies the content for the Access-Control-Allow-Methods header. + at_least_one_of: + - default_route_action.0.cors_policy.0.allow_origins + - default_route_action.0.cors_policy.0.allow_origin_regexes + - default_route_action.0.cors_policy.0.allow_methods + - default_route_action.0.cors_policy.0.allow_headers + - default_route_action.0.cors_policy.0.expose_headers + - default_route_action.0.cors_policy.0.max_age + - default_route_action.0.cors_policy.0.allow_credentials + - default_route_action.0.cors_policy.0.disabled + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'allowHeaders' + description: | + Specifies the content for the Access-Control-Allow-Headers header. + at_least_one_of: + - default_route_action.0.cors_policy.0.allow_origins + - default_route_action.0.cors_policy.0.allow_origin_regexes + - default_route_action.0.cors_policy.0.allow_methods + - default_route_action.0.cors_policy.0.allow_headers + - default_route_action.0.cors_policy.0.expose_headers + - default_route_action.0.cors_policy.0.max_age + - default_route_action.0.cors_policy.0.allow_credentials + - default_route_action.0.cors_policy.0.disabled + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'exposeHeaders' + description: | + Specifies the content for the Access-Control-Expose-Headers header. + at_least_one_of: + - default_route_action.0.cors_policy.0.allow_origins + - default_route_action.0.cors_policy.0.allow_origin_regexes + - default_route_action.0.cors_policy.0.allow_methods + - default_route_action.0.cors_policy.0.allow_headers + - default_route_action.0.cors_policy.0.expose_headers + - default_route_action.0.cors_policy.0.max_age + - default_route_action.0.cors_policy.0.allow_credentials + - default_route_action.0.cors_policy.0.disabled + item_type: Api::Type::String + - !ruby/object:Api::Type::Integer + name: 'maxAge' +======= - 'default_route_action.0.cors_policy.0.allow_origins' - 'default_route_action.0.cors_policy.0.allow_origin_regexes' - 'default_route_action.0.cors_policy.0.allow_methods' @@ -2652,10 +4703,52 @@ properties: type: String - name: 'maxAge' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.cors_policy.0.allow_origins + - default_route_action.0.cors_policy.0.allow_origin_regexes + - default_route_action.0.cors_policy.0.allow_methods + - default_route_action.0.cors_policy.0.allow_headers + - default_route_action.0.cors_policy.0.expose_headers + - default_route_action.0.cors_policy.0.max_age + - default_route_action.0.cors_policy.0.allow_credentials + - default_route_action.0.cors_policy.0.disabled + - !ruby/object:Api::Type::Boolean + name: 'allowCredentials' + description: | + In response to a preflight request, setting this to true indicates that the actual request can include user credentials. + This translates to the Access-Control-Allow-Credentials header. + default_value: false + at_least_one_of: + - default_route_action.0.cors_policy.0.allow_origins + - default_route_action.0.cors_policy.0.allow_origin_regexes + - default_route_action.0.cors_policy.0.allow_methods + - default_route_action.0.cors_policy.0.allow_headers + - default_route_action.0.cors_policy.0.expose_headers + - default_route_action.0.cors_policy.0.max_age + - default_route_action.0.cors_policy.0.allow_credentials + - default_route_action.0.cors_policy.0.disabled + - !ruby/object:Api::Type::Boolean + name: 'disabled' + description: | + If true, specifies the CORS policy is disabled. The default value is false, which indicates that the CORS policy is in effect. + default_value: false + at_least_one_of: + - default_route_action.0.cors_policy.0.allow_origins + - default_route_action.0.cors_policy.0.allow_origin_regexes + - default_route_action.0.cors_policy.0.allow_methods + - default_route_action.0.cors_policy.0.allow_headers + - default_route_action.0.cors_policy.0.expose_headers + - default_route_action.0.cors_policy.0.max_age + - default_route_action.0.cors_policy.0.allow_credentials + - default_route_action.0.cors_policy.0.disabled + - !ruby/object:Api::Type::NestedObject + name: 'faultInjectionPolicy' +======= - 'default_route_action.0.cors_policy.0.allow_origins' - 'default_route_action.0.cors_policy.0.allow_origin_regexes' - 'default_route_action.0.cors_policy.0.allow_methods' @@ -2695,6 +4788,7 @@ properties: default_value: false - name: 'faultInjectionPolicy' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a @@ -2703,6 +4797,34 @@ properties: timeout and retryPolicy will be ignored by clients that are configured with a faultInjectionPolicy. at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.weighted_backend_services + - default_route_action.0.url_rewrite + - default_route_action.0.timeout + - default_route_action.0.retry_policy + - default_route_action.0.request_mirror_policy + - default_route_action.0.cors_policy + - default_route_action.0.fault_injection_policy + properties: + - !ruby/object:Api::Type::NestedObject + name: 'delay' + description: | + The specification for how client requests are delayed as part of fault injection, before being sent to a backend service. + at_least_one_of: + - default_route_action.0.fault_injection_policy.0.delay + - default_route_action.0.fault_injection_policy.0.abort + properties: + - !ruby/object:Api::Type::NestedObject + name: 'fixedDelay' + description: | + Specifies the value of the fixed delay interval. + at_least_one_of: + - default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay + - default_route_action.0.fault_injection_policy.0.delay.0.percentage + properties: + - !ruby/object:Api::Type::String + name: 'seconds' +======= - 'default_route_action.0.weighted_backend_services' - 'default_route_action.0.url_rewrite' - 'default_route_action.0.timeout' @@ -2729,26 +4851,57 @@ properties: properties: - name: 'seconds' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.seconds + - default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.nanos + - !ruby/object:Api::Type::Integer + name: 'nanos' +======= - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.seconds' - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.nanos' - name: 'nanos' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.seconds + - default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.nanos + - !ruby/object:Api::Type::Double + name: 'percentage' +======= - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.seconds' - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.nanos' - name: 'percentage' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive. at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay + - default_route_action.0.fault_injection_policy.0.delay.0.percentage + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.FloatBetween(0, 100)' + - !ruby/object:Api::Type::NestedObject + name: 'abort' + description: | + The specification for how client requests are aborted as part of fault injection. + at_least_one_of: + - default_route_action.0.fault_injection_policy.0.delay + - default_route_action.0.fault_injection_policy.0.abort + properties: + - !ruby/object:Api::Type::Integer + name: 'httpStatus' +======= - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay' - 'default_route_action.0.fault_injection_policy.0.delay.0.percentage' validation: @@ -2763,21 +4916,37 @@ properties: properties: - name: 'httpStatus' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.fault_injection_policy.0.abort.0.http_status + - default_route_action.0.fault_injection_policy.0.abort.0.percentage + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.IntBetween(200, 599)' + - !ruby/object:Api::Type::Double + name: 'percentage' +======= - 'default_route_action.0.fault_injection_policy.0.abort.0.http_status' - 'default_route_action.0.fault_injection_policy.0.abort.0.percentage' validation: function: 'validation.IntBetween(200, 599)' - name: 'percentage' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive. at_least_one_of: +<<<<<<< HEAD + - default_route_action.0.fault_injection_policy.0.abort.0.http_status + - default_route_action.0.fault_injection_policy.0.abort.0.percentage + validation: !ruby/object:Provider::Terraform::Validation +======= - 'default_route_action.0.fault_injection_policy.0.abort.0.http_status' - 'default_route_action.0.fault_injection_policy.0.abort.0.percentage' validation: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 function: 'validation.FloatBetween(0, 100)' diff --git a/mmv1/products/compute/VpnGateway.yaml b/mmv1/products/compute/VpnGateway.yaml index 6b3996e130e0..678fb1723b0a 100644 --- a/mmv1/products/compute/VpnGateway.yaml +++ b/mmv1/products/compute/VpnGateway.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,45 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'VpnGateway' +kind: 'compute#targetVpnGateway' +base_url: projects/{{project}}/regions/{{region}}/targetVpnGateways +collection_url_key: 'items' +immutable: true +has_self_link: true +description: | + Represents a VPN gateway running in GCP. This virtual device is managed + by Google, but used only by you. +references: !ruby/object:Api::Resource::ReferenceLinks + api: https://cloud.google.com/compute/docs/reference/rest/v1/targetVpnGateways +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +docs: !ruby/object:Provider::Terraform::Docs + warning: | + Classic VPN is deprecating certain functionality on October 31, 2021. For more information, + see the [Classic VPN partial deprecation page](https://cloud.google.com/network-connectivity/docs/vpn/deprecations/classic-vpn-deprecation). +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'target_vpn_gateway_basic' +======= --- name: 'VpnGateway' kind: 'compute#targetVpnGateway' @@ -49,6 +92,7 @@ collection_url_key: 'items' custom_code: examples: - name: 'target_vpn_gateway_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'target_gateway' vars: target_vpn_gateway_name: 'vpn-1' @@ -60,12 +104,34 @@ examples: vpn_tunnel_name: 'tunnel1' route_name: 'route1' parameters: +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: 'region' + resource: 'Region' + imports: 'name' +======= - name: 'region' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The region this gateway should sit in. required: false default_from_api: true +<<<<<<< HEAD + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::String + name: 'description' + description: 'An optional description of this resource.' + immutable: true + - !ruby/object:Api::Type::String + name: 'name' +======= custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Region' @@ -81,6 +147,7 @@ properties: immutable: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -91,6 +158,22 @@ properties: character, which cannot be a dash. required: true immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'gateway_id' + api_name: 'id' + description: 'The unique identifier for the resource.' + output: true + - !ruby/object:Api::Type::ResourceRef + name: 'network' + resource: 'Network' + imports: 'selfLink' + description: | + The network this VPN gateway is accepting traffic for. + required: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + immutable: true +======= - name: 'gateway_id' type: Integer description: 'The unique identifier for the resource.' @@ -105,3 +188,4 @@ properties: custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Network' imports: 'selfLink' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/VpnTunnel.yaml b/mmv1/products/compute/VpnTunnel.yaml index 3ea736cda072..0b7f4c02d6cd 100644 --- a/mmv1/products/compute/VpnTunnel.yaml +++ b/mmv1/products/compute/VpnTunnel.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,15 +15,50 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'VpnTunnel' +kind: 'compute#vpnTunnel' +description: 'VPN tunnel resource.' +immutable: true +base_url: projects/{{project}}/regions/{{region}}/vpnTunnels +collection_url_key: 'items' +has_self_link: true +references: !ruby/object:Api::Resource::ReferenceLinks +======= --- name: 'VpnTunnel' kind: 'compute#vpnTunnel' description: 'VPN tunnel resource.' references: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 guides: 'Cloud VPN Overview': 'https://cloud.google.com/vpn/docs/concepts/overview' 'Networks and Tunnel Routing': 'https://cloud.google.com/vpn/docs/concepts/choosing-networks-routing' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/vpnTunnels' +<<<<<<< HEAD +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'compute#operation' + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'vpn_tunnel_basic' +======= docs: base_url: 'projects/{{project}}/regions/{{region}}/vpnTunnels' has_self_link: true @@ -49,6 +88,7 @@ custom_code: post_create: 'templates/terraform/post_create/labels.tmpl' examples: - name: 'vpn_tunnel_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'tunnel1' vars: vpn_tunnel_name: 'tunnel-1' @@ -58,15 +98,47 @@ examples: esp_forwarding_rule_name: 'fr-esp' udp500_forwarding_rule_name: 'fr-udp500' udp4500_forwarding_rule_name: 'fr-udp4500' +<<<<<<< HEAD + route_name: + 'route1' +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: templates/terraform/constants/vpn_tunnel.erb + encoder: templates/terraform/encoders/vpn_tunnel.go.erb + post_create: templates/terraform/post_create/labels.erb +parameters: + - !ruby/object:Api::Type::ResourceRef + name: 'region' + resource: 'Region' + imports: 'name' +======= route_name: 'route1' parameters: - name: 'region' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: 'The region where the tunnel is located. If unset, is set to the region of `target_vpn_gateway`.' required: false default_from_api: true +<<<<<<< HEAD + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' +properties: + - !ruby/object:Api::Type::String + name: 'tunnel_id' + api_name: 'id' + description: + 'The unique identifier for the resource. This identifier is defined by the + server.' + output: true + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::String + name: 'name' +======= custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Region' @@ -85,6 +157,7 @@ properties: output: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 @@ -94,6 +167,24 @@ properties: be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'description' + description: | + An optional description of this resource. + immutable: true + - !ruby/object:Api::Type::ResourceRef + name: 'targetVpnGateway' + description: | + URL of the Target VPN gateway with which this VPN tunnel is + associated. + resource: 'VpnGateway' + imports: 'selfLink' + immutable: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::ResourceRef + name: 'vpnGateway' +======= - name: 'description' type: String description: | @@ -110,20 +201,51 @@ properties: imports: 'selfLink' - name: 'vpnGateway' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | URL of the VPN gateway with which this VPN tunnel is associated. This must be used if a High Availability VPN gateway resource is created. This field must reference a `google_compute_ha_vpn_gateway` resource. +<<<<<<< HEAD + resource: 'HaVpnGateway' + imports: 'selfLink' + immutable: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Integer + name: 'vpnGatewayInterface' +======= immutable: true custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'HaVpnGateway' imports: 'selfLink' - name: 'vpnGatewayInterface' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The interface ID of the VPN gateway with which this VPN tunnel is associated. immutable: true send_empty_value: true +<<<<<<< HEAD + - !ruby/object:Api::Type::ResourceRef + name: 'peerExternalGateway' + resource: 'ExternalVpnGateway' + imports: 'selfLink' + immutable: true + conflicts: + - peer_gcp_gateway + description: | + URL of the peer side external VPN gateway to which this VPN tunnel is connected. + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Integer + name: 'peerExternalGatewayInterface' + description: | + The interface ID of the external VPN gateway to which this VPN tunnel is connected. + send_empty_value: true + - !ruby/object:Api::Type::ResourceRef + name: 'peerGcpGateway' + conflicts: + - peer_external_gateway +======= - name: 'peerExternalGateway' type: ResourceRef description: | @@ -141,11 +263,34 @@ properties: send_empty_value: true - name: 'peerGcpGateway' type: ResourceRef +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | URL of the peer side HA GCP VPN gateway to which this VPN tunnel is connected. If provided, the VPN tunnel will automatically use the same vpn_gateway_interface ID in the peer GCP VPN gateway. This field must reference a `google_compute_ha_vpn_gateway` resource. +<<<<<<< HEAD + resource: 'HaVpnGateway' + imports: 'selfLink' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::ResourceRef + name: 'router' + description: | + URL of router resource to be used for dynamic routing. + resource: 'Router' + imports: 'selfLink' + immutable: true + custom_expand: 'templates/terraform/custom_expand/compute_full_url.erb' + - !ruby/object:Api::Type::String + name: 'peerIp' + description: | + IP address of the peer VPN gateway. Only IPv4 is supported. + validation: !ruby/object:Provider::Terraform::Validation + function: 'validatePeerAddr' + default_from_api: true + - !ruby/object:Api::Type::String + name: 'sharedSecret' +======= conflicts: - peer_external_gateway custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' @@ -168,10 +313,22 @@ properties: function: 'validatePeerAddr' - name: 'sharedSecret' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway. required: true +<<<<<<< HEAD + sensitive: true + ignore_read: true + - !ruby/object:Api::Type::String + name: 'sharedSecretHash' + description: | + Hash of the shared secret. + output: true + - !ruby/object:Api::Type::Integer + name: 'ikeVersion' +======= ignore_read: true sensitive: true - name: 'sharedSecretHash' @@ -181,13 +338,19 @@ properties: output: true - name: 'ikeVersion' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | IKE protocol version to use when establishing the VPN tunnel with peer VPN gateway. Acceptable IKE versions are 1 or 2. Default version is 2. default_value: 2 +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'localTrafficSelector' +======= - name: 'localTrafficSelector' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Local traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, @@ -195,10 +358,16 @@ properties: Only IPv4 is supported. is_set: true default_from_api: true +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'remoteTrafficSelector' +======= item_type: type: String - name: 'remoteTrafficSelector' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Remote traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, @@ -206,6 +375,25 @@ properties: Only IPv4 is supported. is_set: true default_from_api: true +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: Labels to apply to this VpnTunnel. + update_verb: :POST + update_url: 'projects/{{project}}/regions/{{region}}/vpnTunnels/{{name}}/setLabels' + - !ruby/object:Api::Type::Fingerprint + name: 'labelFingerprint' + description: | + The fingerprint used for optimistic locking of this resource. Used + internally during updates. + update_url: 'projects/{{project}}/regions/{{region}}/vpnTunnels/{{name}}/setLabels' + update_verb: :POST + - !ruby/object:Api::Type::String + name: 'detailedStatus' + output: true + description: 'Detailed status message for the VPN tunnel.' +======= item_type: type: String - name: 'labels' @@ -226,3 +414,4 @@ properties: type: String description: 'Detailed status message for the VPN tunnel.' output: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/Zone.yaml b/mmv1/products/compute/Zone.yaml index 34004e805885..648892fa9589 100644 --- a/mmv1/products/compute/Zone.yaml +++ b/mmv1/products/compute/Zone.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,29 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Zone' +kind: 'compute#zone' +base_url: projects/{{project}}/zones +collection_url_key: 'items' +has_self_link: true +readonly: true +description: 'Represents a Zone resource.' +# Used as a resource reference +exclude: true +properties: + - !ruby/object:Api::Type::Time + name: 'creationTimestamp' + description: 'Creation timestamp in RFC3339 text format.' + output: true + - !ruby/object:Api::Type::NestedObject + name: 'deprecated' + description: 'The deprecation status associated with this machine type.' + properties: + - !ruby/object:Api::Type::Time + name: 'deleted' +======= --- name: 'Zone' kind: 'compute#zone' @@ -40,37 +67,58 @@ properties: properties: - name: 'deleted' type: Time +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DELETED. This is only informational and the status will not change unless the client explicitly changes it. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Time + name: 'deprecated' +======= - name: 'deprecated' type: Time +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DEPRECATED. This is only informational and the status will not change unless the client explicitly changes it. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Time + name: 'obsolete' +======= - name: 'obsolete' type: Time +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | An optional RFC3339 timestamp on or after which the state of this resource is intended to change to OBSOLETE. This is only informational and the status will not change unless the client explicitly changes it. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'replacement' +======= - name: 'replacement' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The URL of the suggested replacement for a deprecated resource. The suggested replacement resource must be the same kind of resource as the deprecated resource. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'state' +======= - name: 'state' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The deprecation state of this resource. This can be DEPRECATED, OBSOLETE, or DELETED. Operations which create a new resource @@ -78,6 +126,44 @@ properties: warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error. +<<<<<<< HEAD + values: + - :DEPRECATED + - :OBSOLETE + - :DELETED + output: true + output: true + - !ruby/object:Api::Type::String + name: 'description' + description: 'An optional textual description of the resource.' + output: true + - !ruby/object:Api::Type::Integer + name: 'id' + description: 'The unique identifier for the resource.' + output: true + - !ruby/object:Api::Type::String + name: 'name' + description: 'Name of the resource.' + - !ruby/object:Api::Type::ResourceRef + name: 'region' + resource: 'Region' + imports: 'selfLink' + description: 'The region where the zone is located.' + output: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + - !ruby/object:Api::Type::Enum + name: 'status' + description: 'The status of the zone.' + values: + - :UP + - :DOWN + output: true + - !ruby/object:Api::Type::Array + name: 'availableCpuPlatforms' + description: 'The available CPU platforms in this zone' + item_type: Api::Type::String + output: true +======= output: true enum_values: - 'DEPRECATED' @@ -114,3 +200,4 @@ properties: output: true item_type: type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/compute/go_Address.yaml b/mmv1/products/compute/go_Address.yaml new file mode 100644 index 000000000000..76623c07133a --- /dev/null +++ b/mmv1/products/compute/go_Address.yaml @@ -0,0 +1,238 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Address' +kind: 'compute#address' +description: | + Represents an Address resource. + + Each virtual machine instance has an ephemeral internal IP address and, + optionally, an external IP address. To communicate between instances on + the same network, you can use an instance's internal IP address. To + communicate with the Internet and instances outside of the same network, + you must specify the instance's external IP address. + + Internal IP addresses are ephemeral and only belong to an instance for + the lifetime of the instance; if the instance is deleted and recreated, + the instance is assigned a new internal IP address, either by Compute + Engine or by you. External IP addresses can be either ephemeral or + static. +references: + guides: + 'Reserving a Static External IP Address': 'https://cloud.google.com/compute/docs/instances-and-network' + 'Reserving a Static Internal IP Address': 'https://cloud.google.com/compute/docs/ip-addresses/reserve-static-internal-ip-address' + api: 'https://cloud.google.com/compute/docs/reference/beta/addresses' +docs: +base_url: 'projects/{{project}}/regions/{{region}}/addresses' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: + post_create: 'templates/terraform/post_create/go/labels.tmpl' +examples: + - name: 'address_basic' + primary_resource_id: 'ip_address' + vars: + address_name: 'my-address' + - name: 'address_with_subnetwork' + primary_resource_id: 'internal_with_subnet_and_address' + vars: + address_name: 'my-internal-address' + network_name: 'my-network' + subnetwork_name: 'my-subnet' + - name: 'address_with_gce_endpoint' + primary_resource_id: 'internal_with_gce_endpoint' + vars: + address_name: 'my-internal-address-' + - name: 'address_with_shared_loadbalancer_vip' + primary_resource_id: 'internal_with_shared_loadbalancer_vip' + vars: + address_name: 'my-internal-address' + # It is almost identical to internal_with_gce_endpoint + exclude_docs: true + # TODO(rileykarson): Remove this example when instance is supported + - name: 'instance_with_ip' + primary_resource_id: 'static' + vars: + address_name: 'ipv4-address' + instance_name: 'vm-instance' + - name: 'compute_address_ipsec_interconnect' + primary_resource_id: 'ipsec-interconnect-address' + vars: + address_name: 'test-address' + network_name: 'test-network' +parameters: + - name: 'region' + type: ResourceRef + description: | + The Region in which the created address should reside. + If it is not provided, the provider region is used. + required: false + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' +properties: + - name: 'address' + type: String + description: | + The static external IP address represented by this resource. + The IP address must be inside the specified subnetwork, + if any. Set by the API if undefined. + default_from_api: true + - name: 'addressType' + type: Enum + description: | + The type of address to reserve. + Note: if you set this argument's value as `INTERNAL` you need to leave the `network_tier` argument unset in that resource block. + custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' + default_value: "EXTERNAL" + enum_values: + - 'INTERNAL' + - 'EXTERNAL' + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'description' + type: String + description: 'An optional description of this resource.' + - name: 'name' + type: String + description: | + Name of the resource. The name must be 1-63 characters long, and + comply with RFC1035. Specifically, the name must be 1-63 characters + long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` + which means the first character must be a lowercase letter, and all + following characters must be a dash, lowercase letter, or digit, + except the last character, which cannot be a dash. + required: true + validation: + regex: '^(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?)$' + - name: 'purpose' + type: String + description: | + The purpose of this resource, which can be one of the following values. + + * GCE_ENDPOINT for addresses that are used by VM instances, alias IP + ranges, load balancers, and similar resources. + + * SHARED_LOADBALANCER_VIP for an address that can be used by multiple + internal load balancers. + + * VPC_PEERING for addresses that are reserved for VPC peer networks. + + * IPSEC_INTERCONNECT for addresses created from a private IP range that + are reserved for a VLAN attachment in an HA VPN over Cloud Interconnect + configuration. These addresses are regional resources. + + * PRIVATE_SERVICE_CONNECT for a private network address that is used to + configure Private Service Connect. Only global internal addresses can use + this purpose. + + This should only be set when using an Internal address. + default_from_api: true + - name: 'networkTier' + type: Enum + description: | + The networking tier used for configuring this address. If this field is not + specified, it is assumed to be PREMIUM. + This argument should not be used when configuring Internal addresses, because [network tier cannot be set for internal traffic; it's always Premium](https://cloud.google.com/network-tiers/docs/overview). + default_from_api: true + enum_values: + - 'PREMIUM' + - 'STANDARD' + - name: 'subnetwork' + type: ResourceRef + description: | + The URL of the subnetwork in which to reserve the address. If an IP + address is specified, it must be within the subnetwork's IP range. + This field can only be used with INTERNAL type with + GCE_ENDPOINT/DNS_RESOLVER purposes. + default_from_api: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Subnetwork' + imports: 'selfLink' + - name: 'users' + type: Array + description: 'The URLs of the resources that are using this address.' + output: true + item_type: + type: String + - name: 'labels' + type: KeyValueLabels + description: | + Labels to apply to this address. A list of key->value pairs. + update_url: 'projects/{{project}}/regions/{{region}}/addresses/{{name}}/setLabels' + update_verb: 'POST' + - name: 'labelFingerprint' + type: Fingerprint + description: | + The fingerprint used for optimistic locking of this resource. Used + internally during updates. + output: true + update_url: 'projects/{{project}}/regions/{{region}}/addresses/{{name}}/setLabels' + update_verb: 'POST' + key_expander: '' + - name: 'network' + type: ResourceRef + description: | + The URL of the network in which to reserve the address. This field + can only be used with INTERNAL type with the VPC_PEERING and + IPSEC_INTERCONNECT purposes. + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Network' + imports: 'selfLink' + - name: 'prefixLength' + type: Integer + description: | + The prefix length if the resource represents an IP range. + default_from_api: true + - name: 'ipVersion' + type: Enum + description: | + The IP Version that will be used by this address. The default value is `IPV4`. + diff_suppress_func: 'tpgresource.EmptyOrDefaultStringSuppress("IPV4")' + enum_values: + - 'IPV4' + - 'IPV6' + - name: 'ipv6EndpointType' + type: Enum + description: | + The endpoint type of this address, which should be VM or NETLB. This is + used for deciding which type of endpoint this address can be used after + the external IPv6 address reservation. + enum_values: + - 'VM' + - 'NETLB' diff --git a/mmv1/products/compute/go_Autoscaler.yaml b/mmv1/products/compute/go_Autoscaler.yaml new file mode 100644 index 000000000000..d96fe082bf7c --- /dev/null +++ b/mmv1/products/compute/go_Autoscaler.yaml @@ -0,0 +1,431 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Autoscaler' +kind: 'compute#autoscaler' +description: | + Represents an Autoscaler resource. + + Autoscalers allow you to automatically scale virtual machine instances in + managed instance groups according to an autoscaling policy that you + define. +references: + guides: + 'Autoscaling Groups of Instances': 'https://cloud.google.com/compute/docs/autoscaler/' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/autoscalers' +docs: +base_url: 'projects/{{project}}/zones/{{zone}}/autoscalers' +has_self_link: true +update_url: 'projects/{{project}}/zones/{{zone}}/autoscalers?autoscaler={{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: +examples: + - name: 'autoscaler_single_instance' + primary_resource_id: 'default' + min_version: 'beta' + vars: + autoscaler_name: 'my-autoscaler' + instance_template_name: 'my-instance-template' + target_pool_name: 'my-target-pool' + igm_name: 'my-igm' + # Add test_vars_overrides and oics_vars_overrides to fix the failing test, + # which is caused by upgradting terraform-plugin-sdk to 2.24.0. + provider_name: 'google-beta' + provider_alias: '' + test_vars_overrides: + 'provider_name': '"google-beta.us-central1"' + 'provider_alias': '"alias = \"us-central1\""' + oics_vars_overrides: + 'provider_name': 'google-beta' + 'provider_alias': '' + - name: 'autoscaler_basic' + primary_resource_id: 'foobar' + vars: + autoscaler_name: 'my-autoscaler' + instance_template_name: 'my-instance-template' + target_pool_name: 'my-target-pool' + igm_name: 'my-igm' +parameters: + - name: 'zone' + type: ResourceRef + description: | + URL of the zone where the instance group resides. + required: false + immutable: true + ignore_read: true + default_from_api: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Zone' + imports: 'name' +properties: + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'name' + type: String + description: | + Name of the resource. The name must be 1-63 characters long and match + the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the + first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the last + character, which cannot be a dash. + required: true + immutable: true + validation: + function: 'verify.ValidateGCEName' + - name: 'description' + type: String + description: | + An optional description of this resource. + - name: 'autoscalingPolicy' + type: NestedObject + description: | + The configuration parameters for the autoscaling algorithm. You can + define one or more of the policies for an autoscaler: cpuUtilization, + customMetricUtilizations, and loadBalancingUtilization. + + If none of these are specified, the default will be to autoscale based + on cpuUtilization to 0.6 or 60%. + required: true + properties: + - name: 'minReplicas' + type: Integer + description: | + The minimum number of replicas that the autoscaler can scale down + to. This cannot be less than 0. If not provided, autoscaler will + choose a default value depending on maximum number of instances + allowed. + api_name: minNumReplicas + required: true + send_empty_value: true + - name: 'maxReplicas' + type: Integer + description: | + The maximum number of instances that the autoscaler can scale up + to. This is required when creating or updating an autoscaler. The + maximum number of replicas should not be lower than minimal number + of replicas. + api_name: maxNumReplicas + required: true + send_empty_value: true + - name: 'cooldownPeriod' + type: Integer + description: | + The number of seconds that the autoscaler should wait before it + starts collecting information from a new instance. This prevents + the autoscaler from collecting information when the instance is + initializing, during which the collected usage would not be + reliable. The default time autoscaler waits is 60 seconds. + + Virtual machine initialization times might vary because of + numerous factors. We recommend that you test how long an + instance may take to initialize. To do this, create an instance + and time the startup process. + api_name: coolDownPeriodSec + default_value: 60 + - name: 'mode' + type: String + description: | + Defines operating mode for this policy. + default_value: "ON" + - name: 'scaleDownControl' + type: NestedObject + description: | + Defines scale down controls to reduce the risk of response latency + and outages due to abrupt scale-in events + min_version: 'beta' + required: false + default_from_api: true + properties: + - name: 'maxScaledDownReplicas' + type: NestedObject + at_least_one_of: + - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas' + - 'autoscaling_policy.0.scale_down_control.0.time_window_sec' + properties: + - name: 'fixed' + type: Integer + description: | + Specifies a fixed number of VM instances. This must be a positive + integer. + at_least_one_of: + - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.fixed' + - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.percent' + - name: 'percent' + type: Integer + description: | + Specifies a percentage of instances between 0 to 100%, inclusive. + For example, specify 80 for 80%. + at_least_one_of: + - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.fixed' + - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.percent' + - name: 'timeWindowSec' + type: Integer + description: | + How long back autoscaling should look when computing recommendations + to include directives regarding slower scale down, as described above. + at_least_one_of: + - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas' + - 'autoscaling_policy.0.scale_down_control.0.time_window_sec' + - name: 'scaleInControl' + type: NestedObject + description: | + Defines scale in controls to reduce the risk of response latency + and outages due to abrupt scale-in events + properties: + - name: 'maxScaledInReplicas' + type: NestedObject + at_least_one_of: + - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas' + - 'autoscaling_policy.0.scale_in_control.0.time_window_sec' + properties: + - name: 'fixed' + type: Integer + description: | + Specifies a fixed number of VM instances. This must be a positive + integer. + at_least_one_of: + - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.fixed' + - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.percent' + - name: 'percent' + type: Integer + description: | + Specifies a percentage of instances between 0 to 100%, inclusive. + For example, specify 80 for 80%. + at_least_one_of: + - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.fixed' + - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.percent' + - name: 'timeWindowSec' + type: Integer + description: | + How long back autoscaling should look when computing recommendations + to include directives regarding slower scale down, as described above. + at_least_one_of: + - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas' + - 'autoscaling_policy.0.scale_in_control.0.time_window_sec' + - name: 'cpuUtilization' + type: NestedObject + description: | + Defines the CPU utilization policy that allows the autoscaler to + scale based on the average CPU utilization of a managed instance + group. + default_from_api: true + properties: + - name: 'target' + type: Double + description: | + The target CPU utilization that the autoscaler should maintain. + Must be a float value in the range (0, 1]. If not specified, the + default is 0.6. + + If the CPU level is below the target utilization, the autoscaler + scales down the number of instances until it reaches the minimum + number of instances you specified or until the average CPU of + your instances reaches the target utilization. + + If the average CPU is above the target utilization, the autoscaler + scales up until it reaches the maximum number of instances you + specified or until the average utilization reaches the target + utilization. + api_name: utilizationTarget + required: true + - name: 'predictiveMethod' + type: String + description: | + Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: + + - NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. + + - OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand. + custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' + default_value: "NONE" + - name: 'metric' + type: Array + description: | + Configuration parameters of autoscaling based on a custom metric. + api_name: customMetricUtilizations + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + The identifier (type) of the Stackdriver Monitoring metric. + The metric cannot have negative values. + + The metric must have a value type of INT64 or DOUBLE. + api_name: metric + required: true + - name: 'singleInstanceAssignment' + type: Double + description: | + If scaling is based on a per-group metric value that represents the + total amount of work to be done or resource usage, set this value to + an amount assigned for a single instance of the scaled group. + The autoscaler will keep the number of instances proportional to the + value of this metric, the metric itself should not change value due + to group resizing. + + For example, a good metric to use with the target is + `pubsub.googleapis.com/subscription/num_undelivered_messages` + or a custom metric exporting the total number of requests coming to + your instances. + + A bad example would be a metric exporting an average or median + latency, since this value can't include a chunk assignable to a + single instance, it could be better used with utilization_target + instead. + min_version: 'beta' + - name: 'target' + type: Double + description: | + The target value of the metric that autoscaler should + maintain. This must be a positive value. A utilization + metric scales number of virtual machines handling requests + to increase or decrease proportionally to the metric. + + For example, a good metric to use as a utilizationTarget is + www.googleapis.com/compute/instance/network/received_bytes_count. + The autoscaler will work to keep this value constant for each + of the instances. + api_name: utilizationTarget + - name: 'type' + type: Enum + description: | + Defines how target utilization value is expressed for a + Stackdriver Monitoring metric. + api_name: utilizationTargetType + enum_values: + - 'GAUGE' + - 'DELTA_PER_SECOND' + - 'DELTA_PER_MINUTE' + - name: 'filter' + type: String + description: | + A filter string to be used as the filter string for + a Stackdriver Monitoring TimeSeries.list API call. + This filter is used to select a specific TimeSeries for + the purpose of autoscaling and to determine whether the metric + is exporting per-instance or per-group data. + + You can only use the AND operator for joining selectors. + You can only use direct equality comparison operator (=) without + any functions for each selector. + You can specify the metric in both the filter string and in the + metric field. However, if specified in both places, the metric must + be identical. + + The monitored resource type determines what kind of values are + expected for the metric. If it is a gce_instance, the autoscaler + expects the metric to include a separate TimeSeries for each + instance in a group. In such a case, you cannot filter on resource + labels. + + If the resource type is any other value, the autoscaler expects + this metric to contain values that apply to the entire autoscaled + instance group and resource label filtering can be performed to + point autoscaler at the correct TimeSeries to scale upon. + This is called a per-group metric for the purpose of autoscaling. + + If not specified, the type defaults to gce_instance. + + You should provide a filter that is selective enough to pick just + one TimeSeries for the autoscaled group or for each of the instances + (if you are using gce_instance resource type). If multiple + TimeSeries are returned upon the query execution, the autoscaler + will sum their respective values to obtain its scaling value. + min_version: 'beta' + default_value: "resource.type = gce_instance" + - name: 'loadBalancingUtilization' + type: NestedObject + description: | + Configuration parameters of autoscaling based on a load balancer. + properties: + - name: 'target' + type: Double + description: | + Fraction of backend capacity utilization (set in HTTP(s) load + balancing configuration) that autoscaler should maintain. Must + be a positive float value. If not defined, the default is 0.8. + api_name: utilizationTarget + required: true + - name: 'scalingSchedules' + type: Map + description: | + Scaling schedules defined for an autoscaler. Multiple schedules can be set on an autoscaler and they can overlap. + key_name: 'name' + key_description: | + A name for the schedule. + value_type: + name: scalingSchedule + type: NestedObject + properties: + - name: 'minRequiredReplicas' + type: Integer + description: | + Minimum number of VM instances that autoscaler will recommend in time intervals starting according to schedule. + required: true + send_empty_value: true + - name: 'schedule' + type: String + description: | + The start timestamps of time intervals when this scaling schedule should provide a scaling signal. This field uses the extended cron format (with an optional year field). + required: true + - name: 'timeZone' + type: String + description: | + The time zone to be used when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. + default_value: "UTC" + - name: 'durationSec' + type: Integer + description: | + The duration of time intervals (in seconds) for which this scaling schedule will be running. The minimum allowed value is 300. + required: true + - name: 'disabled' + type: Boolean + description: | + A boolean value that specifies if a scaling schedule can influence autoscaler recommendations. If set to true, then a scaling schedule has no effect. + default_value: false + - name: 'description' + type: String + description: | + A description of a scaling schedule. + - name: 'target' + type: ResourceRef + description: | + URL of the managed instance group that this autoscaler will scale. + required: true + custom_expand: 'templates/terraform/custom_expand/go/compute_full_url.tmpl' + resource: 'InstanceGroupManager' + imports: 'selfLink' diff --git a/mmv1/products/compute/go_BackendBucket.yaml b/mmv1/products/compute/go_BackendBucket.yaml new file mode 100644 index 000000000000..0baae8173828 --- /dev/null +++ b/mmv1/products/compute/go_BackendBucket.yaml @@ -0,0 +1,283 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'BackendBucket' +kind: 'compute#backendBucket' +description: | + Backend buckets allow you to use Google Cloud Storage buckets with HTTP(S) + load balancing. + + An HTTP(S) load balancer can direct traffic to specified URLs to a + backend bucket rather than a backend service. It can send requests for + static content to a Cloud Storage bucket and requests for dynamic content + to a virtual machine instance. +references: + guides: + 'Using a Cloud Storage bucket as a load balancer backend': 'https://cloud.google.com/compute/docs/load-balancing/http/backend-bucket' + api: 'https://cloud.google.com/compute/docs/reference/v1/backendBuckets' +docs: +base_url: 'projects/{{project}}/global/backendBuckets' +has_self_link: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +iam_policy: + parent_resource_attribute: 'name' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/global/backendBuckets/{{name}}' + - '{{name}}' + min_version: 'beta' +custom_code: + encoder: 'templates/terraform/encoders/go/compute_backend_bucket.go.tmpl' + post_create: 'templates/terraform/post_create/go/compute_backend_bucket_security_policy.go.tmpl' + post_update: 'templates/terraform/post_create/go/compute_backend_bucket_security_policy.go.tmpl' +examples: + - name: 'backend_bucket_basic' + primary_resource_id: 'image_backend' + primary_resource_name: 'fmt.Sprintf("tf-test-image-backend-bucket%s", context["random_suffix"])' + vars: + backend_bucket_name: 'image-backend-bucket' + bucket_name: 'image-store-bucket' + - name: 'backend_bucket_full' + primary_resource_id: 'image_backend_full' + vars: + backend_bucket_name: 'image-backend-bucket-full' + bucket_name: 'image-store-bucket-full' + exclude_docs: true + - name: 'backend_bucket_security_policy' + primary_resource_id: 'image_backend' + vars: + backend_bucket_name: 'image-backend-bucket' + bucket_name: 'image-store-bucket' + - name: 'backend_bucket_query_string_whitelist' + primary_resource_id: 'image_backend' + vars: + backend_bucket_name: 'image-backend-bucket' + - name: 'backend_bucket_include_http_headers' + primary_resource_id: 'image_backend' + vars: + backend_bucket_name: 'image-backend-bucket' + - name: 'external_cdn_lb_with_backend_bucket' + primary_resource_id: 'default' + vars: + my_bucket: 'my-bucket' + index_page: 'index-page' + 404_page: '404-page' + test_object: 'test-object' + example_ip: 'example-ip' + http_lb_forwarding_rule: 'http-lb-forwarding-rule' + http_lb_proxy: 'http-lb-proxy' + http_lb: 'http-lb' + cat_backend_bucket: 'cat-backend-bucket' + exclude_docs: true + - name: 'backend_bucket_bypass_cache' + primary_resource_id: 'image_backend' + vars: + backend_bucket_name: 'image-backend-bucket' + bucket_name: 'image-store-bucket' + exclude_docs: true + - name: 'backend_bucket_coalescing' + primary_resource_id: 'image_backend' + vars: + backend_bucket_name: 'image-backend-bucket' + bucket_name: 'image-store-bucket' + exclude_docs: true +parameters: +properties: + - name: 'bucketName' + type: String + description: 'Cloud Storage bucket name.' + required: true + - name: 'cdnPolicy' + type: NestedObject + description: 'Cloud CDN configuration for this Backend Bucket.' + default_from_api: true + properties: + - name: 'cacheKeyPolicy' + type: NestedObject + description: 'The CacheKeyPolicy for this CdnPolicy.' + properties: + - name: 'queryStringWhitelist' + type: Array + description: | + Names of query string parameters to include in cache keys. + Default parameters are always included. '&' and '=' will + be percent encoded and not treated as delimiters. + send_empty_value: true + at_least_one_of: + - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' + - 'cdn_policy.0.cache_key_policy.0.include_http_headers' + item_type: + type: String + - name: 'includeHttpHeaders' + type: Array + description: | + Allows HTTP request headers (by name) to be used in the + cache key. + send_empty_value: true + at_least_one_of: + - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' + - 'cdn_policy.0.cache_key_policy.0.include_http_headers' + item_type: + type: String + - name: 'signedUrlCacheMaxAgeSec' + type: Integer + description: | + Maximum number of seconds the response to a signed URL request will + be considered fresh. After this time period, + the response will be revalidated before being served. + When serving responses to signed URL requests, + Cloud CDN will internally behave as though + all responses from this backend had a "Cache-Control: public, + max-age=[TTL]" header, regardless of any existing Cache-Control + header. The actual headers served in responses will not be altered. + send_empty_value: true + - name: 'defaultTtl' + type: Integer + description: | + Specifies the default TTL for cached content served by this origin for responses + that do not have an existing valid TTL (max-age or s-max-age). + default_from_api: true + send_empty_value: true + - name: 'maxTtl' + type: Integer + description: | + Specifies the maximum allowed TTL for cached content served by this origin. + default_from_api: true + - name: 'clientTtl' + type: Integer + description: | + Specifies the maximum allowed TTL for cached content served by this origin. + default_from_api: true + send_empty_value: true + - name: 'negativeCaching' + type: Boolean + description: | + Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. + default_from_api: true + send_empty_value: true + - name: 'negativeCachingPolicy' + type: Array + description: | + Sets a cache TTL for the specified HTTP status code. negativeCaching must be enabled to configure negativeCachingPolicy. + Omitting the policy and leaving negativeCaching enabled will use Cloud CDN's default cache TTLs. + item_type: + type: NestedObject + properties: + - name: 'code' + type: Integer + description: | + The HTTP status code to define a TTL against. Only HTTP status codes 300, 301, 308, 404, 405, 410, 421, 451 and 501 + can be specified as values, and you cannot specify a status code more than once. + - name: 'ttl' + type: Integer + description: | + The TTL (in seconds) for which to cache responses with the corresponding status code. The maximum allowed value is 1800s + (30 minutes), noting that infrequently accessed objects may be evicted from the cache before the defined TTL. + send_empty_value: true + - name: 'cacheMode' + type: Enum + description: | + Specifies the cache setting for all responses from this backend. + The possible values are: USE_ORIGIN_HEADERS, FORCE_CACHE_ALL and CACHE_ALL_STATIC + default_from_api: true + enum_values: + - 'USE_ORIGIN_HEADERS' + - 'FORCE_CACHE_ALL' + - 'CACHE_ALL_STATIC' + - name: 'serveWhileStale' + type: Integer + description: | + Serve existing content from the cache (if available) when revalidating content with the origin, or when an error is encountered when refreshing the cache. + default_from_api: true + send_empty_value: true + - name: 'requestCoalescing' + type: Boolean + description: | + If true then Cloud CDN will combine multiple concurrent cache fill requests into a small number of requests to the origin. + send_empty_value: true + - name: 'bypassCacheOnRequestHeaders' + type: Array + description: | + Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings. + item_type: + type: NestedObject + properties: + - name: 'headerName' + type: String + description: | + The header field name to match on when bypassing cache. Values are case-insensitive. + max_size: 5 + - name: 'compressionMode' + type: Enum + description: | + Compress text responses using Brotli or gzip compression, based on the client's Accept-Encoding header. + enum_values: + - 'AUTOMATIC' + - 'DISABLED' + - name: 'edgeSecurityPolicy' + type: String + description: | + The security policy associated with this backend bucket. + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - name: 'customResponseHeaders' + type: Array + description: | + Headers that the HTTP/S load balancer should add to proxied responses. + item_type: + type: String + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'description' + type: String + description: | + An optional textual description of the resource; provided by the + client when the resource is created. + - name: 'enableCdn' + type: Boolean + description: 'If true, enable Cloud CDN for this BackendBucket.' + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and + match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means + the first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the + last character, which cannot be a dash. + required: true + immutable: true + validation: + regex: '^(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?)$' diff --git a/mmv1/products/compute/go_BackendBucketSignedUrlKey.yaml b/mmv1/products/compute/go_BackendBucketSignedUrlKey.yaml new file mode 100644 index 000000000000..c8e448db7b03 --- /dev/null +++ b/mmv1/products/compute/go_BackendBucketSignedUrlKey.yaml @@ -0,0 +1,99 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'BackendBucketSignedUrlKey' +kind: 'compute#BackendBucketSignedUrlKey' +description: | + A key for signing Cloud CDN signed URLs for BackendBuckets. +references: + guides: + 'Using Signed URLs': 'https://cloud.google.com/cdn/docs/using-signed-urls/' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/backendBuckets' +docs: +base_url: 'projects/{{project}}/global/backendBuckets/{{backend_bucket}}' +self_link: 'projects/{{project}}/global/backendBuckets/{{backend_bucket}}' +create_url: 'projects/{{project}}/global/backendBuckets/{{backend_bucket}}/addSignedUrlKey' +delete_url: 'projects/{{project}}/global/backendBuckets/{{backend_bucket}}/deleteSignedUrlKey?keyName={{name}}' +delete_verb: 'POST' +immutable: true +mutex: 'signedUrlKey/{{project}}/backendBuckets/{{backend_bucket}}/' +exclude_import: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +identity: + - name +nested_query: + keys: + - cdnPolicy + - signedUrlKeyNames + is_list_of_ids: true + modify_by_patch: false +custom_code: +exclude_tgc: true +examples: + - name: 'backend_bucket_signed_url_key' + primary_resource_id: 'backend_key' + vars: + key_name: 'test-key' + backend_name: 'test-signed-backend-bucket' + bucket_name: 'test-storage-bucket' + external_providers: ["random", "time"] + exclude_test: true +parameters: + - name: 'backendBucket' + type: ResourceRef + description: | + The backend bucket this signed URL key belongs. + required: true + immutable: true + ignore_read: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'BackendBucket' + imports: 'name' +properties: + - name: 'name' + type: String + description: | + Name of the signed URL key. + api_name: keyName + required: true + immutable: true + validation: + regex: '^(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?)$' + - name: 'keyValue' + type: String + description: | + 128-bit key value used for signing the URL. The key value must be a + valid RFC 4648 Section 5 base64url encoded string. + required: true + immutable: true + ignore_read: true + sensitive: true diff --git a/mmv1/products/compute/go_BackendService.yaml b/mmv1/products/compute/go_BackendService.yaml new file mode 100644 index 000000000000..c5863819ad42 --- /dev/null +++ b/mmv1/products/compute/go_BackendService.yaml @@ -0,0 +1,1338 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'BackendService' +kind: 'compute#backendService' +description: | + A Backend Service defines a group of virtual machines that will serve + traffic for load balancing. This resource is a global backend service, + appropriate for external load balancing or self-managed internal load balancing. + For managed internal load balancing, use a regional backend service instead. + + Currently self-managed internal load balancing is only available in beta. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/compute/docs/load-balancing/http/backend-service' + api: 'https://cloud.google.com/compute/docs/reference/v1/backendServices' +docs: +base_url: 'projects/{{project}}/global/backendServices' +has_self_link: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +iam_policy: + allowed_iam_role: 'roles/compute.admin' + parent_resource_attribute: 'name' + iam_conditions_request_type: 'QUERY_PARAM' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + min_version: 'beta' +custom_code: + constants: 'templates/terraform/constants/go/backend_service.go.tmpl' + encoder: 'templates/terraform/encoders/go/backend_service.go.tmpl' + decoder: 'templates/terraform/decoders/go/backend_service.go.tmpl' + post_create: 'templates/terraform/post_create/go/compute_backend_service_security_policy.go.tmpl' + post_update: 'templates/terraform/post_create/go/compute_backend_service_security_policy.go.tmpl' +schema_version: 1 +examples: + - name: 'backend_service_basic' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-backend-service%s", context["random_suffix"])' + vars: + backend_service_name: 'backend-service' + http_health_check_name: 'health-check' + - name: 'backend_service_external_iap' + primary_resource_id: 'default' + vars: + backend_service_name: 'tf-test-backend-service-external' + - name: 'backend_service_cache_simple' + primary_resource_id: 'default' + vars: + backend_service_name: 'backend-service' + http_health_check_name: 'health-check' + - name: 'backend_service_cache_include_http_headers' + primary_resource_id: 'default' + vars: + backend_service_name: 'backend-service' + - name: 'backend_service_cache_include_named_cookies' + primary_resource_id: 'default' + vars: + backend_service_name: 'backend-service' + - name: 'backend_service_cache' + primary_resource_id: 'default' + vars: + backend_service_name: 'backend-service' + http_health_check_name: 'health-check' + - name: 'backend_service_cache_bypass_cache_on_request_headers' + primary_resource_id: 'default' + vars: + backend_service_name: 'backend-service' + http_health_check_name: 'health-check' + - name: 'backend_service_traffic_director_round_robin' + primary_resource_id: 'default' + min_version: 'beta' + vars: + backend_service_name: 'backend-service' + health_check_name: 'health-check' + - name: 'backend_service_traffic_director_ring_hash' + primary_resource_id: 'default' + min_version: 'beta' + vars: + backend_service_name: 'backend-service' + health_check_name: 'health-check' + - name: 'backend_service_network_endpoint' + primary_resource_id: 'default' + min_version: 'beta' + vars: + backend_service_name: 'backend-service' + neg_name: 'network-endpoint' + - name: 'backend_service_external_managed' + primary_resource_id: 'default' + vars: + backend_service_name: 'backend-service' + health_check_name: 'health-check' +parameters: +properties: + - name: 'affinityCookieTtlSec' + type: Integer + description: | + Lifetime of cookies in seconds if session_affinity is + GENERATED_COOKIE. If set to 0, the cookie is non-persistent and lasts + only until the end of the browser session (or equivalent). The + maximum allowed value for TTL is one day. + + When the load balancing scheme is INTERNAL, this field is not used. + - name: 'backend' + type: Array + description: | + The set of backends that serve this BackendService. + api_name: backends + is_set: true + set_hash_func: 'resourceGoogleComputeBackendServiceBackendHash' + item_type: + type: NestedObject + properties: + - name: 'balancingMode' + type: Enum + description: | + Specifies the balancing mode for this backend. + + For global HTTP(S) or TCP/SSL load balancing, the default is + UTILIZATION. Valid values are UTILIZATION, RATE (for HTTP(S)) + and CONNECTION (for TCP/SSL). + + See the [Backend Services Overview](https://cloud.google.com/load-balancing/docs/backend-service#balancing-mode) + for an explanation of load balancing modes. + default_value: "UTILIZATION" + enum_values: + - 'UTILIZATION' + - 'RATE' + - 'CONNECTION' + - name: 'capacityScaler' + type: Double + description: | + A multiplier applied to the group's maximum servicing capacity + (based on UTILIZATION, RATE or CONNECTION). + + Default value is 1, which means the group will serve up to 100% + of its configured capacity (depending on balancingMode). A + setting of 0 means the group is completely drained, offering + 0% of its available Capacity. Valid range is [0.0,1.0]. + send_empty_value: true + default_value: 1.0 + - name: 'description' + type: String + description: | + An optional description of this resource. + Provide this property when you create the resource. + - name: 'group' + type: String + description: | + The fully-qualified URL of an Instance Group or Network Endpoint + Group resource. In case of instance group this defines the list + of instances that serve traffic. Member virtual machine + instances from each instance group must live in the same zone as + the instance group itself. No two backends in a backend service + are allowed to use same Instance Group resource. + + For Network Endpoint Groups this defines list of endpoints. All + endpoints of Network Endpoint Group must be hosted on instances + located in the same zone as the Network Endpoint Group. + + Backend services cannot mix Instance Group and + Network Endpoint Group backends. + + Note that you must specify an Instance Group or Network Endpoint + Group resource using the fully-qualified URL, rather than a + partial URL. + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' + custom_flatten: 'templates/terraform/custom_flatten/go/guard_self_link.go.tmpl' + - name: 'maxConnections' + type: Integer + description: | + The max number of simultaneous connections for the group. Can + be used with either CONNECTION or UTILIZATION balancing modes. + + For CONNECTION mode, either maxConnections or one + of maxConnectionsPerInstance or maxConnectionsPerEndpoint, + as appropriate for group type, must be set. + default_from_api: true + - name: 'maxConnectionsPerInstance' + type: Integer + description: | + The max number of simultaneous connections that a single + backend instance can handle. This is used to calculate the + capacity of the group. Can be used in either CONNECTION or + UTILIZATION balancing modes. + + For CONNECTION mode, either maxConnections or + maxConnectionsPerInstance must be set. + default_from_api: true + - name: 'maxConnectionsPerEndpoint' + type: Integer + description: | + The max number of simultaneous connections that a single backend + network endpoint can handle. This is used to calculate the + capacity of the group. Can be used in either CONNECTION or + UTILIZATION balancing modes. + + For CONNECTION mode, either + maxConnections or maxConnectionsPerEndpoint must be set. + default_from_api: true + - name: 'maxRate' + type: Integer + description: | + The max requests per second (RPS) of the group. + + Can be used with either RATE or UTILIZATION balancing modes, + but required if RATE mode. For RATE mode, either maxRate or one + of maxRatePerInstance or maxRatePerEndpoint, as appropriate for + group type, must be set. + default_from_api: true + - name: 'maxRatePerInstance' + type: Double + description: | + The max requests per second (RPS) that a single backend + instance can handle. This is used to calculate the capacity of + the group. Can be used in either balancing mode. For RATE mode, + either maxRate or maxRatePerInstance must be set. + default_from_api: true + - name: 'maxRatePerEndpoint' + type: Double + description: | + The max requests per second (RPS) that a single backend network + endpoint can handle. This is used to calculate the capacity of + the group. Can be used in either balancing mode. For RATE mode, + either maxRate or maxRatePerEndpoint must be set. + default_from_api: true + - name: 'maxUtilization' + type: Double + description: | + Used when balancingMode is UTILIZATION. This ratio defines the + CPU utilization target for the group. Valid range is [0.0, 1.0]. + default_from_api: true + - name: 'circuitBreakers' + type: NestedObject + description: | + Settings controlling the volume of connections to a backend service. This field + is applicable only when the load_balancing_scheme is set to INTERNAL_SELF_MANAGED. + properties: + - name: 'connectTimeout' + type: NestedObject + description: | + The timeout for new network connections to hosts. + min_version: 'beta' + at_least_one_of: + - 'circuit_breakers.0.connect_timeout' + - 'circuit_breakers.0.max_requests_per_connection' + - 'circuit_breakers.0.max_connections' + - 'circuit_breakers.0.max_pending_requests' + - 'circuit_breakers.0.max_requests' + - 'circuit_breakers.0.max_retries' + properties: + - name: 'seconds' + type: Integer + description: | + Span of time at a resolution of a second. + Must be from 0 to 315,576,000,000 inclusive. + required: true + - name: 'nanos' + type: Integer + description: | + Span of time that's a fraction of a second at nanosecond + resolution. Durations less than one second are represented + with a 0 seconds field and a positive nanos field. Must + be from 0 to 999,999,999 inclusive. + - name: 'maxRequestsPerConnection' + type: Integer + description: | + Maximum requests for a single backend connection. This parameter + is respected by both the HTTP/1.1 and HTTP/2 implementations. If + not specified, there is no limit. Setting this parameter to 1 + will effectively disable keep alive. + at_least_one_of: + - 'circuit_breakers.0.connect_timeout' + - 'circuit_breakers.0.max_requests_per_connection' + - 'circuit_breakers.0.max_connections' + - 'circuit_breakers.0.max_pending_requests' + - 'circuit_breakers.0.max_requests' + - 'circuit_breakers.0.max_retries' + - name: 'maxConnections' + type: Integer + description: | + The maximum number of connections to the backend cluster. + Defaults to 1024. + at_least_one_of: + - 'circuit_breakers.0.connect_timeout' + - 'circuit_breakers.0.max_requests_per_connection' + - 'circuit_breakers.0.max_connections' + - 'circuit_breakers.0.max_pending_requests' + - 'circuit_breakers.0.max_requests' + - 'circuit_breakers.0.max_retries' + default_value: 1024 + - name: 'maxPendingRequests' + type: Integer + description: | + The maximum number of pending requests to the backend cluster. + Defaults to 1024. + at_least_one_of: + - 'circuit_breakers.0.connect_timeout' + - 'circuit_breakers.0.max_requests_per_connection' + - 'circuit_breakers.0.max_connections' + - 'circuit_breakers.0.max_pending_requests' + - 'circuit_breakers.0.max_requests' + - 'circuit_breakers.0.max_retries' + default_value: 1024 + - name: 'maxRequests' + type: Integer + description: | + The maximum number of parallel requests to the backend cluster. + Defaults to 1024. + at_least_one_of: + - 'circuit_breakers.0.connect_timeout' + - 'circuit_breakers.0.max_requests_per_connection' + - 'circuit_breakers.0.max_connections' + - 'circuit_breakers.0.max_pending_requests' + - 'circuit_breakers.0.max_requests' + - 'circuit_breakers.0.max_retries' + default_value: 1024 + - name: 'maxRetries' + type: Integer + description: | + The maximum number of parallel retries to the backend cluster. + Defaults to 3. + at_least_one_of: + - 'circuit_breakers.0.connect_timeout' + - 'circuit_breakers.0.max_requests_per_connection' + - 'circuit_breakers.0.max_connections' + - 'circuit_breakers.0.max_pending_requests' + - 'circuit_breakers.0.max_requests' + - 'circuit_breakers.0.max_retries' + default_value: 3 + - name: 'compressionMode' + type: Enum + description: | + Compress text responses using Brotli or gzip compression, based on the client's Accept-Encoding header. + enum_values: + - 'AUTOMATIC' + - 'DISABLED' + - name: 'consistentHash' + type: NestedObject + description: | + Consistent Hash-based load balancing can be used to provide soft session + affinity based on HTTP headers, cookies or other properties. This load balancing + policy is applicable only for HTTP connections. The affinity to a particular + destination host will be lost when one or more hosts are added/removed from the + destination service. This field specifies parameters that control consistent + hashing. This field only applies if the load_balancing_scheme is set to + INTERNAL_SELF_MANAGED. This field is only applicable when locality_lb_policy is + set to MAGLEV or RING_HASH. + properties: + - name: 'httpCookie' + type: NestedObject + description: | + Hash is based on HTTP Cookie. This field describes a HTTP cookie + that will be used as the hash key for the consistent hash load + balancer. If the cookie is not present, it will be generated. + This field is applicable if the sessionAffinity is set to HTTP_COOKIE. + at_least_one_of: + - 'consistent_hash.0.http_cookie' + - 'consistent_hash.0.http_header_name' + - 'consistent_hash.0.minimum_ring_size' + properties: + - name: 'ttl' + type: NestedObject + description: | + Lifetime of the cookie. + at_least_one_of: + - 'consistent_hash.0.http_cookie.0.ttl' + - 'consistent_hash.0.http_cookie.0.name' + - 'consistent_hash.0.http_cookie.0.path' + properties: + - name: 'seconds' + type: Integer + description: | + Span of time at a resolution of a second. + Must be from 0 to 315,576,000,000 inclusive. + required: true + - name: 'nanos' + type: Integer + description: | + Span of time that's a fraction of a second at nanosecond + resolution. Durations less than one second are represented + with a 0 seconds field and a positive nanos field. Must + be from 0 to 999,999,999 inclusive. + - name: 'name' + type: String + description: | + Name of the cookie. + at_least_one_of: + - 'consistent_hash.0.http_cookie.0.ttl' + - 'consistent_hash.0.http_cookie.0.name' + - 'consistent_hash.0.http_cookie.0.path' + - name: 'path' + type: String + description: | + Path to set for the cookie. + at_least_one_of: + - 'consistent_hash.0.http_cookie.0.ttl' + - 'consistent_hash.0.http_cookie.0.name' + - 'consistent_hash.0.http_cookie.0.path' + - name: 'httpHeaderName' + type: String + description: | + The hash based on the value of the specified header field. + This field is applicable if the sessionAffinity is set to HEADER_FIELD. + at_least_one_of: + - 'consistent_hash.0.http_cookie' + - 'consistent_hash.0.http_header_name' + - 'consistent_hash.0.minimum_ring_size' + - name: 'minimumRingSize' + type: Integer + description: | + The minimum number of virtual nodes to use for the hash ring. + Larger ring sizes result in more granular load + distributions. If the number of hosts in the load balancing pool + is larger than the ring size, each host will be assigned a single + virtual node. + Defaults to 1024. + at_least_one_of: + - 'consistent_hash.0.http_cookie' + - 'consistent_hash.0.http_header_name' + - 'consistent_hash.0.minimum_ring_size' + default_value: 1024 + - name: 'cdnPolicy' + type: NestedObject + description: 'Cloud CDN configuration for this BackendService.' + default_from_api: true + properties: + - name: 'cacheKeyPolicy' + type: NestedObject + description: 'The CacheKeyPolicy for this CdnPolicy.' + at_least_one_of: + - 'cdn_policy.0.cache_key_policy' + - 'cdn_policy.0.signed_url_cache_max_age_sec' + properties: + - name: 'includeHost' + type: Boolean + description: | + If true requests to different hosts will be cached separately. + send_empty_value: true + at_least_one_of: + - 'cdn_policy.0.cache_key_policy.0.include_host' + - 'cdn_policy.0.cache_key_policy.0.include_protocol' + - 'cdn_policy.0.cache_key_policy.0.include_query_string' + - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' + - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' + - 'cdn_policy.0.cache_key_policy.0.include_http_headers' + - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' + - name: 'includeProtocol' + type: Boolean + description: | + If true, http and https requests will be cached separately. + send_empty_value: true + at_least_one_of: + - 'cdn_policy.0.cache_key_policy.0.include_host' + - 'cdn_policy.0.cache_key_policy.0.include_protocol' + - 'cdn_policy.0.cache_key_policy.0.include_query_string' + - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' + - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' + - 'cdn_policy.0.cache_key_policy.0.include_http_headers' + - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' + - name: 'includeQueryString' + type: Boolean + description: | + If true, include query string parameters in the cache key + according to query_string_whitelist and + query_string_blacklist. If neither is set, the entire query + string will be included. + + If false, the query string will be excluded from the cache + key entirely. + send_empty_value: true + at_least_one_of: + - 'cdn_policy.0.cache_key_policy.0.include_host' + - 'cdn_policy.0.cache_key_policy.0.include_protocol' + - 'cdn_policy.0.cache_key_policy.0.include_query_string' + - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' + - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' + - 'cdn_policy.0.cache_key_policy.0.include_http_headers' + - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' + - name: 'queryStringBlacklist' + type: Array + description: | + Names of query string parameters to exclude in cache keys. + + All other parameters will be included. Either specify + query_string_whitelist or query_string_blacklist, not both. + '&' and '=' will be percent encoded and not treated as + delimiters. + is_set: true + send_empty_value: true + at_least_one_of: + - 'cdn_policy.0.cache_key_policy.0.include_host' + - 'cdn_policy.0.cache_key_policy.0.include_protocol' + - 'cdn_policy.0.cache_key_policy.0.include_query_string' + - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' + - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' + - 'cdn_policy.0.cache_key_policy.0.include_http_headers' + - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' + item_type: + type: String + - name: 'queryStringWhitelist' + type: Array + description: | + Names of query string parameters to include in cache keys. + + All other parameters will be excluded. Either specify + query_string_whitelist or query_string_blacklist, not both. + '&' and '=' will be percent encoded and not treated as + delimiters. + is_set: true + send_empty_value: true + at_least_one_of: + - 'cdn_policy.0.cache_key_policy.0.include_host' + - 'cdn_policy.0.cache_key_policy.0.include_protocol' + - 'cdn_policy.0.cache_key_policy.0.include_query_string' + - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' + - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' + - 'cdn_policy.0.cache_key_policy.0.include_http_headers' + - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' + item_type: + type: String + - name: 'includeHttpHeaders' + type: Array + description: | + Allows HTTP request headers (by name) to be used in the + cache key. + send_empty_value: true + at_least_one_of: + - 'cdn_policy.0.cache_key_policy.0.include_host' + - 'cdn_policy.0.cache_key_policy.0.include_protocol' + - 'cdn_policy.0.cache_key_policy.0.include_query_string' + - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' + - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' + - 'cdn_policy.0.cache_key_policy.0.include_http_headers' + - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' + item_type: + type: String + - name: 'includeNamedCookies' + type: Array + description: | + Names of cookies to include in cache keys. + send_empty_value: true + at_least_one_of: + - 'cdn_policy.0.cache_key_policy.0.include_host' + - 'cdn_policy.0.cache_key_policy.0.include_protocol' + - 'cdn_policy.0.cache_key_policy.0.include_query_string' + - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' + - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' + - 'cdn_policy.0.cache_key_policy.0.include_http_headers' + - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' + item_type: + type: String + - name: 'signedUrlCacheMaxAgeSec' + type: Integer + description: | + Maximum number of seconds the response to a signed URL request + will be considered fresh, defaults to 1hr (3600s). After this + time period, the response will be revalidated before + being served. + + When serving responses to signed URL requests, Cloud CDN will + internally behave as though all responses from this backend had a + "Cache-Control: public, max-age=[TTL]" header, regardless of any + existing Cache-Control header. The actual headers served in + responses will not be altered. + at_least_one_of: + - 'cdn_policy.0.cache_key_policy' + - 'cdn_policy.0.signed_url_cache_max_age_sec' + default_value: 3600 + - name: 'defaultTtl' + type: Integer + description: | + Specifies the default TTL for cached content served by this origin for responses + that do not have an existing valid TTL (max-age or s-max-age). + default_from_api: true + - name: 'maxTtl' + type: Integer + description: | + Specifies the maximum allowed TTL for cached content served by this origin. + default_from_api: true + - name: 'clientTtl' + type: Integer + description: | + Specifies the maximum allowed TTL for cached content served by this origin. + default_from_api: true + - name: 'negativeCaching' + type: Boolean + description: | + Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. + default_from_api: true + send_empty_value: true + - name: 'negativeCachingPolicy' + type: Array + description: | + Sets a cache TTL for the specified HTTP status code. negativeCaching must be enabled to configure negativeCachingPolicy. + Omitting the policy and leaving negativeCaching enabled will use Cloud CDN's default cache TTLs. + item_type: + type: NestedObject + properties: + - name: 'code' + type: Integer + description: | + The HTTP status code to define a TTL against. Only HTTP status codes 300, 301, 308, 404, 405, 410, 421, 451 and 501 + can be specified as values, and you cannot specify a status code more than once. + - name: 'ttl' + type: Integer + description: | + The TTL (in seconds) for which to cache responses with the corresponding status code. The maximum allowed value is 1800s + (30 minutes), noting that infrequently accessed objects may be evicted from the cache before the defined TTL. + send_empty_value: true + - name: 'cacheMode' + type: Enum + description: | + Specifies the cache setting for all responses from this backend. + The possible values are: USE_ORIGIN_HEADERS, FORCE_CACHE_ALL and CACHE_ALL_STATIC + default_from_api: true + enum_values: + - 'USE_ORIGIN_HEADERS' + - 'FORCE_CACHE_ALL' + - 'CACHE_ALL_STATIC' + - name: 'serveWhileStale' + type: Integer + description: | + Serve existing content from the cache (if available) when revalidating content with the origin, or when an error is encountered when refreshing the cache. + default_from_api: true + send_empty_value: true + - name: 'bypassCacheOnRequestHeaders' + type: Array + description: | + Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. + The cache is bypassed for all cdnPolicy.cacheMode settings. + item_type: + type: NestedObject + properties: + - name: 'headerName' + type: String + description: | + The header field name to match on when bypassing cache. Values are case-insensitive. + required: true + - name: 'connectionDraining' + type: NestedObject + description: | + Settings for connection draining + flatten_object: true + properties: + - name: 'connection_draining_timeout_sec' + type: Integer + description: | + Time for which instance will be drained (not accept new + connections, but still work to finish started). + api_name: drainingTimeoutSec + default_value: 300 + - name: 'creationTimestamp' + type: Time + description: | + Creation timestamp in RFC3339 text format. + output: true + - name: 'customRequestHeaders' + type: Array + description: | + Headers that the HTTP/S load balancer should add to proxied + requests. + is_set: true + item_type: + type: String + - name: 'customResponseHeaders' + type: Array + description: | + Headers that the HTTP/S load balancer should add to proxied + responses. + is_set: true + item_type: + type: String + - name: 'fingerprint' + type: Fingerprint + description: | + Fingerprint of this resource. A hash of the contents stored in this + object. This field is used in optimistic locking. + output: true + - name: 'description' + type: String + description: | + An optional description of this resource. + - name: 'enableCDN' + type: Boolean + description: | + If true, enable Cloud CDN for this BackendService. + - name: 'healthChecks' + type: Array + description: | + The set of URLs to the HttpHealthCheck or HttpsHealthCheck resource + for health checking this BackendService. Currently at most one health + check can be specified. + + A health check must be specified unless the backend service uses an internet + or serverless NEG as a backend. + + For internal load balancing, a URL to a HealthCheck resource must be specified instead. + is_set: true + set_hash_func: 'tpgresource.SelfLinkRelativePathHash' + custom_flatten: 'templates/terraform/custom_flatten/go/guard_self_link_array.go.tmpl' + item_type: + type: String + min_size: 1 + max_size: 1 + - name: 'generated_id' + type: Integer + description: + 'The unique identifier for the resource. This identifier is defined by the + server.' + api_name: id + output: true + - name: 'iap' + type: NestedObject + description: Settings for enabling Cloud Identity Aware Proxy + default_from_api: true + send_empty_value: true + properties: + - name: 'enabled' + type: Boolean + description: Whether the serving infrastructure will authenticate and authorize all incoming requests. + required: true + - name: 'oauth2ClientId' + type: String + description: | + OAuth2 Client ID for IAP + - name: 'oauth2ClientSecret' + type: String + description: | + OAuth2 Client Secret for IAP + ignore_read: true + sensitive: true + send_empty_value: true + - name: 'oauth2ClientSecretSha256' + type: String + description: | + OAuth2 Client Secret SHA-256 for IAP + sensitive: true + output: true + - name: 'loadBalancingScheme' + type: Enum + description: | + Indicates whether the backend service will be used with internal or + external load balancing. A backend service created for one type of + load balancing cannot be used with the other. For more information, refer to + [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service). + immutable: true + default_value: "EXTERNAL" + # If you're modifying this value, it probably means Global ILB is now + # an option. If that's the case, all of the documentation is based on + # this resource supporting external load balancing only. + enum_values: + - 'EXTERNAL' + - 'INTERNAL_SELF_MANAGED' + - 'INTERNAL_MANAGED' + - 'EXTERNAL_MANAGED' + - name: 'localityLbPolicy' + type: Enum + description: | + The load balancing algorithm used within the scope of the locality. + The possible values are: + + * `ROUND_ROBIN`: This is a simple policy in which each healthy backend + is selected in round robin order. + + * `LEAST_REQUEST`: An O(1) algorithm which selects two random healthy + hosts and picks the host which has fewer active requests. + + * `RING_HASH`: The ring/modulo hash load balancer implements consistent + hashing to backends. The algorithm has the property that the + addition/removal of a host from a set of N hosts only affects + 1/N of the requests. + + * `RANDOM`: The load balancer selects a random healthy host. + + * `ORIGINAL_DESTINATION`: Backend host is selected based on the client + connection metadata, i.e., connections are opened + to the same address as the destination address of + the incoming connection before the connection + was redirected to the load balancer. + + * `MAGLEV`: used as a drop in replacement for the ring hash load balancer. + Maglev is not as stable as ring hash but has faster table lookup + build times and host selection times. For more information about + Maglev, refer to https://ai.google/research/pubs/pub44824 + + * `WEIGHTED_MAGLEV`: Per-instance weighted Load Balancing via health check + reported weights. Only applicable to loadBalancingScheme + EXTERNAL. If set, the Backend Service must + configure a non legacy HTTP-based Health Check, and + health check replies are expected to contain + non-standard HTTP response header field + X-Load-Balancing-Endpoint-Weight to specify the + per-instance weights. If set, Load Balancing is weight + based on the per-instance weights reported in the last + processed health check replies, as long as every + instance either reported a valid weight or had + UNAVAILABLE_WEIGHT. Otherwise, Load Balancing remains + equal-weight. + + locality_lb_policy is applicable to either: + + * A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, + and loadBalancingScheme set to INTERNAL_MANAGED. + * A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. + * A regional backend service with loadBalancingScheme set to EXTERNAL (External Network + Load Balancing). Only MAGLEV and WEIGHTED_MAGLEV values are possible for External + Network Load Balancing. The default is MAGLEV. + + If session_affinity is not NONE, and locality_lb_policy is not set to MAGLEV, WEIGHTED_MAGLEV, + or RING_HASH, session affinity settings will not take effect. + + Only ROUND_ROBIN and RING_HASH are supported when the backend service is referenced + by a URL map that is bound to target gRPC proxy that has validate_for_proxyless + field set to true. + enum_values: + - 'ROUND_ROBIN' + - 'LEAST_REQUEST' + - 'RING_HASH' + - 'RANDOM' + - 'ORIGINAL_DESTINATION' + - 'MAGLEV' + - 'WEIGHTED_MAGLEV' + - name: 'localityLbPolicies' + type: Array + description: | + A list of locality load balancing policies to be used in order of + preference. Either the policy or the customPolicy field should be set. + Overrides any value set in the localityLbPolicy field. + + localityLbPolicies is only supported when the BackendService is referenced + by a URL Map that is referenced by a target gRPC proxy that has the + validateForProxyless field set to true. + item_type: + description: | + Container for either a built-in LB policy supported by gRPC or Envoy or + a custom one implemented by the end user. + type: NestedObject + properties: + - name: 'policy' + type: NestedObject + description: | + The configuration for a built-in load balancing policy. + exactly_one_of: + - 'policy' + - 'customPolicy' + properties: + - name: 'name' + type: Enum + description: | + The name of a locality load balancer policy to be used. The value + should be one of the predefined ones as supported by localityLbPolicy, + although at the moment only ROUND_ROBIN is supported. + + This field should only be populated when the customPolicy field is not + used. + + Note that specifying the same policy more than once for a backend is + not a valid configuration and will be rejected. + + The possible values are: + + * `ROUND_ROBIN`: This is a simple policy in which each healthy backend + is selected in round robin order. + + * `LEAST_REQUEST`: An O(1) algorithm which selects two random healthy + hosts and picks the host which has fewer active requests. + + * `RING_HASH`: The ring/modulo hash load balancer implements consistent + hashing to backends. The algorithm has the property that the + addition/removal of a host from a set of N hosts only affects + 1/N of the requests. + + * `RANDOM`: The load balancer selects a random healthy host. + + * `ORIGINAL_DESTINATION`: Backend host is selected based on the client + connection metadata, i.e., connections are opened + to the same address as the destination address of + the incoming connection before the connection + was redirected to the load balancer. + + * `MAGLEV`: used as a drop in replacement for the ring hash load balancer. + Maglev is not as stable as ring hash but has faster table lookup + build times and host selection times. For more information about + Maglev, refer to https://ai.google/research/pubs/pub44824 + required: true + enum_values: + - 'ROUND_ROBIN' + - 'LEAST_REQUEST' + - 'RING_HASH' + - 'RANDOM' + - 'ORIGINAL_DESTINATION' + - 'MAGLEV' + - name: 'customPolicy' + type: NestedObject + description: | + The configuration for a custom policy implemented by the user and + deployed with the client. + exactly_one_of: + - 'policy' + - 'customPolicy' + properties: + - name: 'name' + type: String + description: | + Identifies the custom policy. + + The value should match the type the custom implementation is registered + with on the gRPC clients. It should follow protocol buffer + message naming conventions and include the full path (e.g. + myorg.CustomLbPolicy). The maximum length is 256 characters. + + Note that specifying the same custom policy more than once for a + backend is not a valid configuration and will be rejected. + required: true + - name: 'data' + type: String + description: | + An optional, arbitrary JSON object with configuration data, understood + by a locally installed custom policy implementation. + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and match + the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the + first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the last + character, which cannot be a dash. + required: true + immutable: true + - name: 'outlierDetection' + type: NestedObject + description: | + Settings controlling eviction of unhealthy hosts from the load balancing pool. + Applicable backend service types can be a global backend service with the + loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL_MANAGED. + properties: + - name: 'baseEjectionTime' + type: NestedObject + description: | + The base time that a host is ejected for. The real time is equal to the base + time multiplied by the number of times the host has been ejected. Defaults to + 30000ms or 30s. + at_least_one_of: + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + properties: + - name: 'seconds' + type: Integer + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 + inclusive. + required: true + - name: 'nanos' + type: Integer + description: | + Span of time that's a fraction of a second at nanosecond resolution. Durations + less than one second are represented with a 0 `seconds` field and a positive + `nanos` field. Must be from 0 to 999,999,999 inclusive. + - name: 'consecutiveErrors' + type: Integer + description: | + Number of errors before a host is ejected from the connection pool. When the + backend host is accessed over HTTP, a 5xx return code qualifies as an error. + Defaults to 5. + at_least_one_of: + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + - name: 'consecutiveGatewayFailure' + type: Integer + description: | + The number of consecutive gateway failures (502, 503, 504 status or connection + errors that are mapped to one of those status codes) before a consecutive + gateway failure ejection occurs. Defaults to 5. + at_least_one_of: + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + - name: 'enforcingConsecutiveErrors' + type: Integer + description: | + The percentage chance that a host will be actually ejected when an outlier + status is detected through consecutive 5xx. This setting can be used to disable + ejection or to ramp it up slowly. Defaults to 100. + at_least_one_of: + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + - name: 'enforcingConsecutiveGatewayFailure' + type: Integer + description: | + The percentage chance that a host will be actually ejected when an outlier + status is detected through consecutive gateway failures. This setting can be + used to disable ejection or to ramp it up slowly. Defaults to 0. + at_least_one_of: + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + - name: 'enforcingSuccessRate' + type: Integer + description: | + The percentage chance that a host will be actually ejected when an outlier + status is detected through success rate statistics. This setting can be used to + disable ejection or to ramp it up slowly. Defaults to 100. + at_least_one_of: + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + - name: 'interval' + type: NestedObject + description: | + Time interval between ejection sweep analysis. This can result in both new + ejections as well as hosts being returned to service. Defaults to 10 seconds. + at_least_one_of: + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + properties: + - name: 'seconds' + type: Integer + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 + inclusive. + required: true + - name: 'nanos' + type: Integer + description: | + Span of time that's a fraction of a second at nanosecond resolution. Durations + less than one second are represented with a 0 `seconds` field and a positive + `nanos` field. Must be from 0 to 999,999,999 inclusive. + - name: 'maxEjectionPercent' + type: Integer + description: | + Maximum percentage of hosts in the load balancing pool for the backend service + that can be ejected. Defaults to 10%. + at_least_one_of: + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + - name: 'successRateMinimumHosts' + type: Integer + description: | + The number of hosts in a cluster that must have enough request volume to detect + success rate outliers. If the number of hosts is less than this setting, outlier + detection via success rate statistics is not performed for any host in the + cluster. Defaults to 5. + at_least_one_of: + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + - name: 'successRateRequestVolume' + type: Integer + description: | + The minimum number of total requests that must be collected in one interval (as + defined by the interval duration above) to include this host in success rate + based outlier detection. If the volume is lower than this setting, outlier + detection via success rate statistics is not performed for that host. Defaults + to 100. + at_least_one_of: + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + - name: 'successRateStdevFactor' + type: Integer + description: | + This factor is used to determine the ejection threshold for success rate outlier + ejection. The ejection threshold is the difference between the mean success + rate, and the product of this factor and the standard deviation of the mean + success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided + by a thousand to get a double. That is, if the desired factor is 1.9, the + runtime value should be 1900. Defaults to 1900. + at_least_one_of: + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + # 'port' is deprecated + - name: 'portName' + type: String + description: | + Name of backend port. The same name should appear in the instance + groups referenced by this service. Required when the load balancing + scheme is EXTERNAL. + default_from_api: true + - name: 'protocol' + type: Enum + description: | + The protocol this BackendService uses to communicate with backends. + The default is HTTP. **NOTE**: HTTP2 is only valid for beta HTTP/2 load balancer + types and may result in errors if used with the GA API. **NOTE**: With protocol “UNSPECIFIED”, + the backend service can be used by Layer 4 Internal Load Balancing or Network Load Balancing + with TCP/UDP/L3_DEFAULT Forwarding Rule protocol. + # TODO: make a ResourceRef to Security Policy + default_from_api: true + enum_values: + - 'HTTP' + - 'HTTPS' + - 'HTTP2' + - 'TCP' + - 'SSL' + - 'GRPC' + - 'UNSPECIFIED' + - name: 'securityPolicy' + type: String + description: | + The security policy associated with this backend service. + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - name: 'edgeSecurityPolicy' + type: String + description: | + The resource URL for the edge security policy associated with this backend service. + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - name: 'securitySettings' + type: NestedObject + description: | + The security settings that apply to this backend service. This field is applicable to either + a regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and + load_balancing_scheme set to INTERNAL_MANAGED; or a global backend service with the + load_balancing_scheme set to INTERNAL_SELF_MANAGED. + properties: + - name: 'clientTlsPolicy' + type: ResourceRef + description: | + ClientTlsPolicy is a resource that specifies how a client should authenticate + connections to backends of a service. This resource itself does not affect + configuration unless it is attached to a backend service resource. + diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' + resource: 'ClientTlsPolicy' + imports: 'name' + - name: 'subjectAltNames' + type: Array + description: | + A list of alternate names to verify the subject identity in the certificate. + If specified, the client will verify that the server certificate's subject + alt name matches one of the specified values. + item_type: + type: String + - name: 'awsV4Authentication' + type: NestedObject + description: | + The configuration needed to generate a signature for access to private storage buckets that support AWS's Signature Version 4 for authentication. + Allowed only for INTERNET_IP_PORT and INTERNET_FQDN_PORT NEG backends. + properties: + - name: 'accessKeyId' + type: String + description: | + The identifier of an access key used for s3 bucket authentication. + - name: 'accessKey' + type: String + description: | + The access key used for s3 bucket authentication. + Required for updating or creating a backend that uses AWS v4 signature authentication, but will not be returned as part of the configuration when queried with a REST API GET request. + ignore_read: true + sensitive: true + send_empty_value: true + - name: 'accessKeyVersion' + type: String + description: | + The optional version identifier for the access key. You can use this to keep track of different iterations of your access key. + - name: 'originRegion' + type: String + description: | + The name of the cloud region of your origin. This is a free-form field with the name of the region your cloud uses to host your origin. + For example, "us-east-1" for AWS or "us-ashburn-1" for OCI. + - name: 'sessionAffinity' + type: Enum + description: | + Type of session affinity to use. The default is NONE. Session affinity is + not applicable if the protocol is UDP. + default_from_api: true + enum_values: + - 'NONE' + - 'CLIENT_IP' + - 'CLIENT_IP_PORT_PROTO' + - 'CLIENT_IP_PROTO' + - 'GENERATED_COOKIE' + - 'HEADER_FIELD' + - 'HTTP_COOKIE' + - name: 'timeoutSec' + type: Integer + description: | + The backend service timeout has a different meaning depending on the type of load balancer. + For more information see, [Backend service settings](https://cloud.google.com/compute/docs/reference/rest/v1/backendServices). + The default is 30 seconds. + The full range of timeout values allowed goes from 1 through 2,147,483,647 seconds. + default_from_api: true + - name: 'logConfig' + type: NestedObject + description: | + This field denotes the logging options for the load balancer traffic served by this backend service. + If logging is enabled, logs will be exported to Stackdriver. + default_from_api: true + properties: + - name: 'enable' + type: Boolean + description: | + Whether to enable logging for the load balancer traffic served by this backend service. + send_empty_value: true + at_least_one_of: + - 'log_config.0.enable' + - 'log_config.0.sample_rate' + - name: 'sampleRate' + type: Double + description: | + This field can only be specified if logging is enabled for this backend service. The value of + the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer + where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. + The default value is 1.0. + at_least_one_of: + - 'log_config.0.enable' + - 'log_config.0.sample_rate' + diff_suppress_func: 'suppressWhenDisabled' + default_value: 1.0 + - name: 'serviceLbPolicy' + type: String + description: | + URL to networkservices.ServiceLbPolicy resource. + Can only be set if load balancing scheme is EXTERNAL, EXTERNAL_MANAGED, INTERNAL_MANAGED or INTERNAL_SELF_MANAGED and the scope is global. diff --git a/mmv1/products/compute/go_BackendServiceSignedUrlKey.yaml b/mmv1/products/compute/go_BackendServiceSignedUrlKey.yaml new file mode 100644 index 000000000000..44a41f11498b --- /dev/null +++ b/mmv1/products/compute/go_BackendServiceSignedUrlKey.yaml @@ -0,0 +1,99 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'BackendServiceSignedUrlKey' +kind: 'compute#BackendServiceSignedUrlKey' +description: | + A key for signing Cloud CDN signed URLs for Backend Services. +references: + guides: + 'Using Signed URLs': 'https://cloud.google.com/cdn/docs/using-signed-urls/' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/backendServices' +docs: +base_url: 'projects/{{project}}/global/backendServices/{{backend_service}}' +self_link: 'projects/{{project}}/global/backendServices/{{backend_service}}' +create_url: 'projects/{{project}}/global/backendServices/{{backend_service}}/addSignedUrlKey' +delete_url: 'projects/{{project}}/global/backendServices/{{backend_service}}/deleteSignedUrlKey?keyName={{name}}' +delete_verb: 'POST' +immutable: true +mutex: 'signedUrlKey/{{project}}/backendServices/{{backend_service}}/' +exclude_import: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +identity: + - name +nested_query: + keys: + - cdnPolicy + - signedUrlKeyNames + is_list_of_ids: true + modify_by_patch: false +custom_code: +exclude_tgc: true +examples: + - name: 'backend_service_signed_url_key' + primary_resource_id: 'backend_key' + vars: + key_name: 'test-key' + backend_name: 'my-backend-service' + igm_name: 'my-webservers' + external_providers: ["random", "time"] + exclude_test: true +parameters: + - name: 'backendService' + type: ResourceRef + description: | + The backend service this signed URL key belongs. + required: true + immutable: true + ignore_read: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'BackendService' + imports: 'name' +properties: + - name: 'name' + type: String + description: | + Name of the signed URL key. + api_name: keyName + required: true + immutable: true + validation: + regex: '^(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?)$' + - name: 'keyValue' + type: String + description: | + 128-bit key value used for signing the URL. The key value must be a + valid RFC 4648 Section 5 base64url encoded string. + required: true + immutable: true + ignore_read: true + sensitive: true diff --git a/mmv1/products/compute/go_Disk.yaml b/mmv1/products/compute/go_Disk.yaml new file mode 100644 index 000000000000..4e75789df28f --- /dev/null +++ b/mmv1/products/compute/go_Disk.yaml @@ -0,0 +1,520 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Disk' +kind: 'compute#disk' +description: | + Persistent disks are durable storage devices that function similarly to + the physical disks in a desktop or a server. Compute Engine manages the + hardware behind these devices to ensure data redundancy and optimize + performance for you. Persistent disks are available as either standard + hard disk drives (HDD) or solid-state drives (SSD). + + Persistent disks are located independently from your virtual machine + instances, so you can detach or move persistent disks to keep your data + even after you delete your instances. Persistent disk performance scales + automatically with size, so you can resize your existing persistent disks + or add more persistent disks to an instance to meet your performance and + storage space requirements. + + Add a persistent disk to your instance when you need reliable and + affordable storage with consistent performance characteristics. +references: + guides: + 'Adding a persistent disk': 'https://cloud.google.com/compute/docs/disks/add-persistent-disk' + api: 'https://cloud.google.com/compute/docs/reference/v1/disks' +docs: +base_url: 'projects/{{project}}/zones/{{zone}}/disks' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +iam_policy: + parent_resource_attribute: 'name' + base_url: 'projects/{{project}}/zones/{{zone}}/disks/{{name}}' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/zones/{{zone}}/disks/{{name}}' + - '{{name}}' +custom_code: + constants: 'templates/terraform/constants/go/disk.tmpl' + encoder: 'templates/terraform/encoders/go/disk.tmpl' + update_encoder: 'templates/terraform/update_encoder/go/hyper_disk.go.tmpl' + decoder: 'templates/terraform/decoders/go/disk.tmpl' + pre_delete: 'templates/terraform/pre_delete/go/detach_disk.tmpl' +custom_diff: + - 'customdiff.ForceNewIfChange("size", IsDiskShrinkage)' + - 'hyperDiskIopsUpdateDiffSupress' +examples: + - name: 'disk_basic' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-test-disk%s", context["random_suffix"])' + vars: + disk_name: 'test-disk' + - name: 'disk_async' + primary_resource_id: 'primary' + primary_resource_name: 'fmt.Sprintf("tf-test-test-disk%s", context["random_suffix"])' + vars: + disk_name: 'async-test-disk' + secondary_disk_name: 'async-secondary-test-disk' + - name: 'disk_features' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-test-disk%s", context["random_suffix"])' + vars: + disk_name: 'test-disk-features' +parameters: + - name: 'zone' + type: ResourceRef + description: 'A reference to the zone where the disk resides.' + required: false + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Zone' + imports: 'name' + - name: 'sourceImageEncryptionKey' + type: NestedObject + description: | + The customer-supplied encryption key of the source image. Required if + the source image is protected by a customer-supplied encryption key. + immutable: true + properties: + - name: 'rawKey' + type: String + description: | + Specifies a 256-bit customer-supplied encryption key, encoded in + RFC 4648 base64 to either encrypt or decrypt this resource. + - name: 'sha256' + type: String + description: | + The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied + encryption key that protects this resource. + output: true + # TODO(chrisst) Change to ResourceRef once KMS is in Magic Modules + - name: 'kmsKeySelfLink' + type: String + description: | + The self link of the encryption key used to encrypt the disk. Also called KmsKeyName + in the cloud console. Your project's Compute Engine System service account + (`service-{{PROJECT_NUMBER}}@compute-system.iam.gserviceaccount.com`) must have + `roles/cloudkms.cryptoKeyEncrypterDecrypter` to use this feature. + See https://cloud.google.com/compute/docs/disks/customer-managed-encryption#encrypt_a_new_persistent_disk_with_your_own_keys + api_name: kmsKeyName + diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' + - name: 'kmsKeyServiceAccount' + type: String + description: | + The service account used for the encryption request for the given KMS key. + If absent, the Compute Engine Service Agent service account is used. + - name: 'sourceImageId' + type: String + description: | + The ID value of the image used to create this disk. This value + identifies the exact image that was used to create this persistent + disk. For example, if you created the persistent disk from an image + that was later deleted and recreated under the same name, the source + image ID would identify the exact version of the image that was used. + output: true + - name: 'diskEncryptionKey' + type: NestedObject + description: | + Encrypts the disk using a customer-supplied encryption key. + + After you encrypt a disk with a customer-supplied key, you must + provide the same key if you use the disk later (e.g. to create a disk + snapshot or an image, or to attach the disk to a virtual machine). + + Customer-supplied encryption keys do not protect access to metadata of + the disk. + + If you do not provide an encryption key when creating the disk, then + the disk will be encrypted using an automatically generated key and + you do not need to provide a key to use the disk later. + immutable: true + properties: + - name: 'rawKey' + type: String + description: | + Specifies a 256-bit customer-supplied encryption key, encoded in + RFC 4648 base64 to either encrypt or decrypt this resource. + sensitive: true + - name: 'rsaEncryptedKey' + type: String + description: | + Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit + customer-supplied encryption key to either encrypt or decrypt + this resource. You can provide either the rawKey or the rsaEncryptedKey. + sensitive: true + - name: 'sha256' + type: String + description: | + The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied + encryption key that protects this resource. + output: true + - name: 'kmsKeySelfLink' + type: String + description: | + The self link of the encryption key used to encrypt the disk. Also called KmsKeyName + in the cloud console. Your project's Compute Engine System service account + (`service-{{PROJECT_NUMBER}}@compute-system.iam.gserviceaccount.com`) must have + `roles/cloudkms.cryptoKeyEncrypterDecrypter` to use this feature. + See https://cloud.google.com/compute/docs/disks/customer-managed-encryption#encrypt_a_new_persistent_disk_with_your_own_keys + api_name: kmsKeyName + diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' + - name: 'kmsKeyServiceAccount' + type: String + description: | + The service account used for the encryption request for the given KMS key. + If absent, the Compute Engine Service Agent service account is used. + - name: 'snapshot' + type: ResourceRef + description: | + The source snapshot used to create this disk. You can provide this as + a partial or full URL to the resource. If the snapshot is in another + project than this disk, you must supply a full URL. For example, the + following are valid values: + + * `https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot` + * `projects/project/global/snapshots/snapshot` + * `global/snapshots/snapshot` + * `snapshot` + api_name: sourceSnapshot + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Snapshot' + imports: 'selfLink' + - name: 'sourceSnapshotEncryptionKey' + type: NestedObject + description: | + The customer-supplied encryption key of the source snapshot. Required + if the source snapshot is protected by a customer-supplied encryption + key. + immutable: true + properties: + - name: 'rawKey' + type: String + description: | + Specifies a 256-bit customer-supplied encryption key, encoded in + RFC 4648 base64 to either encrypt or decrypt this resource. + # TODO(chrisst) Change to ResourceRef once KMS is in Magic Modules + - name: 'kmsKeySelfLink' + type: String + description: | + The self link of the encryption key used to encrypt the disk. Also called KmsKeyName + in the cloud console. Your project's Compute Engine System service account + (`service-{{PROJECT_NUMBER}}@compute-system.iam.gserviceaccount.com`) must have + `roles/cloudkms.cryptoKeyEncrypterDecrypter` to use this feature. + See https://cloud.google.com/compute/docs/disks/customer-managed-encryption#encrypt_a_new_persistent_disk_with_your_own_keys + api_name: kmsKeyName + diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' + - name: 'sha256' + type: String + description: | + The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied + encryption key that protects this resource. + output: true + - name: 'kmsKeyServiceAccount' + type: String + description: | + The service account used for the encryption request for the given KMS key. + If absent, the Compute Engine Service Agent service account is used. + - name: 'sourceSnapshotId' + type: String + description: | + The unique ID of the snapshot used to create this disk. This value + identifies the exact snapshot that was used to create this persistent + disk. For example, if you created the persistent disk from a snapshot + that was later deleted and recreated under the same name, the source + snapshot ID would identify the exact version of the snapshot that was + used. + output: true +properties: + - name: 'labelFingerprint' + type: Fingerprint + description: | + The fingerprint used for optimistic locking of this resource. Used + internally during updates. + output: true + update_url: 'projects/{{project}}/zones/{{zone}}/disks/{{name}}/setLabels' + update_verb: 'POST' + key_expander: '' + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'description' + type: String + description: | + An optional description of this resource. Provide this property when + you create the resource. + - name: 'lastAttachTimestamp' + type: Time + description: 'Last attach timestamp in RFC3339 text format.' + output: true + - name: 'lastDetachTimestamp' + type: Time + description: 'Last detach timestamp in RFC3339 text format.' + output: true + - name: 'labels' + type: KeyValueLabels + description: | + Labels to apply to this disk. A list of key->value pairs. + update_url: 'projects/{{project}}/zones/{{zone}}/disks/{{name}}/setLabels' + update_verb: 'POST' + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and match + the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the + first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the last + character, which cannot be a dash. + required: true + immutable: true + - name: 'size' + type: Integer + description: | + Size of the persistent disk, specified in GB. You can specify this + field when creating a persistent disk using the `image` or + `snapshot` parameter, or specify it alone to create an empty + persistent disk. + + If you specify this field along with `image` or `snapshot`, + the value must not be less than the size of the image + or the size of the snapshot. + + ~>**NOTE** If you change the size, Terraform updates the disk size + if upsizing is detected but recreates the disk if downsizing is requested. + You can add `lifecycle.prevent_destroy` in the config to prevent destroying + and recreating. + api_name: sizeGb + default_from_api: true + update_url: 'projects/{{project}}/zones/{{zone}}/disks/{{name}}/resize' + update_verb: 'POST' + - name: 'users' + type: Array + description: | + Links to the users of the disk (attached instances) in form: + project/zones/zone/instances/instance + output: true + custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' + item_type: + name: 'user' + type: ResourceRef + description: 'A reference to a user of this disk' + resource: 'Instance' + imports: 'selfLink' + - name: 'physicalBlockSizeBytes' + type: Integer + description: | + Physical block size of the persistent disk, in bytes. If not present + in a request, a default value is used. Currently supported sizes + are 4096 and 16384, other sizes may be added in the future. + If an unsupported value is requested, the error message will list + the supported values for the caller's project. + default_from_api: true + - name: 'interface' + type: String + description: | + Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI. + min_version: 'beta' + # interface is removed using url_param_only to preserve schema definition + # and prevent sending or reading in API requests + url_param_only: true + diff_suppress_func: 'AlwaysDiffSuppress' + default_value: "SCSI" + deprecation_message: '`interface` is deprecated and will be removed in a future major release. This field is no longer used and can be safely removed from your configurations; disk interfaces are automatically determined on attachment.' + - name: 'sourceDisk' + type: String + description: | + The source disk used to create this disk. You can provide this as a partial or full URL to the resource. + For example, the following are valid values: + + * https://www.googleapis.com/compute/v1/projects/{project}/zones/{zone}/disks/{disk} + * https://www.googleapis.com/compute/v1/projects/{project}/regions/{region}/disks/{disk} + * projects/{project}/zones/{zone}/disks/{disk} + * projects/{project}/regions/{region}/disks/{disk} + * zones/{zone}/disks/{disk} + * regions/{region}/disks/{disk} + diff_suppress_func: 'sourceDiskDiffSupress' + - name: 'sourceDiskId' + type: String + description: | + The ID value of the disk used to create this image. This value may + be used to determine whether the image was taken from the current + or a previous instance of a given disk name. + output: true + - name: 'DiskId' + type: String + description: | + The unique identifier for the resource. This identifier is defined by the server. + api_name: id + output: true + - name: 'type' + type: ResourceRef + description: | + URL of the disk type resource describing which disk type to use to + create the disk. Provide this when creating the disk. + diff_suppress_func: 'tpgresource.CompareResourceNames' + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + default_value: "pd-standard" + resource: 'DiskType' + imports: 'selfLink' + - name: 'image' + type: String + description: | + The image from which to initialize this disk. This can be + one of: the image's `self_link`, `projects/{project}/global/images/{image}`, + `projects/{project}/global/images/family/{family}`, `global/images/{image}`, + `global/images/family/{family}`, `family/{family}`, `{project}/{family}`, + `{project}/{image}`, `{family}`, or `{image}`. If referred by family, the + images names must include the family name. If they don't, use the + [google_compute_image data source](/docs/providers/google/d/compute_image.html). + For instance, the image `centos-6-v20180104` includes its family name `centos-6`. + These images can be referred by family name here. + api_name: sourceImage + immutable: true + diff_suppress_func: 'DiskImageDiffSuppress' + - name: 'resourcePolicies' + type: Array + description: | + Resource policies applied to this disk for automatic snapshot creations. + + ~>**NOTE** This value does not support updating the + resource policy, as resource policies can not be updated more than + one at a time. Use + [`google_compute_disk_resource_policy_attachment`](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_disk_resource_policy_attachment) + to allow for updating the resource policy attached to the disk. + min_version: 'beta' + default_from_api: true + custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' + item_type: + name: 'resourcePolicy' + type: ResourceRef + description: + 'A resource policy applied to this disk for automatic snapshot + creations.' + resource: 'ResourcePolicy' + imports: 'selfLink' + - name: 'enableConfidentialCompute' + type: Boolean + description: | + Whether this disk is using confidential compute mode. + Note: Only supported on hyperdisk skus, disk_encryption_key is required when setting to true + required: false + default_from_api: true + - name: 'multiWriter' + type: Boolean + description: | + Indicates whether or not the disk can be read/write attached to more than one instance. + min_version: 'beta' + - name: 'provisionedIops' + type: Integer + description: | + Indicates how many IOPS must be provisioned for the disk. + Note: Updating currently is only supported by hyperdisk skus without the need to delete and recreate the disk, hyperdisk + allows for an update of IOPS every 4 hours. To update your hyperdisk more frequently, you'll need to manually delete and recreate it + required: false + default_from_api: true + update_url: 'projects/{{project}}/zones/{{zone}}/disks/{{name}}?paths=provisionedIops' + update_verb: 'PATCH' + - name: 'provisionedThroughput' + type: Integer + description: | + Indicates how much Throughput must be provisioned for the disk. + Note: Updating currently is only supported by hyperdisk skus without the need to delete and recreate the disk, hyperdisk + allows for an update of Throughput every 4 hours. To update your hyperdisk more frequently, you'll need to manually delete and recreate it + default_from_api: true + update_url: 'projects/{{project}}/zones/{{zone}}/disks/{{name}}?paths=provisionedThroughput' + update_verb: 'PATCH' + - name: 'asyncPrimaryDisk' + type: NestedObject + diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' + properties: + - name: 'disk' + type: String + description: | + Primary disk for asynchronous disk replication. + required: true + - name: 'guestOsFeatures' + type: Array + description: | + A list of features to enable on the guest operating system. + Applicable only for bootable disks. + is_set: true + default_from_api: true + item_type: + type: NestedObject + properties: + - name: 'type' + type: String + description: | + The type of supported feature. Read [Enabling guest operating system features](https://cloud.google.com/compute/docs/images/create-delete-deprecate-private-images#guest-os-features) to see a list of available options. + required: true + - name: 'licenses' + type: Array + description: Any applicable license URI. + immutable: true + default_from_api: true + custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' + item_type: + name: 'license' + type: ResourceRef + description: 'An applicable license URI' + resource: 'License' + imports: 'selfLink' + - name: 'storagePool' + type: String + description: | + The URL of the storage pool in which the new disk is created. + For example: + * https://www.googleapis.com/compute/v1/projects/{project}/zones/{zone}/storagePools/{storagePool} + * /projects/{project}/zones/{zone}/storagePools/{storagePool} + required: false + immutable: true + diff_suppress_func: 'tpgresource.CompareResourceNames' + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + - name: 'accessMode' + type: String + description: | + The accessMode of the disk. + For example: + * READ_WRITE_SINGLE + * READ_WRITE_MANY + * READ_ONLY_SINGLE + required: false + immutable: false + default_from_api: true + update_url: 'projects/{{project}}/zones/{{zone}}/disks/{{name}}?paths=accessMode' + update_verb: 'PATCH' diff --git a/mmv1/products/compute/go_DiskResourcePolicyAttachment.yaml b/mmv1/products/compute/go_DiskResourcePolicyAttachment.yaml new file mode 100644 index 000000000000..744b21f80c6b --- /dev/null +++ b/mmv1/products/compute/go_DiskResourcePolicyAttachment.yaml @@ -0,0 +1,89 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'DiskResourcePolicyAttachment' +description: | + Adds existing resource policies to a disk. You can only add one policy + which will be applied to this disk for scheduling snapshot creation. + + ~> **Note:** This resource does not support regional disks (`google_compute_region_disk`). For regional disks, please refer to [`google_compute_region_disk_resource_policy_attachment`](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_region_disk_resource_policy_attachment) +docs: +id_format: '{{project}}/{{zone}}/{{disk}}/{{name}}' +base_url: 'projects/{{project}}/zones/{{zone}}/disks/{{disk}}' +self_link: 'projects/{{project}}/zones/{{zone}}/disks/{{disk}}' +create_url: 'projects/{{project}}/zones/{{zone}}/disks/{{disk}}/addResourcePolicies' +delete_url: 'projects/{{project}}/zones/{{zone}}/disks/{{disk}}/removeResourcePolicies' +delete_verb: 'POST' +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +identity: + - name +nested_query: + keys: + - resourcePolicies + is_list_of_ids: true + modify_by_patch: false +custom_code: + encoder: 'templates/terraform/encoders/go/compute_disk_resource_policies_attachment.go.tmpl' + decoder: 'templates/terraform/decoders/go/compute_disk_resource_policies_attachment.go.tmpl' + pre_delete: 'templates/terraform/pre_delete/go/compute_disk_resource_policies_attachment.go.tmpl' +examples: + - name: 'disk_resource_policy_attachment_basic' + primary_resource_id: 'attachment' + vars: + disk_name: 'my-disk' + policy_name: 'my-resource-policy' +parameters: + - name: 'disk' + type: ResourceRef + description: | + The name of the disk in which the resource policies are attached to. + url_param_only: true + required: true + resource: 'Disk' + imports: 'name' + - name: 'zone' + type: ResourceRef + description: 'A reference to the zone where the disk resides.' + url_param_only: true + required: false + ignore_read: true + default_from_api: true + resource: 'Zone' + imports: 'name' +properties: + - name: 'name' + type: String + description: | + The resource policy to be attached to the disk for scheduling snapshot + creation. Do not specify the self link. + required: true diff --git a/mmv1/products/compute/go_DiskType.yaml b/mmv1/products/compute/go_DiskType.yaml new file mode 100644 index 000000000000..4c7c8a2fd67d --- /dev/null +++ b/mmv1/products/compute/go_DiskType.yaml @@ -0,0 +1,117 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'DiskType' +kind: 'compute#diskType' +# TODO(nelsonjr): Search all documentation for references of using URL (like +# the description below) and replace with the proper reference to the +# corresponding type. +description: | + Represents a DiskType resource. A DiskType resource represents the type + of disk to use, such as a pd-ssd, pd-balanced or pd-standard. To reference a disk + type, use the disk type's full or partial URL. +exclude: true +# TODO(nelsonjr): Temporarily make DiskType virtual so no tests gets +# triggered for create. Implement support for read only objects, and delete +# the virtual tag +# | readonly: true +readonly: true +docs: +base_url: 'projects/{{project}}/zones/{{zone}}/diskTypes' +has_self_link: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +collection_url_key: 'items' +custom_code: +parameters: + - name: 'zone' + type: ResourceRef + description: 'A reference to the zone where the disk type resides.' + required: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Zone' + imports: 'name' +properties: + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'defaultDiskSizeGb' + type: Integer + description: 'Server-defined default disk size in GB.' + output: true + - name: 'deprecated' + type: NestedObject + description: 'The deprecation status associated with this disk type.' + output: true + properties: + - name: 'deleted' + type: Time + description: | + An optional RFC3339 timestamp on or after which the deprecation state + of this resource will be changed to DELETED. + output: true + - name: 'deprecated' + type: Time + description: | + An optional RFC3339 timestamp on or after which the deprecation state + of this resource will be changed to DEPRECATED. + output: true + - name: 'obsolete' + type: Time + description: | + An optional RFC3339 timestamp on or after which the deprecation state + of this resource will be changed to OBSOLETE. + output: true + - name: 'replacement' + type: String + description: | + The URL of the suggested replacement for a deprecated resource. The + suggested replacement resource must be the same kind of resource as + the deprecated resource. + output: true + - name: 'state' + type: Enum + description: | + The deprecation state of this resource. This can be DEPRECATED, + OBSOLETE, or DELETED. Operations which create a new resource using a + DEPRECATED resource will return successfully, but with a warning + indicating the deprecated resource and recommending its replacement. + Operations which use OBSOLETE or DELETED resources will be rejected + and result in an error. + output: true + enum_values: + - 'DEPRECATED' + - 'OBSOLETE' + - 'DELETED' + - name: 'description' + type: String + description: 'An optional description of this resource.' + output: true + - name: 'id' + type: Integer + description: 'The unique identifier for the resource.' + output: true + - name: 'name' + type: String + description: 'Name of the resource.' + - name: 'validDiskSize' + type: String + description: | + An optional textual description of the valid disk size, such as + "10GB-10TB". + output: true diff --git a/mmv1/products/compute/go_ExternalVpnGateway.yaml b/mmv1/products/compute/go_ExternalVpnGateway.yaml new file mode 100644 index 000000000000..20af60194ef1 --- /dev/null +++ b/mmv1/products/compute/go_ExternalVpnGateway.yaml @@ -0,0 +1,124 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'ExternalVpnGateway' +kind: 'compute#externalVpnGateway' +description: | + Represents a VPN gateway managed outside of GCP. +references: + guides: + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/externalVpnGateways' +docs: +base_url: 'projects/{{project}}/global/externalVpnGateways' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: +examples: + - name: 'external_vpn_gateway' + primary_resource_id: 'external_gateway' + vars: + ha_vpn_gateway_name: 'ha-vpn' + network_name: 'network-1' + external_gateway_name: 'external-gateway' + global_address_name: 'global-address' + router_name: 'ha-vpn-router1' + # Multiple fine-grained resources + skip_vcr: true + - name: 'only_external_vpn_gateway_full' + primary_resource_id: 'external_gateway' + vars: + external_gateway_name: 'external-gateway' + exclude_docs: true +parameters: +properties: + - name: 'description' + type: String + description: 'An optional description of this resource.' + - name: 'labels' + type: KeyValueLabels + description: 'Labels for the external VPN gateway resource.' + update_url: 'projects/{{project}}/global/externalVpnGateways/{{name}}/setLabels' + update_verb: 'POST' + - name: 'labelFingerprint' + type: Fingerprint + description: | + The fingerprint used for optimistic locking of this resource. Used + internally during updates. + output: true + update_url: 'projects/{{project}}/global/externalVpnGateways/{{name}}/setLabels' + update_verb: 'POST' + key_expander: '' + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and + match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means + the first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the last + character, which cannot be a dash. + required: true + - name: 'redundancyType' + type: Enum + description: | + Indicates the redundancy type of this external VPN gateway + enum_values: + - 'FOUR_IPS_REDUNDANCY' + - 'SINGLE_IP_INTERNALLY_REDUNDANT' + - 'TWO_IPS_REDUNDANCY' + - name: 'interface' + type: Array + description: | + A list of interfaces on this external VPN gateway. + api_name: interfaces + item_type: + type: NestedObject + properties: + - name: 'id' + type: Integer + description: | + The numeric ID for this interface. Allowed values are based on the redundancy type + of this external VPN gateway + * `0 - SINGLE_IP_INTERNALLY_REDUNDANT` + * `0, 1 - TWO_IPS_REDUNDANCY` + * `0, 1, 2, 3 - FOUR_IPS_REDUNDANCY` + send_empty_value: true + - name: 'ipAddress' + type: String + description: | + IP address of the interface in the external VPN gateway. + Only IPv4 is supported. This IP address can be either from + your on-premise gateway or another Cloud provider's VPN gateway, + it cannot be an IP address from Google Compute Engine. diff --git a/mmv1/products/compute/go_Firewall.yaml b/mmv1/products/compute/go_Firewall.yaml new file mode 100644 index 000000000000..b7c7caa55ca8 --- /dev/null +++ b/mmv1/products/compute/go_Firewall.yaml @@ -0,0 +1,341 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Firewall' +kind: 'compute#firewall' +description: | + Each network has its own firewall controlling access to and from the + instances. + + All traffic to instances, even from other instances, is blocked by the + firewall unless firewall rules are created to allow it. + + The default network has automatically created firewall rules that are + shown in default firewall rules. No manually created network has + automatically created firewall rules except for a default "allow" rule for + outgoing traffic and a default "deny" for incoming traffic. For all + networks except the default network, you must create any firewall rules + you need. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/vpc/docs/firewalls' + api: 'https://cloud.google.com/compute/docs/reference/v1/firewalls' +docs: + optional_properties: | + * `enable_logging` - (Optional, Deprecated) This field denotes whether to enable logging for a particular firewall rule. + If logging is enabled, logs will be exported to Stackdriver. Deprecated in favor of `log_config` +base_url: 'projects/{{project}}/global/firewalls' +has_self_link: true +update_verb: 'PATCH' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: + extra_schema_entry: 'templates/terraform/extra_schema_entry/go/firewall.tmpl' + constants: 'templates/terraform/constants/go/firewall.tmpl' +custom_diff: + - 'resourceComputeFirewallEnableLoggingCustomizeDiff' + - 'resourceComputeFirewallSourceFieldsCustomizeDiff' +schema_version: 1 +migrate_state: 'resourceComputeFirewallMigrateState' +examples: + - name: 'firewall_basic' + primary_resource_id: 'default' + vars: + firewall_name: 'test-firewall' + network_name: 'test-network' + - name: 'firewall_with_target_tags' + primary_resource_id: 'rules' + vars: + firewall_name: 'my-firewall-rule' + test_env_vars: + project: 'PROJECT_NAME' +parameters: +properties: + # TODO(nelsonjr): [nice to have] Make the format here simpler to use, in + # the form of # 22/tcp, [12345-23456]/tcp. It requires a conversion + # function to the # final JSON format expected by the API for this + # proposal to work. + - name: 'allow' + type: Array + description: | + The list of ALLOW rules specified by this firewall. Each rule + specifies a protocol and port-range tuple that describes a permitted + connection. + api_name: allowed + is_set: true + exactly_one_of: + - 'allow' + - 'deny' + set_hash_func: 'resourceComputeFirewallRuleHash' + item_type: + type: NestedObject + properties: + # IPProtocol has to be string, instead of Enum because user can + # specify the protocol by number as well. + - name: 'protocol' + type: String + description: | + The IP protocol to which this rule applies. The protocol type is + required when creating a firewall rule. This value can either be + one of the following well known protocol strings (tcp, udp, + icmp, esp, ah, sctp, ipip, all), or the IP protocol number. + api_name: IPProtocol + required: true + diff_suppress_func: 'tpgresource.CaseDiffSuppress' + - name: 'ports' + type: Array + description: | + An optional list of ports to which this rule applies. This field + is only applicable for UDP or TCP protocol. Each entry must be + either an integer or a range. If not specified, this rule + applies to connections through any port. + + Example inputs include: [22], [80, 443], and + ["12345-12349"]. + item_type: + type: String + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'deny' + type: Array + description: | + The list of DENY rules specified by this firewall. Each rule specifies + a protocol and port-range tuple that describes a denied connection. + api_name: denied + is_set: true + exactly_one_of: + - 'allow' + - 'deny' + set_hash_func: 'resourceComputeFirewallRuleHash' + item_type: + type: NestedObject + properties: + # IPProtocol has to be string, instead of Enum because user can + # specify the protocol by number as well. + - name: 'protocol' + type: String + description: | + The IP protocol to which this rule applies. The protocol type is + required when creating a firewall rule. This value can either be + one of the following well known protocol strings (tcp, udp, + icmp, esp, ah, sctp, ipip, all), or the IP protocol number. + api_name: IPProtocol + required: true + diff_suppress_func: 'tpgresource.CaseDiffSuppress' + - name: 'ports' + type: Array + description: | + An optional list of ports to which this rule applies. This field + is only applicable for UDP or TCP protocol. Each entry must be + either an integer or a range. If not specified, this rule + applies to connections through any port. + + Example inputs include: [22], [80, 443], and + ["12345-12349"]. + item_type: + type: String + - name: 'description' + type: String + description: | + An optional description of this resource. Provide this property when + you create the resource. + send_empty_value: true + - name: 'destinationRanges' + type: Array + description: | + If destination ranges are specified, the firewall will apply only to + traffic that has destination IP address in these ranges. These ranges + must be expressed in CIDR format. IPv4 or IPv6 ranges are supported. + is_set: true + default_from_api: true + item_type: + type: String + - name: 'direction' + type: Enum + description: | + Direction of traffic to which this firewall applies; default is + INGRESS. Note: For INGRESS traffic, one of `source_ranges`, + `source_tags` or `source_service_accounts` is required. + immutable: true + default_from_api: true + enum_values: + - 'INGRESS' + - 'EGRESS' + - name: 'disabled' + type: Boolean + description: | + Denotes whether the firewall rule is disabled, i.e not applied to the + network it is associated with. When set to true, the firewall rule is + not enforced and the network behaves as if it did not exist. If this + is unspecified, the firewall rule will be enabled. + send_empty_value: true + - name: 'logConfig' + type: NestedObject + description: | + This field denotes the logging options for a particular firewall rule. + If defined, logging is enabled, and logs will be exported to Cloud Logging. + send_empty_value: true + diff_suppress_func: 'diffSuppressEnableLogging' + custom_flatten: 'templates/terraform/custom_flatten/go/firewall_log_config.go.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/firewall_log_config.go.tmpl' + properties: + - name: 'metadata' + type: Enum + description: | + This field denotes whether to include or exclude metadata for firewall logs. + required: true + enum_values: + - 'EXCLUDE_ALL_METADATA' + - 'INCLUDE_ALL_METADATA' + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and match + the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the + first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the last + character, which cannot be a dash. + required: true + immutable: true + validation: + function: 'verify.ValidateGCEName' + - name: 'network' + type: ResourceRef + description: | + The name or self_link of the network to attach this firewall to. + required: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Network' + imports: 'selfLink' + - name: 'priority' + type: Integer + description: | + Priority for this rule. This is an integer between 0 and 65535, both + inclusive. When not specified, the value assumed is 1000. Relative + priorities determine precedence of conflicting rules. Lower value of + priority implies higher precedence (eg, a rule with priority 0 has + higher precedence than a rule with priority 1). DENY rules take + precedence over ALLOW rules having equal priority. + send_empty_value: true + validation: + function: 'validation.IntBetween(0, 65535)' + default_value: 1000 + - name: 'sourceRanges' + type: Array + description: | + If source ranges are specified, the firewall will apply only to + traffic that has source IP address in these ranges. These ranges must + be expressed in CIDR format. One or both of sourceRanges and + sourceTags may be set. If both properties are set, the firewall will + apply to traffic that has source IP address within sourceRanges OR the + source IP that belongs to a tag listed in the sourceTags property. The + connection does not need to match both properties for the firewall to + apply. IPv4 or IPv6 ranges are supported. For INGRESS traffic, one of + `source_ranges`, `source_tags` or `source_service_accounts` is required. + is_set: true + diff_suppress_func: 'diffSuppressSourceRanges' + item_type: + type: String + - name: 'sourceServiceAccounts' + type: Array + description: | + If source service accounts are specified, the firewall will apply only + to traffic originating from an instance with a service account in this + list. Source service accounts cannot be used to control traffic to an + instance's external IP address because service accounts are associated + with an instance, not an IP address. sourceRanges can be set at the + same time as sourceServiceAccounts. If both are set, the firewall will + apply to traffic that has source IP address within sourceRanges OR the + source IP belongs to an instance with service account listed in + sourceServiceAccount. The connection does not need to match both + properties for the firewall to apply. sourceServiceAccounts cannot be + used at the same time as sourceTags or targetTags. For INGRESS traffic, + one of `source_ranges`, `source_tags` or `source_service_accounts` is required. + is_set: true + conflicts: + - source_tags + - target_tags + item_type: + type: String + max_size: 10 + - name: 'sourceTags' + type: Array + description: | + If source tags are specified, the firewall will apply only to traffic + with source IP that belongs to a tag listed in source tags. Source + tags cannot be used to control traffic to an instance's external IP + address. Because tags are associated with an instance, not an IP + address. One or both of sourceRanges and sourceTags may be set. If + both properties are set, the firewall will apply to traffic that has + source IP address within sourceRanges OR the source IP that belongs to + a tag listed in the sourceTags property. The connection does not need + to match both properties for the firewall to apply. For INGRESS traffic, + one of `source_ranges`, `source_tags` or `source_service_accounts` is required. + is_set: true + conflicts: + - source_service_accounts + - target_service_accounts + item_type: + type: String + - name: 'targetServiceAccounts' + type: Array + description: | + A list of service accounts indicating sets of instances located in the + network that may make network connections as specified in allowed[]. + targetServiceAccounts cannot be used at the same time as targetTags or + sourceTags. If neither targetServiceAccounts nor targetTags are + specified, the firewall rule applies to all instances on the specified + network. + is_set: true + conflicts: + - source_tags + - target_tags + item_type: + type: String + max_size: 10 + - name: 'targetTags' + type: Array + description: | + A list of instance tags indicating sets of instances located in the + network that may make network connections as specified in allowed[]. + If no targetTags are specified, the firewall rule applies to all + instances on the specified network. + is_set: true + conflicts: + - source_service_accounts + - target_service_accounts + item_type: + type: String diff --git a/mmv1/products/compute/go_FirewallPolicyWithRules.yaml b/mmv1/products/compute/go_FirewallPolicyWithRules.yaml new file mode 100644 index 000000000000..20877a838f5e --- /dev/null +++ b/mmv1/products/compute/go_FirewallPolicyWithRules.yaml @@ -0,0 +1,549 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'FirewallPolicyWithRules' +description: | + The Compute FirewallPolicy with rules resource. It declaratively manges all + rules in the firewall policy. +min_version: 'beta' +docs: +id_format: 'locations/global/firewallPolicies/{{policy_id}}' +base_url: 'locations/global/firewallPolicies?parentId={{parent}}' +self_link: 'locations/global/firewallPolicies/{{policy_id}}' +create_url: 'locations/global/firewallPolicies?parentId={{parent}}' +update_verb: 'PATCH' +import_format: + - 'locations/global/firewallPolicies/{{policy_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + constants: 'templates/terraform/constants/go/resource_compute_firewall_policy_with_rules.go.tmpl' + encoder: 'templates/terraform/encoders/go/resource_compute_firewall_policy_with_rules.go.tmpl' + update_encoder: 'templates/terraform/update_encoder/go/resource_compute_firewall_policy_with_rules.go.tmpl' + decoder: 'templates/terraform/decoders/go/resource_compute_firewall_policy_with_rules.go.tmpl' + post_create: 'templates/terraform/post_create/go/resource_compute_firewall_policy_with_rules.go.tmpl' + post_delete: 'templates/terraform/post_delete/go/resource_compute_firewall_policy_with_rules.go.tmpl' + post_update: 'templates/terraform/post_update/go/resource_compute_firewall_policy_with_rules.go.tmpl' +examples: + - name: 'compute_firewall_policy_with_rules_full' + primary_resource_id: 'firewall-policy-with-rules' + vars: + policy_name: 'tf-fw-org-policy-with-rules' + address_group_name: 'tf-address-group' + security_profile_group_name: 'tf-security-profile-group' + security_profile_name: 'tf-security-profile' + test_env_vars: + org_id: 'ORG_ID' +parameters: + - name: 'parent' + type: String + description: | + The parent of this FirewallPolicy in the Cloud Resource Hierarchy. + Format: organizations/{organization_id} or folders/{folder_id} + min_version: 'beta' + required: true + immutable: true +properties: + - name: 'creationTimestamp' + type: String + description: Creation timestamp in RFC3339 text format. + min_version: 'beta' + output: true + - name: 'shortName' + type: String + description: A textual name of the security policy. + min_version: 'beta' + required: true + immutable: true + - name: 'policyId' + type: String + description: The unique identifier for the resource. This identifier is defined by the server. + api_name: id + min_version: 'beta' + output: true + - name: 'description' + type: String + description: An optional description of this resource. + min_version: 'beta' + - name: 'rule' + type: Array + description: A list of firewall policy rules. + api_name: rules + min_version: 'beta' + required: true + item_type: + type: NestedObject + properties: + - name: 'description' + type: String + description: | + A description of the rule. + min_version: 'beta' + - name: 'ruleName' + type: String + description: | + An optional name for the rule. This field is not a unique identifier + and can be updated. + min_version: 'beta' + - name: 'priority' + type: Integer + description: | + An integer indicating the priority of a rule in the list. The priority must be a value + between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the + highest priority and 2147483647 is the lowest priority. + min_version: 'beta' + required: true + - name: 'match' + type: NestedObject + description: + A match condition that incoming traffic is evaluated against. If it + evaluates to true, the corresponding 'action' is enforced. + min_version: 'beta' + required: true + properties: + - name: 'srcIpRanges' + type: Array + description: | + Source IP address range in CIDR format. Required for + INGRESS rules. + min_version: 'beta' + item_type: + type: String + - name: 'destIpRanges' + type: Array + description: | + Destination IP address range in CIDR format. Required for + EGRESS rules. + min_version: 'beta' + item_type: + type: String + - name: 'srcAddressGroups' + type: Array + description: | + Address groups which should be matched against the traffic source. + Maximum number of source address groups is 10. + min_version: 'beta' + item_type: + type: String + - name: 'destAddressGroups' + type: Array + description: | + Address groups which should be matched against the traffic destination. + Maximum number of destination address groups is 10. + min_version: 'beta' + item_type: + type: String + - name: 'srcFqdns' + type: Array + description: | + Fully Qualified Domain Name (FQDN) which should be matched against + traffic source. Maximum number of source fqdn allowed is 100. + min_version: 'beta' + item_type: + type: String + - name: 'destFqdns' + type: Array + description: | + Fully Qualified Domain Name (FQDN) which should be matched against + traffic destination. Maximum number of destination fqdn allowed is 100. + min_version: 'beta' + item_type: + type: String + - name: 'srcRegionCodes' + type: Array + description: | + Region codes whose IP addresses will be used to match for source + of traffic. Should be specified as 2 letter country code defined as per + ISO 3166 alpha-2 country codes. ex."US" + Maximum number of source region codes allowed is 5000. + min_version: 'beta' + item_type: + type: String + - name: 'destRegionCodes' + type: Array + description: | + Region codes whose IP addresses will be used to match for destination + of traffic. Should be specified as 2 letter country code defined as per + ISO 3166 alpha-2 country codes. ex."US" + Maximum number of destination region codes allowed is 5000. + min_version: 'beta' + item_type: + type: String + - name: 'srcThreatIntelligences' + type: Array + description: | + Names of Network Threat Intelligence lists. + The IPs in these lists will be matched against traffic source. + min_version: 'beta' + item_type: + type: String + - name: 'destThreatIntelligences' + type: Array + description: | + Names of Network Threat Intelligence lists. + The IPs in these lists will be matched against traffic destination. + min_version: 'beta' + item_type: + type: String + - name: 'layer4Config' + type: Array + description: | + Pairs of IP protocols and ports that the rule should match. + api_name: layer4Configs + min_version: 'beta' + required: true + item_type: + type: NestedObject + properties: + - name: 'ipProtocol' + type: String + description: | + The IP protocol to which this rule applies. The protocol + type is required when creating a firewall rule. + This value can either be one of the following well + known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), + or the IP protocol number. + min_version: 'beta' + required: true + - name: 'ports' + type: Array + description: | + An optional list of ports to which this rule applies. This field + is only applicable for UDP or TCP protocol. Each entry must be + either an integer or a range. If not specified, this rule + applies to connections through any port. + Example inputs include: ["22"], ["80","443"], and + ["12345-12349"]. + min_version: 'beta' + item_type: + type: String + - name: 'action' + type: String + description: | + The Action to perform when the client connection triggers the rule. Can currently be either + "allow", "deny", "apply_security_profile_group" or "goto_next". + min_version: 'beta' + required: true + - name: 'direction' + type: Enum + description: | + The direction in which this rule applies. If unspecified an INGRESS rule is created. + min_version: 'beta' + enum_values: + - 'INGRESS' + - 'EGRESS' + - name: 'enableLogging' + type: Boolean + description: | + Denotes whether to enable logging for a particular rule. + If logging is enabled, logs will be exported to the + configured export destination in Stackdriver. + min_version: 'beta' + send_empty_value: true + - name: 'targetServiceAccounts' + type: Array + description: | + A list of service accounts indicating the sets of + instances that are applied with this rule. + min_version: 'beta' + item_type: + type: String + - name: 'securityProfileGroup' + type: String + description: | + A fully-qualified URL of a SecurityProfile resource instance. + Example: + https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group + Must be specified if action is 'apply_security_profile_group'. + min_version: 'beta' + - name: 'tlsInspect' + type: Boolean + description: | + Boolean flag indicating if the traffic should be TLS decrypted. + It can be set only if action = 'apply_security_profile_group' and cannot be set for other actions. + min_version: 'beta' + - name: 'targetResources' + type: Array + description: | + A list of network resource URLs to which this rule applies. + This field allows you to control which network's VMs get + this rule. If this field is left blank, all VMs + within the organization will receive the rule. + min_version: 'beta' + item_type: + type: String + - name: 'disabled' + type: Boolean + description: | + Denotes whether the firewall policy rule is disabled. When set to true, + the firewall policy rule is not enforced and traffic behaves as if it did + not exist. If this is unspecified, the firewall policy rule will be + enabled. + min_version: 'beta' + - name: 'predefinedRules' + type: Array + description: A list of pre-define firewall policy rules. + min_version: 'beta' + output: true + item_type: + type: NestedObject + properties: + - name: 'description' + type: String + description: | + A description of the rule. + min_version: 'beta' + output: true + - name: 'ruleName' + type: String + description: | + An optional name for the rule. This field is not a unique identifier + and can be updated. + min_version: 'beta' + output: true + - name: 'priority' + type: Integer + description: | + An integer indicating the priority of a rule in the list. The priority must be a value + between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the + highest priority and 2147483647 is the lowest priority. + min_version: 'beta' + output: true + - name: 'match' + type: NestedObject + description: + A match condition that incoming traffic is evaluated against. If it + evaluates to true, the corresponding 'action' is enforced. + min_version: 'beta' + output: true + properties: + - name: 'srcIpRanges' + type: Array + description: | + Source IP address range in CIDR format. Required for + INGRESS rules. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'destIpRanges' + type: Array + description: | + Destination IP address range in CIDR format. Required for + EGRESS rules. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'srcAddressGroups' + type: Array + description: | + Address groups which should be matched against the traffic source. + Maximum number of source address groups is 10. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'destAddressGroups' + type: Array + description: | + Address groups which should be matched against the traffic destination. + Maximum number of destination address groups is 10. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'srcFqdns' + type: Array + description: | + Fully Qualified Domain Name (FQDN) which should be matched against + traffic source. Maximum number of source fqdn allowed is 100. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'destFqdns' + type: Array + description: | + Fully Qualified Domain Name (FQDN) which should be matched against + traffic destination. Maximum number of destination fqdn allowed is 100. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'srcRegionCodes' + type: Array + description: | + Region codes whose IP addresses will be used to match for source + of traffic. Should be specified as 2 letter country code defined as per + ISO 3166 alpha-2 country codes. ex."US" + Maximum number of source region codes allowed is 5000. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'destRegionCodes' + type: Array + description: | + Region codes whose IP addresses will be used to match for destination + of traffic. Should be specified as 2 letter country code defined as per + ISO 3166 alpha-2 country codes. ex."US" + Maximum number of destination region codes allowed is 5000. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'srcThreatIntelligences' + type: Array + description: | + Names of Network Threat Intelligence lists. + The IPs in these lists will be matched against traffic source. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'destThreatIntelligences' + type: Array + description: | + Names of Network Threat Intelligence lists. + The IPs in these lists will be matched against traffic destination. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'layer4Config' + type: Array + description: | + Pairs of IP protocols and ports that the rule should match. + api_name: layer4Configs + min_version: 'beta' + output: true + item_type: + type: NestedObject + properties: + - name: 'ipProtocol' + type: String + description: | + The IP protocol to which this rule applies. The protocol + type is required when creating a firewall rule. + This value can either be one of the following well + known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), + or the IP protocol number. + min_version: 'beta' + output: true + - name: 'ports' + type: Array + description: | + An optional list of ports to which this rule applies. This field + is only applicable for UDP or TCP protocol. Each entry must be + either an integer or a range. If not specified, this rule + applies to connections through any port. + Example inputs include: ["22"], ["80","443"], and + ["12345-12349"]. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'action' + type: String + description: | + The Action to perform when the client connection triggers the rule. Can currently be either + "allow", "deny", "apply_security_profile_group" or "goto_next". + min_version: 'beta' + output: true + - name: 'direction' + type: Enum + description: | + The direction in which this rule applies. If unspecified an INGRESS rule is created. + min_version: 'beta' + output: true + enum_values: + - 'INGRESS' + - 'EGRESS' + - name: 'enableLogging' + type: Boolean + description: | + Denotes whether to enable logging for a particular rule. + If logging is enabled, logs will be exported to the + configured export destination in Stackdriver. + min_version: 'beta' + output: true + - name: 'targetServiceAccounts' + type: Array + description: | + A list of service accounts indicating the sets of + instances that are applied with this rule. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'securityProfileGroup' + type: String + description: | + A fully-qualified URL of a SecurityProfile resource instance. + Example: + https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group + Must be specified if action is 'apply_security_profile_group'. + min_version: 'beta' + output: true + - name: 'tlsInspect' + type: Boolean + description: | + Boolean flag indicating if the traffic should be TLS decrypted. + It can be set only if action = 'apply_security_profile_group' and cannot be set for other actions. + min_version: 'beta' + output: true + - name: 'targetResources' + type: Array + description: | + A list of network resource URLs to which this rule applies. + This field allows you to control which network's VMs get + this rule. If this field is left blank, all VMs + within the organization will receive the rule. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'disabled' + type: Boolean + description: | + Denotes whether the firewall policy rule is disabled. When set to true, + the firewall policy rule is not enforced and traffic behaves as if it did + not exist. If this is unspecified, the firewall policy rule will be + enabled. + min_version: 'beta' + output: true + - name: 'fingerprint' + type: Fingerprint + description: Fingerprint of the resource. This field is used internally during updates of this resource. + min_version: 'beta' + output: true + - name: 'selfLink' + type: String + description: Server-defined URL for the resource. + min_version: 'beta' + output: true + - name: 'selfLinkWithId' + type: String + description: Server-defined URL for this resource with the resource id. + min_version: 'beta' + output: true + - name: 'ruleTupleCount' + type: Integer + description: Total count of all firewall policy rule tuples. A firewall policy can not exceed a set number of tuples. + min_version: 'beta' + output: true diff --git a/mmv1/products/compute/go_ForwardingRule.yaml b/mmv1/products/compute/go_ForwardingRule.yaml new file mode 100644 index 000000000000..204b6303b8e9 --- /dev/null +++ b/mmv1/products/compute/go_ForwardingRule.yaml @@ -0,0 +1,663 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'ForwardingRule' +kind: 'compute#forwardingRule' +description: | + A ForwardingRule resource. A ForwardingRule resource specifies which pool + of target virtual machines to forward a packet to if it matches the given + [IPAddress, IPProtocol, portRange] tuple. +# Has a separate endpoint for labels +exclude_attribution_label: true +references: + guides: + 'Official Documentation': 'https://cloud.google.com/compute/docs/load-balancing/network/forwarding-rules' + api: 'https://cloud.google.com/compute/docs/reference/v1/forwardingRules' +docs: +base_url: 'projects/{{project}}/regions/{{region}}/forwardingRules' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: + constants: 'templates/terraform/constants/go/compute_forwarding_rule.go.tmpl' + pre_create: 'templates/terraform/pre_create/go/compute_forwarding_rule.go.tmpl' + post_create: 'templates/terraform/post_create/go/labels.tmpl' +custom_diff: + - 'forwardingRuleCustomizeDiff' +legacy_long_form_project: true +examples: + - name: 'internal_http_lb_with_mig_backend' + primary_resource_id: 'google_compute_forwarding_rule' + min_version: 'beta' + vars: + ilb_network_name: 'l7-ilb-network' + proxy_subnet_name: 'l7-ilb-proxy-subnet' + backend_subnet_name: 'l7-ilb-subnet' + forwarding_rule_name: 'l7-ilb-forwarding-rule' + target_http_proxy_name: 'l7-ilb-target-http-proxy' + regional_url_map_name: 'l7-ilb-regional-url-map' + backend_service_name: 'l7-ilb-backend-subnet' + mig_template_name: 'l7-ilb-mig-template' + hc_name: 'l7-ilb-hc' + mig_name: 'l7-ilb-mig1' + fw_allow_iap_hc_name: 'l7-ilb-fw-allow-iap-hc' + fw_allow_ilb_to_backends_name: 'l7-ilb-fw-allow-ilb-to-backends' + vm_test_name: 'l7-ilb-test-vm' + ignore_read_extra: + - 'port_range' + - 'target' + - name: 'internal_tcp_udp_lb_with_mig_backend' + primary_resource_id: 'google_compute_forwarding_rule' + min_version: 'beta' + vars: + ilb_network_name: 'l4-ilb-network' + backend_subnet_name: 'l4-ilb-subnet' + forwarding_rule_name: 'l4-ilb-forwarding-rule' + backend_service_name: 'l4-ilb-backend-subnet' + mig_template_name: 'l4-ilb-mig-template' + hc_name: 'l4-ilb-hc' + mig_name: 'l4-ilb-mig1' + fw_allow_hc_name: 'l4-ilb-fw-allow-hc' + fw_allow_ilb_to_backends_name: 'l4-ilb-fw-allow-ilb-to-backends' + fw_allow_ilb_ssh_name: 'l4-ilb-fw-ssh' + vm_test_name: 'l4-ilb-test-vm' + - name: 'forwarding_rule_externallb' + primary_resource_id: 'default' + min_version: 'beta' + vars: + forwarding_rule_name: 'website-forwarding-rule' + backend_name: 'website-backend' + network_name: 'website-net' + ignore_read_extra: + - 'port_range' + - name: 'forwarding_rule_global_internallb' + primary_resource_id: 'default' + vars: + forwarding_rule_name: 'website-forwarding-rule' + backend_name: 'website-backend' + network_name: 'website-net' + - name: 'forwarding_rule_basic' + primary_resource_id: 'default' + vars: + forwarding_rule_name: 'website-forwarding-rule' + target_pool_name: 'website-target-pool' + ignore_read_extra: + - 'port_range' + - 'target' + - name: 'forwarding_rule_l3_default' + primary_resource_id: 'fwd_rule' + min_version: 'beta' + vars: + forwarding_rule_name: 'l3-forwarding-rule' + service_name: 'service' + health_check_name: 'health-check' + - name: 'forwarding_rule_internallb' + primary_resource_id: 'default' + vars: + forwarding_rule_name: 'website-forwarding-rule' + backend_name: 'website-backend' + network_name: 'website-net' + ignore_read_extra: + - 'port_range' + - 'target' + - name: 'forwarding_rule_http_lb' + primary_resource_id: 'default' + min_version: 'beta' + vars: + forwarding_rule_name: 'website-forwarding-rule' + region_target_http_proxy_name: 'website-proxy' + region_url_map_name: 'website-map' + region_backend_service_name: 'website-backend' + region_health_check_name: 'website-hc' + rigm_name: 'website-rigm' + network_name: 'website-net' + fw_name: 'website-fw' + ignore_read_extra: + - 'port_range' + - 'target' + - name: 'forwarding_rule_regional_http_xlb' + primary_resource_id: 'default' + min_version: 'beta' + vars: + forwarding_rule_name: 'website-forwarding-rule' + region_target_http_proxy_name: 'website-proxy' + region_url_map_name: 'website-map' + region_backend_service_name: 'website-backend' + region_health_check_name: 'website-hc' + rigm_name: 'website-rigm' + network_name: 'website-net' + fw_name: 'website-fw' + ip_name: 'website-ip' + ignore_read_extra: + - 'port_range' + - 'target' + - 'ip_address' + - name: 'forwarding_rule_vpc_psc' + primary_resource_id: 'default' + vars: + forwarding_rule_name: 'psc-endpoint' + consumer_network_name: 'consumer-net' + ip_name: 'website-ip' + producer_network_name: 'producer-net' + producer_psc_network_name: 'producer-psc-net' + service_attachment_name: 'producer-service' + producer_forwarding_rule_name: 'producer-forwarding-rule' + producer_backend_name: 'producer-service-backend' + producer_healthcheck_name: 'producer-service-health-check' + ignore_read_extra: + - 'port_range' + - 'target' + - 'ip_address' + - name: 'forwarding_rule_vpc_psc_no_automate_dns' + primary_resource_id: 'default' + vars: + forwarding_rule_name: 'psc-endpoint' + consumer_network_name: 'consumer-net' + ip_name: 'website-ip' + producer_network_name: 'producer-net' + producer_psc_network_name: 'producer-psc-net' + service_attachment_name: 'producer-service' + producer_forwarding_rule_name: 'producer-forwarding-rule' + producer_backend_name: 'producer-service-backend' + producer_healthcheck_name: 'producer-service-health-check' + ignore_read_extra: + - 'port_range' + - 'target' + - 'ip_address' + - name: 'forwarding_rule_regional_steering' + primary_resource_id: 'steering' + vars: + forwarding_rule_name: 'steering-rule' + ip_name: 'website-ip' + backend_name: 'service-backend' + external_forwarding_rule_name: 'external-forwarding-rule' + - name: 'forwarding_rule_internallb_ipv6' + primary_resource_id: 'default' + vars: + forwarding_rule_name: 'ilb-ipv6-forwarding-rule' + backend_name: 'ilb-ipv6-backend' + network_name: 'net-ipv6' + subnet_name: 'subnet-internal-ipv6' + ignore_read_extra: + - 'port_range' + - 'target' +virtual_fields: + - name: 'recreate_closed_psc' + description: + This is used in PSC consumer ForwardingRule to make terraform recreate the ForwardingRule when the status is closed + type: Boolean + default_value: false +parameters: + - name: 'region' + type: ResourceRef + description: | + A reference to the region where the regional forwarding rule resides. + + This field is not applicable to global forwarding rules. + required: false + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' +properties: + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'isMirroringCollector' + type: Boolean + description: | + Indicates whether or not this load balancer can be used as a collector for + packet mirroring. To prevent mirroring loops, instances behind this + load balancer will not have their traffic mirrored even if a + `PacketMirroring` rule applies to them. + + This can only be set to true for load balancers that have their + `loadBalancingScheme` set to `INTERNAL`. + - name: 'forwardingRuleId' + type: Integer + description: | + The unique identifier number for the resource. This identifier is defined by the server. + api_name: id + output: true + - name: 'pscConnectionId' + type: String + description: 'The PSC connection id of the PSC Forwarding Rule.' + output: true + - name: 'pscConnectionStatus' + type: String + description: + 'The PSC connection status of the PSC Forwarding Rule. Possible values: + `STATUS_UNSPECIFIED`, `PENDING`, `ACCEPTED`, `REJECTED`, `CLOSED`' + output: true + - name: 'description' + type: String + description: | + An optional description of this resource. Provide this property when + you create the resource. + # This is a multi-resource resource reference (Address, GlobalAddress) + - name: 'IPAddress' + type: String + description: | + IP address for which this forwarding rule accepts traffic. When a client + sends traffic to this IP address, the forwarding rule directs the traffic + to the referenced `target` or `backendService`. + + While creating a forwarding rule, specifying an `IPAddress` is + required under the following circumstances: + + * When the `target` is set to `targetGrpcProxy` and + `validateForProxyless` is set to `true`, the + `IPAddress` should be set to `0.0.0.0`. + * When the `target` is a Private Service Connect Google APIs + bundle, you must specify an `IPAddress`. + + Otherwise, you can optionally specify an IP address that references an + existing static (reserved) IP address resource. When omitted, Google Cloud + assigns an ephemeral IP address. + + Use one of the following formats to specify an IP address while creating a + forwarding rule: + + * IP address number, as in `100.1.2.3` + * IPv6 address range, as in `2600:1234::/96` + * Full resource URL, as in + `https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name` + * Partial URL or by name, as in: + * `projects/project_id/regions/region/addresses/address-name` + * `regions/region/addresses/address-name` + * `global/addresses/address-name` + * `address-name` + + The forwarding rule's `target` or `backendService`, + and in most cases, also the `loadBalancingScheme`, determine the + type of IP address that you can use. For detailed information, see + [IP address + specifications](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). + + When reading an `IPAddress`, the API always returns the IP + address number. + default_from_api: true + diff_suppress_func: 'InternalIpDiffSuppress' + - name: 'IPProtocol' + type: Enum + description: | + The IP protocol to which this rule applies. + + For protocol forwarding, valid + options are `TCP`, `UDP`, `ESP`, + `AH`, `SCTP`, `ICMP` and + `L3_DEFAULT`. + + The valid IP protocols are different for different load balancing products + as described in [Load balancing + features](https://cloud.google.com/load-balancing/docs/features#protocols_from_the_load_balancer_to_the_backends). + + A Forwarding Rule with protocol L3_DEFAULT can attach with target instance or + backend service with UNSPECIFIED protocol. + A forwarding rule with "L3_DEFAULT" IPProtocal cannot be attached to a backend service with TCP or UDP. + default_from_api: true + diff_suppress_func: 'tpgresource.CaseDiffSuppress' + enum_values: + - 'TCP' + - 'UDP' + - 'ESP' + - 'AH' + - 'SCTP' + - 'ICMP' + - 'L3_DEFAULT' + # This is a multi-resource resource reference (BackendService (global), RegionBackendService) + # We have custom expands that manage this. + - name: 'backendService' + type: ResourceRef + description: | + Identifies the backend service to which the forwarding rule sends traffic. + + Required for Internal TCP/UDP Load Balancing and Network Load Balancing; + must be omitted for all other load balancer types. + custom_expand: 'templates/terraform/custom_expand/go/self_link_from_name.tmpl' + resource: 'BackendService' + imports: 'selfLink' + - name: 'loadBalancingScheme' + type: Enum + description: | + Specifies the forwarding rule type. + + For more information about forwarding rules, refer to + [Forwarding rule concepts](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts). + default_value: "EXTERNAL" + enum_values: + - 'EXTERNAL' + - 'EXTERNAL_MANAGED' + - 'INTERNAL' + - 'INTERNAL_MANAGED' + - name: 'name' + type: String + description: | + Name of the resource; provided by the client when the resource is created. + The name must be 1-63 characters long, and comply with + [RFC1035](https://www.ietf.org/rfc/rfc1035.txt). + + Specifically, the name must be 1-63 characters long and match the regular + expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first + character must be a lowercase letter, and all following characters must + be a dash, lowercase letter, or digit, except the last character, which + cannot be a dash. + + For Private Service Connect forwarding rules that forward traffic to Google + APIs, the forwarding rule name must be a 1-20 characters string with + lowercase letters and numbers and must start with a letter. + required: true + - name: 'network' + type: ResourceRef + description: | + This field is not used for external load balancing. + + For Internal TCP/UDP Load Balancing, this field identifies the network that + the load balanced IP should belong to for this Forwarding Rule. + If the subnetwork is specified, the network of the subnetwork will be used. + If neither subnetwork nor this field is specified, the default network will + be used. + + For Private Service Connect forwarding rules that forward traffic to Google + APIs, a network must be provided. + default_from_api: true + # TODO(nelsonjr): When implementing new types enable converting the + # manifest input from a single value to a range of form NN-NN. The API + # accepts a single value, e.g. '80', but the API stores and returns + # '80-80'. This causes idempotency false positive. + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Network' + imports: 'selfLink' + - name: 'portRange' + type: String + description: | + The `ports`, `portRange`, and `allPorts` fields are mutually exclusive. + Only packets addressed to ports in the specified range will be forwarded + to the backends configured with this forwarding rule. + + The `portRange` field has the following limitations: + * It requires that the forwarding rule `IPProtocol` be TCP, UDP, or SCTP, + and + * It's applicable only to the following products: external passthrough + Network Load Balancers, internal and external proxy Network Load + Balancers, internal and external Application Load Balancers, external + protocol forwarding, and Classic VPN. + * Some products have restrictions on what ports can be used. See + [port specifications](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts#port_specifications) + for details. + + For external forwarding rules, two or more forwarding rules cannot use the + same `[IPAddress, IPProtocol]` pair, and cannot have overlapping + `portRange`s. + + For internal forwarding rules within the same VPC network, two or more + forwarding rules cannot use the same `[IPAddress, IPProtocol]` pair, and + cannot have overlapping `portRange`s. + + @pattern: \d+(?:-\d+)? + default_from_api: true + diff_suppress_func: 'PortRangeDiffSuppress' + - name: 'ports' + type: Array + description: | + The `ports`, `portRange`, and `allPorts` fields are mutually exclusive. + Only packets addressed to ports in the specified range will be forwarded + to the backends configured with this forwarding rule. + + The `ports` field has the following limitations: + * It requires that the forwarding rule `IPProtocol` be TCP, UDP, or SCTP, + and + * It's applicable only to the following products: internal passthrough + Network Load Balancers, backend service-based external passthrough Network + Load Balancers, and internal protocol forwarding. + * You can specify a list of up to five ports by number, separated by + commas. The ports can be contiguous or discontiguous. + + For external forwarding rules, two or more forwarding rules cannot use the + same `[IPAddress, IPProtocol]` pair if they share at least one port + number. + + For internal forwarding rules within the same VPC network, two or more + forwarding rules cannot use the same `[IPAddress, IPProtocol]` pair if + they share at least one port number. + + @pattern: \d+(?:-\d+)? + is_set: true + custom_expand: 'templates/terraform/custom_expand/go/set_to_list.tmpl' + item_type: + type: String + max_size: 5 + - name: 'subnetwork' + type: ResourceRef + description: | + This field identifies the subnetwork that the load balanced IP should + belong to for this Forwarding Rule, used in internal load balancing and + network load balancing with IPv6. + + If the network specified is in auto subnet mode, this field is optional. + However, a subnetwork must be specified if the network is in custom subnet + mode or when creating external forwarding rule with IPv6. + # This is a multi-resource resource reference (TargetHttp(s)Proxy, + # TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, + # TargetInstance) + default_from_api: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Subnetwork' + imports: 'selfLink' + - name: 'target' + type: String + description: | + The URL of the target resource to receive the matched traffic. For + regional forwarding rules, this target must be in the same region as the + forwarding rule. For global forwarding rules, this target must be a global + load balancing resource. + + The forwarded traffic must be of a type appropriate to the target object. + * For load balancers, see the "Target" column in [Port specifications](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). + * For Private Service Connect forwarding rules that forward traffic to Google APIs, provide the name of a supported Google API bundle: + * `vpc-sc` - [ APIs that support VPC Service Controls](https://cloud.google.com/vpc-service-controls/docs/supported-products). + * `all-apis` - [All supported Google APIs](https://cloud.google.com/vpc/docs/private-service-connect#supported-apis). + + For Private Service Connect forwarding rules that forward traffic to managed services, the target must be a service attachment. + update_url: 'projects/{{project}}/regions/{{region}}/forwardingRules/{{name}}/setTarget' + update_verb: 'POST' + diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' + custom_expand: 'templates/terraform/custom_expand/go/self_link_from_name.tmpl' + - name: 'labelFingerprint' + type: Fingerprint + description: | + The fingerprint used for optimistic locking of this resource. Used + internally during updates. + output: true + update_url: 'projects/{{project}}/regions/{{region}}/forwardingRules/{{name}}/setLabels' + update_verb: 'POST' + key_expander: '' + - name: 'allowGlobalAccess' + type: Boolean + description: | + This field is used along with the `backend_service` field for + internal load balancing or with the `target` field for internal + TargetInstance. + + If the field is set to `TRUE`, clients can access ILB from all + regions. + + Otherwise only allows access from clients in the same region as the + internal load balancer. + send_empty_value: true + update_url: 'projects/{{project}}/regions/{{region}}/forwardingRules/{{name}}' + update_verb: 'PATCH' + - name: 'labels' + type: KeyValueLabels + description: | + Labels to apply to this forwarding rule. A list of key->value pairs. + update_url: 'projects/{{project}}/regions/{{region}}/forwardingRules/{{name}}/setLabels' + update_verb: 'POST' + - name: 'allPorts' + type: Boolean + description: | + The `ports`, `portRange`, and `allPorts` fields are mutually exclusive. + Only packets addressed to ports in the specified range will be forwarded + to the backends configured with this forwarding rule. + + The `allPorts` field has the following limitations: + * It requires that the forwarding rule `IPProtocol` be TCP, UDP, SCTP, or + L3_DEFAULT. + * It's applicable only to the following products: internal passthrough + Network Load Balancers, backend service-based external passthrough Network + Load Balancers, and internal and external protocol forwarding. + * Set this field to true to allow packets addressed to any port or packets + lacking destination port information (for example, UDP fragments after the + first fragment) to be forwarded to the backends configured with this + forwarding rule. The L3_DEFAULT protocol requires `allPorts` be set to + true. + - name: 'networkTier' + type: Enum + description: | + This signifies the networking tier used for configuring + this load balancer and can only take the following values: + `PREMIUM`, `STANDARD`. + + For regional ForwardingRule, the valid values are `PREMIUM` and + `STANDARD`. For GlobalForwardingRule, the valid value is + `PREMIUM`. + + If this field is not specified, it is assumed to be `PREMIUM`. + If `IPAddress` is specified, this value must be equal to the + networkTier of the Address. + immutable: true + default_from_api: true + enum_values: + - 'PREMIUM' + - 'STANDARD' + - name: 'serviceDirectoryRegistrations' + type: Array + description: | + Service Directory resources to register this forwarding rule with. + + Currently, only supports a single Service Directory resource. + immutable: true + default_from_api: true + item_type: + type: NestedObject + properties: + - name: 'namespace' + type: String + description: | + Service Directory namespace to register the forwarding rule under. + immutable: true + default_from_api: true + - name: 'service' + type: String + description: | + Service Directory service to register the forwarding rule under. + immutable: true + min_size: 0 + max_size: 1 + - name: 'serviceLabel' + type: String + description: | + An optional prefix to the service name for this Forwarding Rule. + If specified, will be the first label of the fully qualified service + name. + + The label must be 1-63 characters long, and comply with RFC1035. + Specifically, the label must be 1-63 characters long and match the + regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first + character must be a lowercase letter, and all following characters + must be a dash, lowercase letter, or digit, except the last + character, which cannot be a dash. + + This field is only used for INTERNAL load balancing. + validation: + function: 'verify.ValidateGCEName' + - name: 'serviceName' + type: String + description: | + The internal fully qualified service name for this Forwarding Rule. + + This field is only used for INTERNAL load balancing. + output: true + - name: 'sourceIpRanges' + type: Array + description: + If not empty, this Forwarding Rule will only forward the traffic when the + source IP address matches one of the IP addresses or CIDR ranges set here. + Note that a Forwarding Rule can only have up to 64 source IP ranges, and + this field can only be used with a regional Forwarding Rule whose scheme + is EXTERNAL. Each sourceIpRange entry should be either an IP address (for + example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24). + immutable: true + item_type: + type: String + - name: 'baseForwardingRule' + type: String + description: + '[Output Only] The URL for the corresponding base Forwarding Rule. By base + Forwarding Rule, we mean the Forwarding Rule that has the same IP address, + protocol, and port settings with the current Forwarding Rule, but without + sourceIPRanges specified. Always empty if the current Forwarding Rule does + not have sourceIPRanges specified.' + output: true + - name: 'allowPscGlobalAccess' + type: Boolean + description: + This is used in PSC consumer ForwardingRule to control whether the PSC + endpoint can be accessed from another region. + send_empty_value: true + update_url: 'projects/{{project}}/regions/{{region}}/forwardingRules/{{name}}' + update_verb: 'PATCH' + update_id: 'allowPscGlobalAccess' + fingerprint_name: 'fingerprint' + - name: 'noAutomateDnsZone' + type: Boolean + description: + This is used in PSC consumer ForwardingRule to control whether it should try to auto-generate a DNS zone or not. + Non-PSC forwarding rules do not use this field. + immutable: true + ignore_read: true + send_empty_value: true + - name: 'ipVersion' + type: Enum + description: | + The IP address version that will be used by this forwarding rule. + Valid options are IPV4 and IPV6. + + If not set, the IPv4 address will be used by default. + immutable: true + default_from_api: true + enum_values: + - 'IPV4' + - 'IPV6' diff --git a/mmv1/products/compute/go_GlobalAddress.yaml b/mmv1/products/compute/go_GlobalAddress.yaml new file mode 100644 index 000000000000..056511a5f12d --- /dev/null +++ b/mmv1/products/compute/go_GlobalAddress.yaml @@ -0,0 +1,153 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'GlobalAddress' +kind: 'compute#address' +description: | + Represents a Global Address resource. Global addresses are used for + HTTP(S) load balancing. +references: + guides: + 'Reserving a Static External IP Address': 'https://cloud.google.com/compute/docs/ip-addresses/reserve-static-external-ip-address' + api: 'https://cloud.google.com/compute/docs/reference/v1/globalAddresses' +docs: +base_url: 'projects/{{project}}/global/addresses' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: + pre_create: 'templates/terraform/pre_create/go/compute_global_address.go.tmpl' + post_create: 'templates/terraform/post_create/go/labels.tmpl' +examples: + - name: 'global_address_basic' + primary_resource_id: 'default' + vars: + global_address_name: 'global-appserver-ip' + - name: 'global_address_private_services_connect' + primary_resource_id: 'default' + min_version: 'beta' + vars: + global_address_name: 'global-psconnect-ip' + network_name: 'my-network-name' +parameters: +properties: + - name: 'address' + type: String + description: | + The IP address or beginning of the address range represented by this + resource. This can be supplied as an input to reserve a specific + address or omitted to allow GCP to choose a valid one for you. + default_from_api: true + - name: 'creationTimestamp' + type: Time + description: | + Creation timestamp in RFC3339 text format. + output: true + - name: 'description' + type: String + description: | + An optional description of this resource. + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and + match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means + the first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the last + character, which cannot be a dash. + required: true + - name: 'labels' + type: KeyValueLabels + description: | + Labels to apply to this address. A list of key->value pairs. + update_url: 'projects/{{project}}/global/addresses/{{name}}/setLabels' + update_verb: 'POST' + - name: 'labelFingerprint' + type: Fingerprint + description: | + The fingerprint used for optimistic locking of this resource. Used + internally during updates. + output: true + update_url: 'projects/{{project}}/global/addresses/{{name}}/setLabels' + update_verb: 'POST' + key_expander: '' + - name: 'ipVersion' + type: Enum + description: | + The IP Version that will be used by this address. The default value is `IPV4`. + diff_suppress_func: 'tpgresource.EmptyOrDefaultStringSuppress("IPV4")' + enum_values: + - 'IPV4' + - 'IPV6' + - name: 'prefixLength' + type: Integer + description: | + The prefix length of the IP range. If not present, it means the + address field is a single IP address. + + This field is not applicable to addresses with addressType=INTERNAL + when purpose=PRIVATE_SERVICE_CONNECT + default_from_api: true + - name: 'addressType' + type: Enum + description: | + The type of the address to reserve. + + * EXTERNAL indicates public/external single IP address. + * INTERNAL indicates internal IP ranges belonging to some network. + diff_suppress_func: 'tpgresource.EmptyOrDefaultStringSuppress("EXTERNAL")' + default_value: "EXTERNAL" + enum_values: + - 'EXTERNAL' + - 'INTERNAL' + - name: 'purpose' + type: String + description: | + The purpose of the resource. Possible values include: + + * VPC_PEERING - for peer networks + + * PRIVATE_SERVICE_CONNECT - for ([Beta](https://terraform.io/docs/providers/google/guides/provider_versions.html) only) Private Service Connect networks + - name: 'network' + type: ResourceRef + description: | + The URL of the network in which to reserve the IP range. The IP range + must be in RFC1918 space. The network cannot be deleted if there are + any reserved IP ranges referring to it. + + This should only be set when using an Internal address. + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Network' + imports: 'selfLink' diff --git a/mmv1/products/compute/go_GlobalForwardingRule.yaml b/mmv1/products/compute/go_GlobalForwardingRule.yaml new file mode 100644 index 000000000000..9bdd5c337254 --- /dev/null +++ b/mmv1/products/compute/go_GlobalForwardingRule.yaml @@ -0,0 +1,530 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'GlobalForwardingRule' +kind: 'compute#forwardingRule' +description: | + Represents a GlobalForwardingRule resource. Global forwarding rules are + used to forward traffic to the correct load balancer for HTTP load + balancing. Global forwarding rules can only be used for HTTP load + balancing. + + For more information, see https://cloud.google.com/compute/docs/load-balancing/http/ +# Has a separate endpoint for labels +exclude_attribution_label: true +docs: +base_url: 'projects/{{project}}/global/forwardingRules' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: + post_create: 'templates/terraform/post_create/go/labels.tmpl' +legacy_long_form_project: true +examples: + - name: 'external_ssl_proxy_lb_mig_backend' + primary_resource_id: 'default' + vars: + ssl_proxy_xlb_network: 'ssl-proxy-xlb-network' + ssl_proxy_xlb_subnet: 'ssl-proxy-xlb-subnet' + ssl_proxy_xlb_ip: 'ssl-proxy-xlb-ip' + default_cert: 'default-cert' + test_proxy: 'test-proxy' + ssl_proxy_xlb_forwarding_rule: 'ssl-proxy-xlb-forwarding-rule' + ssl_proxy_xlb_backend_service: 'ssl-proxy-xlb-backend-service' + ssl_proxy_health_check: 'ssl-proxy-health-check' + ssl_proxy_xlb_mig_template: 'ssl-proxy-xlb-mig-template' + ssl_proxy_xlb_mig1: 'ssl-proxy-xlb-mig1' + ssl_proxy_xlb_fw_allow_hc: 'ssl-proxy-xlb-fw-allow-hc' + ignore_read_extra: + - 'port_range' + - 'target' + - 'ip_address' + exclude_test: true + - name: 'external_tcp_proxy_lb_mig_backend' + primary_resource_id: 'default' + min_version: 'beta' + vars: + tcp_proxy_xlb_network: 'tcp-proxy-xlb-network' + tcp_proxy_xlb_subnet: 'tcp-proxy-xlb-subnet' + tcp_proxy_xlb_ip: 'tcp-proxy-xlb-ip' + tcp_proxy_xlb_forwarding_rule: 'tcp-proxy-xlb-forwarding-rule' + test_proxy_health_check: 'test-proxy-health-check' + tcp_proxy_xlb_backend_service: 'tcp-proxy-xlb-backend-service' + tcp_proxy_health_check: 'tcp-proxy-health-check' + tcp_proxy_xlb_mig_template: 'tcp-proxy-xlb-mig-template' + tcp_proxy_xlb_mig1: 'tcp-proxy-xlb-mig1' + tcp_proxy_xlb_fw_allow_hc: 'tcp-proxy-xlb-fw-allow-hc' + ignore_read_extra: + - 'port_range' + - 'target' + - 'ip_address' + - name: 'external_http_lb_mig_backend_custom_header' + primary_resource_id: 'default' + min_version: 'beta' + vars: + xlb_network_name: 'l7-xlb-network' + backend_subnet_name: 'l7-xlb-subnet' + address_name: 'l7-xlb-static-ip' + forwarding_rule_name: 'l7-xlb-forwarding-rule' + target_http_proxy_name: 'l7-xlb-target-http-proxy' + url_map_name: 'l7-xlb-url-map' + backend_service_name: 'l7-xlb-backend-service' + mig_template_name: 'l7-xlb-mig-template' + hc_name: 'l7-xlb-hc' + mig_name: 'l7-xlb-mig1' + fw_allow_hc_name: 'l7-xlb-fw-allow-hc' + ignore_read_extra: + - 'port_range' + - 'target' + - 'ip_address' + - name: 'global_forwarding_rule_http' + primary_resource_id: 'default' + vars: + forwarding_rule_name: 'global-rule' + http_proxy_name: 'target-proxy' + backend_service_name: 'backend' + ignore_read_extra: + - 'port_range' + - 'target' + - name: 'global_forwarding_rule_internal' + primary_resource_id: 'default' + min_version: 'beta' + vars: + forwarding_rule_name: 'global-rule' + http_proxy_name: 'target-proxy' + backend_service_name: 'backend' + igm_name: 'igm-internal' + ignore_read_extra: + - 'port_range' + - 'target' + - name: 'global_forwarding_rule_external_managed' + primary_resource_id: 'default' + vars: + forwarding_rule_name: 'global-rule' + http_proxy_name: 'target-proxy' + backend_service_name: 'backend' + ignore_read_extra: + - 'port_range' + - 'target' + - name: 'global_forwarding_rule_hybrid' + primary_resource_id: 'default' + vars: + forwarding_rule_name: 'global-rule' + http_proxy_name: 'target-proxy' + network_name: 'my-network' + internal_network_name: 'my-internal-network' + subnetwork_name: 'my-subnetwork' + default_backend_service_name: 'backend-default' + hybrid_backend_service_name: 'backend-hybrid' + internal_backend_service_name": 'backend-internal' + default_neg_name: 'default-neg' + hybrid_neg_name: 'hybrid-neg' + internal_neg_name: 'internal-neg' + health_check_name: 'health-check' + ignore_read_extra: + - 'port_range' + - 'target' + - name: 'global_internal_http_lb_with_mig_backend' + primary_resource_id: 'google_compute_forwarding_rule' + min_version: 'beta' + vars: + gilb_network_name: 'l7-gilb-network' + proxy_subnet_name: 'l7-gilb-proxy-subnet' + backend_subnet_name: 'l7-gilb-subnet' + forwarding_rule_name: 'l7-gilb-forwarding-rule' + target_http_proxy_name: 'l7-gilb-target-http-proxy' + url_map_name: 'l7-gilb-url-map' + backend_service_name: 'l7-gilb-backend-subnet' + mig_template_name: 'l7-gilb-mig-template' + hc_name: 'l7-gilb-hc' + mig_name: 'l7-gilb-mig1' + fw_allow_iap_hc_name: 'l7-gilb-fw-allow-iap-hc' + fw_allow_gilb_to_backends_name: 'l7-gilb-fw-allow-gilb-to-backends' + vm_test_name: 'l7-gilb-test-vm' + ignore_read_extra: + - 'port_range' + - 'target' + - name: 'private_service_connect_google_apis' + primary_resource_id: 'default' + min_version: 'beta' + vars: + network_name: 'my-network' + subnetwork_name: 'my-subnetwork' + global_address_name: 'global-psconnect-ip' + forwarding_rule_name: 'globalrule' + test_env_vars: + project: 'PROJECT_NAME' + ignore_read_extra: + - 'ip_address' + - name: 'private_service_connect_google_apis_no_automate_dns' + primary_resource_id: 'default' + min_version: 'beta' + vars: + network_name: 'my-network' + subnetwork_name: 'my-subnetwork' + global_address_name: 'global-psconnect-ip' + forwarding_rule_name: 'globalrule' + test_env_vars: + project: 'PROJECT_NAME' + ignore_read_extra: + - 'ip_address' +parameters: +properties: + - name: 'pscConnectionId' + type: String + description: 'The PSC connection id of the PSC Forwarding Rule.' + output: true + - name: 'pscConnectionStatus' + type: String + description: + 'The PSC connection status of the PSC Forwarding Rule. Possible values: + `STATUS_UNSPECIFIED`, `PENDING`, `ACCEPTED`, `REJECTED`, `CLOSED`' + output: true + - name: 'description' + type: String + description: | + An optional description of this resource. Provide this property when + you create the resource. + # This is a multi-resource resource reference (Address, GlobalAddress) + - name: 'IPAddress' + type: String + description: | + IP address for which this forwarding rule accepts traffic. When a client + sends traffic to this IP address, the forwarding rule directs the traffic + to the referenced `target`. + + While creating a forwarding rule, specifying an `IPAddress` is + required under the following circumstances: + + * When the `target` is set to `targetGrpcProxy` and + `validateForProxyless` is set to `true`, the + `IPAddress` should be set to `0.0.0.0`. + * When the `target` is a Private Service Connect Google APIs + bundle, you must specify an `IPAddress`. + + Otherwise, you can optionally specify an IP address that references an + existing static (reserved) IP address resource. When omitted, Google Cloud + assigns an ephemeral IP address. + + Use one of the following formats to specify an IP address while creating a + forwarding rule: + + * IP address number, as in `100.1.2.3` + * IPv6 address range, as in `2600:1234::/96` + * Full resource URL, as in + `https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name` + * Partial URL or by name, as in: + * `projects/project_id/regions/region/addresses/address-name` + * `regions/region/addresses/address-name` + * `global/addresses/address-name` + * `address-name` + + The forwarding rule's `target`, + and in most cases, also the `loadBalancingScheme`, determine the + type of IP address that you can use. For detailed information, see + [IP address + specifications](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). + + When reading an `IPAddress`, the API always returns the IP + address number. + default_from_api: true + diff_suppress_func: 'InternalIpDiffSuppress' + - name: 'IPProtocol' + type: Enum + description: | + The IP protocol to which this rule applies. + + For protocol forwarding, valid + options are `TCP`, `UDP`, `ESP`, + `AH`, `SCTP`, `ICMP` and + `L3_DEFAULT`. + + The valid IP protocols are different for different load balancing products + as described in [Load balancing + features](https://cloud.google.com/load-balancing/docs/features#protocols_from_the_load_balancer_to_the_backends). + default_from_api: true + diff_suppress_func: 'tpgresource.CaseDiffSuppress' + enum_values: + - 'TCP' + - 'UDP' + - 'ESP' + - 'AH' + - 'SCTP' + - 'ICMP' + - name: 'ipVersion' + type: Enum + description: | + The IP Version that will be used by this global forwarding rule. + enum_values: + - 'IPV4' + - 'IPV6' + - name: 'labels' + type: KeyValueLabels + description: | + Labels to apply to this forwarding rule. A list of key->value pairs. + update_url: 'projects/{{project}}/global/forwardingRules/{{name}}/setLabels' + update_verb: 'POST' + - name: 'labelFingerprint' + type: Fingerprint + description: | + The fingerprint used for optimistic locking of this resource. Used + internally during updates. + output: true + update_url: 'projects/{{project}}/global/forwardingRules/{{name}}/setLabels' + update_verb: 'POST' + key_expander: '' + - name: 'loadBalancingScheme' + type: Enum + description: | + Specifies the forwarding rule type. + + For more information about forwarding rules, refer to + [Forwarding rule concepts](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts). + default_value: "EXTERNAL" + enum_values: + - 'EXTERNAL' + - 'EXTERNAL_MANAGED' + - 'INTERNAL_MANAGED' + - 'INTERNAL_SELF_MANAGED' + - name: 'metadataFilters' + type: Array + description: | + Opaque filter criteria used by Loadbalancer to restrict routing + configuration to a limited set xDS compliant clients. In their xDS + requests to Loadbalancer, xDS clients present node metadata. If a + match takes place, the relevant routing configuration is made available + to those proxies. + + For each metadataFilter in this list, if its filterMatchCriteria is set + to MATCH_ANY, at least one of the filterLabels must match the + corresponding label provided in the metadata. If its filterMatchCriteria + is set to MATCH_ALL, then all of its filterLabels must match with + corresponding labels in the provided metadata. + + metadataFilters specified here can be overridden by those specified in + the UrlMap that this ForwardingRule references. + + metadataFilters only applies to Loadbalancers that have their + loadBalancingScheme set to INTERNAL_SELF_MANAGED. + item_type: + type: NestedObject + properties: + - name: 'filterMatchCriteria' + type: Enum + description: | + Specifies how individual filterLabel matches within the list of + filterLabels contribute towards the overall metadataFilter match. + + MATCH_ANY - At least one of the filterLabels must have a matching + label in the provided metadata. + MATCH_ALL - All filterLabels must have matching labels in the + provided metadata. + required: true + enum_values: + - 'MATCH_ANY' + - 'MATCH_ALL' + - name: 'filterLabels' + type: Array + description: | + The list of label value pairs that must match labels in the + provided metadata based on filterMatchCriteria + + This list must not be empty and can have at the most 64 entries. + required: true + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + Name of the metadata label. The length must be between + 1 and 1024 characters, inclusive. + required: true + - name: 'value' + type: String + description: | + The value that the label must match. The value has a maximum + length of 1024 characters. + required: true + min_size: 1 + max_size: 64 + - name: 'name' + type: String + description: | + Name of the resource; provided by the client when the resource is created. + The name must be 1-63 characters long, and comply with + [RFC1035](https://www.ietf.org/rfc/rfc1035.txt). + + Specifically, the name must be 1-63 characters long and match the regular + expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first + character must be a lowercase letter, and all following characters must + be a dash, lowercase letter, or digit, except the last character, which + cannot be a dash. + + For Private Service Connect forwarding rules that forward traffic to Google + APIs, the forwarding rule name must be a 1-20 characters string with + lowercase letters and numbers and must start with a letter. + required: true + - name: 'network' + type: ResourceRef + description: | + This field is not used for external load balancing. + + For Internal TCP/UDP Load Balancing, this field identifies the network that + the load balanced IP should belong to for this Forwarding Rule. + If the subnetwork is specified, the network of the subnetwork will be used. + If neither subnetwork nor this field is specified, the default network will + be used. + + For Private Service Connect forwarding rules that forward traffic to Google + APIs, a network must be provided. + default_from_api: true + # TODO(nelsonjr): When implementing new types enable converting the + # manifest input from a single value to a range of form NN-NN. The API + # accepts a single value, e.g. '80', but the API stores and returns + # '80-80'. This causes idempotency false positive. + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Network' + imports: 'selfLink' + - name: 'portRange' + type: String + description: | + The `portRange` field has the following limitations: + * It requires that the forwarding rule `IPProtocol` be TCP, UDP, or SCTP, + and + * It's applicable only to the following products: external passthrough + Network Load Balancers, internal and external proxy Network Load + Balancers, internal and external Application Load Balancers, external + protocol forwarding, and Classic VPN. + * Some products have restrictions on what ports can be used. See + [port specifications](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts#port_specifications) + for details. + + For external forwarding rules, two or more forwarding rules cannot use the + same `[IPAddress, IPProtocol]` pair, and cannot have overlapping + `portRange`s. + + For internal forwarding rules within the same VPC network, two or more + forwarding rules cannot use the same `[IPAddress, IPProtocol]` pair, and + cannot have overlapping `portRange`s. + + @pattern: \d+(?:-\d+)? + diff_suppress_func: 'PortRangeDiffSuppress' + # This is a multi-resource resource reference (TargetHttp(s)Proxy, + # TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, + # TargetInstance) + - name: 'subnetwork' + type: ResourceRef + description: | + This field identifies the subnetwork that the load balanced IP should + belong to for this Forwarding Rule, used in internal load balancing and + network load balancing with IPv6. + + If the network specified is in auto subnet mode, this field is optional. + However, a subnetwork must be specified if the network is in custom subnet + mode or when creating external forwarding rule with IPv6. + # This is a multi-resource resource reference (TargetHttp(s)Proxy, + # TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, + # TargetInstance) + default_from_api: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Subnetwork' + imports: 'selfLink' + - name: 'target' + type: String + description: | + The URL of the target resource to receive the matched traffic. For + regional forwarding rules, this target must be in the same region as the + forwarding rule. For global forwarding rules, this target must be a global + load balancing resource. + + The forwarded traffic must be of a type appropriate to the target object. + * For load balancers, see the "Target" column in [Port specifications](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). + * For Private Service Connect forwarding rules that forward traffic to Google APIs, provide the name of a supported Google API bundle: + * `vpc-sc` - [ APIs that support VPC Service Controls](https://cloud.google.com/vpc-service-controls/docs/supported-products). + * `all-apis` - [All supported Google APIs](https://cloud.google.com/vpc/docs/private-service-connect#supported-apis). + + For Private Service Connect forwarding rules that forward traffic to managed services, the target must be a service attachment. + required: true + update_url: 'projects/{{project}}/global/forwardingRules/{{name}}/setTarget' + update_verb: 'POST' + diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' + - name: 'serviceDirectoryRegistrations' + type: Array + description: | + Service Directory resources to register this forwarding rule with. + + Currently, only supports a single Service Directory resource. + immutable: true + default_from_api: true + item_type: + type: NestedObject + properties: + - name: 'namespace' + type: String + description: | + Service Directory namespace to register the forwarding rule under. + immutable: true + default_from_api: true + - name: 'serviceDirectoryRegion' + type: String + description: | + [Optional] Service Directory region to register this global forwarding rule under. + Default to "us-central1". Only used for PSC for Google APIs. All PSC for + Google APIs Forwarding Rules on the same network should use the same Service + Directory region. + immutable: true + min_size: 0 + max_size: 1 + - name: 'sourceIpRanges' + type: Array + description: If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. Note that a Forwarding Rule can only have up to 64 source IP ranges, and this field can only be used with a regional Forwarding Rule whose scheme is EXTERNAL. Each sourceIpRange entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24). + immutable: true + item_type: + type: String + - name: 'baseForwardingRule' + type: String + description: '[Output Only] The URL for the corresponding base Forwarding Rule. By base Forwarding Rule, we mean the Forwarding Rule that has the same IP address, protocol, and port settings with the current Forwarding Rule, but without sourceIPRanges specified. Always empty if the current Forwarding Rule does not have sourceIPRanges specified.' + output: true + - name: 'allowPscGlobalAccess' + type: Boolean + description: This is used in PSC consumer ForwardingRule to control whether the PSC endpoint can be accessed from another region. + min_version: 'beta' + - name: 'noAutomateDnsZone' + type: Boolean + description: + This is used in PSC consumer ForwardingRule to control whether it should try to auto-generate a DNS zone or not. + Non-PSC forwarding rules do not use this field. + immutable: true + ignore_read: true + send_empty_value: true diff --git a/mmv1/products/compute/go_GlobalNetworkEndpoint.yaml b/mmv1/products/compute/go_GlobalNetworkEndpoint.yaml new file mode 100644 index 000000000000..e16ff73fe52d --- /dev/null +++ b/mmv1/products/compute/go_GlobalNetworkEndpoint.yaml @@ -0,0 +1,110 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'GlobalNetworkEndpoint' +kind: 'compute#networkEndpoint' +description: | + A Global Network endpoint represents a IP address and port combination that exists outside of GCP. + **NOTE**: Global network endpoints cannot be created outside of a + global network endpoint group. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/' + api: 'https://cloud.google.com/compute/docs/reference/rest/beta/networkEndpointGroups' +docs: +id_format: '{{project}}/{{global_network_endpoint_group}}/{{ip_address}}/{{fqdn}}/{{port}}' +base_url: 'projects/{{project}}/global/networkEndpointGroups/{{global_network_endpoint_group}}' +self_link: 'projects/{{project}}/global/networkEndpointGroups/{{global_network_endpoint_group}}/listNetworkEndpoints' +create_url: 'projects/{{project}}/global/networkEndpointGroups/{{global_network_endpoint_group}}/attachNetworkEndpoints' +read_verb: 'POST' +delete_url: 'projects/{{project}}/global/networkEndpointGroups/{{global_network_endpoint_group}}/detachNetworkEndpoints' +delete_verb: 'POST' +immutable: true +mutex: 'networkEndpoint/{{project}}/{{global_network_endpoint_group}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +identity: + - ipAddress + - fqdn + - port +nested_query: + keys: + - items + is_list_of_ids: false + modify_by_patch: false +custom_code: + encoder: 'templates/terraform/encoders/go/compute_global_network_endpoint.go.tmpl' + decoder: 'templates/terraform/decoders/go/network_endpoint.go.tmpl' + pre_delete: 'templates/terraform/pre_delete/go/compute_global_network_endpoint.go.tmpl' + custom_import: 'templates/terraform/custom_import/go/compute_global_network_endpoint.go.tmpl' +exclude_tgc: true +examples: + - name: 'global_network_endpoint' + primary_resource_id: 'default-endpoint' + vars: + neg_name: 'my-lb-neg' + # Fine-grained resource need different autogenerated tests, as + # we need to check destroy during a test step where the parent resource + # still exists, rather than during CheckDestroy (when read returns + # nothing because the parent resource has then also been destroyed) + exclude_test: true +parameters: + - name: 'globalNetworkEndpointGroup' + type: ResourceRef + description: | + The global network endpoint group this endpoint is part of. + url_param_only: true + required: true + ignore_read: true + diff_suppress_func: 'tpgresource.CompareResourceNames' + resource: 'GlobalNetworkEndpointGroup' + imports: 'name' +properties: + - name: 'port' + type: Integer + description: | + Port number of the external endpoint. + required: true + custom_flatten: 'templates/terraform/custom_flatten/go/float64_to_int.go.tmpl' + validation: + function: 'validation.IntAtLeast(1)' + - name: 'ipAddress' + type: String + description: | + IPv4 address external endpoint. + - name: 'fqdn' + type: String + description: | + Fully qualified domain name of network endpoint. + This can only be specified when network_endpoint_type of the NEG is INTERNET_FQDN_PORT. + at_least_one_of: + - 'fqdn' + - 'ip_address' diff --git a/mmv1/products/compute/go_GlobalNetworkEndpointGroup.yaml b/mmv1/products/compute/go_GlobalNetworkEndpointGroup.yaml new file mode 100644 index 000000000000..fe76b39a76f3 --- /dev/null +++ b/mmv1/products/compute/go_GlobalNetworkEndpointGroup.yaml @@ -0,0 +1,94 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'GlobalNetworkEndpointGroup' +kind: 'compute#networkEndpointGroup' +description: | + A global network endpoint group contains endpoints that reside outside of Google Cloud. + Currently a global network endpoint group can only support a single endpoint. + + Recreating a global network endpoint group that's in use by another resource will give a + `resourceInUseByAnotherResource` error. Use `lifecycle.create_before_destroy` + to avoid this type of error. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/internet-neg-concepts' + api: 'https://cloud.google.com/compute/docs/reference/rest/beta/networkEndpointGroups' +docs: +base_url: 'projects/{{project}}/global/networkEndpointGroups' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: +examples: + - name: 'global_network_endpoint_group' + primary_resource_id: 'neg' + vars: + neg_name: 'my-lb-neg' + - name: 'global_network_endpoint_group_ip_address' + primary_resource_id: 'neg' + vars: + neg_name: 'my-lb-neg' +parameters: +properties: + - name: 'name' + type: String + description: | + Name of the resource; provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and match + the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the + first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the last + character, which cannot be a dash. + required: true + validation: + function: 'verify.ValidateGCEName' + - name: 'description' + type: String + description: | + An optional description of this resource. Provide this property when + you create the resource. + - name: 'networkEndpointType' + type: Enum + description: | + Type of network endpoints in this network endpoint group. + required: true + enum_values: + - 'INTERNET_IP_PORT' + - 'INTERNET_FQDN_PORT' + - name: 'defaultPort' + type: Integer + description: | + The default port used if the port number is not specified in the + network endpoint. diff --git a/mmv1/products/compute/go_HaVpnGateway.yaml b/mmv1/products/compute/go_HaVpnGateway.yaml new file mode 100644 index 000000000000..fa5373c7ad37 --- /dev/null +++ b/mmv1/products/compute/go_HaVpnGateway.yaml @@ -0,0 +1,176 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'HaVpnGateway' +kind: 'compute#vpnGateway' +description: | + Represents a VPN gateway running in GCP. This virtual device is managed + by Google, but used only by you. This type of VPN Gateway allows for the creation + of VPN solutions with higher availability than classic Target VPN Gateways. +references: + guides: + 'Choosing a VPN': 'https://cloud.google.com/vpn/docs/how-to/choosing-a-vpn' + 'Cloud VPN Overview': 'https://cloud.google.com/vpn/docs/concepts/overview' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/vpnGateways' +docs: +base_url: 'projects/{{project}}/regions/{{region}}/vpnGateways' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: +examples: + - name: 'ha_vpn_gateway_basic' + primary_resource_id: 'ha_gateway1' + vars: + ha_vpn_gateway1_name: 'ha-vpn-1' + network1_name: 'network1' + - name: 'ha_vpn_gateway_ipv6' + primary_resource_id: 'ha_gateway1' + vars: + ha_vpn_gateway1_name: 'ha-vpn-1' + network1_name: 'network1' + - name: 'ha_vpn_gateway_gcp_to_gcp' + primary_resource_id: 'ha_gateway1' + vars: + ha_vpn_gateway1_name: 'ha-vpn-1' + network1_name: 'network1' + router1_name: 'ha-vpn-router1' + ha_vpn_gateway2_name: 'ha-vpn-2' + network2_name: 'network2' + router2_name: 'ha-vpn-router2' + exclude_test: true + exclude_docs: true + # Multiple fine-grained resources + skip_vcr: true + - name: 'compute_ha_vpn_gateway_encrypted_interconnect' + primary_resource_id: 'vpn-gateway' + vars: + ha_vpn_gateway_name: 'test-ha-vpngw' + interconnect_attachment1_name: 'test-interconnect-attachment1' + interconnect_attachment2_name: 'test-interconnect-attachment2' + address1_name: 'test-address1' + address2_name: 'test-address2' + router_name: 'test-router' + network_name: 'test-network' + # TODO: https://github.com/hashicorp/terraform-provider-google/issues/11504 + exclude_test: true +parameters: + - name: 'region' + type: ResourceRef + description: | + The region this gateway should sit in. + required: false + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' +properties: + - name: 'description' + type: String + description: 'An optional description of this resource.' + immutable: true + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and + match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means + the first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the last + character, which cannot be a dash. + required: true + immutable: true + validation: + function: 'verify.ValidateGCEName' + - name: 'network' + type: ResourceRef + description: | + The network this VPN gateway is accepting traffic for. + required: true + immutable: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Network' + imports: 'selfLink' + - name: 'stackType' + type: Enum + description: | + The stack type for this VPN gateway to identify the IP protocols that are enabled. + If not specified, IPV4_ONLY will be used. + immutable: true + custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' + default_value: "IPV4_ONLY" + enum_values: + - 'IPV4_ONLY' + - 'IPV4_IPV6' + - 'IPV6_ONLY' + - name: 'gatewayIpVersion' + type: Enum + description: | + The IP family of the gateway IPs for the HA-VPN gateway interfaces. If not specified, IPV4 will be used. + immutable: true + custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' + default_value: "IPV4" + enum_values: + - 'IPV4' + - 'IPV6' + - name: 'vpnInterfaces' + type: Array + description: | + A list of interfaces on this VPN gateway. + default_from_api: true + item_type: + type: NestedObject + properties: + - name: 'id' + type: Integer + description: 'The numeric ID of this VPN gateway interface.' + - name: 'ipAddress' + type: String + description: 'The external IP address for this VPN gateway interface.' + output: true + - name: 'interconnectAttachment' + type: ResourceRef + description: | + URL of the interconnect attachment resource. When the value + of this field is present, the VPN Gateway will be used for + IPsec-encrypted Cloud Interconnect; all Egress or Ingress + traffic for this VPN Gateway interface will go through the + specified interconnect attachment resource. + + Not currently available publicly. + immutable: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'InterconnectAttachment' + imports: 'selfLink' diff --git a/mmv1/products/compute/go_HealthCheck.yaml b/mmv1/products/compute/go_HealthCheck.yaml new file mode 100644 index 000000000000..43ef731d0ada --- /dev/null +++ b/mmv1/products/compute/go_HealthCheck.yaml @@ -0,0 +1,885 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'HealthCheck' +kind: 'compute#healthCheck' +description: | + Health Checks determine whether instances are responsive and able to do work. + They are an important part of a comprehensive load balancing configuration, + as they enable monitoring instances behind load balancers. + + Health Checks poll instances at a specified interval. Instances that + do not respond successfully to some number of probes in a row are marked + as unhealthy. No new connections are sent to unhealthy instances, + though existing connections will continue. The health check will + continue to poll unhealthy instances. If an instance later responds + successfully to some number of consecutive probes, it is marked + healthy again and can receive new connections. + + ~>**NOTE**: Legacy HTTP(S) health checks must be used for target pool-based network + load balancers. See the [official guide](https://cloud.google.com/load-balancing/docs/health-check-concepts#selecting_hc) + for choosing a type of health check. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/health-checks' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/healthChecks' +docs: +base_url: 'projects/{{project}}/global/healthChecks' +has_self_link: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: + constants: 'templates/terraform/constants/go/health_check.tmpl' + encoder: 'templates/terraform/encoders/go/health_check_type.tmpl' +custom_diff: + - 'healthCheckCustomizeDiff' +examples: + - name: 'health_check_tcp' + primary_resource_id: 'tcp-health-check' + vars: + health_check_name: 'tcp-health-check' + - name: 'health_check_tcp_full' + primary_resource_id: 'tcp-health-check' + vars: + health_check_name: 'tcp-health-check' + - name: 'health_check_ssl' + primary_resource_id: 'ssl-health-check' + vars: + health_check_name: 'ssl-health-check' + - name: 'health_check_ssl_full' + primary_resource_id: 'ssl-health-check' + vars: + health_check_name: 'ssl-health-check' + - name: 'health_check_http' + primary_resource_id: 'http-health-check' + vars: + health_check_name: 'http-health-check' + - name: 'health_check_http_full' + primary_resource_id: 'http-health-check' + vars: + health_check_name: 'http-health-check' + - name: 'health_check_https' + primary_resource_id: 'https-health-check' + vars: + health_check_name: 'https-health-check' + - name: 'health_check_https_full' + primary_resource_id: 'https-health-check' + vars: + health_check_name: 'https-health-check' + - name: 'health_check_http2' + primary_resource_id: 'http2-health-check' + vars: + health_check_name: 'http2-health-check' + - name: 'health_check_http2_full' + primary_resource_id: 'http2-health-check' + vars: + health_check_name: 'http2-health-check' + - name: 'health_check_grpc' + primary_resource_id: 'grpc-health-check' + vars: + health_check_name: 'grpc-health-check' + - name: 'health_check_grpc_full' + primary_resource_id: 'grpc-health-check' + vars: + health_check_name: 'grpc-health-check' + - name: 'health_check_with_logging' + primary_resource_id: 'health-check-with-logging' + min_version: 'beta' + vars: + health_check_name: 'tcp-health-check' + - name: 'compute_health_check_http_source_regions' + primary_resource_id: 'http-health-check-with-source-regions' + vars: + health_check_name: 'http-health-check' + - name: 'compute_health_check_https_source_regions' + primary_resource_id: 'https-health-check-with-source-regions' + vars: + health_check_name: 'https-health-check' + - name: 'compute_health_check_tcp_source_regions' + primary_resource_id: 'tcp-health-check-with-source-regions' + vars: + health_check_name: 'tcp-health-check' +parameters: +properties: + - name: 'checkIntervalSec' + type: Integer + description: | + How often (in seconds) to send a health check. The default value is 5 + seconds. + default_value: 5 + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'description' + type: String + description: | + An optional description of this resource. Provide this property when + you create the resource. + send_empty_value: true + - name: 'healthyThreshold' + type: Integer + description: | + A so-far unhealthy instance will be marked healthy after this many + consecutive successes. The default value is 2. + default_value: 2 + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and + match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means + the first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the + last character, which cannot be a dash. + required: true + immutable: true + - name: 'timeoutSec' + type: Integer + description: | + How long (in seconds) to wait before claiming failure. + The default value is 5 seconds. It is invalid for timeoutSec to have + greater value than checkIntervalSec. + default_value: 5 + - name: 'sourceRegions' + type: Array + description: | + The list of cloud regions from which health checks are performed. If + any regions are specified, then exactly 3 regions should be specified. + The region names must be valid names of Google Cloud regions. This can + only be set for global health check. If this list is non-empty, then + there are restrictions on what other health check fields are supported + and what other resources can use this health check: + + * SSL, HTTP2, and GRPC protocols are not supported. + + * The TCP request field is not supported. + + * The proxyHeader field for HTTP, HTTPS, and TCP is not supported. + + * The checkIntervalSec field must be at least 30. + + * The health check cannot be used with BackendService nor with managed + instance group auto-healing. + item_type: + type: String + min_size: 3 + max_size: 3 + - name: 'unhealthyThreshold' + type: Integer + description: | + A so-far healthy instance will be marked unhealthy after this many + consecutive failures. The default value is 2. + default_value: 2 + - name: 'type' + type: Enum + description: |- + The type of the health check. One of HTTP, HTTPS, TCP, or SSL. + output: true + enum_values: + - 'TCP' + - 'SSL' + - 'HTTP' + - 'HTTPS' + - 'HTTP2' + - name: 'httpHealthCheck' + type: NestedObject + exactly_one_of: + - 'http_health_check' + - 'https_health_check' + - 'http2_health_check' + - 'tcp_health_check' + - 'ssl_health_check' + - 'grpc_health_check' + diff_suppress_func: 'portDiffSuppress' + properties: + - name: 'host' + type: String + description: | + The value of the host header in the HTTP health check request. + If left empty (default value), the public IP on behalf of which this health + check is performed will be used. + at_least_one_of: + - 'http_health_check.0.host' + - 'http_health_check.0.request_path' + - 'http_health_check.0.response' + - 'http_health_check.0.port' + - 'http_health_check.0.port_name' + - 'http_health_check.0.proxy_header' + - 'http_health_check.0.port_specification' + - name: 'requestPath' + type: String + description: | + The request path of the HTTP health check request. + The default value is /. + at_least_one_of: + - 'http_health_check.0.host' + - 'http_health_check.0.request_path' + - 'http_health_check.0.response' + - 'http_health_check.0.port' + - 'http_health_check.0.port_name' + - 'http_health_check.0.proxy_header' + - 'http_health_check.0.port_specification' + default_value: "/" + - name: 'response' + type: String + description: | + The bytes to match against the beginning of the response data. If left empty + (the default value), any response will indicate health. The response data + can only be ASCII. + at_least_one_of: + - 'http_health_check.0.host' + - 'http_health_check.0.request_path' + - 'http_health_check.0.response' + - 'http_health_check.0.port' + - 'http_health_check.0.port_name' + - 'http_health_check.0.proxy_header' + - 'http_health_check.0.port_specification' + - name: 'port' + type: Integer + description: | + The TCP port number for the HTTP health check request. + The default value is 80. + at_least_one_of: + - 'http_health_check.0.host' + - 'http_health_check.0.request_path' + - 'http_health_check.0.response' + - 'http_health_check.0.port' + - 'http_health_check.0.port_name' + - 'http_health_check.0.proxy_header' + - 'http_health_check.0.port_specification' + - name: 'portName' + type: String + description: | + Port name as defined in InstanceGroup#NamedPort#name. If both port and + port_name are defined, port takes precedence. + at_least_one_of: + - 'http_health_check.0.host' + - 'http_health_check.0.request_path' + - 'http_health_check.0.response' + - 'http_health_check.0.port' + - 'http_health_check.0.port_name' + - 'http_health_check.0.proxy_header' + - 'http_health_check.0.port_specification' + - name: 'proxyHeader' + type: Enum + description: | + Specifies the type of proxy header to append before sending data to the + backend. + at_least_one_of: + - 'http_health_check.0.host' + - 'http_health_check.0.request_path' + - 'http_health_check.0.response' + - 'http_health_check.0.port' + - 'http_health_check.0.port_name' + - 'http_health_check.0.proxy_header' + - 'http_health_check.0.port_specification' + default_value: "NONE" + enum_values: + - 'NONE' + - 'PROXY_V1' + - name: 'portSpecification' + type: Enum + description: | + Specifies how port is selected for health checking, can be one of the + following values: + + * `USE_FIXED_PORT`: The port number in `port` is used for health checking. + + * `USE_NAMED_PORT`: The `portName` is used for health checking. + + * `USE_SERVING_PORT`: For NetworkEndpointGroup, the port specified for each + network endpoint is used for health checking. For other backends, the + port or named port specified in the Backend Service is used for health + checking. + + If not specified, HTTP health check follows behavior specified in `port` and + `portName` fields. + at_least_one_of: + - 'http_health_check.0.host' + - 'http_health_check.0.request_path' + - 'http_health_check.0.response' + - 'http_health_check.0.port' + - 'http_health_check.0.port_name' + - 'http_health_check.0.proxy_header' + - 'http_health_check.0.port_specification' + enum_values: + - 'USE_FIXED_PORT' + - 'USE_NAMED_PORT' + - 'USE_SERVING_PORT' + - name: 'httpsHealthCheck' + type: NestedObject + exactly_one_of: + - 'http_health_check' + - 'https_health_check' + - 'http2_health_check' + - 'tcp_health_check' + - 'ssl_health_check' + - 'grpc_health_check' + diff_suppress_func: 'portDiffSuppress' + properties: + - name: 'host' + type: String + description: | + The value of the host header in the HTTPS health check request. + If left empty (default value), the public IP on behalf of which this health + check is performed will be used. + at_least_one_of: + - 'https_health_check.0.host' + - 'https_health_check.0.request_path' + - 'https_health_check.0.response' + - 'https_health_check.0.port' + - 'https_health_check.0.port_name' + - 'https_health_check.0.proxy_header' + - 'https_health_check.0.port_specification' + - name: 'requestPath' + type: String + description: | + The request path of the HTTPS health check request. + The default value is /. + at_least_one_of: + - 'https_health_check.0.host' + - 'https_health_check.0.request_path' + - 'https_health_check.0.response' + - 'https_health_check.0.port' + - 'https_health_check.0.port_name' + - 'https_health_check.0.proxy_header' + - 'https_health_check.0.port_specification' + default_value: "/" + - name: 'response' + type: String + description: | + The bytes to match against the beginning of the response data. If left empty + (the default value), any response will indicate health. The response data + can only be ASCII. + at_least_one_of: + - 'https_health_check.0.host' + - 'https_health_check.0.request_path' + - 'https_health_check.0.response' + - 'https_health_check.0.port' + - 'https_health_check.0.port_name' + - 'https_health_check.0.proxy_header' + - 'https_health_check.0.port_specification' + - name: 'port' + type: Integer + description: | + The TCP port number for the HTTPS health check request. + The default value is 443. + at_least_one_of: + - 'https_health_check.0.host' + - 'https_health_check.0.request_path' + - 'https_health_check.0.response' + - 'https_health_check.0.port' + - 'https_health_check.0.port_name' + - 'https_health_check.0.proxy_header' + - 'https_health_check.0.port_specification' + - name: 'portName' + type: String + description: | + Port name as defined in InstanceGroup#NamedPort#name. If both port and + port_name are defined, port takes precedence. + at_least_one_of: + - 'https_health_check.0.host' + - 'https_health_check.0.request_path' + - 'https_health_check.0.response' + - 'https_health_check.0.port' + - 'https_health_check.0.port_name' + - 'https_health_check.0.proxy_header' + - 'https_health_check.0.port_specification' + - name: 'proxyHeader' + type: Enum + description: | + Specifies the type of proxy header to append before sending data to the + backend. + at_least_one_of: + - 'https_health_check.0.host' + - 'https_health_check.0.request_path' + - 'https_health_check.0.response' + - 'https_health_check.0.port' + - 'https_health_check.0.port_name' + - 'https_health_check.0.proxy_header' + - 'https_health_check.0.port_specification' + default_value: "NONE" + enum_values: + - 'NONE' + - 'PROXY_V1' + - name: 'portSpecification' + type: Enum + description: | + Specifies how port is selected for health checking, can be one of the + following values: + + * `USE_FIXED_PORT`: The port number in `port` is used for health checking. + + * `USE_NAMED_PORT`: The `portName` is used for health checking. + + * `USE_SERVING_PORT`: For NetworkEndpointGroup, the port specified for each + network endpoint is used for health checking. For other backends, the + port or named port specified in the Backend Service is used for health + checking. + + If not specified, HTTPS health check follows behavior specified in `port` and + `portName` fields. + at_least_one_of: + - 'https_health_check.0.host' + - 'https_health_check.0.request_path' + - 'https_health_check.0.response' + - 'https_health_check.0.port' + - 'https_health_check.0.port_name' + - 'https_health_check.0.proxy_header' + - 'https_health_check.0.port_specification' + enum_values: + - 'USE_FIXED_PORT' + - 'USE_NAMED_PORT' + - 'USE_SERVING_PORT' + - name: 'tcpHealthCheck' + type: NestedObject + exactly_one_of: + - 'http_health_check' + - 'https_health_check' + - 'http2_health_check' + - 'tcp_health_check' + - 'ssl_health_check' + - 'grpc_health_check' + diff_suppress_func: 'portDiffSuppress' + properties: + - name: 'request' + type: String + description: | + The application data to send once the TCP connection has been + established (default value is empty). If both request and response are + empty, the connection establishment alone will indicate health. The request + data can only be ASCII. + at_least_one_of: + - 'tcp_health_check.0.request' + - 'tcp_health_check.0.response' + - 'tcp_health_check.0.port' + - 'tcp_health_check.0.port_name' + - 'tcp_health_check.0.proxy_header' + - 'tcp_health_check.0.port_specification' + - name: 'response' + type: String + description: | + The bytes to match against the beginning of the response data. If left empty + (the default value), any response will indicate health. The response data + can only be ASCII. + at_least_one_of: + - 'tcp_health_check.0.request' + - 'tcp_health_check.0.response' + - 'tcp_health_check.0.port' + - 'tcp_health_check.0.port_name' + - 'tcp_health_check.0.proxy_header' + - 'tcp_health_check.0.port_specification' + - name: 'port' + type: Integer + description: | + The TCP port number for the TCP health check request. + The default value is 443. + at_least_one_of: + - 'tcp_health_check.0.request' + - 'tcp_health_check.0.response' + - 'tcp_health_check.0.port' + - 'tcp_health_check.0.port_name' + - 'tcp_health_check.0.proxy_header' + - 'tcp_health_check.0.port_specification' + - name: 'portName' + type: String + description: | + Port name as defined in InstanceGroup#NamedPort#name. If both port and + port_name are defined, port takes precedence. + at_least_one_of: + - 'tcp_health_check.0.request' + - 'tcp_health_check.0.response' + - 'tcp_health_check.0.port' + - 'tcp_health_check.0.port_name' + - 'tcp_health_check.0.proxy_header' + - 'tcp_health_check.0.port_specification' + - name: 'proxyHeader' + type: Enum + description: | + Specifies the type of proxy header to append before sending data to the + backend. + at_least_one_of: + - 'tcp_health_check.0.request' + - 'tcp_health_check.0.response' + - 'tcp_health_check.0.port' + - 'tcp_health_check.0.port_name' + - 'tcp_health_check.0.proxy_header' + - 'tcp_health_check.0.port_specification' + default_value: "NONE" + enum_values: + - 'NONE' + - 'PROXY_V1' + - name: 'portSpecification' + type: Enum + description: | + Specifies how port is selected for health checking, can be one of the + following values: + + * `USE_FIXED_PORT`: The port number in `port` is used for health checking. + + * `USE_NAMED_PORT`: The `portName` is used for health checking. + + * `USE_SERVING_PORT`: For NetworkEndpointGroup, the port specified for each + network endpoint is used for health checking. For other backends, the + port or named port specified in the Backend Service is used for health + checking. + + If not specified, TCP health check follows behavior specified in `port` and + `portName` fields. + at_least_one_of: + - 'tcp_health_check.0.request' + - 'tcp_health_check.0.response' + - 'tcp_health_check.0.port' + - 'tcp_health_check.0.port_name' + - 'tcp_health_check.0.proxy_header' + - 'tcp_health_check.0.port_specification' + enum_values: + - 'USE_FIXED_PORT' + - 'USE_NAMED_PORT' + - 'USE_SERVING_PORT' + - name: 'sslHealthCheck' + type: NestedObject + exactly_one_of: + - 'http_health_check' + - 'https_health_check' + - 'http2_health_check' + - 'tcp_health_check' + - 'ssl_health_check' + - 'grpc_health_check' + diff_suppress_func: 'portDiffSuppress' + properties: + - name: 'request' + type: String + description: | + The application data to send once the SSL connection has been + established (default value is empty). If both request and response are + empty, the connection establishment alone will indicate health. The request + data can only be ASCII. + at_least_one_of: + - 'ssl_health_check.0.request' + - 'ssl_health_check.0.response' + - 'ssl_health_check.0.port' + - 'ssl_health_check.0.port_name' + - 'ssl_health_check.0.proxy_header' + - 'ssl_health_check.0.port_specification' + - name: 'response' + type: String + description: | + The bytes to match against the beginning of the response data. If left empty + (the default value), any response will indicate health. The response data + can only be ASCII. + at_least_one_of: + - 'ssl_health_check.0.request' + - 'ssl_health_check.0.response' + - 'ssl_health_check.0.port' + - 'ssl_health_check.0.port_name' + - 'ssl_health_check.0.proxy_header' + - 'ssl_health_check.0.port_specification' + - name: 'port' + type: Integer + description: | + The TCP port number for the SSL health check request. + The default value is 443. + at_least_one_of: + - 'ssl_health_check.0.request' + - 'ssl_health_check.0.response' + - 'ssl_health_check.0.port' + - 'ssl_health_check.0.port_name' + - 'ssl_health_check.0.proxy_header' + - 'ssl_health_check.0.port_specification' + - name: 'portName' + type: String + description: | + Port name as defined in InstanceGroup#NamedPort#name. If both port and + port_name are defined, port takes precedence. + at_least_one_of: + - 'ssl_health_check.0.request' + - 'ssl_health_check.0.response' + - 'ssl_health_check.0.port' + - 'ssl_health_check.0.port_name' + - 'ssl_health_check.0.proxy_header' + - 'ssl_health_check.0.port_specification' + - name: 'proxyHeader' + type: Enum + description: | + Specifies the type of proxy header to append before sending data to the + backend. + at_least_one_of: + - 'ssl_health_check.0.request' + - 'ssl_health_check.0.response' + - 'ssl_health_check.0.port' + - 'ssl_health_check.0.port_name' + - 'ssl_health_check.0.proxy_header' + - 'ssl_health_check.0.port_specification' + default_value: "NONE" + enum_values: + - 'NONE' + - 'PROXY_V1' + - name: 'portSpecification' + type: Enum + description: | + Specifies how port is selected for health checking, can be one of the + following values: + + * `USE_FIXED_PORT`: The port number in `port` is used for health checking. + + * `USE_NAMED_PORT`: The `portName` is used for health checking. + + * `USE_SERVING_PORT`: For NetworkEndpointGroup, the port specified for each + network endpoint is used for health checking. For other backends, the + port or named port specified in the Backend Service is used for health + checking. + + If not specified, SSL health check follows behavior specified in `port` and + `portName` fields. + at_least_one_of: + - 'ssl_health_check.0.request' + - 'ssl_health_check.0.response' + - 'ssl_health_check.0.port' + - 'ssl_health_check.0.port_name' + - 'ssl_health_check.0.proxy_header' + - 'ssl_health_check.0.port_specification' + enum_values: + - 'USE_FIXED_PORT' + - 'USE_NAMED_PORT' + - 'USE_SERVING_PORT' + - name: 'http2HealthCheck' + type: NestedObject + exactly_one_of: + - 'http_health_check' + - 'https_health_check' + - 'http2_health_check' + - 'tcp_health_check' + - 'ssl_health_check' + - 'grpc_health_check' + diff_suppress_func: 'portDiffSuppress' + properties: + - name: 'host' + type: String + description: | + The value of the host header in the HTTP2 health check request. + If left empty (default value), the public IP on behalf of which this health + check is performed will be used. + at_least_one_of: + - 'http2_health_check.0.host' + - 'http2_health_check.0.request_path' + - 'http2_health_check.0.response' + - 'http2_health_check.0.port' + - 'http2_health_check.0.port_name' + - 'http2_health_check.0.proxy_header' + - 'http2_health_check.0.port_specification' + - name: 'requestPath' + type: String + description: | + The request path of the HTTP2 health check request. + The default value is /. + at_least_one_of: + - 'http2_health_check.0.host' + - 'http2_health_check.0.request_path' + - 'http2_health_check.0.response' + - 'http2_health_check.0.port' + - 'http2_health_check.0.port_name' + - 'http2_health_check.0.proxy_header' + - 'http2_health_check.0.port_specification' + default_value: "/" + - name: 'response' + type: String + description: | + The bytes to match against the beginning of the response data. If left empty + (the default value), any response will indicate health. The response data + can only be ASCII. + at_least_one_of: + - 'http2_health_check.0.host' + - 'http2_health_check.0.request_path' + - 'http2_health_check.0.response' + - 'http2_health_check.0.port' + - 'http2_health_check.0.port_name' + - 'http2_health_check.0.proxy_header' + - 'http2_health_check.0.port_specification' + - name: 'port' + type: Integer + description: | + The TCP port number for the HTTP2 health check request. + The default value is 443. + at_least_one_of: + - 'http2_health_check.0.host' + - 'http2_health_check.0.request_path' + - 'http2_health_check.0.response' + - 'http2_health_check.0.port' + - 'http2_health_check.0.port_name' + - 'http2_health_check.0.proxy_header' + - 'http2_health_check.0.port_specification' + - name: 'portName' + type: String + description: | + Port name as defined in InstanceGroup#NamedPort#name. If both port and + port_name are defined, port takes precedence. + at_least_one_of: + - 'http2_health_check.0.host' + - 'http2_health_check.0.request_path' + - 'http2_health_check.0.response' + - 'http2_health_check.0.port' + - 'http2_health_check.0.port_name' + - 'http2_health_check.0.proxy_header' + - 'http2_health_check.0.port_specification' + - name: 'proxyHeader' + type: Enum + description: | + Specifies the type of proxy header to append before sending data to the + backend. + at_least_one_of: + - 'http2_health_check.0.host' + - 'http2_health_check.0.request_path' + - 'http2_health_check.0.response' + - 'http2_health_check.0.port' + - 'http2_health_check.0.port_name' + - 'http2_health_check.0.proxy_header' + - 'http2_health_check.0.port_specification' + default_value: "NONE" + enum_values: + - 'NONE' + - 'PROXY_V1' + - name: 'portSpecification' + type: Enum + description: | + Specifies how port is selected for health checking, can be one of the + following values: + + * `USE_FIXED_PORT`: The port number in `port` is used for health checking. + + * `USE_NAMED_PORT`: The `portName` is used for health checking. + + * `USE_SERVING_PORT`: For NetworkEndpointGroup, the port specified for each + network endpoint is used for health checking. For other backends, the + port or named port specified in the Backend Service is used for health + checking. + + If not specified, HTTP2 health check follows behavior specified in `port` and + `portName` fields. + at_least_one_of: + - 'http2_health_check.0.host' + - 'http2_health_check.0.request_path' + - 'http2_health_check.0.response' + - 'http2_health_check.0.port' + - 'http2_health_check.0.port_name' + - 'http2_health_check.0.proxy_header' + - 'http2_health_check.0.port_specification' + enum_values: + - 'USE_FIXED_PORT' + - 'USE_NAMED_PORT' + - 'USE_SERVING_PORT' + - name: 'grpcHealthCheck' + type: NestedObject + exactly_one_of: + - 'http_health_check' + - 'https_health_check' + - 'http2_health_check' + - 'tcp_health_check' + - 'ssl_health_check' + - 'grpc_health_check' + diff_suppress_func: 'portDiffSuppress' + properties: + - name: 'port' + type: Integer + description: | + The port number for the health check request. + Must be specified if portName and portSpecification are not set + or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535. + at_least_one_of: + - 'grpc_health_check.0.port' + - 'grpc_health_check.0.port_name' + - 'grpc_health_check.0.port_specification' + - 'grpc_health_check.0.grpc_service_name' + - name: 'portName' + type: String + description: | + Port name as defined in InstanceGroup#NamedPort#name. If both port and + port_name are defined, port takes precedence. + at_least_one_of: + - 'grpc_health_check.0.port' + - 'grpc_health_check.0.port_name' + - 'grpc_health_check.0.port_specification' + - 'grpc_health_check.0.grpc_service_name' + - name: 'portSpecification' + type: Enum + description: | + Specifies how port is selected for health checking, can be one of the + following values: + + * `USE_FIXED_PORT`: The port number in `port` is used for health checking. + + * `USE_NAMED_PORT`: The `portName` is used for health checking. + + * `USE_SERVING_PORT`: For NetworkEndpointGroup, the port specified for each + network endpoint is used for health checking. For other backends, the + port or named port specified in the Backend Service is used for health + checking. + + If not specified, gRPC health check follows behavior specified in `port` and + `portName` fields. + at_least_one_of: + - 'grpc_health_check.0.port' + - 'grpc_health_check.0.port_name' + - 'grpc_health_check.0.port_specification' + - 'grpc_health_check.0.grpc_service_name' + enum_values: + - 'USE_FIXED_PORT' + - 'USE_NAMED_PORT' + - 'USE_SERVING_PORT' + - name: 'grpcServiceName' + type: String + description: | + The gRPC service name for the health check. + The value of grpcServiceName has the following meanings by convention: + - Empty serviceName means the overall status of all services at the backend. + - Non-empty serviceName means the health of that gRPC service, as defined by the owner of the service. + The grpcServiceName can only be ASCII. + at_least_one_of: + - 'grpc_health_check.0.port' + - 'grpc_health_check.0.port_name' + - 'grpc_health_check.0.port_specification' + - 'grpc_health_check.0.grpc_service_name' + - name: 'logConfig' + type: NestedObject + description: | + Configure logging on this health check. + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/go/health_check_log_config.go.tmpl' + properties: + - name: 'enable' + type: Boolean + description: | + Indicates whether or not to export logs. This is false by default, + which means no health check logging will be done. + default_value: false diff --git a/mmv1/products/compute/go_HttpHealthCheck.yaml b/mmv1/products/compute/go_HttpHealthCheck.yaml new file mode 100644 index 000000000000..e88b8fa0d9a8 --- /dev/null +++ b/mmv1/products/compute/go_HttpHealthCheck.yaml @@ -0,0 +1,124 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'HttpHealthCheck' +kind: 'compute#httpHealthCheck' +description: | + An HttpHealthCheck resource. This resource defines a template for how + individual VMs should be checked for health, via HTTP. + + ~> **Note:** google_compute_http_health_check is a legacy health check. + The newer [google_compute_health_check](/docs/providers/google/r/compute_health_check.html) + should be preferred for all uses except + [Network Load Balancers](https://cloud.google.com/compute/docs/load-balancing/network/) + which still require the legacy version. +references: + guides: + 'Adding Health Checks': 'https://cloud.google.com/compute/docs/load-balancing/health-checks#legacy_health_checks' + api: 'https://cloud.google.com/compute/docs/reference/v1/httpHealthChecks' +docs: +base_url: 'projects/{{project}}/global/httpHealthChecks' +has_self_link: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: +examples: + - name: 'http_health_check_basic' + primary_resource_id: 'default' + vars: + http_health_check_name: 'authentication-health-check' +parameters: +properties: + - name: 'checkIntervalSec' + type: Integer + description: | + How often (in seconds) to send a health check. The default value is 5 + seconds. + default_value: 5 + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'description' + type: String + description: | + An optional description of this resource. Provide this property when + you create the resource. + - name: 'healthyThreshold' + type: Integer + description: | + A so-far unhealthy instance will be marked healthy after this many + consecutive successes. The default value is 2. + default_value: 2 + - name: 'host' + type: String + description: | + The value of the host header in the HTTP health check request. If + left empty (default value), the public IP on behalf of which this + health check is performed will be used. + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and + match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means + the first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the + last character, which cannot be a dash. + required: true + immutable: true + - name: 'port' + type: Integer + description: | + The TCP port number for the HTTP health check request. + The default value is 80. + default_value: 80 + - name: 'requestPath' + type: String + description: | + The request path of the HTTP health check request. + The default value is /. + default_value: "/" + - name: 'timeoutSec' + type: Integer + description: | + How long (in seconds) to wait before claiming failure. + The default value is 5 seconds. It is invalid for timeoutSec to have + greater value than checkIntervalSec. + default_value: 5 + - name: 'unhealthyThreshold' + type: Integer + description: | + A so-far healthy instance will be marked unhealthy after this many + consecutive failures. The default value is 2. + default_value: 2 diff --git a/mmv1/products/compute/go_HttpsHealthCheck.yaml b/mmv1/products/compute/go_HttpsHealthCheck.yaml new file mode 100644 index 000000000000..26ae15e47605 --- /dev/null +++ b/mmv1/products/compute/go_HttpsHealthCheck.yaml @@ -0,0 +1,124 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'HttpsHealthCheck' +kind: 'compute#httpsHealthCheck' +description: | + An HttpsHealthCheck resource. This resource defines a template for how + individual VMs should be checked for health, via HTTPS. + + ~> **Note:** google_compute_https_health_check is a legacy health check. + The newer [google_compute_health_check](/docs/providers/google/r/compute_health_check.html) + should be preferred for all uses except + [Network Load Balancers](https://cloud.google.com/compute/docs/load-balancing/network/) + which still require the legacy version. +references: + guides: + 'Adding Health Checks': 'https://cloud.google.com/compute/docs/load-balancing/health-checks#legacy_health_checks' + api: 'https://cloud.google.com/compute/docs/reference/v1/httpsHealthChecks' +docs: +base_url: 'projects/{{project}}/global/httpsHealthChecks' +has_self_link: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: +examples: + - name: 'https_health_check_basic' + primary_resource_id: 'default' + vars: + https_health_check_name: 'authentication-health-check' +parameters: +properties: + - name: 'checkIntervalSec' + type: Integer + description: | + How often (in seconds) to send a health check. The default value is 5 + seconds. + default_value: 5 + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'description' + type: String + description: | + An optional description of this resource. Provide this property when + you create the resource. + - name: 'healthyThreshold' + type: Integer + description: | + A so-far unhealthy instance will be marked healthy after this many + consecutive successes. The default value is 2. + default_value: 2 + - name: 'host' + type: String + description: | + The value of the host header in the HTTPS health check request. If + left empty (default value), the public IP on behalf of which this + health check is performed will be used. + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and + match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means + the first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the + last character, which cannot be a dash. + required: true + immutable: true + - name: 'port' + type: Integer + description: | + The TCP port number for the HTTPS health check request. + The default value is 443. + default_value: 443 + - name: 'requestPath' + type: String + description: | + The request path of the HTTPS health check request. + The default value is /. + default_value: "/" + - name: 'timeoutSec' + type: Integer + description: | + How long (in seconds) to wait before claiming failure. + The default value is 5 seconds. It is invalid for timeoutSec to have + greater value than checkIntervalSec. + default_value: 5 + - name: 'unhealthyThreshold' + type: Integer + description: | + A so-far healthy instance will be marked unhealthy after this many + consecutive failures. The default value is 2. + default_value: 2 diff --git a/mmv1/products/compute/go_Image.yaml b/mmv1/products/compute/go_Image.yaml new file mode 100644 index 000000000000..55a917c8956f --- /dev/null +++ b/mmv1/products/compute/go_Image.yaml @@ -0,0 +1,276 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Image' +kind: 'compute#image' +description: | + Represents an Image resource. + + Google Compute Engine uses operating system images to create the root + persistent disks for your instances. You specify an image when you create + an instance. Images contain a boot loader, an operating system, and a + root file system. Linux operating system images are also capable of + running containers on Compute Engine. + + Images can be either public or custom. + + Public images are provided and maintained by Google, open-source + communities, and third-party vendors. By default, all projects have + access to these images and can use them to create instances. Custom + images are available only to your project. You can create a custom image + from root persistent disks and other images. Then, use the custom image + to create an instance. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/compute/docs/images' + api: 'https://cloud.google.com/compute/docs/reference/v1/images' +docs: +base_url: 'projects/{{project}}/global/images' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +iam_policy: + allowed_iam_role: 'roles/compute.imageUser' + parent_resource_attribute: 'image' + iam_conditions_request_type: 'QUERY_PARAM' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' +custom_code: +examples: + - name: 'image_basic' + primary_resource_id: 'example' + primary_resource_name: 'fmt.Sprintf("tf-test-example-image%s", context["random_suffix"])' + vars: + image_name: 'example-image' + - name: 'image_guest_os' + primary_resource_id: 'example' + vars: + image_name: 'example-image' + - name: 'image_basic_storage_location' + primary_resource_id: 'example' + vars: + image_name: 'example-sl-image' + primary_resource_name: 'fmt.Sprintf("tf-test-sl-example-image%s", context["random_suffix"])' +parameters: +properties: + - name: 'archiveSizeBytes' + type: Integer + description: | + Size of the image tar.gz archive stored in Google Cloud Storage (in + bytes). + output: true + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'description' + type: String + description: | + An optional description of this resource. Provide this property when + you create the resource. + - name: 'storageLocations' + type: Array + description: | + Cloud Storage bucket storage location of the image + (regional or multi-regional). + Reference link: https://cloud.google.com/compute/docs/reference/rest/v1/images + default_from_api: true + item_type: + type: String + - name: 'diskSizeGb' + type: Integer + description: | + Size of the image when restored onto a persistent disk (in GB). + # TODO(alexstephen): Build family support. + # Families use a different API + default_from_api: true + - name: 'family' + type: String + description: | + The name of the image family to which this image belongs. You can + create disks by specifying an image family instead of a specific + image name. The image family always returns its latest image that is + not deprecated. The name of the image family must comply with + RFC1035. + - name: 'guestOsFeatures' + type: Array + description: | + A list of features to enable on the guest operating system. + Applicable only for bootable images. + is_set: true + default_from_api: true + item_type: + type: NestedObject + properties: + - name: 'type' + type: Enum + description: | + The type of supported feature. Read [Enabling guest operating system features](https://cloud.google.com/compute/docs/images/create-delete-deprecate-private-images#guest-os-features) to see a list of available options. + required: true + enum_values: + - 'MULTI_IP_SUBNET' + - 'SECURE_BOOT' + - 'SEV_CAPABLE' + - 'UEFI_COMPATIBLE' + - 'VIRTIO_SCSI_MULTIQUEUE' + - 'WINDOWS' + - 'GVNIC' + - 'SEV_LIVE_MIGRATABLE' + - 'SEV_SNP_CAPABLE' + - 'SUSPEND_RESUME_COMPATIBLE' + - 'TDX_CAPABLE' + - 'SEV_LIVE_MIGRATABLE_V2' + - name: 'imageEncryptionKey' + type: NestedObject + description: | + Encrypts the image using a customer-supplied encryption key. + + After you encrypt an image with a customer-supplied key, you must + provide the same key if you use the image later (e.g. to create a + disk from the image) + properties: + - name: 'kmsKeySelfLink' + type: String + description: | + The self link of the encryption key that is stored in Google Cloud + KMS. + api_name: kmsKeyName + diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' + custom_flatten: 'templates/terraform/custom_flatten/go/image_kms_key_name.go.tmpl' + - name: 'kmsKeyServiceAccount' + type: String + description: | + The service account being used for the encryption request for the + given KMS key. If absent, the Compute Engine default service + account is used. + - name: 'labels' + type: KeyValueLabels + description: Labels to apply to this Image. + update_url: 'projects/{{project}}/global/images/{{name}}/setLabels' + update_verb: 'POST' + - name: 'labelFingerprint' + type: Fingerprint + description: | + The fingerprint used for optimistic locking of this resource. Used + internally during updates. + output: true + update_url: 'projects/{{project}}/global/images/{{name}}/setLabels' + update_verb: 'POST' + key_expander: '' + - name: 'licenses' + type: Array + description: Any applicable license URI. + default_from_api: true + custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' + item_type: + name: 'license' + type: ResourceRef + description: 'An applicable license URI' + resource: 'License' + imports: 'selfLink' + - name: 'name' + type: String + description: | + Name of the resource; provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and + match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means + the first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the + last character, which cannot be a dash. + required: true + - name: 'rawDisk' + type: NestedObject + description: The parameters of the raw disk image. + ignore_read: true + properties: + - name: 'containerType' + type: Enum + description: | + The format used to encode and transmit the block device, which + should be TAR. This is just a container and transmission format + and not a runtime format. Provided by the client when the disk + image is created. + default_value: "TAR" + enum_values: + - 'TAR' + - name: 'sha1' + type: String + description: | + An optional SHA1 checksum of the disk image before unpackaging. + This is provided by the client when the disk image is created. + api_name: sha1Checksum + # TODO(alexstephen): Figure out cross-module ResourceRefs + - name: 'source' + type: String + description: | + The full Google Cloud Storage URL where disk storage is stored + You must provide either this property or the sourceDisk property + but not both. + required: true + - name: 'sourceDisk' + type: ResourceRef + description: | + The source disk to create this image based on. + You must provide either this property or the + rawDisk.source property but not both to create an image. + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Disk' + imports: 'selfLink' + - name: 'sourceImage' + type: ResourceRef + description: | + URL of the source image used to create this image. In order to create an image, you must provide the full or partial + URL of one of the following: + + * The selfLink URL + * This property + * The rawDisk.source URL + * The sourceDisk URL + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Image' + imports: 'selfLink' + - name: 'sourceSnapshot' + type: ResourceRef + description: | + URL of the source snapshot used to create this image. + + In order to create an image, you must provide the full or partial URL of one of the following: + + * The selfLink URL + * This property + * The sourceImage URL + * The rawDisk.source URL + * The sourceDisk URL + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Snapshot' + imports: 'selfLink' diff --git a/mmv1/products/compute/go_Instance.yaml b/mmv1/products/compute/go_Instance.yaml new file mode 100644 index 000000000000..9061e750f677 --- /dev/null +++ b/mmv1/products/compute/go_Instance.yaml @@ -0,0 +1,697 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Instance' +kind: 'compute#instance' +description: | + An instance is a virtual machine (VM) hosted on Google's infrastructure. +exclude_resource: true +docs: +base_url: 'projects/{{project}}/zones/{{zone}}/instances' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +iam_policy: + allowed_iam_role: 'roles/compute.osLogin' + parent_resource_attribute: 'instance_name' + iam_conditions_request_type: 'QUERY_PARAM' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' +custom_code: +examples: + - name: 'instance_basic' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-my-instance%s", context["random_suffix"])' + vars: + instance_name: 'my-instance' +parameters: + - name: 'zone' + type: ResourceRef + description: 'A reference to the zone where the machine resides.' + required: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Zone' + imports: 'name' +properties: + - name: 'canIpForward' + type: Boolean + description: | + Allows this instance to send and receive packets with non-matching + destination or source IPs. This is required if you plan to use this + instance to forward routes. + - name: 'cpuPlatform' + type: String + description: The CPU platform used by this instance. + output: true + - name: 'creationTimestamp' + type: String + description: Creation timestamp in RFC3339 text format. + output: true + - name: 'deletionProtection' + type: Boolean + description: Whether the resource should be protected against deletion. + update_url: '/projects/{{project}}/zones/{{zone}}/instances/{resourceId}/setDeletionProtection' + # The code for this update is custom because MM doesn't support + # sending empty bodies + the new option as a request parameter. + update_verb: 'POST' + - name: 'disks' + type: Array + description: | + An array of disks that are associated with the instances that are + created from this template. + immutable: true + item_type: + type: NestedObject + properties: + - name: 'autoDelete' + type: Boolean + description: | + Specifies whether the disk will be auto-deleted when the + instance is deleted (but not when the disk is detached from + the instance). + + Tip: Disks should be set to autoDelete=true + so that leftover disks are not left behind on machine + deletion. + - name: 'boot' + type: Boolean + description: | + Indicates that this is a boot disk. The virtual machine will + use the first partition of the disk for its root filesystem. + - name: 'deviceName' + type: String + description: | + Specifies a unique device name of your choice that is + reflected into the /dev/disk/by-id/google-* tree of a Linux + operating system running within the instance. This name can + be used to reference the device for mounting, resizing, and + so on, from within the instance. + - name: 'diskEncryptionKey' + type: NestedObject + description: | + Encrypts or decrypts a disk using a customer-supplied + encryption key. + properties: + - name: 'rawKey' + type: String + description: | + Specifies a 256-bit customer-supplied encryption key, + encoded in RFC 4648 base64 to either encrypt or decrypt + this resource. + - name: 'rsaEncryptedKey' + type: String + description: | + Specifies an RFC 4648 base64 encoded, RSA-wrapped + 2048-bit customer-supplied encryption key to either + encrypt or decrypt this resource. + - name: 'sha256' + type: String + description: | + The RFC 4648 base64 encoded SHA-256 hash of the + customer-supplied encryption key that protects this + resource. + output: true + - name: 'index' + type: Integer + description: | + Assigns a zero-based index to this disk, where 0 is + reserved for the boot disk. For example, if you have many + disks attached to an instance, each disk would have a + unique index number. If not specified, the server will + choose an appropriate value. + - name: 'initializeParams' + type: NestedObject + description: | + Specifies the parameters for a new disk that will be + created alongside the new instance. Use initialization + parameters to create boot disks or local SSDs attached to + the new instance. + immutable: true + properties: + - name: 'diskName' + type: String + description: | + Specifies the disk name. If not specified, the default + is to use the name of the instance. + - name: 'diskSizeGb' + type: Integer + description: Specifies the size of the disk in base-2 GB. + # diskStorageType - deprecated + - name: 'diskType' + type: ResourceRef + description: | + Reference to a disk type. + Specifies the disk type to use to create the instance. + If not specified, the default is pd-standard. + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'DiskType' + imports: 'selfLink' + - name: 'sourceImage' + type: String + description: | + The source image to create this disk. When creating a + new instance, one of initializeParams.sourceImage or + disks.source is required. To create a disk with one of + the public operating system images, specify the image + by its family name. + - name: 'provisionedIops' + type: Integer + description: | + Indicates how many IOPS to provision for the disk. This + sets the number of I/O operations per second that the + disk can handle. Note: Updating currently is only supported for + hyperdisk skus via disk update api/gcloud without the need to + delete and recreate the disk, hyperdisk allows for an update of + IOPS every 4 hours. To update your hyperdisk more frequently, + you'll need to manually delete and recreate it. + - name: 'provisionedThroughput' + type: Integer + description: | + Indicates how much throughput to provision for the disk. + This sets the number of throughput mb per second that + the disk can handle. Note: Updating currently is only supported + for hyperdisk skus via disk update api/gcloud without the need + to delete and recreate the disk, hyperdisk allows for an update + of throughput every 4 hours. To update your hyperdisk more + frequently, you'll need to manually delete and recreate it. + - name: 'enableConfidentialCompute' + type: Boolean + description: | + Whether this disk is using confidential compute mode. + Note: Only supported on hyperdisk skus, disk_encryption_key + is required when setting to true. + - name: 'sourceImageEncryptionKey' + type: NestedObject + description: | + The customer-supplied encryption key of the source + image. Required if the source image is protected by a + customer-supplied encryption key. + + Instance templates do not store customer-supplied + encryption keys, so you cannot create disks for + instances in a managed instance group if the source + images are encrypted with your own keys. + properties: + - name: 'rawKey' + type: String + description: | + Specifies a 256-bit customer-supplied encryption + key, encoded in RFC 4648 base64 to either encrypt + or decrypt this resource. + - name: 'sha256' + type: String + description: | + The RFC 4648 base64 encoded SHA-256 hash of the + customer-supplied encryption key that protects this + resource. + output: true + - name: 'storagePool' + type: String + description: | + The URL of the storage pool in which the new disk is created. + For example: + * https://www.googleapis.com/compute/v1/projects/{project}/zones/{zone}/storagePools/{storagePool} + * /projects/{project}/zones/{zone}/storagePools/{storagePool} + required: false + immutable: true + - name: 'interface' + type: Enum + description: | + Specifies the disk interface to use for attaching this + disk, which is either SCSI or NVME. The default is SCSI. + Persistent disks must always use SCSI and the request will + fail if you attempt to attach a persistent disk in any + other format than SCSI. + enum_values: + - 'SCSI' + - 'NVME' + # Ignoring kind - It's a constant and we don't need it. + # TODO(alexstephen): Place in licenses - it's a Array of + # ResourceRefs + - name: 'mode' + type: Enum + description: | + The mode in which to attach this disk, either READ_WRITE or + READ_ONLY. If not specified, the default is to attach the + disk in READ_WRITE mode. + enum_values: + - 'READ_WRITE' + - 'READ_ONLY' + # This is the name, not selfLink of a disk. + - name: 'source' + type: ResourceRef + description: | + Reference to a disk. When creating a new instance, + one of initializeParams.sourceImage or disks.source is required. + + If desired, you can also attach existing non-root + persistent disks using this property. This field is only + applicable for persistent disks. + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Disk' + imports: 'selfLink' + - name: 'type' + type: Enum + description: | + Specifies the type of the disk, either SCRATCH or + PERSISTENT. If not specified, the default is PERSISTENT. + enum_values: + - 'SCRATCH' + - 'PERSISTENT' + - name: 'licenses' + type: Array + description: 'Any applicable publicly visible licenses.' + output: true + item_type: + type: String + - name: 'guestAccelerators' + type: Array + description: | + List of the type and count of accelerator cards attached to the + instance + item_type: + type: NestedObject + properties: + - name: 'acceleratorCount' + type: Integer + description: | + The number of the guest accelerator cards exposed to this + instance. + # TODO(alexstephen): Change to ResourceRef once AcceleratorType is + # created. + - name: 'acceleratorType' + type: String + description: | + Full or partial URL of the accelerator type resource to expose + to this instance. + - name: 'hostname' + type: String + description: | + The hostname of the instance to be created. The specified hostname + must be RFC1035 compliant. If hostname is not specified, the default + hostname is [INSTANCE_NAME].c.[PROJECT_ID].internal when using the + global DNS, and [INSTANCE_NAME].[ZONE].c.[PROJECT_ID].internal when + using zonal DNS. + - name: 'id' + type: Integer + description: | + The unique identifier for the resource. This identifier is defined by + the server. + output: true + - name: 'labelFingerprint' + type: Fingerprint + description: | + The fingerprint used for optimistic locking of this resource. Used + internally during updates. + output: true + update_url: 'projects/{{project}}/zones/{{zone}}/instances/{{name}}/setLabels' + update_verb: 'POST' + key_expander: '' + - name: 'labels' + type: KeyValueLabels + description: | + Labels to apply to this instance. A list of key->value pairs. + update_url: 'projects/{{project}}/zones/{{zone}}/instances/{{name}}/setLabels' + update_verb: 'POST' + # TODO(nelsonjr): Implement updating metadata *after* resource is created. + + # Expose instance 'metadata' as a simple name/value pair hash. However the API + # defines metadata as a NestedObject with the following layout: + # + # metadata { + # fingerprint: 'hash-of-last-metadata' + # items: [ + # { + # key: 'metadata1-key' + # value: 'metadata1-value' + # }, + # ... + # ] + # } + # + # Fingerprint is an optimistic locking mechanism for updates, which requires + # adding the 'fingerprint' of the last metadata to allow update. + # + # To comply with the API please add an encoder: and decoder: to the provider. + - name: 'metadata' + type: KeyValuePairs + description: | + The metadata key/value pairs to assign to instances that are + created from this template. These pairs can consist of custom + metadata or predefined keys. + - name: 'machineType' + type: ResourceRef + description: 'A reference to a machine type which defines VM kind.' + update_url: 'projects/{{project}}/zones/{{zone}}/instances/{{name}}/setMachineType' + update_verb: 'POST' + # TODO(alexstephen): Add metadata + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'MachineType' + imports: 'selfLink' + - name: 'minCpuPlatform' + type: String + description: | + Specifies a minimum CPU platform for the VM instance. Applicable + values are the friendly names of CPU platforms + - name: 'name' + type: String + description: | + The name of the resource, provided by the client when initially + creating the resource. The resource name must be 1-63 characters long, + and comply with RFC1035. Specifically, the name must be 1-63 + characters long and match the regular expression + `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a + lowercase letter, and all following characters must be a dash, + lowercase letter, or digit, except the last character, which cannot + be a dash. + - name: 'networkInterfaces' + type: Array + description: | + An array of configurations for this interface. This specifies + how this interface is configured to interact with other + network services, such as connecting to the internet. Only + one network interface is supported per instance. + item_type: + type: NestedObject + properties: + - name: 'accessConfigs' + type: Array + description: | + An array of configurations for this interface. Currently, only + one access config, ONE_TO_ONE_NAT, is supported. If there are no + accessConfigs specified, then this instance will have no + external internet access. + item_type: + type: NestedObject + properties: + # 'kind' is not needed for object convergence + - name: 'name' + type: String + description: | + The name of this access configuration. The + default and recommended name is External NAT but you can + use any arbitrary string you would like. For example, My + external IP or Network Access. + required: true + - name: 'natIP' + type: ResourceRef + description: | + Reference to an address. + An external IP address associated with this instance. + Specify an unused static external IP address available to + the project or leave this field undefined to use an IP + from a shared ephemeral IP address pool. If you specify a + static external IP address, it must live in the same + region as the zone of the instance. + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Address' + imports: 'address' + - name: 'type' + type: Enum + description: | + The type of configuration. The default and only option is + ONE_TO_ONE_NAT. + required: true + enum_values: + - 'ONE_TO_ONE_NAT' + - name: 'setPublicPtr' + type: Boolean + description: | + Specifies whether a public DNS PTR record should be + created to map the external IP address of the instance + to a DNS domain name. + - name: 'publicPtrDomainName' + type: String + description: | + The DNS domain name for the public PTR record. You can + set this field only if the setPublicPtr field is + enabled. + - name: 'networkTier' + type: Enum + description: | + This signifies the networking tier used for configuring + this access configuration. If an AccessConfig is + specified without a valid external IP address, an + ephemeral IP will be created with this networkTier. If an + AccessConfig with a valid external IP address is + specified, it must match that of the networkTier + associated with the Address resource owning that IP. + enum_values: + - 'PREMIUM' + - 'STANDARD' + - name: 'aliasIpRanges' + type: Array + description: | + An array of alias IP ranges for this network interface. Can + only be specified for network interfaces on subnet-mode + networks. + item_type: + type: NestedObject + properties: + - name: 'ipCidrRange' + type: String + description: | + The IP CIDR range represented by this alias IP range. + This IP CIDR range must belong to the specified + subnetwork and cannot contain IP addresses reserved by + system or used by other network interfaces. This range + may be a single IP address (e.g. 10.2.3.4), a netmask + (e.g. /24) or a CIDR format string (e.g. 10.1.2.0/24). + - name: 'subnetworkRangeName' + type: String + description: | + Optional subnetwork secondary range name specifying + the secondary range from which to allocate the IP + CIDR range for this alias IP range. If left + unspecified, the primary range of the subnetwork will + be used. + - name: 'internalIpv6PrefixLength' + type: String + description: | + The prefix length of the primary internal IPv6 range. + - name: 'ipv6Address' + type: String + description: | + An IPv6 internal network address for this network interface. + If not specified, Google Cloud will automatically assign an + internal IPv6 address from the instance's subnetwork. + - name: 'name' + type: String + description: | + The name of the network interface, generated by the + server. For network devices, these are eth0, eth1, etc + output: true + - name: 'network' + type: ResourceRef + description: | + Specifies the title of an existing network. When creating + an instance, if neither the network nor the subnetwork is specified, + the default network global/networks/default is used; if the network + is not specified but the subnetwork is specified, the network is + inferred. + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Network' + imports: 'selfLink' + - name: 'networkIP' + type: String + description: | + An IPv4 internal network address to assign to the + instance for this network interface. If not specified + by the user, an unused internal IP is assigned by the + system. + - name: 'subnetwork' + type: ResourceRef + description: | + Reference to a VPC network. + If the network resource is in legacy mode, do not + provide this property. If the network is in auto + subnet mode, providing the subnetwork is optional. If + the network is in custom subnet mode, then this field + should be specified. + # networkInterfaces.kind is not necessary for convergence. + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Subnetwork' + imports: 'selfLink' + - name: 'networkAttachment' + type: ResourceRef + description: | + The URL of the network attachment that this interface should connect to in the following format: + projects/{projectNumber}/regions/{region_name}/networkAttachments/{network_attachment_name}. + resource: 'networkAttachment' + imports: 'selfLink' + - name: 'scheduling' + type: NestedObject + description: Sets the scheduling options for this instance. + properties: + - name: 'automaticRestart' + type: Boolean + description: | + Specifies whether the instance should be automatically restarted + if it is terminated by Compute Engine (not terminated by a user). + You can only set the automatic restart option for standard + instances. Preemptible instances cannot be automatically + restarted. + - name: 'onHostMaintenance' + type: String + description: | + Defines the maintenance behavior for this instance. For standard + instances, the default behavior is MIGRATE. For preemptible + instances, the default and only possible behavior is TERMINATE. + For more information, see Setting Instance Scheduling Options. + - name: 'preemptible' + type: Boolean + description: | + Defines whether the instance is preemptible. This can only be set + during instance creation, it cannot be set or changed after the + instance has been created. + - name: 'serviceAccounts' + type: Array + description: | + A list of service accounts, with their specified scopes, authorized + for this instance. Only one service account per VM instance is + supported. + item_type: + type: NestedObject + properties: + - name: 'email' + type: String + description: Email address of the service account. + - name: 'scopes' + type: Array + description: | + The list of scopes to be made available for this service + account. + item_type: + type: String + - name: 'shieldedInstanceConfig' + type: NestedObject + description: + Configuration for various parameters related to shielded instances. + update_url: 'projects/{{project}}/instances/{{name}}/updateShieldedInstanceConfig' + # The code for this update method is custom because MM does not support + # sending just the nested properties + update_verb: 'PATCH' + properties: + - name: 'enableSecureBoot' + type: Boolean + description: Defines whether the instance has Secure Boot enabled. + update_url: 'projects/{{project}}/instances/{{name}}/updateShieldedInstanceConfig' + update_verb: 'PATCH' + - name: 'enableVtpm' + type: Boolean + description: Defines whether the instance has the vTPM enabled + update_url: 'projects/{{project}}/instances/{{name}}/updateShieldedInstanceConfig' + update_verb: 'PATCH' + - name: 'enableIntegrityMonitoring' + type: Boolean + description: + Defines whether the instance has integrity monitoring enabled. + update_url: 'projects/{{project}}/instances/{{name}}/updateShieldedInstanceConfig' + update_verb: 'PATCH' + - name: 'confidentialInstanceConfig' + type: NestedObject + description: + 'Configuration for confidential computing (requires setting the machine + type to any of the n2d-* types and a boot disk of type pd-ssd).' + properties: + - name: 'enableConfidentialCompute' + type: Boolean + description: Enables confidential computing with AMD SEV. + at_least_one_of: + - 'confidential_instance_config.0.enable_confidential_compute' + - 'confidential_instance_config.0.confidential_instance_type' + deprecation_message: '`enableConfidentialCompute` is deprecated and will be removed in a future major release. Use `confidentialInstanceType: SEV` instead.' + - name: 'confidentialInstanceType' + type: Enum + description: | + The confidential computing technology the instance uses. + SEV is an AMD feature. TDX is an Intel feature. One of the following + values is required: SEV, SEV_SNP, TDX. If SEV_SNP, min_cpu_platform = + "AMD Milan" is currently required. TDX is only available in beta. + at_least_one_of: + - 'confidential_instance_config.0.enable_confidential_compute' + - 'confidential_instance_config.0.confidential_instance_type' + enum_values: + - 'SEV' + - 'SEV_SNP' + - 'TDX' + - name: 'status' + type: Enum + description: | + The status of the instance. One of the following values: + PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, + and TERMINATED. + + As a user, use RUNNING to keep a machine "on" and TERMINATED to + turn a machine off + # GCP API shows this as output: true. + # This is incorrect because you can make actions on the Instance (start, stop) + # In an idempotent world, the best way to express these actions is to + # change the status value. + enum_values: + - 'PROVISIONING' + - 'STAGING' + - 'RUNNING' + - 'STOPPING' + - 'SUSPENDING' + - 'SUSPENDED' + - 'TERMINATED' + - name: 'statusMessage' + type: String + description: An optional, human-readable explanation of the status. + output: true + - name: 'tags' + type: NestedObject + description: | + A list of tags to apply to this instance. Tags are used to identify + valid sources or targets for network firewalls and are specified by + the client during instance creation. The tags can be later modified + by the setTags method. Each tag within the list must comply with + RFC1035. + properties: + # TODO(alexstephen) Investigate bytes type + - name: 'fingerprint' + type: String + description: | + Specifies a fingerprint for this request, which is essentially a + hash of the metadata's contents and used for optimistic locking. + The fingerprint is initially generated by Compute Engine and + changes after every request to modify or update metadata. You + must always provide an up-to-date fingerprint hash in order to + update or change metadata. + - name: 'items' + type: Array + description: | + An array of tags. Each tag must be 1-63 characters long, and + comply with RFC1035. + item_type: + type: String diff --git a/mmv1/products/compute/go_InstanceGroup.yaml b/mmv1/products/compute/go_InstanceGroup.yaml new file mode 100644 index 000000000000..f647746e873c --- /dev/null +++ b/mmv1/products/compute/go_InstanceGroup.yaml @@ -0,0 +1,122 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'InstanceGroup' +kind: 'compute#instanceGroup' +description: | + Represents an Instance Group resource. Instance groups are self-managed + and can contain identical or different instances. Instance groups do not + use an instance template. Unlike managed instance groups, you must create + and add instances to an instance group manually. +exclude: true +docs: +base_url: 'projects/{{project}}/zones/{{zone}}/instanceGroups' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: +parameters: + - name: 'zone' + type: ResourceRef + description: 'A reference to the zone where the instance group resides.' + required: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Zone' + imports: 'name' +properties: + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'description' + type: String + description: | + An optional description of this resource. Provide this property when + you create the resource. + # 'fingerprint' not applicable to state convergence. + - name: 'id' + type: Integer + description: 'A unique identifier for this instance group.' + output: true + - name: 'name' + type: String + description: | + The name of the instance group. + The name must be 1-63 characters long, and comply with RFC1035. + - name: 'namedPorts' + type: Array + description: | + Assigns a name to a port number. + For example: {name: "http", port: 80}. + + This allows the system to reference ports by the assigned name + instead of a port number. Named ports can also contain multiple + ports. + + For example: [{name: "http", port: 80},{name: "http", port: 8080}] + + Named ports apply to all instances in this instance group. + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + The name for this named port. + The name must be 1-63 characters long, and comply with RFC1035. + - name: 'port' + type: Integer + description: | + The port number, which can be a value between 1 and 65535. + - name: 'network' + type: ResourceRef + description: | + The network to which all instances in the instance group belong. + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Network' + imports: 'selfLink' + - name: 'region' + type: ResourceRef + description: | + The region where the instance group is located + (for regional resources). + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'selfLink' + - name: 'subnetwork' + type: ResourceRef + description: | + The subnetwork to which all instances in the instance group belong. + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Subnetwork' + imports: 'selfLink' diff --git a/mmv1/products/compute/go_InstanceGroupManager.yaml b/mmv1/products/compute/go_InstanceGroupManager.yaml new file mode 100644 index 000000000000..47d7e1a82353 --- /dev/null +++ b/mmv1/products/compute/go_InstanceGroupManager.yaml @@ -0,0 +1,224 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'InstanceGroupManager' +kind: 'compute#instanceGroupManager' +description: | + Creates a managed instance group using the information that you specify in + the request. After the group is created, it schedules an action to create + instances in the group using the specified instance template. This + operation is marked as DONE when the group is created even if the + instances in the group have not yet been created. You must separately + verify the status of the individual instances. + + A managed instance group can have up to 1000 VM instances per group. +# Used as a resource reference +exclude: true +docs: +base_url: 'projects/{{project}}/zones/{{zone}}/instanceGroupManagers' +has_self_link: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: +parameters: + - name: 'zone' + type: ResourceRef + description: 'The zone the managed instance group resides.' + required: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Zone' + imports: 'name' +properties: + - name: 'baseInstanceName' + type: String + description: | + The base instance name to use for instances in this group. The value + must be 1-58 characters long. Instances are named by appending a + hyphen and a random four-character string to the base instance name. + The base instance name must comply with RFC1035. + required: true + - name: 'creationTimestamp' + type: Time + description: | + The creation timestamp for this managed instance group in RFC3339 + text format. + output: true + - name: 'currentActions' + type: NestedObject + description: | + The list of instance actions and the number of instances in this + managed instance group that are scheduled for each of those actions. + output: true + properties: + - name: 'abandoning' + type: Integer + description: | + The total number of instances in the managed instance group that + are scheduled to be abandoned. Abandoning an instance removes it + from the managed instance group without deleting it. + output: true + - name: 'creating' + type: Integer + description: | + The number of instances in the managed instance group that are + scheduled to be created or are currently being created. If the + group fails to create any of these instances, it tries again until + it creates the instance successfully. + + If you have disabled creation retries, this field will not be + populated; instead, the creatingWithoutRetries field will be + populated. + output: true + - name: 'creatingWithoutRetries' + type: Integer + description: | + The number of instances that the managed instance group will + attempt to create. The group attempts to create each instance only + once. If the group fails to create any of these instances, it + decreases the group's targetSize value accordingly. + output: true + - name: 'deleting' + type: Integer + description: | + The number of instances in the managed instance group that are + scheduled to be deleted or are currently being deleted. + output: true + - name: 'none' + type: Integer + description: | + The number of instances in the managed instance group that are + running and have no scheduled actions. + output: true + - name: 'recreating' + type: Integer + description: | + The number of instances in the managed instance group that are + scheduled to be recreated or are currently being being recreated. + Recreating an instance deletes the existing root persistent disk + and creates a new disk from the image that is defined in the + instance template. + output: true + - name: 'refreshing' + type: Integer + description: | + The number of instances in the managed instance group that are + being reconfigured with properties that do not require a restart + or a recreate action. For example, setting or removing target + pools for the instance. + output: true + - name: 'restarting' + type: Integer + description: | + The number of instances in the managed instance group that are + scheduled to be restarted or are currently being restarted. + output: true + - name: 'description' + type: String + description: | + An optional description of this resource. Provide this property when + you create the resource. + immutable: true + # fingerprint ignored as it is an internal locking detail + - name: 'id' + type: Integer + description: 'A unique identifier for this resource' + output: true + - name: 'instanceGroup' + type: ResourceRef + description: 'The instance group being managed' + output: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'InstanceGroup' + imports: 'selfLink' + - name: 'instanceTemplate' + type: ResourceRef + description: | + The instance template that is specified for this managed instance + group. The group uses this template to create all new instances in the + managed instance group. + required: true + # kind is internal transport detail + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'InstanceTemplate' + imports: 'selfLink' + - name: 'name' + type: String + description: | + The name of the managed instance group. The name must be 1-63 + characters long, and comply with RFC1035. + required: true + # TODO(nelsonjr): Make namedPorts a NameValue(name[string], port[integer]) + - name: 'namedPorts' + type: Array + description: + Named ports configured for the Instance Groups complementary to this + Instance Group Manager. + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + The name for this named port. The name must be 1-63 characters + long, and comply with RFC1035. + - name: 'port' + type: Integer + description: + The port number, which can be a value between 1 and 65535. + - name: 'region' + type: ResourceRef + description: | + The region this managed instance group resides + (for regional resources). + output: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'selfLink' + - name: 'targetPools' + type: Array + description: | + TargetPool resources to which instances in the instanceGroup field are + added. The target pools automatically apply to all of the instances in + the managed instance group. + custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' + item_type: + name: 'targetPool' + type: ResourceRef + description: 'The targetPool to receive managed instances.' + resource: 'TargetPool' + imports: 'selfLink' + - name: 'targetSize' + type: Integer + description: | + The target number of running instances for this managed instance + group. Deleting or abandoning instances reduces this number. Resizing + the group changes this number. diff --git a/mmv1/products/compute/go_InstanceGroupMembership.yaml b/mmv1/products/compute/go_InstanceGroupMembership.yaml new file mode 100644 index 000000000000..808bc14f29cc --- /dev/null +++ b/mmv1/products/compute/go_InstanceGroupMembership.yaml @@ -0,0 +1,108 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'InstanceGroupMembership' +kind: 'compute#instanceGroup' +description: | + Represents the Instance membership to the Instance Group. + + -> **NOTE** You can use this resource instead of the `instances` field in the + `google_compute_instance_group`, however it's not recommended to use it alongside this field. + It might cause inconsistencies, as they can end up competing over control. + + -> **NOTE** This resource has been added to avoid a situation, where after + Instance is recreated, it's removed from Instance Group and it's needed to + perform `apply` twice. To avoid situations like this, please use this resource + with the lifecycle `replace_triggered_by` method, with the passed Instance's ID. +references: + guides: + 'Add instances': 'https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroups/addInstances' + 'Remove instances': 'https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroups/removeInstances' + 'List instances': 'https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroups/listInstances' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroups' +docs: +id_format: '{{project}}/{{zone}}/{{instance_group}}/{{instance}}' +base_url: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{instance_group}}' +self_link: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{instance_group}}/listInstances' +create_url: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{instance_group}}/addInstances' +read_verb: 'POST' +delete_url: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{instance_group}}/removeInstances' +delete_verb: 'POST' +immutable: true +mutex: 'instanceGroups/{{project}}/zones/{{zone}}/{{instance_group}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +identity: + - instance +nested_query: + keys: + - items + is_list_of_ids: false + modify_by_patch: false +custom_code: + encoder: 'templates/terraform/encoders/go/compute_instance_group_membership.go.tmpl' + pre_delete: 'templates/terraform/pre_delete/go/compute_instance_group_membership.go.tmpl' + custom_import: 'templates/terraform/custom_import/go/compute_instance_group_membership.go.tmpl' +exclude_tgc: true +examples: + - name: 'instance_group_membership' + vars: + network_name: 'network' + instance_group_name: 'instance-group' + instance_name: 'instance' + exclude_test: true +parameters: + - name: 'zone' + type: ResourceRef + description: 'A reference to the zone where the instance group resides.' + url_param_only: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Zone' + imports: 'name' + - name: 'instanceGroup' + type: ResourceRef + description: | + Represents an Instance Group resource name that the instance belongs to. + url_param_only: true + required: true + ignore_read: true + diff_suppress_func: 'tpgresource.CompareResourceNames' + resource: 'InstanceGroup' + imports: 'name' +properties: + - name: 'instance' + type: ResourceRef + description: 'An instance being added to the InstanceGroup' + required: true + custom_flatten: 'templates/terraform/custom_flatten/go/full_to_relative_path.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Instance' + imports: 'selfLink' diff --git a/mmv1/products/compute/go_InstanceGroupNamedPort.yaml b/mmv1/products/compute/go_InstanceGroupNamedPort.yaml new file mode 100644 index 000000000000..938dfb91e93f --- /dev/null +++ b/mmv1/products/compute/go_InstanceGroupNamedPort.yaml @@ -0,0 +1,109 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'InstanceGroupNamedPort' +description: | + Mange the named ports setting for a managed instance group without + managing the group as whole. This resource is primarily intended for use + with GKE-generated groups that shouldn't otherwise be managed by other + tools. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/compute/docs/instance-groups/' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroup' +docs: +id_format: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}/{{port}}/{{name}}' +base_url: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}' +self_link: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}' +create_url: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}/setNamedPorts' +delete_url: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}/setNamedPorts' +delete_verb: 'POST' +immutable: true +mutex: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}' +import_format: + - 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}/{{port}}/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +identity: + - port + - name +nested_query: + keys: + - namedPorts + is_list_of_ids: false + modify_by_patch: true +custom_code: + encoder: 'templates/terraform/encoders/go/normalize_group.go.tmpl' +examples: + - name: 'instance_group_named_port_gke' + primary_resource_id: 'my_port' + vars: + network_name: 'container-network' + subnetwork_name: 'container-subnetwork' + gke_cluster_name: 'my-cluster' + deletion_protection: 'true' + test_vars_overrides: + 'deletion_protection': 'false' + oics_vars_overrides: + 'deletion_protection': 'false' + # Multiple fine-grained resources + skip_vcr: true +parameters: + - name: 'group' + type: ResourceRef + description: | + The name of the instance group. + url_param_only: true + required: true + diff_suppress_func: 'tpgresource.CompareResourceNames' + resource: 'InstanceGroup' + imports: 'name' + - name: 'zone' + type: ResourceRef + description: | + The zone of the instance group. + url_param_only: true + required: false + ignore_read: true + default_from_api: true + resource: 'Zone' + imports: 'name' +properties: + - name: 'name' + type: String + description: | + The name for this named port. The name must be 1-63 characters + long, and comply with RFC1035. + required: true + - name: 'port' + type: Integer + description: The port number, which can be a value between 1 and 65535. + required: true diff --git a/mmv1/products/compute/go_InstanceSettings.yaml b/mmv1/products/compute/go_InstanceSettings.yaml new file mode 100644 index 000000000000..a249f423c9ad --- /dev/null +++ b/mmv1/products/compute/go_InstanceSettings.yaml @@ -0,0 +1,81 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'InstanceSettings' +kind: 'compute#instanceSettings' +description: | + Represents an Instance Settings resource. Instance settings are centralized configuration parameters that allow users to configure the default values for specific VM parameters that are normally set using GCE instance API methods. +references: + guides: + 'Update Instance Settings': 'https://cloud.google.com/compute/docs/metadata/setting-custom-metadata#set-custom-project-zonal-metadata' + api: 'https://cloud.google.com/compute/docs/reference/rest/beta/instanceSettings' +docs: +base_url: 'projects/{{project}}/zones/{{zone}}/instanceSettings' +self_link: 'projects/{{project}}/zones/{{zone}}/instanceSettings' +create_url: 'projects/{{project}}/zones/{{zone}}/instanceSettings?update_mask=*' +create_verb: 'PATCH' +update_url: 'projects/{{project}}/zones/{{zone}}/instanceSettings?update_mask=*' +update_verb: 'PATCH' +import_format: + - 'projects/{{project}}/zones/{{zone}}/instanceSettings' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +custom_code: + custom_delete: 'templates/terraform/custom_delete/go/clear_instance_settings.go.tmpl' + test_check_destroy: 'templates/terraform/custom_check_destroy/go/skip_delete_during_test.go.tmpl' +examples: + - name: 'instance_settings_basic' + primary_resource_id: 'gce_instance_settings' +parameters: + - name: 'zone' + type: ResourceRef + description: 'A reference to the zone where the machine resides.' + required: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Zone' + imports: 'name' +properties: + - name: 'fingerprint' + type: Fingerprint + description: | + The fingerprint used for optimistic locking of this resource. Used + internally during updates. + output: true + custom_expand: 'templates/terraform/custom_expand/go/compute_instance_settings_fingerprint.tmpl' + - name: 'metadata' + type: NestedObject + description: | + The metadata key/value pairs assigned to all the instances in the corresponding scope. + properties: + - name: 'items' + type: KeyValuePairs + description: | + A metadata key/value items map. The total size of all keys and values must be less than 512KB diff --git a/mmv1/products/compute/go_Interconnect.yaml b/mmv1/products/compute/go_Interconnect.yaml new file mode 100644 index 000000000000..7f722892fede --- /dev/null +++ b/mmv1/products/compute/go_Interconnect.yaml @@ -0,0 +1,414 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Interconnect' +kind: 'compute#Interconnect' +description: | + Represents an Interconnect resource. The Interconnect resource is a dedicated connection between + Google's network and your on-premises network. +references: + guides: + 'Create a Dedicated Interconnect': 'https://cloud.google.com/network-connectivity/docs/interconnect/concepts/dedicated-overview' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/interconnects' +docs: +base_url: 'projects/{{project}}/global/interconnects' +self_link: 'projects/{{project}}/global/interconnects/{{name}}' +update_verb: 'PATCH' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 10000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +custom_code: + constants: 'templates/terraform/constants/go/interconnect.go.tmpl' +examples: + - name: 'compute_interconnect_basic' + primary_resource_id: 'example-interconnect' + vars: + interconnect_name: 'example-interconnect' + customer_name: 'example_customer' + deletion_protection: 'true' + test_vars_overrides: + 'deletion_protection': 'false' + exclude_test: true + - name: 'compute_interconnect_basic_test' + primary_resource_id: 'example-interconnect' + vars: + interconnect_name: 'example-interconnect' + exclude_docs: true +parameters: +properties: + - name: 'description' + type: String + description: | + An optional description of this resource. Provide this property when you create the resource. + - name: 'creationTimestamp' + type: Time + description: | + Creation timestamp in RFC3339 text format. + output: true + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is created. The name must be + 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters + long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first + character must be a lowercase letter, and all following characters must be a dash, + lowercase letter, or digit, except the last character, which cannot be a dash. + required: true + immutable: true + validation: + regex: '^[a-z]([-a-z0-9]*[a-z0-9])?$' + - name: 'location' + type: ResourceRef + description: | + URL of the InterconnectLocation object that represents where this connection is to be provisioned. + Specifies the location inside Google's Networks, should not be passed in case of cross-cloud interconnect. + immutable: true + resource: 'InterconnectLocations' + imports: 'selfLink' + - name: 'linkType' + type: Enum + description: | + Type of link requested. Note that this field indicates the speed of each of the links in the + bundle, not the speed of the entire bundle. Can take one of the following values: + - LINK_TYPE_ETHERNET_10G_LR: A 10G Ethernet with LR optics. + - LINK_TYPE_ETHERNET_100G_LR: A 100G Ethernet with LR optics. + required: true + immutable: true + enum_values: + - 'LINK_TYPE_ETHERNET_10G_LR' + - 'LINK_TYPE_ETHERNET_100G_LR' + - name: 'requestedLinkCount' + type: Integer + description: | + Target number of physical links in the link bundle, as requested by the customer. + required: true + immutable: true + - name: 'interconnectType' + type: Enum + description: | + Type of interconnect. Note that a value IT_PRIVATE has been deprecated in favor of DEDICATED. + Can take one of the following values: + - PARTNER: A partner-managed interconnection shared between customers though a partner. + - DEDICATED: A dedicated physical interconnection with the customer. + required: true + immutable: true + diff_suppress_func: 'InterconnectTypeDiffSuppress' + enum_values: + - 'DEDICATED' + - 'PARTNER' + - 'IT_PRIVATE' + - name: 'adminEnabled' + type: Boolean + description: | + Administrative status of the interconnect. When this is set to true, the Interconnect is + functional and can carry traffic. When set to false, no packets can be carried over the + interconnect and no BGP routes are exchanged over it. By default, the status is set to true. + send_empty_value: true + default_value: true + - name: 'nocContactEmail' + type: String + description: | + Email address to contact the customer NOC for operations and maintenance notifications + regarding this Interconnect. If specified, this will be used for notifications in addition to + all other forms described, such as Cloud Monitoring logs alerting and Cloud Notifications. + This field is required for users who sign up for Cloud Interconnect using workforce identity + federation. + - name: 'customerName' + type: String + description: | + Customer name, to put in the Letter of Authorization as the party authorized to request a + crossconnect. This field is required for Dedicated and Partner Interconnect, should not be specified + for cross-cloud interconnect. + immutable: true + - name: 'operationalStatus' + type: Enum + description: | + The current status of this Interconnect's functionality, which can take one of the following: + - OS_ACTIVE: A valid Interconnect, which is turned up and is ready to use. Attachments may + be provisioned on this Interconnect. + - OS_UNPROVISIONED: An Interconnect that has not completed turnup. No attachments may be + provisioned on this Interconnect. + - OS_UNDER_MAINTENANCE: An Interconnect that is undergoing internal maintenance. No + attachments may be provisioned or updated on this Interconnect. + output: true + enum_values: + - 'OS_ACTIVE' + - 'OS_UNPROVISIONED' + - 'OS_UNDER_MAINTENANCE' + - name: 'provisionedLinkCount' + type: Integer + description: | + Number of links actually provisioned in this interconnect. + output: true + - name: 'interconnectAttachments' + type: Array + description: | + A list of the URLs of all InterconnectAttachments configured to use this Interconnect. + output: true + item_type: + type: String + - name: 'peerIpAddress' + type: String + description: | + IP address configured on the customer side of the Interconnect link. + The customer should configure this IP address during turnup when prompted by Google NOC. + This can be used only for ping tests. + output: true + - name: 'googleIpAddress' + type: String + description: | + IP address configured on the Google side of the Interconnect link. + This can be used only for ping tests. + output: true + - name: 'googleReferenceId' + type: String + description: | + Google reference ID to be used when raising support tickets with Google or otherwise to debug + backend connectivity issues. + output: true + - name: 'expectedOutages' + type: Array + description: A list of outages expected for this Interconnect. + output: true + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + Unique identifier for this outage notification. + output: true + - name: 'description' + type: String + description: | + A description about the purpose of the outage. + output: true + - name: 'source' + type: Enum + description: | + The party that generated this notification. Note that the value of NSRC_GOOGLE has been + deprecated in favor of GOOGLE. Can take the following value: + - GOOGLE: this notification as generated by Google. + output: true + enum_values: + - 'GOOGLE' + - name: 'state' + type: Enum + description: | + State of this notification. Note that the versions of this enum prefixed with "NS_" have + been deprecated in favor of the unprefixed values. Can take one of the following values: + - ACTIVE: This outage notification is active. The event could be in the past, present, + or future. See startTime and endTime for scheduling. + - CANCELLED: The outage associated with this notification was cancelled before the + outage was due to start. + - COMPLETED: The outage associated with this notification is complete. + output: true + enum_values: + - 'ACTIVE' + - 'CANCELLED' + - 'COMPLETED' + - name: 'issueType' + type: Enum + description: | + Form this outage is expected to take. Note that the versions of this enum prefixed with + "IT_" have been deprecated in favor of the unprefixed values. Can take one of the + following values: + - OUTAGE: The Interconnect may be completely out of service for some or all of the + specified window. + - PARTIAL_OUTAGE: Some circuits comprising the Interconnect as a whole should remain + up, but with reduced bandwidth. + output: true + enum_values: + - 'OUTAGE' + - 'PARTIAL_OUTAGE' + - name: 'affectedCircuits' + type: Array + description: | + If issueType is IT_PARTIAL_OUTAGE, a list of the Google-side circuit IDs that will be + affected. + output: true + item_type: + type: String + - name: 'startTime' + type: String + description: | + Scheduled start time for the outage (milliseconds since Unix epoch). + output: true + - name: 'endTime' + type: String + description: | + Scheduled end time for the outage (milliseconds since Unix epoch). + output: true + - name: 'circuitInfos' + type: Array + description: A list of CircuitInfo objects, that describe the individual circuits in this LAG. + output: true + item_type: + type: NestedObject + properties: + - name: 'googleCircuitId' + type: String + description: | + Google-assigned unique ID for this circuit. Assigned at circuit turn-up. + output: true + - name: 'googleDemarcId' + type: String + description: | + Google-side demarc ID for this circuit. Assigned at circuit turn-up and provided by + Google to the customer in the LOA. + output: true + - name: 'customerDemarcId' + type: String + description: | + Customer-side demarc ID for this circuit. + output: true + - name: 'labels' + type: KeyValueLabels + description: | + Labels for this resource. These can only be added or modified by the setLabels + method. Each label key/value pair must comply with RFC1035. Label values may be empty. + - name: 'labelFingerprint' + type: Fingerprint + description: | + A fingerprint for the labels being applied to this Interconnect, which is essentially a hash + of the labels set used for optimistic locking. The fingerprint is initially generated by + Compute Engine and changes after every request to modify or update labels. + You must always provide an up-to-date fingerprint hash in order to update or change labels, + otherwise the request will fail with error 412 conditionNotMet. + output: true + - name: 'state' + type: Enum + description: | + The current state of Interconnect functionality, which can take one of the following values: + - ACTIVE: The Interconnect is valid, turned up and ready to use. + Attachments may be provisioned on this Interconnect. + - UNPROVISIONED: The Interconnect has not completed turnup. No attachments may b + provisioned on this Interconnect. + - UNDER_MAINTENANCE: The Interconnect is undergoing internal maintenance. No attachments may + be provisioned or updated on this Interconnect. + output: true + enum_values: + - 'ACTIVE' + - 'UNPROVISIONED' + - 'UNDER_MAINTENANCE' + - name: 'satisfiesPzs' + type: Boolean + description: Reserved for future use. + output: true + - name: 'macsec' + type: NestedObject + description: | + Configuration that enables Media Access Control security (MACsec) on the Cloud + Interconnect connection between Google and your on-premises router. + properties: + - name: 'preSharedKeys' + type: Array + description: | + A keychain placeholder describing a set of named key objects along with their + start times. A MACsec CKN/CAK is generated for each key in the key chain. + Google router automatically picks the key with the most recent startTime when establishing + or re-establishing a MACsec secure link. + required: true + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + A name for this pre-shared key. The name must be 1-63 characters long, and + comply with RFC1035. Specifically, the name must be 1-63 characters long and match + the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character + must be a lowercase letter, and all following characters must be a dash, lowercase + letter, or digit, except the last character, which cannot be a dash. + required: true + validation: + regex: '^[a-z]([-a-z0-9]*[a-z0-9])?$' + - name: 'startTime' + type: String + description: | + A RFC3339 timestamp on or after which the key is valid. startTime can be in the + future. If the keychain has a single key, startTime can be omitted. If the keychain + has multiple keys, startTime is mandatory for each key. The start times of keys must + be in increasing order. The start times of two consecutive keys must be at least 6 + hours apart. + - name: 'failOpen' + type: Boolean + description: | + If set to true, the Interconnect connection is configured with a should-secure + MACsec security policy, that allows the Google router to fallback to cleartext + traffic if the MKA session cannot be established. By default, the Interconnect + connection is configured with a must-secure security policy that drops all traffic + if the MKA session cannot be established with your router. + deprecation_message: '`failOpen` is deprecated and will be removed in a future major release. Use other `failOpen` instead.' + - name: 'failOpen' + type: Boolean + description: | + If set to true, the Interconnect connection is configured with a should-secure + MACsec security policy, that allows the Google router to fallback to cleartext + traffic if the MKA session cannot be established. By default, the Interconnect + connection is configured with a must-secure security policy that drops all traffic + if the MKA session cannot be established with your router. + - name: 'macsecEnabled' + type: Boolean + description: | + Enable or disable MACsec on this Interconnect connection. + MACsec enablement fails if the MACsec object is not specified. + - name: 'remoteLocation' + type: String + description: | + Indicates that this is a Cross-Cloud Interconnect. This field specifies the location outside + of Google's network that the interconnect is connected to. + immutable: true + - name: 'requestedFeatures' + type: Array + description: | + interconnects.list of features requested for this Interconnect connection. Options: IF_MACSEC ( + If specified then the connection is created on MACsec capable hardware ports. If not + specified, the default value is false, which allocates non-MACsec capable ports first if + available). Note that MACSEC is still technically allowed for compatibility reasons, but it + does not work with the API, and will be removed in an upcoming major version. + immutable: true + item_type: + type: Enum + description: | + interconnects.list of features requested for this Interconnect connection + enum_values: + - 'MACSEC' + - 'IF_MACSEC' + - name: 'availableFeatures' + type: Array + description: | + interconnects.list of features available for this Interconnect connection. Can take the value: + MACSEC. If present then the Interconnect connection is provisioned on MACsec capable hardware + ports. If not present then the Interconnect connection is provisioned on non-MACsec capable + ports and MACsec isn't supported and enabling MACsec fails). + output: true + item_type: + type: String diff --git a/mmv1/products/compute/go_InterconnectAttachment.yaml b/mmv1/products/compute/go_InterconnectAttachment.yaml new file mode 100644 index 000000000000..2d6ebf719383 --- /dev/null +++ b/mmv1/products/compute/go_InterconnectAttachment.yaml @@ -0,0 +1,341 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'InterconnectAttachment' +kind: 'compute#interconnectAttachment' +description: | + Represents an InterconnectAttachment (VLAN attachment) resource. For more + information, see Creating VLAN Attachments. +docs: +base_url: 'projects/{{project}}/regions/{{region}}/interconnectAttachments' +has_self_link: true +update_verb: 'PATCH' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: + constants: 'templates/terraform/constants/go/interconnect_attachment.go.tmpl' + post_create: 'templates/terraform/post_create/go/interconnect_attachment.go.tmpl' + pre_delete: 'templates/terraform/pre_delete/go/interconnect_attachment.go.tmpl' +examples: + - name: 'interconnect_attachment_basic' + primary_resource_id: 'on_prem' + vars: + interconnect_attachment_name: 'on-prem-attachment' + router_name: 'router-1' + network_name: 'network-1' + - name: 'interconnect_attachment_dedicated' + primary_resource_id: 'on_prem' + vars: + interconnect_name: 'interconenct-1' + interconnect_attachment_name: 'on-prem-attachment' + router_name: 'router-1' + network_name: 'network-1' + exclude_docs: true + - name: 'compute_interconnect_attachment_ipsec_encryption' + primary_resource_id: 'ipsec-encrypted-interconnect-attachment' + vars: + interconnect_attachment_name: 'test-interconnect-attachment' + address_name: 'test-address' + router_name: 'test-router' + network_name: 'test-network' +parameters: + - name: 'region' + type: ResourceRef + description: | + Region where the regional interconnect attachment resides. + required: false + default_from_api: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'selfLink' +properties: + - name: 'adminEnabled' + type: Boolean + description: | + Whether the VLAN attachment is enabled or disabled. When using + PARTNER type this will Pre-Activate the interconnect attachment + send_empty_value: true + default_value: true + - name: 'cloudRouterIpAddress' + type: String + description: | + IPv4 address + prefix length to be configured on Cloud Router + Interface for this interconnect attachment. + output: true + - name: 'customerRouterIpAddress' + type: String + description: | + IPv4 address + prefix length to be configured on the customer + router subinterface for this interconnect attachment. + output: true + - name: 'interconnect' + type: String + description: | + URL of the underlying Interconnect object that this attachment's + traffic will traverse through. Required if type is DEDICATED, must not + be set if type is PARTNER. + immutable: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - name: 'description' + type: String + description: | + An optional description of this resource. + - name: 'mtu' + type: String + description: | + Maximum Transmission Unit (MTU), in bytes, of packets passing through + this interconnect attachment. Currently, only 1440 and 1500 are allowed. If not specified, the value will default to 1440. + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/go/float64_to_int_to_string.go.tmpl' + - name: 'bandwidth' + type: Enum + description: | + Provisioned bandwidth capacity for the interconnect attachment. + For attachments of type DEDICATED, the user can set the bandwidth. + For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. + Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, + Defaults to BPS_10G + default_from_api: true + enum_values: + - 'BPS_50M' + - 'BPS_100M' + - 'BPS_200M' + - 'BPS_300M' + - 'BPS_400M' + - 'BPS_500M' + - 'BPS_1G' + - 'BPS_2G' + - 'BPS_5G' + - 'BPS_10G' + - 'BPS_20G' + - 'BPS_50G' + - name: 'edgeAvailabilityDomain' + type: String + description: | + Desired availability domain for the attachment. Only available for type + PARTNER, at creation time. For improved reliability, customers should + configure a pair of attachments with one per availability domain. The + selected availability domain will be provided to the Partner via the + pairing key so that the provisioned circuit will lie in the specified + domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY. + immutable: true + default_from_api: true + - name: 'pairingKey' + type: String + description: | + [Output only for type PARTNER. Not present for DEDICATED]. The opaque + identifier of an PARTNER attachment used to initiate provisioning with + a selected partner. Of the form "XXXXX/region/domain" + output: true + - name: 'partnerAsn' + type: String + description: | + [Output only for type PARTNER. Not present for DEDICATED]. Optional + BGP ASN for the router that should be supplied by a layer 3 Partner if + they configured BGP on behalf of the customer. + output: true + - name: 'privateInterconnectInfo' + type: NestedObject + description: | + Information specific to an InterconnectAttachment. This property + is populated if the interconnect that this is attached to is of type DEDICATED. + output: true + properties: + - name: 'tag8021q' + type: Integer + description: | + 802.1q encapsulation tag to be used for traffic between + Google and the customer, going to and from this network and region. + output: true + - name: 'type' + type: Enum + description: | + The type of InterconnectAttachment you wish to create. Defaults to + DEDICATED. + immutable: true + default_from_api: true + enum_values: + - 'DEDICATED' + - 'PARTNER' + - 'PARTNER_PROVIDER' + - name: 'state' + type: Enum + description: | + [Output Only] The current state of this attachment's functionality. + output: true + enum_values: + - 'ACTIVE' + - 'DEFUNCT' + - 'PARTNER_REQUEST_RECEIVED' + - 'PENDING_CUSTOMER' + - 'PENDING_PARTNER' + - 'STATE_UNSPECIFIED' + - name: 'googleReferenceId' + type: String + description: | + Google reference ID, to be used when raising support tickets with + Google or otherwise to debug backend connectivity issues. + output: true + - name: 'router' + type: ResourceRef + description: | + URL of the cloud router to be used for dynamic routing. This router must be in + the same region as this InterconnectAttachment. The InterconnectAttachment will + automatically connect the Interconnect to the network & region within which the + Cloud Router is configured. + required: true + immutable: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Router' + imports: 'selfLink' + - name: 'creationTimestamp' + type: Time + description: | + Creation timestamp in RFC3339 text format. + output: true + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is created. The + name must be 1-63 characters long, and comply with RFC1035. Specifically, the + name must be 1-63 characters long and match the regular expression + `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a + lowercase letter, and all following characters must be a dash, lowercase + letter, or digit, except the last character, which cannot be a dash. + required: true + immutable: true + validation: + regex: '^[a-z]([-a-z0-9]*[a-z0-9])?$' + - name: 'candidateSubnets' + type: Array + description: | + Up to 16 candidate prefixes that can be used to restrict the allocation + of cloudRouterIpAddress and customerRouterIpAddress for this attachment. + All prefixes must be within link-local address space (169.254.0.0/16) + and must be /29 or shorter (/28, /27, etc). Google will attempt to select + an unused /29 from the supplied candidate prefix(es). The request will + fail if all possible /29s are in use on Google's edge. If not supplied, + Google will randomly select an unused /29 from all of link-local space. + immutable: true + ignore_read: true + item_type: + type: String + - name: 'vlanTag8021q' + type: Integer + description: | + The IEEE 802.1Q VLAN tag for this attachment, in the range 2-4094. When + using PARTNER type this will be managed upstream. + immutable: true + default_from_api: true + - name: 'ipsecInternalAddresses' + type: Array + description: | + URL of addresses that have been reserved for the interconnect attachment, + Used only for interconnect attachment that has the encryption option as + IPSEC. + The addresses must be RFC 1918 IP address ranges. When creating HA VPN + gateway over the interconnect attachment, if the attachment is configured + to use an RFC 1918 IP address, then the VPN gateway's IP address will be + allocated from the IP address range specified here. + For example, if the HA VPN gateway's interface 0 is paired to this + interconnect attachment, then an RFC 1918 IP address for the VPN gateway + interface 0 will be allocated from the IP address specified for this + interconnect attachment. + If this field is not specified for interconnect attachment that has + encryption option as IPSEC, later on when creating HA VPN gateway on this + interconnect attachment, the HA VPN gateway's IP address will be + allocated from regional external IP address pool. + immutable: true + custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' + item_type: + name: 'ipsecInternalAddress' + type: ResourceRef + description: | + URL of an address that has been reserved for the interconnect + attachment. + resource: 'Address' + imports: 'selfLink' + - name: 'encryption' + type: Enum + description: | + Indicates the user-supplied encryption option of this interconnect + attachment. Can only be specified at attachment creation for PARTNER or + DEDICATED attachments. + * NONE - This is the default value, which means that the VLAN attachment + carries unencrypted traffic. VMs are able to send traffic to, or receive + traffic from, such a VLAN attachment. + * IPSEC - The VLAN attachment carries only encrypted traffic that is + encrypted by an IPsec device, such as an HA VPN gateway or third-party + IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, + such a VLAN attachment. To use HA VPN over Cloud Interconnect, the VLAN + attachment must be created with this option. + immutable: true + custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' + default_value: "NONE" + enum_values: + - 'NONE' + - 'IPSEC' + - name: 'stackType' + type: Enum + description: | + The stack type for this interconnect attachment to identify whether the IPv6 + feature is enabled or not. If not specified, IPV4_ONLY will be used. + This field can be both set at interconnect attachments creation and update + interconnect attachment operations. + default_from_api: true + enum_values: + - 'IPV4_IPV6' + - 'IPV4_ONLY' + - name: 'cloudRouterIpv6Address' + type: String + description: | + IPv6 address + prefix length to be configured on Cloud Router + Interface for this interconnect attachment. + output: true + - name: 'customerRouterIpv6Address' + type: String + description: | + IPv6 address + prefix length to be configured on the customer + router subinterface for this interconnect attachment. + output: true + - name: 'subnetLength' + type: Integer + description: | + Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29, + except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a + constraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure + remote location fall into this category. In these cases, the default value is 30, and + requesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it + gives Google Cloud Support more debugging visibility. + immutable: true + ignore_read: true diff --git a/mmv1/products/compute/go_License.yaml b/mmv1/products/compute/go_License.yaml new file mode 100644 index 000000000000..7774d584f274 --- /dev/null +++ b/mmv1/products/compute/go_License.yaml @@ -0,0 +1,47 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'License' +kind: 'compute#license' +description: | + A License resource represents a software license. Licenses are used to + track software usage in images, persistent disks, snapshots, and virtual + machine instances. +# Used as a resource reference +exclude: true +readonly: true +docs: +base_url: '/projects/{{project}}/global/licenses' +has_self_link: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +collection_url_key: 'items' +custom_code: +parameters: +properties: + - name: 'name' + type: String + description: | + Name of the resource. The name is 1-63 characters long + and complies with RFC1035. + output: true + - name: 'chargesUseFee' + type: Boolean + description: | + If true, the customer will be charged license fee for + running software that contains this license on an instance. + output: true diff --git a/mmv1/products/compute/go_MachineImage.yaml b/mmv1/products/compute/go_MachineImage.yaml new file mode 100644 index 000000000000..0eaa8c794e23 --- /dev/null +++ b/mmv1/products/compute/go_MachineImage.yaml @@ -0,0 +1,142 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'MachineImage' +kind: 'compute#machineImage' +description: | + Represents a Machine Image resource. Machine images store all the configuration, + metadata, permissions, and data from one or more disks required to create a + Virtual machine (VM) instance. +min_version: 'beta' +references: + guides: + 'Official Documentation': 'https://cloud.google.com/compute/docs/machine-images' + api: 'https://cloud.google.com/compute/docs/reference/rest/beta/machineImages' +docs: +base_url: 'projects/{{project}}/global/machineImages' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +iam_policy: + allowed_iam_role: 'roles/compute.admin' + parent_resource_attribute: 'machine_image' + iam_conditions_request_type: 'QUERY_PARAM' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' +custom_code: +examples: + - name: 'machine_image_basic' + primary_resource_id: 'image' + primary_resource_name: 'fmt.Sprintf("tf-test-my-image%s", context["random_suffix"])' + vars: + vm_name: 'my-vm' + image_name: 'my-image' + - name: 'compute_machine_image_kms' + primary_resource_id: 'image' + primary_resource_name: 'fmt.Sprintf("tf-test-my-image%s", context["random_suffix"])' + vars: + vm_name: 'my-vm' + image_name: 'my-image' + key_name: 'key' + keyring_name: 'keyring' + test_vars_overrides: + 'policyChanged': 'acctest.BootstrapPSARole(t, "service-", "compute-system", "roles/cloudkms.cryptoKeyEncrypterDecrypter")' +parameters: +properties: + - name: 'name' + type: String + description: 'Name of the resource.' + min_version: 'beta' + required: true + - name: 'description' + type: String + description: 'A text description of the resource.' + min_version: 'beta' + - name: 'sourceInstance' + type: ResourceRef + description: + 'The source instance used to create the machine image. You can provide + this as a partial or full URL to the resource.' + min_version: 'beta' + required: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Instance' + imports: 'selfLink' + - name: 'storageLocations' + type: Array + description: | + The regional or multi-regional Cloud Storage bucket location where the machine image is stored. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'guestFlush' + type: Boolean + description: | + Specify this to create an application consistent machine image by informing the OS to prepare for the snapshot process. + Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS). + min_version: 'beta' + - name: 'machineImageEncryptionKey' + type: NestedObject + description: | + Encrypts the machine image using a customer-supplied encryption key. + + After you encrypt a machine image with a customer-supplied key, you must + provide the same key if you use the machine image later (e.g. to create a + instance from the image) + min_version: 'beta' + properties: + - name: 'rawKey' + type: String + description: | + Specifies a 256-bit customer-supplied encryption key, encoded in + RFC 4648 base64 to either encrypt or decrypt this resource. + min_version: 'beta' + - name: 'sha256' + type: String + description: | + The RFC 4648 base64 encoded SHA-256 hash of the + customer-supplied encryption key that protects this resource. + min_version: 'beta' + output: true + - name: 'kmsKeyName' + type: String + description: | + The name of the encryption key that is stored in Google Cloud KMS. + min_version: 'beta' + diff_suppress_func: 'tpgresource.CompareCryptoKeyVersions' + - name: 'kmsKeyServiceAccount' + type: String + description: | + The service account used for the encryption request for the given KMS key. + If absent, the Compute Engine Service Agent service account is used. + min_version: 'beta' diff --git a/mmv1/products/compute/go_MachineType.yaml b/mmv1/products/compute/go_MachineType.yaml new file mode 100644 index 000000000000..7df93a83dfcf --- /dev/null +++ b/mmv1/products/compute/go_MachineType.yaml @@ -0,0 +1,131 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'MachineType' +kind: 'compute#machineType' +description: | + Represents a MachineType resource. Machine types determine the virtualized + hardware specifications of your virtual machine instances, such as the + amount of memory or number of virtual CPUs. +exclude: true +readonly: true +docs: +base_url: 'projects/{{project}}/zones/{{zone}}/machineTypes' +has_self_link: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +collection_url_key: 'items' +custom_code: +parameters: +properties: + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'deprecated' + type: NestedObject + description: 'The deprecation status associated with this machine type.' + output: true + properties: + - name: 'deleted' + type: Time + description: | + An optional RFC3339 timestamp on or after which the state of this + resource is intended to change to DELETED. This is only + informational and the status will not change unless the client + explicitly changes it. + output: true + - name: 'deprecated' + type: Time + description: | + An optional RFC3339 timestamp on or after which the state of this + resource is intended to change to DEPRECATED. This is only + informational and the status will not change unless the client + explicitly changes it. + output: true + - name: 'obsolete' + type: Time + description: | + An optional RFC3339 timestamp on or after which the state of this + resource is intended to change to OBSOLETE. This is only + informational and the status will not change unless the client + explicitly changes it. + output: true + - name: 'replacement' + type: String + description: | + The URL of the suggested replacement for a deprecated resource. + The suggested replacement resource must be the same kind of + resource as the deprecated resource. + output: true + - name: 'state' + type: Enum + description: | + The deprecation state of this resource. This can be DEPRECATED, + OBSOLETE, or DELETED. Operations which create a new resource + using a DEPRECATED resource will return successfully, but with a + warning indicating the deprecated resource and recommending its + replacement. Operations which use OBSOLETE or DELETED resources + will be rejected and result in an error. + output: true + enum_values: + - 'DEPRECATED' + - 'OBSOLETE' + - 'DELETED' + - name: 'description' + type: String + description: 'An optional textual description of the resource.' + output: true + - name: 'guestCpus' + type: Integer + description: | + The number of virtual CPUs that are available to the instance. + output: true + - name: 'id' + type: Integer + description: 'The unique identifier for the resource.' + output: true + - name: 'isSharedCpu' + type: Boolean + description: | + Whether this machine type has a shared CPU. See Shared-core machine + types for more information. + output: true + - name: 'maximumPersistentDisks' + type: Integer + description: 'Maximum persistent disks allowed.' + output: true + - name: 'maximumPersistentDisksSizeGb' + type: Integer + description: 'Maximum total persistent disks size (GB) allowed.' + output: true + - name: 'memoryMb' + type: Integer + description: | + The amount of physical memory available to the instance, defined in + MB. + output: true + - name: 'name' + type: String + description: 'Name of the resource.' + - name: 'zone' + type: ResourceRef + description: 'The zone the machine type is defined.' + required: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Zone' + imports: 'name' diff --git a/mmv1/products/compute/go_ManagedSslCertificate.yaml b/mmv1/products/compute/go_ManagedSslCertificate.yaml new file mode 100644 index 000000000000..c82a9c15b95e --- /dev/null +++ b/mmv1/products/compute/go_ManagedSslCertificate.yaml @@ -0,0 +1,152 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'ManagedSslCertificate' +kind: 'compute#sslCertificate' +description: | + An SslCertificate resource, used for HTTPS load balancing. This resource + represents a certificate for which the certificate secrets are created and + managed by Google. + + For a resource where you provide the key, see the + SSL Certificate resource. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/ssl-certificates' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/sslCertificates' +docs: + warning: | + This resource should be used with extreme caution! Provisioning an SSL + certificate is complex. Ensure that you understand the lifecycle of a + certificate before attempting complex tasks like cert rotation automatically. + This resource will "return" as soon as the certificate object is created, + but post-creation the certificate object will go through a "provisioning" + process. The provisioning process can complete only when the domain name + for which the certificate is created points to a target pool which, itself, + points at the certificate. Depending on your DNS provider, this may take + some time, and migrating from self-managed certificates to Google-managed + certificates may entail some downtime while the certificate provisions. + + In conclusion: Be extremely cautious. +base_url: 'projects/{{project}}/global/sslCertificates' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 30 + update_minutes: 30 + # Deletes can take 20-30 minutes to complete, since they depend + # on the provisioning process either succeeding or failing completely. + delete_minutes: 30 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + timeouts: + insert_minutes: 30 + update_minutes: 30 + # Deletes can take 20-30 minutes to complete, since they depend + # on the provisioning process either succeeding or failing completely. + delete_minutes: 30 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: + constants: 'templates/terraform/constants/go/compute_managed_ssl_certificate.go.tmpl' +examples: + - name: 'managed_ssl_certificate_basic' + primary_resource_id: 'default' + vars: + cert_name: 'test-cert' + proxy_name: 'test-proxy' + url_map_name: 'url-map' + backend_service_name: 'backend-service' + dns_zone_name: 'dnszone' + forwarding_rule_name: 'forwarding-rule' + http_health_check_name: 'http-health-check' + - name: 'managed_ssl_certificate_recreation' + primary_resource_id: 'cert' + external_providers: ["random", "time"] + # Random provider + skip_vcr: true +parameters: +properties: + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'description' + type: String + description: 'An optional description of this resource.' + - name: 'certificate_id' + type: Integer + description: 'The unique identifier for the resource.' + api_name: id + output: true + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and match + the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the + first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the last + character, which cannot be a dash. + + These are in the same namespace as the managed SSL certificates. + - name: 'managed' + type: NestedObject + description: | + Properties relevant to a managed certificate. These will be used if the + certificate is managed (as indicated by a value of `MANAGED` in `type`). + properties: + - name: 'domains' + type: Array + description: | + Domains for which a managed SSL certificate will be valid. Currently, + there can be up to 100 domains in this list. + required: true + diff_suppress_func: 'AbsoluteDomainSuppress' + item_type: + type: String + max_size: 100 + - name: 'type' + type: Enum + description: | + Enum field whose value is always `MANAGED` - used to signal to the API + which type this is. + default_value: "MANAGED" + enum_values: + - 'MANAGED' + - name: 'subjectAlternativeNames' + type: Array + description: | + Domains associated with the certificate via Subject Alternative Name. + output: true + item_type: + type: String + - name: 'expireTime' + type: Time + description: | + Expire time of the certificate in RFC3339 text format. + output: true diff --git a/mmv1/products/compute/go_Network.yaml b/mmv1/products/compute/go_Network.yaml new file mode 100644 index 000000000000..770588aa5e37 --- /dev/null +++ b/mmv1/products/compute/go_Network.yaml @@ -0,0 +1,183 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Network' +kind: 'compute#network' +description: | + Manages a VPC network or legacy network resource on GCP. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/vpc/docs/vpc' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/networks' +docs: +base_url: 'projects/{{project}}/global/networks' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: + encoder: 'templates/terraform/encoders/go/compute_network.go.tmpl' + update_encoder: 'templates/terraform/update_encoder/go/compute_network.go.tmpl' + decoder: 'templates/terraform/decoders/go/compute_network.go.tmpl' + post_create: 'templates/terraform/post_create/go/compute_network_delete_default_route.tmpl' +examples: + - name: 'network_basic' + primary_resource_id: 'vpc_network' + vars: + network_name: 'vpc-network' + - name: 'network_custom_mtu' + primary_resource_id: 'vpc_network' + vars: + network_name: 'vpc-network' + test_env_vars: + project: 'PROJECT_NAME' + - name: 'network_custom_firewall_enforcement_order' + primary_resource_id: 'vpc_network' + vars: + network_name: 'vpc-network' + test_env_vars: + project: 'PROJECT_NAME' +virtual_fields: + - name: 'delete_default_routes_on_create' + description: | + If set to `true`, default routes (`0.0.0.0/0`) will be deleted + immediately after network creation. Defaults to `false`. + type: Boolean + default_value: false +parameters: +properties: + - name: 'description' + type: String + description: | + An optional description of this resource. The resource must be + recreated to modify this field. + immutable: true + - name: 'gateway_ipv4' + type: String + description: | + The gateway address for default routing out of the network. This value + is selected by GCP. + # We override this here so that the name is more aesthetic + api_name: gatewayIPv4 + output: true + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and match + the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the + first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the last + character, which cannot be a dash. + required: true + immutable: true + validation: + function: 'verify.ValidateGCEName' + - name: 'numericId' + type: String + description: | + The unique identifier for the resource. This identifier is defined by the server. + output: true + - name: 'autoCreateSubnetworks' + type: Boolean + description: | + When set to `true`, the network is created in "auto subnet mode" and + it will create a subnet for each region automatically across the + `10.128.0.0/9` address range. + + When set to `false`, the network is created in "custom subnet mode" so + the user can explicitly connect subnetwork resources. + immutable: true + send_empty_value: true + default_value: true + - name: 'routingConfig' + type: NestedObject + description: | + The network-level routing configuration for this network. Used by Cloud + Router to determine what type of network-wide routing behavior to + enforce. + update_url: 'projects/{{project}}/global/networks/{{name}}' + update_verb: 'PATCH' + flatten_object: true + properties: + - name: 'routingMode' + type: Enum + description: | + The network-wide routing mode to use. If set to `REGIONAL`, this + network's cloud routers will only advertise routes with subnetworks + of this network in the same region as the router. If set to `GLOBAL`, + this network's cloud routers will advertise routes with all + subnetworks of this network, across regions. + required: false + default_from_api: true + update_url: 'projects/{{project}}/global/networks/{{name}}' + update_verb: 'PATCH' + enum_values: + - 'REGIONAL' + - 'GLOBAL' + - name: 'mtu' + type: Integer + description: | + Maximum Transmission Unit in bytes. The default value is 1460 bytes. + The minimum value for this field is 1300 and the maximum value is 8896 bytes (jumbo frames). + Note that packets larger than 1500 bytes (standard Ethernet) can be subject to TCP-MSS clamping or dropped + with an ICMP `Fragmentation-Needed` message if the packets are routed to the Internet or other VPCs + with varying MTUs. + immutable: true + default_from_api: true + - name: 'enableUlaInternalIpv6' + type: Boolean + description: | + Enable ULA internal ipv6 on this network. Enabling this feature will assign + a /48 from google defined ULA prefix fd20::/20. + immutable: true + - name: 'internalIpv6Range' + type: String + description: | + When enabling ula internal ipv6, caller optionally can specify the /48 range + they want from the google defined ULA prefix fd20::/20. The input must be a + valid /48 ULA IPv6 address and must be within the fd20::/20. Operation will + fail if the speficied /48 is already in used by another resource. + If the field is not speficied, then a /48 range will be randomly allocated from fd20::/20 and returned via this field. + immutable: true + default_from_api: true + - name: 'networkFirewallPolicyEnforcementOrder' + type: Enum + description: | + Set the order that Firewall Rules and Firewall Policies are evaluated. + update_url: 'projects/{{project}}/global/networks/{{name}}' + update_verb: 'PATCH' + default_value: "AFTER_CLASSIC_FIREWALL" + enum_values: + - 'BEFORE_CLASSIC_FIREWALL' + - 'AFTER_CLASSIC_FIREWALL' diff --git a/mmv1/products/compute/go_NetworkAttachment.yaml b/mmv1/products/compute/go_NetworkAttachment.yaml new file mode 100644 index 000000000000..635bee8c5862 --- /dev/null +++ b/mmv1/products/compute/go_NetworkAttachment.yaml @@ -0,0 +1,187 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'NetworkAttachment' +kind: 'compute#networkAttachment' +description: | + A network attachment is a resource that lets a producer Virtual Private Cloud (VPC) network initiate connections to a consumer VPC network through a Private Service Connect interface. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/vpc/docs/about-network-attachments' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/networkAttachments' +docs: +base_url: 'projects/{{project}}/regions/{{region}}/networkAttachments' +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: +examples: + - name: 'network_attachment_basic' + primary_resource_id: 'default' + vars: + resource_name: 'basic-network-attachment' + network_name: 'basic-network' + subnetwork_name: 'basic-subnetwork' + accepted_producer_project_name: 'prj-accepted' + rejected_producer_project_name: 'prj-rejected' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + - name: 'network_attachment_instance_usage' + primary_resource_id: 'default' + min_version: 'beta' + vars: + resource_name: 'basic-network-attachment' + network_name: 'basic-network' + subnetwork_name: 'basic-subnetwork' + instance_name: 'basic-instance' +parameters: + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + required: true + - name: 'region' + type: ResourceRef + description: | + URL of the region where the network attachment resides. This field applies only to the region resource. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body. + required: true + immutable: true + default_from_api: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' +properties: + - name: 'kind' + type: String + description: 'Type of the resource.' + output: true + - name: 'id' + type: String + description: 'The unique identifier for the resource type. The server generates this identifier.' + output: true + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'description' + type: String + description: | + An optional description of this resource. Provide this property when you create the resource. + - name: 'selfLink' + type: String + description: 'Server-defined URL for the resource.' + output: true + - name: 'selfLinkWithId' + type: String + description: | + Server-defined URL for this resource's resource id. + output: true + - name: 'connectionPreference' + type: Enum + description: | + The connection preference of service attachment. The value can be set to ACCEPT_AUTOMATIC. An ACCEPT_AUTOMATIC service attachment is one that always accepts the connection from consumer forwarding rules. + required: true + enum_values: + - 'ACCEPT_AUTOMATIC' + - 'ACCEPT_MANUAL' + - 'INVALID' + - name: 'connectionEndpoints' + type: Array + description: | + An array of connections for all the producers connected to this network attachment. + output: true + item_type: + type: NestedObject + properties: + - name: 'status' + type: String + description: | + The status of a connected endpoint to this network attachment. + output: true + - name: 'projectIdOrNum' + type: String + description: | + The project id or number of the interface to which the IP was assigned. + output: true + - name: 'subnetwork' + type: String + description: | + The subnetwork used to assign the IP to the producer instance network interface. + output: true + - name: 'ipAddress' + type: String + description: | + The IPv4 address assigned to the producer instance network interface. This value will be a range in case of Serverless. + output: true + - name: 'secondaryIpCidrRanges' + type: String + description: | + Alias IP ranges from the same subnetwork. + output: true + - name: 'subnetworks' + type: Array + description: | + An array of URLs where each entry is the URL of a subnet provided by the service consumer to use for endpoints in the producers that connect to this network attachment. + required: true + custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' + item_type: + name: 'subnet' + type: ResourceRef + description: | + A subnet that is provided to set this network attachment. + resource: 'Subnetwork' + imports: 'selfLink' + - name: 'producerRejectLists' + type: Array + description: | + Projects that are not allowed to connect to this network attachment. The project can be specified using its id or number. + item_type: + type: String + - name: 'producerAcceptLists' + type: Array + description: | + Projects that are allowed to connect to this network attachment. The project can be specified using its id or number. + item_type: + type: String + - name: 'fingerprint' + type: Fingerprint + description: | + Fingerprint of this resource. A hash of the contents stored in this object. This + field is used in optimistic locking. An up-to-date fingerprint must be provided in order to patch. + output: true + - name: 'network' + type: String + description: | + The URL of the network which the Network Attachment belongs to. Practically it is inferred by fetching the network of the first subnetwork associated. + Because it is required that all the subnetworks must be from the same network, it is assured that the Network Attachment belongs to the same network as all the subnetworks. + output: true diff --git a/mmv1/products/compute/go_NetworkEdgeSecurityService.yaml b/mmv1/products/compute/go_NetworkEdgeSecurityService.yaml new file mode 100644 index 000000000000..b0f7c0ed4cdd --- /dev/null +++ b/mmv1/products/compute/go_NetworkEdgeSecurityService.yaml @@ -0,0 +1,122 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'NetworkEdgeSecurityService' +kind: 'compute#networkEdgeSecurityService' +description: | + Google Cloud Armor network edge security service resource. +min_version: 'beta' +references: + guides: + 'Official Documentation': 'https://cloud.google.com/armor/docs/advanced-network-ddos' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/networkEdgeSecurityServices' +docs: +base_url: 'projects/{{project}}/regions/{{region}}/networkEdgeSecurityServices' +self_link: 'projects/{{project}}/regions/{{region}}/networkEdgeSecurityServices/{{name}}' +create_url: 'projects/{{project}}/regions/{{region}}/networkEdgeSecurityServices?networkEdgeSecurityService={{name}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/regions/{{region}}/networkEdgeSecurityServices/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +custom_code: +# Skipping the sweeper since we need to sweep multiple regions +exclude_sweeper: true +examples: + - name: 'compute_network_edge_security_service_basic' + primary_resource_id: 'default' + vars: + resource_name: 'my-edge-security-service' + test_env_vars: + project_id: 'PROJECT_NAME' +parameters: + - name: 'region' + type: ResourceRef + description: | + The region of the gateway security policy. + min_version: 'beta' + url_param_only: true + required: false + immutable: true + resource: 'Region' + imports: 'name' +properties: + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is created. + min_version: 'beta' + required: true + immutable: true + - name: 'description' + type: String + description: | + Free-text description of the resource. + min_version: 'beta' + - name: 'serviceId' + type: String + description: | + The unique identifier for the resource. This identifier is defined by the server. + api_name: id + min_version: 'beta' + output: true + - name: 'creationTimestamp' + type: String + description: | + Creation timestamp in RFC3339 text format. + min_version: 'beta' + output: true + - name: 'selfLink' + type: String + description: | + Server-defined URL for the resource. + min_version: 'beta' + output: true + - name: 'selfLinkWithServiceId' + type: String + description: | + Server-defined URL for this resource with the resource id. + api_name: selfLinkWithId + min_version: 'beta' + output: true + - name: 'fingerprint' + type: Fingerprint + description: | + Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a NetworkEdgeSecurityService. + An up-to-date fingerprint must be provided in order to update the NetworkEdgeSecurityService, otherwise the request will fail with error 412 conditionNotMet. + min_version: 'beta' + output: true + - name: 'securityPolicy' + type: String + description: | + The resource URL for the network edge security service associated with this network edge security service. + min_version: 'beta' diff --git a/mmv1/products/compute/go_NetworkEndpoint.yaml b/mmv1/products/compute/go_NetworkEndpoint.yaml new file mode 100644 index 000000000000..e83b373ed865 --- /dev/null +++ b/mmv1/products/compute/go_NetworkEndpoint.yaml @@ -0,0 +1,132 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'NetworkEndpoint' +kind: 'compute#networkEndpoint' +description: | + A Network endpoint represents a IP address and port combination that is + part of a specific network endpoint group (NEG). NEGs are zonal + collections of these endpoints for GCP resources within a + single subnet. **NOTE**: Network endpoints cannot be created outside of a + network endpoint group. + + -> **NOTE** In case the Endpoint's Instance is recreated, it's needed to + perform `apply` twice. To avoid situations like this, please use this resource + with the lifecycle `replace_triggered_by` method, with the passed Instance's ID. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/' + api: 'https://cloud.google.com/compute/docs/reference/rest/beta/networkEndpointGroups' +docs: +id_format: '{{project}}/{{zone}}/{{network_endpoint_group}}/{{instance}}/{{ip_address}}/{{port}}' +base_url: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}' +self_link: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/listNetworkEndpoints' +create_url: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/attachNetworkEndpoints' +read_verb: 'POST' +delete_url: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/detachNetworkEndpoints' +delete_verb: 'POST' +immutable: true +mutex: 'networkEndpoint/{{project}}/{{zone}}/{{network_endpoint_group}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +identity: + - instance + - ipAddress + - port +nested_query: + keys: + - items + is_list_of_ids: false + modify_by_patch: false +custom_code: + encoder: 'templates/terraform/encoders/go/compute_network_endpoint.go.tmpl' + decoder: 'templates/terraform/decoders/go/unwrap_resource.go.tmpl' + pre_delete: 'templates/terraform/pre_delete/go/compute_network_endpoint.go.tmpl' + custom_import: 'templates/terraform/custom_import/go/compute_network_endpoint.go.tmpl' +exclude_tgc: true +examples: + - name: 'network_endpoint' + primary_resource_id: 'default-endpoint' + vars: + neg_name: 'my-lb-neg' + instance_name: 'endpoint-instance' + network_name: 'neg-network' + subnetwork_name: 'neg-subnetwork' + # Fine-grained resource need different autogenerated tests, as + # we need to check destroy during a test step where the parent resource + # still exists, rather than during CheckDestroy (when read returns + # nothing because the parent resource has then also been destroyed) + exclude_test: true +parameters: + - name: 'zone' + type: ResourceRef + description: | + Zone where the containing network endpoint group is located. + url_param_only: true + required: false + ignore_read: true + default_from_api: true + resource: 'Zone' + imports: 'name' + - name: 'networkEndpointGroup' + type: ResourceRef + description: | + The network endpoint group this endpoint is part of. + url_param_only: true + required: true + ignore_read: true + diff_suppress_func: 'tpgresource.CompareResourceNames' + resource: 'NetworkEndpointGroup' + imports: 'name' +properties: + - name: 'instance' + type: ResourceRef + description: | + The name for a specific VM instance that the IP address belongs to. + This is required for network endpoints of type GCE_VM_IP_PORT. + The instance must be in the same zone of network endpoint group. + custom_expand: 'templates/terraform/custom_expand/go/resource_from_self_link.go.tmpl' + resource: 'Instance' + imports: 'name' + - name: 'port' + type: Integer + description: | + Port number of network endpoint. + **Note** `port` is required unless the Network Endpoint Group is created + with the type of `GCE_VM_IP` + custom_flatten: 'templates/terraform/custom_flatten/go/float64_to_int.go.tmpl' + - name: 'ipAddress' + type: String + description: | + IPv4 address of network endpoint. The IP address must belong + to a VM in GCE (either the primary IP or as part of an aliased IP + range). + required: true diff --git a/mmv1/products/compute/go_NetworkEndpointGroup.yaml b/mmv1/products/compute/go_NetworkEndpointGroup.yaml new file mode 100644 index 000000000000..12a7f6adfbb3 --- /dev/null +++ b/mmv1/products/compute/go_NetworkEndpointGroup.yaml @@ -0,0 +1,150 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'NetworkEndpointGroup' +kind: 'compute#networkEndpointGroup' +description: | + Network endpoint groups (NEGs) are zonal resources that represent + collections of IP address and port combinations for GCP resources within a + single subnet. Each IP address and port combination is called a network + endpoint. + + Network endpoint groups can be used as backends in backend services for + HTTP(S), TCP proxy, and SSL proxy load balancers. You cannot use NEGs as a + backend with internal load balancers. Because NEG backends allow you to + specify IP addresses and ports, you can distribute traffic in a granular + fashion among applications or containers running within VM instances. + + Recreating a network endpoint group that's in use by another resource will give a + `resourceInUseByAnotherResource` error. Use `lifecycle.create_before_destroy` + to avoid this type of error. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/' + api: 'https://cloud.google.com/compute/docs/reference/rest/beta/networkEndpointGroups' +docs: +base_url: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: + constants: 'templates/terraform/constants/go/compute_network_endpoint_group.go.tmpl' +examples: + - name: 'network_endpoint_group' + primary_resource_id: 'neg' + vars: + neg_name: 'my-lb-neg' + network_name: 'neg-network' + subnetwork_name: 'neg-subnetwork' + - name: 'network_endpoint_group_non_gcp' + primary_resource_id: 'neg' + vars: + neg_name: 'my-lb-neg' + network_name: 'neg-network' +parameters: + - name: 'zone' + type: ResourceRef + description: | + Zone where the network endpoint group is located. + required: false + ignore_read: true + default_from_api: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Zone' + imports: 'name' +properties: + - name: 'name' + type: String + description: | + Name of the resource; provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and match + the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the + first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the last + character, which cannot be a dash. + required: true + validation: + function: 'verify.ValidateGCEName' + - name: 'description' + type: String + description: | + An optional description of this resource. Provide this property when + you create the resource. + - name: 'networkEndpointType' + type: Enum + description: | + Type of network endpoints in this network endpoint group. + NON_GCP_PRIVATE_IP_PORT is used for hybrid connectivity network + endpoint groups (see https://cloud.google.com/load-balancing/docs/hybrid). + Note that NON_GCP_PRIVATE_IP_PORT can only be used with Backend Services + that 1) have the following load balancing schemes: EXTERNAL, EXTERNAL_MANAGED, + INTERNAL_MANAGED, and INTERNAL_SELF_MANAGED and 2) support the RATE or + CONNECTION balancing modes. + + Possible values include: GCE_VM_IP, GCE_VM_IP_PORT, NON_GCP_PRIVATE_IP_PORT, INTERNET_IP_PORT, INTERNET_FQDN_PORT, SERVERLESS, and PRIVATE_SERVICE_CONNECT. + default_value: "GCE_VM_IP_PORT" + enum_values: + - 'GCE_VM_IP' + - 'GCE_VM_IP_PORT' + - 'NON_GCP_PRIVATE_IP_PORT' + - 'INTERNET_IP_PORT' + - 'INTERNET_FQDN_PORT' + - 'SERVERLESS' + - 'PRIVATE_SERVICE_CONNECT' + - name: 'size' + type: Integer + description: Number of network endpoints in the network endpoint group. + output: true + - name: 'network' + type: ResourceRef + description: | + The network to which all network endpoints in the NEG belong. + Uses "default" project network if unspecified. + required: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Network' + imports: 'selfLink' + - name: 'subnetwork' + type: ResourceRef + description: | + Optional subnetwork to which all network endpoints in the NEG belong. + diff_suppress_func: 'compareOptionalSubnet' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Subnetwork' + imports: 'selfLink' + - name: 'defaultPort' + type: Integer + description: | + The default port used if the port number is not specified in the + network endpoint. diff --git a/mmv1/products/compute/go_NetworkEndpoints.yaml b/mmv1/products/compute/go_NetworkEndpoints.yaml new file mode 100644 index 000000000000..7fadfe885b54 --- /dev/null +++ b/mmv1/products/compute/go_NetworkEndpoints.yaml @@ -0,0 +1,143 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'NetworkEndpoints' +kind: 'compute#networkEndpoints' +description: | + A set of network endpoints belonging to a network endpoint group (NEG). A + single network endpoint represents a IP address and port combination that is + part of a specific network endpoint group (NEG). NEGs are zonal collections + of these endpoints for GCP resources within a single subnet. **NOTE**: + Network endpoints cannot be created outside of a network endpoint group. + + This resource is authoritative for a single NEG. Any endpoints not specified + by this resource will be deleted when the resource configuration is applied. + + -> **NOTE** In case the Endpoint's Instance is recreated, it's needed to + perform `apply` twice. To avoid situations like this, please use this resource + with the lifecycle `replace_triggered_by` method, with the passed Instance's ID. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/' + api: 'https://cloud.google.com/compute/docs/reference/rest/beta/networkEndpointGroups' +docs: +id_format: '{{project}}/{{zone}}/{{network_endpoint_group}}' +base_url: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}' +self_link: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/listNetworkEndpoints' +create_url: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/attachNetworkEndpoints' +update_url: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/attachNetworkEndpoints' +update_verb: 'POST' +read_verb: 'POST' +delete_url: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/detachNetworkEndpoints' +delete_verb: 'POST' +mutex: 'networkEndpoint/{{project}}/{{zone}}/{{network_endpoint_group}}' +import_format: + - 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +identity: + - networkEndpointGroup +custom_code: + constants: 'templates/terraform/constants/go/network_endpoints.go.tmpl' + encoder: 'templates/terraform/encoders/go/compute_network_endpoints.go.tmpl' + decoder: 'templates/terraform/decoders/go/network_endpoints.go.tmpl' + pre_create: 'templates/terraform/pre_create/go/network_endpoints.go.tmpl' + pre_update: 'templates/terraform/pre_update/go/network_endpoints.go.tmpl' + pre_delete: 'templates/terraform/pre_delete/go/compute_network_endpoints.go.tmpl' +exclude_tgc: true +examples: + - name: 'network_endpoints' + primary_resource_id: 'default-endpoints' + vars: + neg_name: 'my-lb-neg' + instance_name: 'endpoint-instance' + network_name: 'neg-network' + subnetwork_name: 'neg-subnetwork' + # Fine-grained resource need different autogenerated tests, as + # we need to check destroy during a test step where the parent resource + # still exists, rather than during CheckDestroy (when read returns + # nothing because the parent resource has then also been destroyed) + exclude_test: true +parameters: + - name: 'zone' + type: ResourceRef + description: | + Zone where the containing network endpoint group is located. + url_param_only: true + required: false + ignore_read: true + default_from_api: true + resource: 'Zone' + imports: 'name' + - name: 'networkEndpointGroup' + type: ResourceRef + description: | + The network endpoint group these endpoints are part of. + url_param_only: true + required: true + ignore_read: true + diff_suppress_func: 'tpgresource.CompareResourceNames' + resource: 'NetworkEndpointGroup' + imports: 'name' +properties: + - name: 'networkEndpoints' + type: Array + description: | + The network endpoints to be added to the enclosing network endpoint group + (NEG). Each endpoint specifies an IP address and port, along with + additional information depending on the NEG type. + is_set: true + item_type: + type: NestedObject + properties: + - name: 'instance' + type: ResourceRef + description: | + The name for a specific VM instance that the IP address belongs to. + This is required for network endpoints of type GCE_VM_IP_PORT. + The instance must be in the same zone as the network endpoint group. + custom_expand: 'templates/terraform/custom_expand/go/resource_from_self_link.go.tmpl' + resource: 'Instance' + imports: 'name' + - name: 'port' + type: Integer + description: | + Port number of network endpoint. + **Note** `port` is required unless the Network Endpoint Group is created + with the type of `GCE_VM_IP` + custom_flatten: 'templates/terraform/custom_flatten/go/float64_to_int.go.tmpl' + - name: 'ipAddress' + type: String + description: | + IPv4 address of network endpoint. The IP address must belong + to a VM in GCE (either the primary IP or as part of an aliased IP + range). + required: true diff --git a/mmv1/products/compute/go_NetworkFirewallPolicy.yaml b/mmv1/products/compute/go_NetworkFirewallPolicy.yaml new file mode 100644 index 000000000000..feb6e205653a --- /dev/null +++ b/mmv1/products/compute/go_NetworkFirewallPolicy.yaml @@ -0,0 +1,82 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'NetworkFirewallPolicy' +description: "The Compute NetworkFirewallPolicy resource" +docs: +base_url: 'projects/{{project}}/global/firewallPolicies' +self_link: 'projects/{{project}}/global/firewallPolicies/{{name}}' +create_url: 'projects/{{project}}/global/firewallPolicies' +update_verb: 'PATCH' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +custom_code: +legacy_long_form_project: true +examples: + - name: 'network_firewall_policy_full' + primary_resource_id: 'policy' + vars: + policy_name: 'tf-test-policy' +parameters: +properties: + - name: 'creationTimestamp' + type: String + description: Creation timestamp in RFC3339 text format. + output: true + - name: 'name' + type: String + description: User-provided name of the Network firewall policy. The name should be unique in the project in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + required: true + immutable: true + - name: 'networkFirewallPolicyId' + type: String + description: The unique identifier for the resource. This identifier is defined by the server. + api_name: id + output: true + - name: 'description' + type: String + description: An optional description of this resource. Provide this property when you create the resource. + - name: 'fingerprint' + type: Fingerprint + description: Fingerprint of the resource. This field is used internally during updates of this resource. + output: true + - name: 'selfLink' + type: String + description: Server-defined URL for the resource. + output: true + - name: 'selfLinkWithId' + type: String + description: Server-defined URL for this resource with the resource id. + output: true + - name: 'ruleTupleCount' + type: Integer + description: Total count of all firewall policy rule tuples. A firewall policy can not exceed a set number of tuples. + output: true diff --git a/mmv1/products/compute/go_NetworkFirewallPolicyWithRules.yaml b/mmv1/products/compute/go_NetworkFirewallPolicyWithRules.yaml new file mode 100644 index 000000000000..c72ae8359957 --- /dev/null +++ b/mmv1/products/compute/go_NetworkFirewallPolicyWithRules.yaml @@ -0,0 +1,673 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'NetworkFirewallPolicyWithRules' +description: "The Compute NetworkFirewallPolicy with rules resource" +min_version: 'beta' +docs: +base_url: 'projects/{{project}}/global/firewallPolicies' +self_link: 'projects/{{project}}/global/firewallPolicies/{{name}}' +create_url: 'projects/{{project}}/global/firewallPolicies' +update_verb: 'PATCH' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +custom_code: + constants: 'templates/terraform/constants/go/resource_compute_network_firewall_policy_with_rules.go.tmpl' + encoder: 'templates/terraform/encoders/go/resource_compute_network_firewall_policy_with_rules.go.tmpl' + update_encoder: 'templates/terraform/update_encoder/go/resource_compute_network_firewall_policy_with_rules.go.tmpl' + decoder: 'templates/terraform/decoders/go/resource_compute_network_firewall_policy_with_rules.go.tmpl' + post_create: 'templates/terraform/post_create/go/resource_compute_network_firewall_policy_with_rules.go.tmpl' +legacy_long_form_project: true +examples: + - name: 'compute_network_firewall_policy_with_rules_full' + primary_resource_id: 'network-firewall-policy-with-rules' + vars: + policy_name: 'tf-fw-policy-with-rules' + address_group_name: 'tf-address-group' + tag_key_name: 'tf-tag-key' + tag_value_name: 'tf-tag-value' + security_profile_group_name: 'tf-security-profile-group' + security_profile_name: 'tf-security-profile' + test_env_vars: + org_id: 'ORG_ID' +parameters: +properties: + - name: 'creationTimestamp' + type: String + description: Creation timestamp in RFC3339 text format. + min_version: 'beta' + output: true + - name: 'name' + type: String + description: | + User-provided name of the Network firewall policy. + The name should be unique in the project in which the firewall policy is created. + The name must be 1-63 characters long, and comply with RFC1035. Specifically, + the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? + which means the first character must be a lowercase letter, and all following characters must be a dash, + lowercase letter, or digit, except the last character, which cannot be a dash. + min_version: 'beta' + required: true + immutable: true + - name: 'networkFirewallPolicyId' + type: String + description: The unique identifier for the resource. This identifier is defined by the server. + api_name: id + min_version: 'beta' + output: true + - name: 'description' + type: String + description: An optional description of this resource. + min_version: 'beta' + - name: 'rule' + type: Array + description: A list of firewall policy rules. + api_name: rules + min_version: 'beta' + required: true + item_type: + type: NestedObject + properties: + - name: 'description' + type: String + description: | + A description of the rule. + min_version: 'beta' + - name: 'ruleName' + type: String + description: | + An optional name for the rule. This field is not a unique identifier + and can be updated. + min_version: 'beta' + - name: 'priority' + type: Integer + description: | + An integer indicating the priority of a rule in the list. The priority must be a value + between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the + highest priority and 2147483647 is the lowest priority. + min_version: 'beta' + required: true + - name: 'match' + type: NestedObject + description: + A match condition that incoming traffic is evaluated against. If it + evaluates to true, the corresponding 'action' is enforced. + min_version: 'beta' + required: true + properties: + - name: 'srcIpRanges' + type: Array + description: | + Source IP address range in CIDR format. Required for + INGRESS rules. + min_version: 'beta' + item_type: + type: String + - name: 'destIpRanges' + type: Array + description: | + Destination IP address range in CIDR format. Required for + EGRESS rules. + min_version: 'beta' + item_type: + type: String + - name: 'srcAddressGroups' + type: Array + description: | + Address groups which should be matched against the traffic source. + Maximum number of source address groups is 10. + min_version: 'beta' + item_type: + type: String + - name: 'destAddressGroups' + type: Array + description: | + Address groups which should be matched against the traffic destination. + Maximum number of destination address groups is 10. + min_version: 'beta' + item_type: + type: String + - name: 'srcFqdns' + type: Array + description: | + Fully Qualified Domain Name (FQDN) which should be matched against + traffic source. Maximum number of source fqdn allowed is 100. + min_version: 'beta' + item_type: + type: String + - name: 'destFqdns' + type: Array + description: | + Fully Qualified Domain Name (FQDN) which should be matched against + traffic destination. Maximum number of destination fqdn allowed is 100. + min_version: 'beta' + item_type: + type: String + - name: 'srcRegionCodes' + type: Array + description: | + Region codes whose IP addresses will be used to match for source + of traffic. Should be specified as 2 letter country code defined as per + ISO 3166 alpha-2 country codes. ex."US" + Maximum number of source region codes allowed is 5000. + min_version: 'beta' + item_type: + type: String + - name: 'destRegionCodes' + type: Array + description: | + Region codes whose IP addresses will be used to match for destination + of traffic. Should be specified as 2 letter country code defined as per + ISO 3166 alpha-2 country codes. ex."US" + Maximum number of destination region codes allowed is 5000. + min_version: 'beta' + item_type: + type: String + - name: 'srcThreatIntelligences' + type: Array + description: | + Names of Network Threat Intelligence lists. + The IPs in these lists will be matched against traffic source. + min_version: 'beta' + item_type: + type: String + - name: 'destThreatIntelligences' + type: Array + description: | + Names of Network Threat Intelligence lists. + The IPs in these lists will be matched against traffic destination. + min_version: 'beta' + item_type: + type: String + - name: 'layer4Config' + type: Array + description: | + Pairs of IP protocols and ports that the rule should match. + api_name: layer4Configs + min_version: 'beta' + required: true + item_type: + type: NestedObject + properties: + - name: 'ipProtocol' + type: String + description: | + The IP protocol to which this rule applies. The protocol + type is required when creating a firewall rule. + This value can either be one of the following well + known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), + or the IP protocol number. + min_version: 'beta' + required: true + - name: 'ports' + type: Array + description: | + An optional list of ports to which this rule applies. This field + is only applicable for UDP or TCP protocol. Each entry must be + either an integer or a range. If not specified, this rule + applies to connections through any port. + Example inputs include: ["22"], ["80","443"], and + ["12345-12349"]. + min_version: 'beta' + item_type: + type: String + - name: 'srcSecureTag' + type: Array + description: | + List of secure tag values, which should be matched at the source + of the traffic. + For INGRESS rule, if all the srcSecureTag are INEFFECTIVE, + and there is no srcIpRange, this rule will be ignored. + Maximum number of source tag values allowed is 256. + api_name: srcSecureTags + min_version: 'beta' + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + Name of the secure tag, created with TagManager's TagValue API. + @pattern tagValues/[0-9]+ + min_version: 'beta' + - name: 'state' + type: Enum + description: | + [Output Only] State of the secure tag, either `EFFECTIVE` or + `INEFFECTIVE`. A secure tag is `INEFFECTIVE` when it is deleted + or its network is deleted. + min_version: 'beta' + output: true + enum_values: + - 'EFFECTIVE' + - 'INEFFECTIVE' + - name: 'targetSecureTag' + type: Array + description: | + A list of secure tags that controls which instances the firewall rule + applies to. If targetSecureTag are specified, then the + firewall rule applies only to instances in the VPC network that have one + of those EFFECTIVE secure tags, if all the target_secure_tag are in + INEFFECTIVE state, then this rule will be ignored. + targetSecureTag may not be set at the same time as + targetServiceAccounts. + If neither targetServiceAccounts nor + targetSecureTag are specified, the firewall rule applies + to all instances on the specified network. + Maximum number of target label tags allowed is 256. + api_name: targetSecureTags + min_version: 'beta' + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + Name of the secure tag, created with TagManager's TagValue API. + @pattern tagValues/[0-9]+ + min_version: 'beta' + - name: 'state' + type: Enum + description: | + [Output Only] State of the secure tag, either `EFFECTIVE` or + `INEFFECTIVE`. A secure tag is `INEFFECTIVE` when it is deleted + or its network is deleted. + min_version: 'beta' + output: true + enum_values: + - 'EFFECTIVE' + - 'INEFFECTIVE' + - name: 'action' + type: String + description: | + The Action to perform when the client connection triggers the rule. Can currently be either + "allow", "deny", "apply_security_profile_group" or "goto_next". + min_version: 'beta' + required: true + - name: 'direction' + type: Enum + description: | + The direction in which this rule applies. If unspecified an INGRESS rule is created. + min_version: 'beta' + enum_values: + - 'INGRESS' + - 'EGRESS' + - name: 'enableLogging' + type: Boolean + description: | + Denotes whether to enable logging for a particular rule. + If logging is enabled, logs will be exported to the + configured export destination in Stackdriver. + min_version: 'beta' + send_empty_value: true + - name: 'targetServiceAccounts' + type: Array + description: | + A list of service accounts indicating the sets of + instances that are applied with this rule. + min_version: 'beta' + item_type: + type: String + - name: 'securityProfileGroup' + type: String + description: | + A fully-qualified URL of a SecurityProfile resource instance. + Example: + https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group + Must be specified if action is 'apply_security_profile_group'. + min_version: 'beta' + - name: 'tlsInspect' + type: Boolean + description: | + Boolean flag indicating if the traffic should be TLS decrypted. + It can be set only if action = 'apply_security_profile_group' and cannot be set for other actions. + min_version: 'beta' + - name: 'disabled' + type: Boolean + description: | + Denotes whether the firewall policy rule is disabled. When set to true, + the firewall policy rule is not enforced and traffic behaves as if it did + not exist. If this is unspecified, the firewall policy rule will be + enabled. + min_version: 'beta' + - name: 'predefinedRules' + type: Array + description: A list of firewall policy pre-defined rules. + min_version: 'beta' + output: true + item_type: + type: NestedObject + properties: + - name: 'description' + type: String + description: | + A description of the rule. + min_version: 'beta' + output: true + - name: 'ruleName' + type: String + description: | + An optional name for the rule. This field is not a unique identifier + and can be updated. + min_version: 'beta' + output: true + - name: 'priority' + type: Integer + description: | + An integer indicating the priority of a rule in the list. The priority must be a value + between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the + highest priority and 2147483647 is the lowest priority. + min_version: 'beta' + output: true + - name: 'match' + type: NestedObject + description: + A match condition that incoming traffic is evaluated against. If it + evaluates to true, the corresponding 'action' is enforced. + min_version: 'beta' + output: true + properties: + - name: 'srcIpRanges' + type: Array + description: | + Source IP address range in CIDR format. Required for + INGRESS rules. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'destIpRanges' + type: Array + description: | + Destination IP address range in CIDR format. Required for + EGRESS rules. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'srcAddressGroups' + type: Array + description: | + Address groups which should be matched against the traffic source. + Maximum number of source address groups is 10. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'destAddressGroups' + type: Array + description: | + Address groups which should be matched against the traffic destination. + Maximum number of destination address groups is 10. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'srcFqdns' + type: Array + description: | + Fully Qualified Domain Name (FQDN) which should be matched against + traffic source. Maximum number of source fqdn allowed is 100. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'destFqdns' + type: Array + description: | + Fully Qualified Domain Name (FQDN) which should be matched against + traffic destination. Maximum number of destination fqdn allowed is 100. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'srcRegionCodes' + type: Array + description: | + Region codes whose IP addresses will be used to match for source + of traffic. Should be specified as 2 letter country code defined as per + ISO 3166 alpha-2 country codes. ex."US" + Maximum number of source region codes allowed is 5000. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'destRegionCodes' + type: Array + description: | + Region codes whose IP addresses will be used to match for destination + of traffic. Should be specified as 2 letter country code defined as per + ISO 3166 alpha-2 country codes. ex."US" + Maximum number of destination region codes allowed is 5000. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'srcThreatIntelligences' + type: Array + description: | + Names of Network Threat Intelligence lists. + The IPs in these lists will be matched against traffic source. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'destThreatIntelligences' + type: Array + description: | + Names of Network Threat Intelligence lists. + The IPs in these lists will be matched against traffic destination. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'layer4Config' + type: Array + description: | + Pairs of IP protocols and ports that the rule should match. + api_name: layer4Configs + min_version: 'beta' + output: true + item_type: + type: NestedObject + properties: + - name: 'ipProtocol' + type: String + description: | + The IP protocol to which this rule applies. The protocol + type is required when creating a firewall rule. + This value can either be one of the following well + known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), + or the IP protocol number. + min_version: 'beta' + output: true + - name: 'ports' + type: Array + description: | + An optional list of ports to which this rule applies. This field + is only applicable for UDP or TCP protocol. Each entry must be + either an integer or a range. If not specified, this rule + applies to connections through any port. + Example inputs include: ["22"], ["80","443"], and + ["12345-12349"]. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'srcSecureTag' + type: Array + description: | + List of secure tag values, which should be matched at the source + of the traffic. + For INGRESS rule, if all the srcSecureTag are INEFFECTIVE, + and there is no srcIpRange, this rule will be ignored. + Maximum number of source tag values allowed is 256. + api_name: srcSecureTags + min_version: 'beta' + output: true + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + Name of the secure tag, created with TagManager's TagValue API. + @pattern tagValues/[0-9]+ + min_version: 'beta' + output: true + - name: 'state' + type: Enum + description: | + [Output Only] State of the secure tag, either `EFFECTIVE` or + `INEFFECTIVE`. A secure tag is `INEFFECTIVE` when it is deleted + or its network is deleted. + min_version: 'beta' + output: true + enum_values: + - 'EFFECTIVE' + - 'INEFFECTIVE' + - name: 'targetSecureTag' + type: Array + description: | + A list of secure tags that controls which instances the firewall rule + applies to. If targetSecureTag are specified, then the + firewall rule applies only to instances in the VPC network that have one + of those EFFECTIVE secure tags, if all the target_secure_tag are in + INEFFECTIVE state, then this rule will be ignored. + targetSecureTag may not be set at the same time as + targetServiceAccounts. + If neither targetServiceAccounts nor + targetSecureTag are specified, the firewall rule applies + to all instances on the specified network. + Maximum number of target label tags allowed is 256. + api_name: targetSecureTags + min_version: 'beta' + output: true + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + Name of the secure tag, created with TagManager's TagValue API. + @pattern tagValues/[0-9]+ + min_version: 'beta' + output: true + - name: 'state' + type: Enum + description: | + [Output Only] State of the secure tag, either `EFFECTIVE` or + `INEFFECTIVE`. A secure tag is `INEFFECTIVE` when it is deleted + or its network is deleted. + min_version: 'beta' + output: true + enum_values: + - 'EFFECTIVE' + - 'INEFFECTIVE' + - name: 'action' + type: String + description: | + The Action to perform when the client connection triggers the rule. Can currently be either + "allow", "deny", "apply_security_profile_group" or "goto_next". + min_version: 'beta' + output: true + - name: 'direction' + type: Enum + description: | + The direction in which this rule applies. If unspecified an INGRESS rule is created. + min_version: 'beta' + output: true + enum_values: + - 'INGRESS' + - 'EGRESS' + - name: 'enableLogging' + type: Boolean + description: | + Denotes whether to enable logging for a particular rule. + If logging is enabled, logs will be exported to the + configured export destination in Stackdriver. + min_version: 'beta' + output: true + send_empty_value: true + - name: 'targetServiceAccounts' + type: Array + description: | + A list of service accounts indicating the sets of + instances that are applied with this rule. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'securityProfileGroup' + type: String + description: | + A fully-qualified URL of a SecurityProfile resource instance. + Example: + https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group + Must be specified if action is 'apply_security_profile_group'. + min_version: 'beta' + output: true + - name: 'tlsInspect' + type: Boolean + description: | + Boolean flag indicating if the traffic should be TLS decrypted. + It can be set only if action = 'apply_security_profile_group' and cannot be set for other actions. + min_version: 'beta' + output: true + - name: 'disabled' + type: Boolean + description: | + Denotes whether the firewall policy rule is disabled. When set to true, + the firewall policy rule is not enforced and traffic behaves as if it did + not exist. If this is unspecified, the firewall policy rule will be + enabled. + min_version: 'beta' + output: true + - name: 'fingerprint' + type: Fingerprint + description: Fingerprint of the resource. This field is used internally during updates of this resource. + min_version: 'beta' + output: true + - name: 'selfLink' + type: String + description: Server-defined URL for the resource. + min_version: 'beta' + output: true + - name: 'selfLinkWithId' + type: String + description: Server-defined URL for this resource with the resource id. + min_version: 'beta' + output: true + - name: 'ruleTupleCount' + type: Integer + description: Total count of all firewall policy rule tuples. A firewall policy can not exceed a set number of tuples. + min_version: 'beta' + output: true diff --git a/mmv1/products/compute/go_NetworkPeeringRoutesConfig.yaml b/mmv1/products/compute/go_NetworkPeeringRoutesConfig.yaml new file mode 100644 index 000000000000..521bc878135c --- /dev/null +++ b/mmv1/products/compute/go_NetworkPeeringRoutesConfig.yaml @@ -0,0 +1,115 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'NetworkPeeringRoutesConfig' +description: | + Manage a network peering's route settings without managing the peering as + a whole. This resource is primarily intended for use with GCP-generated + peerings that shouldn't otherwise be managed by other tools. Deleting this + resource is a no-op and the peering will not be modified. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/vpc/docs/vpc-peering' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/networks/updatePeering' +docs: +id_format: 'projects/{{project}}/global/networks/{{network}}/networkPeerings/{{peering}}' +base_url: 'projects/{{project}}/global/networks/{{network}}' +self_link: 'projects/{{project}}/global/networks/{{network}}' +create_url: 'projects/{{project}}/global/networks/{{network}}/updatePeering' +create_verb: 'PATCH' +update_url: 'projects/{{project}}/global/networks/{{network}}/updatePeering' +update_verb: 'PATCH' +exclude_delete: true +mutex: 'projects/{{project}}/global/networks/{{network}}/peerings' +import_format: + - 'projects/{{project}}/global/networks/{{network}}/networkPeerings/{{peering}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +identity: + - peering +nested_query: + keys: + - peerings + is_list_of_ids: false + modify_by_patch: false +custom_code: + encoder: 'templates/terraform/encoders/go/network_peering_routes_config.go.tmpl' +examples: + - name: 'network_peering_routes_config_basic' + primary_resource_id: 'peering_primary_routes' + vars: + peering_primary_name: 'primary-peering' + peering_secondary_name: 'secondary-peering' + network_primary_name: 'primary-network' + network_secondary_name: 'secondary-network' + - name: 'network_peering_routes_config_gke' + primary_resource_id: 'peering_gke_routes' + vars: + network_name: 'container-network' + subnetwork_name: 'container-subnetwork' + gke_cluster_name: 'private-cluster' + deletion_protection: 'true' + test_vars_overrides: + 'deletion_protection': 'false' + oics_vars_overrides: + 'deletion_protection': 'false' + # currently failing + skip_vcr: true +parameters: + - name: 'network' + type: ResourceRef + description: | + The name of the primary network for the peering. + url_param_only: true + required: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + resource: 'Network' + imports: 'name' +properties: + - name: 'peering' + type: String + description: | + Name of the peering. + # renamed to make it clear that this is an existing peering + api_name: name + required: true + - name: 'exportCustomRoutes' + type: Boolean + description: | + Whether to export the custom routes to the peer network. + required: true + send_empty_value: true + - name: 'importCustomRoutes' + type: Boolean + description: | + Whether to import the custom routes to the peer network. + required: true + send_empty_value: true diff --git a/mmv1/products/compute/go_NodeGroup.yaml b/mmv1/products/compute/go_NodeGroup.yaml new file mode 100644 index 000000000000..c16e81b24363 --- /dev/null +++ b/mmv1/products/compute/go_NodeGroup.yaml @@ -0,0 +1,215 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'NodeGroup' +kind: 'compute#NodeGroup' +description: | + Represents a NodeGroup resource to manage a group of sole-tenant nodes. +references: + guides: + 'Sole-Tenant Nodes': 'https://cloud.google.com/compute/docs/nodes/' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/nodeGroups' +docs: +base_url: 'projects/{{project}}/zones/{{zone}}/nodeGroups' +has_self_link: true +create_url: 'projects/{{project}}/zones/{{zone}}/nodeGroups?initialNodeCount=PRE_CREATE_REPLACE_ME' +update_verb: 'PATCH' +update_mask: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: + pre_create: 'templates/terraform/pre_create/go/compute_node_group_url_replace.go.tmpl' +examples: + - name: 'node_group_basic' + primary_resource_id: 'nodes' + vars: + group_name: 'soletenant-group' + template_name: 'soletenant-tmpl' + - name: 'node_group_maintenance_interval' + primary_resource_id: 'nodes' + min_version: 'beta' + vars: + group_name: 'soletenant-group' + template_name: 'soletenant-tmpl' + - name: 'node_group_autoscaling_policy' + primary_resource_id: 'nodes' + vars: + group_name: 'soletenant-group' + template_name: 'soletenant-tmpl' + - name: 'node_group_share_settings' + primary_resource_id: 'nodes' + vars: + group_name: 'soletenant-group' + template_name: 'soletenant-tmpl' + guest_project_id: 'project-id' + guest_project_name: 'project-name' + test_env_vars: + org_id: 'ORG_ID' +parameters: + - name: 'zone' + type: ResourceRef + description: | + Zone where this node group is located + required: false + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Zone' + imports: 'selfLink' +properties: + - name: 'creationTimestamp' + type: Time + description: | + Creation timestamp in RFC3339 text format. + output: true + - name: 'description' + type: String + description: | + An optional textual description of the resource. + - name: 'name' + type: String + description: | + Name of the resource. + - name: 'nodeTemplate' + type: ResourceRef + description: | + The URL of the node template to which this node group belongs. + required: true + update_url: 'projects/{{project}}/zones/{{zone}}/nodeGroups/{{name}}/setNodeTemplate' + update_verb: 'POST' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'NodeTemplate' + imports: 'selfLink' + - name: 'size' + type: Integer + description: | + The total number of nodes in the node group. + output: true + - name: 'initialSize' + type: Integer + description: | + The initial number of nodes in the node group. One of `initial_size` or `autoscaling_policy` must be configured on resource creation. + url_param_only: true + - name: 'maintenancePolicy' + type: String + description: | + Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. + default_value: "DEFAULT" + - name: 'maintenanceWindow' + type: NestedObject + description: | + contains properties for the timeframe of maintenance + properties: + - name: 'startTime' + type: String + description: | + instances.start time of the window. This must be in UTC format that resolves to one of 00:00, 04:00, 08:00, 12:00, 16:00, or 20:00. For example, both 13:00-5 and 08:00 are valid. + required: true + - name: 'autoscalingPolicy' + type: NestedObject + description: | + If you use sole-tenant nodes for your workloads, you can use the node + group autoscaler to automatically manage the sizes of your node groups. + + One of `initial_size` or `autoscaling_policy` must be configured on resource creation. + default_from_api: true + properties: + - name: 'mode' + type: Enum + description: | + The autoscaling mode. Set to one of the following: + - OFF: Disables the autoscaler. + - ON: Enables scaling in and scaling out. + - ONLY_SCALE_OUT: Enables only scaling out. + You must use this mode if your node groups are configured to + restart their hosted VMs on minimal servers. + required: true + default_from_api: true + enum_values: + - 'OFF' + - 'ON' + - 'ONLY_SCALE_OUT' + - name: 'minNodes' + type: Integer + description: | + Minimum size of the node group. Must be less + than or equal to max-nodes. The default value is 0. + default_from_api: true + - name: 'maxNodes' + type: Integer + description: | + Maximum size of the node group. Set to a value less than or equal + to 100 and greater than or equal to min-nodes. + required: true + default_from_api: true + - name: 'shareSettings' + type: NestedObject + description: | + Share settings for the node group. + default_from_api: true + properties: + - name: 'shareType' + type: Enum + description: | + Node group sharing type. + required: true + enum_values: + - 'ORGANIZATION' + - 'SPECIFIC_PROJECTS' + - 'LOCAL' + - name: 'projectMap' + type: Map + description: | + A map of project id and project config. This is only valid when shareType's value is SPECIFIC_PROJECTS. + key_name: 'id' + key_description: | + The project ID. + value_type: + name: projectConfig + type: NestedObject + properties: + - name: 'projectId' + type: String + description: | + The project id/number should be the same as the key of this project config in the project map. + required: true + - name: 'maintenanceInterval' + type: Enum + description: | + Specifies the frequency of planned maintenance events. Set to one of the following: + - AS_NEEDED: Hosts are eligible to receive infrastructure and hypervisor updates as they become available. + - RECURRENT: Hosts receive planned infrastructure and hypervisor updates on a periodic basis, but not more frequently than every 28 days. This minimizes the number of planned maintenance operations on individual hosts and reduces the frequency of disruptions, both live migrations and terminations, on individual VMs. + min_version: 'beta' + default_from_api: true + enum_values: + - 'AS_NEEDED' + - 'RECURRENT' diff --git a/mmv1/products/compute/go_NodeTemplate.yaml b/mmv1/products/compute/go_NodeTemplate.yaml new file mode 100644 index 000000000000..d6a061d91ec1 --- /dev/null +++ b/mmv1/products/compute/go_NodeTemplate.yaml @@ -0,0 +1,178 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'NodeTemplate' +kind: 'compute#nodeTemplate' +description: | + Represents a NodeTemplate resource. Node templates specify properties + for creating sole-tenant nodes, such as node type, vCPU and memory + requirements, node affinity labels, and region. +references: + guides: + 'Sole-Tenant Nodes': 'https://cloud.google.com/compute/docs/nodes/' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/nodeTemplates' +docs: +base_url: 'projects/{{project}}/regions/{{region}}/nodeTemplates' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: +examples: + - name: 'node_template_basic' + primary_resource_id: 'template' + vars: + template_name: 'soletenant-tmpl' + - name: 'node_template_server_binding' + primary_resource_id: 'template' + vars: + template_name: 'soletenant-with-licenses' + - name: 'node_template_accelerators' + primary_resource_id: 'template' + vars: + template_name: 'soletenant-with-accelerators' +parameters: + - name: 'region' + type: ResourceRef + description: | + Region where nodes using the node template will be created. + If it is not provided, the provider region is used. + required: false + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'selfLink' +properties: + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'description' + type: String + description: 'An optional textual description of the resource.' + - name: 'name' + type: String + description: 'Name of the resource.' + - name: 'nodeAffinityLabels' + type: KeyValuePairs + description: | + Labels to use for node affinity, which will be used in + instance scheduling. + - name: 'nodeType' + type: String + description: | + Node type to use for nodes group that are created from this template. + Only one of nodeTypeFlexibility and nodeType can be specified. + conflicts: + - node_type_flexibility + - name: 'nodeTypeFlexibility' + type: NestedObject + description: | + Flexible properties for the desired node type. Node groups that + use this node template will create nodes of a type that matches + these properties. Only one of nodeTypeFlexibility and nodeType can + be specified. + conflicts: + - node_type + properties: + - name: 'cpus' + type: String + description: | + Number of virtual CPUs to use. + at_least_one_of: + - 'node_type_flexibility.0.cpus' + - 'node_type_flexibility.0.memory' + - name: 'memory' + type: String + description: | + Physical memory available to the node, defined in MB. + at_least_one_of: + - 'node_type_flexibility.0.cpus' + - 'node_type_flexibility.0.memory' + - name: 'localSsd' + type: String + description: | + Use local SSD + output: true + - name: 'serverBinding' + type: NestedObject + description: | + The server binding policy for nodes using this template. Determines + where the nodes should restart following a maintenance event. + default_from_api: true + properties: + - name: 'type' + type: Enum + description: | + Type of server binding policy. If `RESTART_NODE_ON_ANY_SERVER`, + nodes using this template will restart on any physical server + following a maintenance event. + + If `RESTART_NODE_ON_MINIMAL_SERVER`, nodes using this template + will restart on the same physical server following a maintenance + event, instead of being live migrated to or restarted on a new + physical server. This option may be useful if you are using + software licenses tied to the underlying server characteristics + such as physical sockets or cores, to avoid the need for + additional licenses when maintenance occurs. However, VMs on such + nodes will experience outages while maintenance is applied. + required: true + enum_values: + - 'RESTART_NODE_ON_ANY_SERVER' + - 'RESTART_NODE_ON_MINIMAL_SERVERS' + - name: 'accelerators' + type: Array + description: | + List of the type and count of accelerator cards attached to the + node template + item_type: + type: NestedObject + properties: + - name: 'acceleratorCount' + type: Integer + description: | + The number of the guest accelerator cards exposed to this + node template. + - name: 'acceleratorType' + type: String + description: | + Full or partial URL of the accelerator type resource to expose + to this node template. + - name: 'cpuOvercommitType' + type: Enum + description: | + CPU overcommit. + default_value: "NONE" + enum_values: + - 'ENABLED' + - 'NONE' diff --git a/mmv1/products/compute/go_OrganizationSecurityPolicy.yaml b/mmv1/products/compute/go_OrganizationSecurityPolicy.yaml new file mode 100644 index 000000000000..05ff97e7318e --- /dev/null +++ b/mmv1/products/compute/go_OrganizationSecurityPolicy.yaml @@ -0,0 +1,94 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'OrganizationSecurityPolicy' +description: | + Organization security policies are used to control incoming/outgoing traffic. +min_version: 'beta' +references: + guides: + 'Creating a firewall policy': 'https://cloud.google.com/vpc/docs/using-firewall-policies#create-policy' + api: 'https://cloud.google.com/compute/docs/reference/rest/beta/organizationSecurityPolicies' +docs: +id_format: 'locations/global/securityPolicies/{{policy_id}}' +base_url: 'locations/global/securityPolicies?parentId={{parent}}' +self_link: 'locations/global/securityPolicies/{{policy_id}}' +create_url: 'locations/global/securityPolicies?parentId={{parent}}' +update_verb: 'PATCH' +import_format: + - 'locations/global/securityPolicies/{{policy_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + post_create: 'templates/terraform/post_create/go/org_security_policy.go.tmpl' + post_delete: 'templates/terraform/post_delete/go/org_security_policy.go.tmpl' + post_update: 'templates/terraform/post_update/go/org_security_policy.go.tmpl' + # TODO: Remove once b/154369201 is closed. + test_check_destroy: 'templates/terraform/custom_check_destroy/go/skip_delete_during_test.go.tmpl' +examples: + - name: 'organization_security_policy_basic' + primary_resource_id: 'policy' + min_version: 'beta' + test_env_vars: + org_id: 'ORG_ID' +parameters: + - name: 'parent' + type: String + description: | + The parent of this OrganizationSecurityPolicy in the Cloud Resource Hierarchy. + Format: organizations/{organization_id} or folders/{folder_id} + min_version: 'beta' + required: true + immutable: true +properties: + - name: 'displayName' + type: String + description: | + A textual name of the security policy. + min_version: 'beta' + required: true + immutable: true + - name: 'description' + type: String + description: | + A textual description for the organization security policy. + min_version: 'beta' + - name: 'fingerprint' + type: Fingerprint + description: | + Fingerprint of this resource. This field is used internally during + updates of this resource. + min_version: 'beta' + output: true + - name: 'policy_id' + type: String + description: | + The unique identifier for the resource. This identifier is defined by the server. + api_name: id + min_version: 'beta' + output: true + - name: 'type' + type: Enum + description: | + The type indicates the intended use of the security policy. + For organization security policies, the only supported type + is "FIREWALL". + min_version: 'beta' + immutable: true + default_value: "FIREWALL" + enum_values: + - 'FIREWALL' diff --git a/mmv1/products/compute/go_OrganizationSecurityPolicyAssociation.yaml b/mmv1/products/compute/go_OrganizationSecurityPolicyAssociation.yaml new file mode 100644 index 000000000000..402c1ce71829 --- /dev/null +++ b/mmv1/products/compute/go_OrganizationSecurityPolicyAssociation.yaml @@ -0,0 +1,77 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'OrganizationSecurityPolicyAssociation' +description: | + An association for the OrganizationSecurityPolicy. +min_version: 'beta' +references: + guides: + 'Associating a policy with the organization or folder': 'https://cloud.google.com/vpc/docs/using-firewall-policies#associate' + api: 'https://cloud.google.com/compute/docs/reference/rest/beta/organizationSecurityPolicies/addAssociation' +docs: +id_format: '{{policy_id}}/association/{{name}}' +base_url: '{{policy_id}}' +self_link: '{{policy_id}}/getAssociation?name={{name}}' +create_url: '{{policy_id}}/addAssociation' +delete_url: '{{policy_id}}/removeAssociation?name={{name}}' +delete_verb: 'POST' +immutable: true +import_format: + - '{{%policy_id}}/association/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + post_create: 'templates/terraform/post_create/go/org_security_policy_association.go.tmpl' + post_delete: 'templates/terraform/post_create/go/org_security_policy_association.go.tmpl' + # TODO: Remove once b/154369201 is closed. + test_check_destroy: 'templates/terraform/custom_check_destroy/go/skip_delete_during_test.go.tmpl' +read_error_transform: 'transformSecurityPolicyAssociationReadError' +examples: + - name: 'organization_security_policy_association_basic' + primary_resource_id: 'policy' + min_version: 'beta' + test_env_vars: + org_id: 'ORG_ID' +parameters: + - name: 'policyId' + type: String + description: | + The security policy ID of the association. + api_name: securityPolicyId + min_version: 'beta' + url_param_only: true + required: true +properties: + - name: 'name' + type: String + description: | + The name for an association. + min_version: 'beta' + required: true + - name: 'attachmentId' + type: String + description: | + The resource that the security policy is attached to. + min_version: 'beta' + required: true + - name: 'displayName' + type: String + description: | + The display name of the security policy of the association. + min_version: 'beta' + output: true diff --git a/mmv1/products/compute/go_OrganizationSecurityPolicyRule.yaml b/mmv1/products/compute/go_OrganizationSecurityPolicyRule.yaml new file mode 100644 index 000000000000..fb4105c9f607 --- /dev/null +++ b/mmv1/products/compute/go_OrganizationSecurityPolicyRule.yaml @@ -0,0 +1,203 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'OrganizationSecurityPolicyRule' +description: | + A rule for the OrganizationSecurityPolicy. +min_version: 'beta' +references: + guides: + 'Creating firewall rules': 'https://cloud.google.com/vpc/docs/using-firewall-policies#create-rules' + api: 'https://cloud.google.com/compute/docs/reference/rest/beta/organizationSecurityPolicies/addRule' +docs: +id_format: '{{policy_id}}/priority/{{priority}}' +base_url: '{{policy_id}}' +self_link: '{{policy_id}}/getRule?priority={{priority}}' +create_url: '{{policy_id}}/addRule?priority={{priority}}' +update_url: '{{policy_id}}/patchRule?priority={{priority}}' +update_verb: 'POST' +delete_url: '{{policy_id}}/removeRule?priority={{priority}}' +delete_verb: 'POST' +import_format: + - '{{%policy_id}}/priority/{{priority}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + post_create: 'templates/terraform/post_create/go/org_security_policy_rule.go.tmpl' + post_delete: 'templates/terraform/post_create/go/org_security_policy_rule.go.tmpl' + post_update: 'templates/terraform/post_create/go/org_security_policy_rule.go.tmpl' + # TODO: Remove once b/154369201 is closed. + test_check_destroy: 'templates/terraform/custom_check_destroy/go/skip_delete_during_test.go.tmpl' +examples: + - name: 'organization_security_policy_rule_basic' + primary_resource_id: 'policy' + min_version: 'beta' + test_env_vars: + org_id: 'ORG_ID' +parameters: + - name: 'policyId' + type: String + description: | + The ID of the OrganizationSecurityPolicy this rule applies to. + min_version: 'beta' + url_param_only: true + required: true + immutable: true +properties: + - name: 'description' + type: String + description: | + A description of the rule. + min_version: 'beta' + - name: 'priority' + type: Integer + description: | + An integer indicating the priority of a rule in the list. The priority must be a value + between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the + highest priority and 2147483647 is the lowest prority. + min_version: 'beta' + required: true + immutable: true + - name: 'match' + type: NestedObject + description: + A match condition that incoming traffic is evaluated against. If it + evaluates to true, the corresponding 'action' is enforced. + min_version: 'beta' + required: true + properties: + - name: 'description' + type: String + description: | + A description of the rule. + min_version: 'beta' + - name: 'versionedExpr' + type: Enum + description: | + Preconfigured versioned expression. For organization security policy rules, + the only supported type is "FIREWALL". + min_version: 'beta' + default_value: "FIREWALL" + enum_values: + - 'FIREWALL' + - name: 'config' + type: NestedObject + description: The configuration options for matching the rule. + min_version: 'beta' + required: true + properties: + - name: 'srcIpRanges' + type: Array + description: | + Source IP address range in CIDR format. Required for + INGRESS rules. + min_version: 'beta' + exactly_one_of: + - 'match.0.config.0.src_ip_ranges' + - 'match.0.config.0.dest_ip_ranges' + item_type: + type: String + - name: 'destIpRanges' + type: Array + description: | + Destination IP address range in CIDR format. Required for + EGRESS rules. + min_version: 'beta' + exactly_one_of: + - 'match.0.config.0.src_ip_ranges' + - 'match.0.config.0.dest_ip_ranges' + item_type: + type: String + - name: 'layer4Config' + type: Array + description: | + Pairs of IP protocols and ports that the rule should match. + api_name: layer4Configs + min_version: 'beta' + required: true + item_type: + type: NestedObject + properties: + - name: 'ipProtocol' + type: String + description: | + The IP protocol to which this rule applies. The protocol + type is required when creating a firewall rule. + This value can either be one of the following well + known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), + or the IP protocol number. + min_version: 'beta' + required: true + - name: 'ports' + type: Array + description: | + An optional list of ports to which this rule applies. This field + is only applicable for UDP or TCP protocol. Each entry must be + either an integer or a range. If not specified, this rule + applies to connections through any port. + + Example inputs include: ["22"], ["80","443"], and + ["12345-12349"]. + min_version: 'beta' + item_type: + type: String + - name: 'action' + type: String + description: | + The Action to perform when the client connection triggers the rule. Can currently be either + "allow", "deny" or "goto_next". + min_version: 'beta' + required: true + - name: 'preview' + type: Boolean + description: | + If set to true, the specified action is not enforced. + min_version: 'beta' + - name: 'direction' + type: Enum + description: | + The direction in which this rule applies. If unspecified an INGRESS rule is created. + min_version: 'beta' + enum_values: + - 'INGRESS' + - 'EGRESS' + - name: 'targetResources' + type: Array + description: | + A list of network resource URLs to which this rule applies. + This field allows you to control which network's VMs get + this rule. If this field is left blank, all VMs + within the organization will receive the rule. + min_version: 'beta' + item_type: + type: String + - name: 'enableLogging' + type: Boolean + description: | + Denotes whether to enable logging for a particular rule. + If logging is enabled, logs will be exported to the + configured export destination in Stackdriver. + min_version: 'beta' + send_empty_value: true + - name: 'targetServiceAccounts' + type: Array + description: | + A list of service accounts indicating the sets of + instances that are applied with this rule. + min_version: 'beta' + item_type: + type: String diff --git a/mmv1/products/compute/go_PacketMirroring.yaml b/mmv1/products/compute/go_PacketMirroring.yaml new file mode 100644 index 000000000000..63a6871bda00 --- /dev/null +++ b/mmv1/products/compute/go_PacketMirroring.yaml @@ -0,0 +1,203 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'PacketMirroring' +description: | + Packet Mirroring mirrors traffic to and from particular VM instances. + You can use the collected traffic to help you detect security threats + and monitor application performance. +references: + guides: + 'Using Packet Mirroring': 'https://cloud.google.com/vpc/docs/using-packet-mirroring#creating' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/packetMirrorings' +docs: +base_url: 'projects/{{project}}/regions/{{region}}/packetMirrorings' +self_link: 'projects/{{project}}/regions/{{region}}/packetMirrorings/{{name}}' +update_verb: 'PATCH' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +custom_code: +examples: + - name: 'compute_packet_mirroring_full' + primary_resource_id: 'foobar' + vars: + instance_name: 'my-instance' + subnetwork_name: 'my-subnetwork' + service_name: 'my-service' + hc_name: 'my-healthcheck' + mirroring_name: 'my-mirroring' + ilb_rule_name: 'my-ilb' + network_name: 'my-network' +parameters: +properties: + - name: 'name' + type: String + description: The name of the packet mirroring rule + required: true + validation: + function: 'verify.ValidateGCEName' + - name: 'description' + type: String + description: A human-readable description of the rule. + immutable: true + - name: 'region' + type: String + description: | + The Region in which the created address should reside. + If it is not provided, the provider region is used. + required: false + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + - name: 'network' + type: NestedObject + description: | + Specifies the mirrored VPC network. Only packets in this network + will be mirrored. All mirrored VMs should have a NIC in the given + network. All mirrored subnetworks should belong to the given network. + required: true + immutable: true + properties: + - name: 'url' + type: ResourceRef + description: + The full self_link URL of the network where this rule is active. + required: true + immutable: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Network' + imports: 'selfLink' + - name: 'priority' + type: Integer + description: | + Since only one rule can be active at a time, priority is + used to break ties in the case of two rules that apply to + the same instances. + required: false + default_from_api: true + - name: 'collectorIlb' + type: NestedObject + description: | + The Forwarding Rule resource (of type load_balancing_scheme=INTERNAL) + that will be used as collector for mirrored traffic. The + specified forwarding rule must have is_mirroring_collector + set to true. + required: true + properties: + - name: 'url' + type: ResourceRef + description: The URL of the forwarding rule. + required: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'ForwardingRule' + imports: 'selfLink' + - name: 'filter' + type: NestedObject + description: | + A filter for mirrored traffic. If unset, all traffic is mirrored. + properties: + - name: 'ipProtocols' + type: Array + description: Possible IP protocols including tcp, udp, icmp and esp + api_name: IPProtocols + item_type: + type: String + - name: 'cidrRanges' + type: Array + description: | + IP CIDR ranges that apply as a filter on the source (ingress) or + destination (egress) IP in the IP header. Only IPv4 is supported. + item_type: + type: String + - name: 'direction' + type: Enum + description: Direction of traffic to mirror. + default_value: "BOTH" + enum_values: + - 'INGRESS' + - 'EGRESS' + - 'BOTH' + - name: 'mirroredResources' + type: NestedObject + description: | + A means of specifying which resources to mirror. + required: true + properties: + - name: 'subnetworks' + type: Array + description: | + All instances in one of these subnetworks will be mirrored. + at_least_one_of: + - 'mirrored_resources.0.subnetworks' + - 'mirrored_resources.0.instances' + - 'mirrored_resources.0.tags' + item_type: + description: + The subnetworks that should be mirrored. Specify at most 5. + type: NestedObject + properties: + - name: 'url' + type: ResourceRef + description: + The URL of the subnetwork where this rule should be active. + required: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Subnetwork' + imports: 'selfLink' + - name: 'instances' + type: Array + description: | + All the listed instances will be mirrored. Specify at most 50. + at_least_one_of: + - 'mirrored_resources.0.subnetworks' + - 'mirrored_resources.0.instances' + - 'mirrored_resources.0.tags' + item_type: + description: The instances that should be mirrored. + type: NestedObject + properties: + - name: 'url' + type: ResourceRef + description: + The URL of the instances where this rule should be active. + required: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Instance' + imports: 'selfLink' + - name: 'tags' + type: Array + description: | + All instances with these tags will be mirrored. + at_least_one_of: + - 'mirrored_resources.0.subnetworks' + - 'mirrored_resources.0.instances' + - 'mirrored_resources.0.tags' + item_type: + type: String diff --git a/mmv1/products/compute/go_PerInstanceConfig.yaml b/mmv1/products/compute/go_PerInstanceConfig.yaml new file mode 100644 index 000000000000..a0e782eb0a23 --- /dev/null +++ b/mmv1/products/compute/go_PerInstanceConfig.yaml @@ -0,0 +1,249 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'PerInstanceConfig' +description: | + A config defined for a single managed instance that belongs to an instance group manager. It preserves the instance name + across instance group manager operations and can define stateful disks or metadata that are unique to the instance. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/compute/docs/instance-groups/stateful-migs#per-instance_configs' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroupManagers' +docs: +id_format: '{{project}}/{{zone}}/{{instance_group_manager}}/{{name}}' +base_url: 'projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}' +self_link: 'projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}/listPerInstanceConfigs' +create_url: 'projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}/createInstances' +update_url: 'projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}/updatePerInstanceConfigs' +update_verb: 'POST' +read_verb: 'POST' +delete_url: 'projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}/deletePerInstanceConfigs' +delete_verb: 'POST' +mutex: 'instanceGroupManager/{{project}}/{{zone}}/{{instance_group_manager}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +identity: + - name +nested_query: + keys: + - items + is_list_of_ids: false + modify_by_patch: false +custom_code: + encoder: 'templates/terraform/encoders/go/compute_per_instance_config.go.tmpl' + update_encoder: 'templates/terraform/update_encoder/go/compute_per_instance_config.go.tmpl' + post_update: 'templates/terraform/post_update/go/compute_per_instance_config.go.tmpl' + custom_delete: 'templates/terraform/custom_delete/go/per_instance_config.go.tmpl' +exclude_tgc: true +examples: + - name: 'stateful_igm' + primary_resource_id: 'stateful-instance' + vars: + template_name: 'my-template' + igm_name: 'my-igm' + disk_name: 'my-disk-name' + # Fine-grained resource need different autogenerated tests, as + # we need to check destroy during a test step where the parent resource + # still exists, rather than during CheckDestroy (when read returns + # nothing because the parent resource has then also been destroyed) + exclude_test: true +virtual_fields: + - name: 'minimal_action' + description: | + The minimal action to perform on the instance during an update. + Default is `NONE`. Possible values are: + * REPLACE + * RESTART + * REFRESH + * NONE + type: String + default_value: "NONE" + - name: 'most_disruptive_allowed_action' + description: | + The most disruptive action to perform on the instance during an update. + Default is `REPLACE`. Possible values are: + * REPLACE + * RESTART + * REFRESH + * NONE + type: String + default_value: "REPLACE" + - name: 'remove_instance_on_destroy' + description: | + When true, deleting this config will immediately remove the underlying instance. + When false, deleting this config will use the behavior as determined by remove_instance_on_destroy. + type: Boolean + default_value: false + - name: 'remove_instance_state_on_destroy' + description: | + When true, deleting this config will immediately remove any specified state from the underlying instance. + When false, deleting this config will *not* immediately remove any state from the underlying instance. + State will be removed on the next instance recreation or update. + type: Boolean + default_value: false +parameters: + - name: 'zone' + type: ResourceRef + description: | + Zone where the containing instance group manager is located + url_param_only: true + required: false + immutable: true + ignore_read: true + default_from_api: true + resource: 'Zone' + imports: 'name' + - name: 'instanceGroupManager' + type: ResourceRef + description: | + The instance group manager this instance config is part of. + url_param_only: true + required: true + immutable: true + resource: 'InstanceGroupManager' + imports: 'name' +properties: + - name: 'name' + type: String + description: | + The name for this per-instance config and its corresponding instance. + required: true + immutable: true + - name: 'preservedState' + type: NestedObject + description: 'The preserved state for this instance.' + properties: + - name: 'metadata' + type: KeyValuePairs + description: | + Preserved metadata defined for this instance. This is a list of key->value pairs. + - name: 'disk' + type: Array + description: | + Stateful disks for the instance. + api_name: disks + is_set: true + custom_flatten: 'templates/terraform/custom_flatten/go/preserved_state_disks.go.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/preserved_state_disks.go.tmpl' + item_type: + type: NestedObject + properties: + - name: 'deviceName' + type: String + description: | + A unique device name that is reflected into the /dev/ tree of a Linux operating system running within the instance. + required: true + - name: 'source' + type: String + description: | + The URI of an existing persistent disk to attach under the specified device-name in the format + `projects/project-id/zones/zone/disks/disk-name`. + required: true + - name: 'mode' + type: Enum + description: | + The mode of the disk. + default_value: "READ_WRITE" + enum_values: + - 'READ_ONLY' + - 'READ_WRITE' + - name: 'deleteRule' + type: Enum + description: | + A value that prescribes what should happen to the stateful disk when the VM instance is deleted. + The available options are `NEVER` and `ON_PERMANENT_INSTANCE_DELETION`. + `NEVER` - detach the disk when the VM is deleted, but do not delete the disk. + `ON_PERMANENT_INSTANCE_DELETION` will delete the stateful disk when the VM is permanently + deleted from the instance group. + default_value: "NEVER" + enum_values: + - 'NEVER' + - 'ON_PERMANENT_INSTANCE_DELETION' + - name: 'internalIp' + type: Map + description: | + Preserved internal IPs defined for this instance. This map is keyed with the name of the network interface. + api_name: internalIPs + key_name: 'interface_name' + value_type: + name: internalIp + type: NestedObject + properties: + - name: 'autoDelete' + type: Enum + description: | + These stateful IPs will never be released during autohealing, update or VM instance recreate operations. This flag is used to configure if the IP reservation should be deleted after it is no longer used by the group, e.g. when the given instance or the whole group is deleted. + default_value: "NEVER" + enum_values: + - 'NEVER' + - 'ON_PERMANENT_INSTANCE_DELETION' + - name: 'ipAddress' + type: NestedObject + description: | + Ip address representation + properties: + - name: 'address' + type: ResourceRef + description: | + The URL of the reservation for this IP address. + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Address' + imports: 'selfLink' + - name: 'externalIp' + type: Map + description: | + Preserved external IPs defined for this instance. This map is keyed with the name of the network interface. + api_name: externalIPs + key_name: 'interface_name' + value_type: + name: externalIp + type: NestedObject + properties: + - name: 'autoDelete' + type: Enum + description: | + These stateful IPs will never be released during autohealing, update or VM instance recreate operations. This flag is used to configure if the IP reservation should be deleted after it is no longer used by the group, e.g. when the given instance or the whole group is deleted. + default_value: "NEVER" + enum_values: + - 'NEVER' + - 'ON_PERMANENT_INSTANCE_DELETION' + - name: 'ipAddress' + type: NestedObject + description: | + Ip address representation + properties: + - name: 'address' + type: ResourceRef + description: | + The URL of the reservation for this IP address. + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Address' + imports: 'selfLink' diff --git a/mmv1/products/compute/go_ProjectCloudArmorTier.yaml b/mmv1/products/compute/go_ProjectCloudArmorTier.yaml new file mode 100644 index 000000000000..9368e6db62c0 --- /dev/null +++ b/mmv1/products/compute/go_ProjectCloudArmorTier.yaml @@ -0,0 +1,74 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'ProjectCloudArmorTier' +description: | + Sets the Cloud Armor tier of the project. +references: + guides: + 'Subscribing to Cloud Armor Enterprise': 'https://cloud.google.com/armor/docs/managed-protection-overview#subscribing_to_plus' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/projects/setCloudArmorTier' +docs: +id_format: 'projects/{{project}}' +base_url: 'projects/{{project}}' +create_url: 'projects/{{project}}/setCloudArmorTier' +update_url: 'projects/{{project}}/setCloudArmorTier' +update_verb: 'POST' + +read_query_params: '?fields=cloudArmorTier' +import_format: + - 'projects/{{project}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +custom_code: + custom_delete: 'templates/terraform/custom_delete/go/only_remove_from_state.go.tmpl' +examples: + - name: 'compute_project_cloud_armor_tier_basic' + primary_resource_id: 'cloud_armor_tier_config' + exclude_test: true + - name: 'compute_project_cloud_armor_tier_project_set' + primary_resource_id: 'cloud_armor_tier_config' + vars: + project_id: 'your_project_id' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_test: true +parameters: +properties: + - name: 'cloudArmorTier' + type: Enum + description: | + Managed protection tier to be set. + required: true + enum_values: + - 'CA_STANDARD' + - 'CA_ENTERPRISE_PAYGO' diff --git a/mmv1/products/compute/go_PublicAdvertisedPrefix.yaml b/mmv1/products/compute/go_PublicAdvertisedPrefix.yaml new file mode 100644 index 000000000000..22b3103e3bab --- /dev/null +++ b/mmv1/products/compute/go_PublicAdvertisedPrefix.yaml @@ -0,0 +1,85 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'PublicAdvertisedPrefix' +description: | + Represents a PublicAdvertisedPrefix for use with bring your own IP addresses (BYOIP). +references: + guides: + 'Using bring your own IP': 'https://cloud.google.com/vpc/docs/using-bring-your-own-ip' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/publicAdvertisedPrefixes' +docs: +base_url: 'projects/{{project}}/global/publicAdvertisedPrefixes' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +custom_code: +examples: + - name: 'public_advertised_prefixes_basic' + primary_resource_id: 'prefixes' + vars: + prefixes_name: 'my-prefix' + test_env_vars: + desc: 'PAP_DESCRIPTION' + # PAPs have very low quota limits and a shared testing range so serialized tests exist in: + # resource_compute_public_advertised_prefix_test.go + exclude_test: true +parameters: +properties: + - name: 'description' + type: String + description: An optional description of this resource. + - name: 'name' + type: String + description: | + Name of the resource. The name must be 1-63 characters long, and + comply with RFC1035. Specifically, the name must be 1-63 characters + long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` + which means the first character must be a lowercase letter, and all + following characters must be a dash, lowercase letter, or digit, + except the last character, which cannot be a dash. + required: true + - name: 'dnsVerificationIp' + type: String + description: The IPv4 address to be used for reverse DNS verification. + required: true + - name: 'ipCidrRange' + type: String + description: + The IPv4 address range, in CIDR format, represented by this public + advertised prefix. + required: true + - name: 'sharedSecret' + type: String + description: | + Output Only. The shared secret to be used for reverse DNS verification. + output: true diff --git a/mmv1/products/compute/go_PublicDelegatedPrefix.yaml b/mmv1/products/compute/go_PublicDelegatedPrefix.yaml new file mode 100644 index 000000000000..2f18589dd719 --- /dev/null +++ b/mmv1/products/compute/go_PublicDelegatedPrefix.yaml @@ -0,0 +1,91 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'PublicDelegatedPrefix' +description: | + Represents a PublicDelegatedPrefix for use with bring your own IP addresses (BYOIP). +references: + guides: + 'Using bring your own IP': 'https://cloud.google.com/vpc/docs/using-bring-your-own-ip' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/publicDelegatedPrefixes' +docs: +base_url: 'projects/{{project}}/regions/{{region}}/publicDelegatedPrefixes' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +custom_code: +examples: + - name: 'public_delegated_prefixes_basic' + primary_resource_id: 'prefixes' + vars: + prefixes_name: 'my-prefix' + test_env_vars: + desc: 'PAP_DESCRIPTION' + # PAPs have very low quota limits and a shared testing range so serialized tests exist in: + # resource_compute_public_advertised_prefix_test.go + exclude_test: true +parameters: +properties: + - name: 'region' + type: String + description: 'A region where the prefix will reside.' + url_param_only: true + required: true + - name: 'description' + type: String + description: An optional description of this resource. + - name: 'isLiveMigration' + type: Boolean + description: If true, the prefix will be live migrated. + - name: 'name' + type: String + description: | + Name of the resource. The name must be 1-63 characters long, and + comply with RFC1035. Specifically, the name must be 1-63 characters + long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` + which means the first character must be a lowercase letter, and all + following characters must be a dash, lowercase letter, or digit, + except the last character, which cannot be a dash. + required: true + - name: 'parentPrefix' + type: String + description: + The URL of parent prefix. Either PublicAdvertisedPrefix or + PublicDelegatedPrefix. + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - name: 'ipCidrRange' + type: String + description: + The IPv4 address range, in CIDR format, represented by this public + advertised prefix. + required: true diff --git a/mmv1/products/compute/go_Region.yaml b/mmv1/products/compute/go_Region.yaml new file mode 100644 index 000000000000..da81ccb93b8c --- /dev/null +++ b/mmv1/products/compute/go_Region.yaml @@ -0,0 +1,132 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Region' +kind: 'compute#region' +description: | + Represents a Region resource. A region is a specific geographical + location where you can run your resources. Each region has one or more + zones +# Used as a resource reference +exclude: true +readonly: true +docs: +base_url: 'projects/{{project}}/regions' +has_self_link: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +collection_url_key: 'items' +custom_code: +parameters: +properties: + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'deprecated' + type: NestedObject + description: 'The deprecation state of this resource.' + output: true + properties: + - name: 'deleted' + type: Time + description: | + An optional RFC3339 timestamp on or after which the deprecation state + of this resource will be changed to DELETED. + - name: 'deprecated' + type: Time + description: | + An optional RFC3339 timestamp on or after which the deprecation state + of this resource will be changed to DEPRECATED. + output: true + - name: 'obsolete' + type: Time + description: | + An optional RFC3339 timestamp on or after which the deprecation state + of this resource will be changed to OBSOLETE. + output: true + - name: 'replacement' + type: String + description: | + The URL of the suggested replacement for a deprecated resource. The + suggested replacement resource must be the same kind of resource as + the deprecated resource. + output: true + - name: 'state' + type: Enum + description: | + The deprecation state of this resource. This can be DEPRECATED, + OBSOLETE, or DELETED. Operations which create a new resource using a + DEPRECATED resource will return successfully, but with a warning + indicating the deprecated resource and recommending its replacement. + Operations which use OBSOLETE or DELETED resources will be rejected + and result in an error. + output: true + enum_values: + - 'DEPRECATED' + - 'OBSOLETE' + - 'DELETED' + - name: 'description' + type: String + description: 'An optional description of this resource.' + output: true + - name: 'id' + type: Integer + description: 'The unique identifier for the resource.' + output: true + - name: 'name' + type: String + description: 'Name of the resource.' + - name: 'quotas' + type: Array + description: 'Quotas assigned to this region.' + output: true + item_type: + type: NestedObject + properties: + - name: 'metric' + type: String + description: 'Name of the quota metric.' + output: true + - name: 'limit' + type: Double + description: 'Quota limit for this metric.' + output: true + - name: 'usage' + type: Double + description: 'Current usage of this metric.' + output: true + - name: 'owner' + type: String + description: + 'Owning resource. This is the resource on which this quota is + applied.' + output: true + - name: 'status' + type: Enum + description: | + Status of the region, either UP or DOWN. + output: true + enum_values: + - 'UP' + - 'DOWN' + - name: 'zones' + type: Array + description: 'List of zones within the region' + output: true + item_type: + type: String diff --git a/mmv1/products/compute/go_RegionAutoscaler.yaml b/mmv1/products/compute/go_RegionAutoscaler.yaml new file mode 100644 index 000000000000..c5619660ac20 --- /dev/null +++ b/mmv1/products/compute/go_RegionAutoscaler.yaml @@ -0,0 +1,409 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'RegionAutoscaler' +kind: 'compute#autoscaler' +description: | + Represents an Autoscaler resource. + + Autoscalers allow you to automatically scale virtual machine instances in + managed instance groups according to an autoscaling policy that you + define. +references: + guides: + 'Autoscaling Groups of Instances': 'https://cloud.google.com/compute/docs/autoscaler/' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionAutoscalers' +docs: +base_url: 'projects/{{project}}/regions/{{region}}/autoscalers' +has_self_link: true +update_url: 'projects/{{project}}/regions/{{region}}/autoscalers?autoscaler={{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: +examples: + - name: 'region_autoscaler_basic' + primary_resource_id: 'foobar' + vars: + region_autoscaler_name: 'my-region-autoscaler' + instance_template_name: 'my-instance-template' + target_pool_name: 'my-target-pool' + rigm_name: 'my-region-igm' +parameters: + - name: 'region' + type: ResourceRef + description: | + URL of the region where the instance group resides. + required: false + immutable: true + ignore_read: true + default_from_api: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' +properties: + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'name' + type: String + description: | + Name of the resource. The name must be 1-63 characters long and match + the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the + first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the last + character, which cannot be a dash. + required: true + immutable: true + validation: + function: 'verify.ValidateGCEName' + - name: 'description' + type: String + description: | + An optional description of this resource. + - name: 'autoscalingPolicy' + type: NestedObject + description: | + The configuration parameters for the autoscaling algorithm. You can + define one or more of the policies for an autoscaler: cpuUtilization, + customMetricUtilizations, and loadBalancingUtilization. + + If none of these are specified, the default will be to autoscale based + on cpuUtilization to 0.6 or 60%. + required: true + properties: + - name: 'minReplicas' + type: Integer + description: | + The minimum number of replicas that the autoscaler can scale down + to. This cannot be less than 0. If not provided, autoscaler will + choose a default value depending on maximum number of instances + allowed. + api_name: minNumReplicas + required: true + send_empty_value: true + - name: 'maxReplicas' + type: Integer + description: | + The maximum number of instances that the autoscaler can scale up + to. This is required when creating or updating an autoscaler. The + maximum number of replicas should not be lower than minimal number + of replicas. + api_name: maxNumReplicas + required: true + send_empty_value: true + - name: 'cooldownPeriod' + type: Integer + description: | + The number of seconds that the autoscaler should wait before it + starts collecting information from a new instance. This prevents + the autoscaler from collecting information when the instance is + initializing, during which the collected usage would not be + reliable. The default time autoscaler waits is 60 seconds. + + Virtual machine initialization times might vary because of + numerous factors. We recommend that you test how long an + instance may take to initialize. To do this, create an instance + and time the startup process. + api_name: coolDownPeriodSec + default_value: 60 + - name: 'mode' + type: String + description: | + Defines operating mode for this policy. + default_value: "ON" + - name: 'scaleDownControl' + type: NestedObject + description: | + Defines scale down controls to reduce the risk of response latency + and outages due to abrupt scale-in events + min_version: 'beta' + properties: + - name: 'maxScaledDownReplicas' + type: NestedObject + at_least_one_of: + - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas' + - 'autoscaling_policy.0.scale_down_control.0.time_window_sec' + properties: + - name: 'fixed' + type: Integer + description: | + Specifies a fixed number of VM instances. This must be a positive + integer. + at_least_one_of: + - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.fixed' + - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.percent' + - name: 'percent' + type: Integer + description: | + Specifies a percentage of instances between 0 to 100%, inclusive. + For example, specify 80 for 80%. + at_least_one_of: + - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.fixed' + - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.percent' + - name: 'timeWindowSec' + type: Integer + description: | + How long back autoscaling should look when computing recommendations + to include directives regarding slower scale down, as described above. + at_least_one_of: + - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas' + - 'autoscaling_policy.0.scale_down_control.0.time_window_sec' + - name: 'scaleInControl' + type: NestedObject + description: | + Defines scale in controls to reduce the risk of response latency + and outages due to abrupt scale-in events + properties: + - name: 'maxScaledInReplicas' + type: NestedObject + at_least_one_of: + - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas' + - 'autoscaling_policy.0.scale_in_control.0.time_window_sec' + properties: + - name: 'fixed' + type: Integer + description: | + Specifies a fixed number of VM instances. This must be a positive + integer. + at_least_one_of: + - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.fixed' + - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.percent' + - name: 'percent' + type: Integer + description: | + Specifies a percentage of instances between 0 to 100%, inclusive. + For example, specify 80 for 80%. + at_least_one_of: + - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.fixed' + - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.percent' + - name: 'timeWindowSec' + type: Integer + description: | + How long back autoscaling should look when computing recommendations + to include directives regarding slower scale down, as described above. + at_least_one_of: + - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas' + - 'autoscaling_policy.0.scale_in_control.0.time_window_sec' + - name: 'cpuUtilization' + type: NestedObject + description: | + Defines the CPU utilization policy that allows the autoscaler to + scale based on the average CPU utilization of a managed instance + group. + default_from_api: true + properties: + - name: 'target' + type: Double + description: | + The target CPU utilization that the autoscaler should maintain. + Must be a float value in the range (0, 1]. If not specified, the + default is 0.6. + + If the CPU level is below the target utilization, the autoscaler + scales down the number of instances until it reaches the minimum + number of instances you specified or until the average CPU of + your instances reaches the target utilization. + + If the average CPU is above the target utilization, the autoscaler + scales up until it reaches the maximum number of instances you + specified or until the average utilization reaches the target + utilization. + api_name: utilizationTarget + required: true + - name: 'predictiveMethod' + type: String + description: | + Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: + + - NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. + + - OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand. + custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' + default_value: "NONE" + - name: 'metric' + type: Array + description: | + Configuration parameters of autoscaling based on a custom metric. + api_name: customMetricUtilizations + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + The identifier (type) of the Stackdriver Monitoring metric. + The metric cannot have negative values. + + The metric must have a value type of INT64 or DOUBLE. + api_name: metric + required: true + - name: 'singleInstanceAssignment' + type: Double + description: | + If scaling is based on a per-group metric value that represents the + total amount of work to be done or resource usage, set this value to + an amount assigned for a single instance of the scaled group. + The autoscaler will keep the number of instances proportional to the + value of this metric, the metric itself should not change value due + to group resizing. + + For example, a good metric to use with the target is + `pubsub.googleapis.com/subscription/num_undelivered_messages` + or a custom metric exporting the total number of requests coming to + your instances. + + A bad example would be a metric exporting an average or median + latency, since this value can't include a chunk assignable to a + single instance, it could be better used with utilization_target + instead. + - name: 'target' + type: Double + description: | + The target value of the metric that autoscaler should + maintain. This must be a positive value. A utilization + metric scales number of virtual machines handling requests + to increase or decrease proportionally to the metric. + + For example, a good metric to use as a utilizationTarget is + www.googleapis.com/compute/instance/network/received_bytes_count. + The autoscaler will work to keep this value constant for each + of the instances. + api_name: utilizationTarget + - name: 'type' + type: Enum + description: | + Defines how target utilization value is expressed for a + Stackdriver Monitoring metric. + api_name: utilizationTargetType + enum_values: + - 'GAUGE' + - 'DELTA_PER_SECOND' + - 'DELTA_PER_MINUTE' + - name: 'filter' + type: String + description: | + A filter string to be used as the filter string for + a Stackdriver Monitoring TimeSeries.list API call. + This filter is used to select a specific TimeSeries for + the purpose of autoscaling and to determine whether the metric + is exporting per-instance or per-group data. + + You can only use the AND operator for joining selectors. + You can only use direct equality comparison operator (=) without + any functions for each selector. + You can specify the metric in both the filter string and in the + metric field. However, if specified in both places, the metric must + be identical. + + The monitored resource type determines what kind of values are + expected for the metric. If it is a gce_instance, the autoscaler + expects the metric to include a separate TimeSeries for each + instance in a group. In such a case, you cannot filter on resource + labels. + + If the resource type is any other value, the autoscaler expects + this metric to contain values that apply to the entire autoscaled + instance group and resource label filtering can be performed to + point autoscaler at the correct TimeSeries to scale upon. + This is called a per-group metric for the purpose of autoscaling. + + If not specified, the type defaults to gce_instance. + + You should provide a filter that is selective enough to pick just + one TimeSeries for the autoscaled group or for each of the instances + (if you are using gce_instance resource type). If multiple + TimeSeries are returned upon the query execution, the autoscaler + will sum their respective values to obtain its scaling value. + - name: 'loadBalancingUtilization' + type: NestedObject + description: | + Configuration parameters of autoscaling based on a load balancer. + properties: + - name: 'target' + type: Double + description: | + Fraction of backend capacity utilization (set in HTTP(s) load + balancing configuration) that autoscaler should maintain. Must + be a positive float value. If not defined, the default is 0.8. + api_name: utilizationTarget + required: true + - name: 'scalingSchedules' + type: Map + description: | + Scaling schedules defined for an autoscaler. Multiple schedules can be set on an autoscaler and they can overlap. + key_name: 'name' + key_description: | + A name for the schedule. + value_type: + name: scalingSchedule + type: NestedObject + properties: + - name: 'minRequiredReplicas' + type: Integer + description: | + Minimum number of VM instances that autoscaler will recommend in time intervals starting according to schedule. + required: true + send_empty_value: true + - name: 'schedule' + type: String + description: | + The start timestamps of time intervals when this scaling schedule should provide a scaling signal. This field uses the extended cron format (with an optional year field). + required: true + - name: 'timeZone' + type: String + description: | + The time zone to be used when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. + default_value: "UTC" + - name: 'durationSec' + type: Integer + description: | + The duration of time intervals (in seconds) for which this scaling schedule will be running. The minimum allowed value is 300. + required: true + - name: 'disabled' + type: Boolean + description: | + A boolean value that specifies if a scaling schedule can influence autoscaler recommendations. If set to true, then a scaling schedule has no effect. + default_value: false + - name: 'description' + type: String + description: | + A description of a scaling schedule. + - name: 'target' + type: String + # TODO(#303): resourceref once RegionIGM exists + # resource: 'RegionInstanceGroupManager' + # imports: 'selfLink' + description: | + URL of the managed instance group that this autoscaler will scale. + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' diff --git a/mmv1/products/compute/go_RegionBackendService.yaml b/mmv1/products/compute/go_RegionBackendService.yaml new file mode 100644 index 000000000000..89037c828208 --- /dev/null +++ b/mmv1/products/compute/go_RegionBackendService.yaml @@ -0,0 +1,1268 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'RegionBackendService' +kind: 'compute#backendService' +description: | + A Region Backend Service defines a regionally-scoped group of virtual + machines that will serve traffic for load balancing. +references: + guides: + 'Internal TCP/UDP Load Balancing': 'https://cloud.google.com/compute/docs/load-balancing/internal/' + api: 'https://cloud.google.com/compute/docs/reference/latest/regionBackendServices' +docs: +base_url: 'projects/{{project}}/regions/{{region}}/backendServices' +has_self_link: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +iam_policy: + allowed_iam_role: 'roles/compute.admin' + parent_resource_attribute: 'name' + iam_conditions_request_type: 'QUERY_PARAM' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + min_version: 'beta' +custom_code: + constants: 'templates/terraform/constants/go/region_backend_service.go.tmpl' + encoder: 'templates/terraform/encoders/go/region_backend_service.go.tmpl' + decoder: 'templates/terraform/decoders/go/region_backend_service.go.tmpl' + post_create: 'templates/terraform/post_create/go/compute_region_backend_service_security_policy.go.tmpl' +custom_diff: + - 'customDiffRegionBackendService' +schema_version: 1 +migrate_state: 'tpgresource.MigrateStateNoop' +examples: + - name: 'region_backend_service_basic' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-region-service%s", context["random_suffix"])' + vars: + region_backend_service_name: 'region-service' + health_check_name: 'rbs-health-check' + - name: 'region_backend_service_external_iap' + primary_resource_id: 'default' + vars: + region_backend_service_name: 'tf-test-region-service-external' + - name: 'region_backend_service_cache' + primary_resource_id: 'default' + min_version: 'beta' + vars: + region_backend_service_name: 'region-service' + health_check_name: 'rbs-health-check' + - name: 'region_backend_service_ilb_round_robin' + primary_resource_id: 'default' + vars: + region_backend_service_name: 'region-service' + health_check_name: 'rbs-health-check' + - name: 'region_backend_service_external' + primary_resource_id: 'default' + min_version: 'beta' + vars: + region_backend_service_name: 'region-service' + health_check_name: 'rbs-health-check' + - name: 'region_backend_service_external_weighted' + primary_resource_id: 'default' + vars: + region_backend_service_name: 'region-service' + health_check_name: 'rbs-health-check' + - name: 'region_backend_service_ilb_ring_hash' + primary_resource_id: 'default' + vars: + region_backend_service_name: 'region-service' + health_check_name: 'rbs-health-check' + - name: 'region_backend_service_balancing_mode' + primary_resource_id: 'default' + vars: + region_backend_service_name: 'region-service' + rigm_name: 'rbs-rigm' + region_health_check_name: 'rbs-health-check' + network_name: 'rbs-net' + - name: 'region_backend_service_connection_tracking' + primary_resource_id: 'default' + min_version: 'beta' + vars: + region_backend_service_name: 'region-service' + health_check_name: 'rbs-health-check' +parameters: + - name: 'region' + type: ResourceRef + description: | + The Region in which the created backend service should reside. + If it is not provided, the provider region is used. + required: false + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' +properties: + - name: 'affinityCookieTtlSec' + type: Integer + description: | + Lifetime of cookies in seconds if session_affinity is + GENERATED_COOKIE. If set to 0, the cookie is non-persistent and lasts + only until the end of the browser session (or equivalent). The + maximum allowed value for TTL is one day. + + When the load balancing scheme is INTERNAL, this field is not used. + - name: 'backend' + type: Array + description: | + The set of backends that serve this RegionBackendService. + api_name: backends + is_set: true + set_hash_func: 'resourceGoogleComputeBackendServiceBackendHash' + item_type: + type: NestedObject + properties: + - name: 'balancingMode' + type: Enum + description: | + Specifies the balancing mode for this backend. + + See the [Backend Services Overview](https://cloud.google.com/load-balancing/docs/backend-service#balancing-mode) + for an explanation of load balancing modes. + default_value: "UTILIZATION" + enum_values: + - 'UTILIZATION' + - 'RATE' + - 'CONNECTION' + - name: 'capacityScaler' + type: Double + description: | + A multiplier applied to the group's maximum servicing capacity + (based on UTILIZATION, RATE or CONNECTION). + + ~>**NOTE**: This field cannot be set for + INTERNAL region backend services (default loadBalancingScheme), + but is required for non-INTERNAL backend service. The total + capacity_scaler for all backends must be non-zero. + + A setting of 0 means the group is completely drained, offering + 0% of its available Capacity. Valid range is [0.0,1.0]. + send_empty_value: true + - name: 'description' + type: String + description: | + An optional description of this resource. + Provide this property when you create the resource. + - name: 'failover' + type: Boolean + description: | + This field designates whether this is a failover backend. More + than one failover backend can be configured for a given RegionBackendService. + default_from_api: true + - name: 'group' + type: String + description: | + The fully-qualified URL of an Instance Group or Network Endpoint + Group resource. In case of instance group this defines the list + of instances that serve traffic. Member virtual machine + instances from each instance group must live in the same zone as + the instance group itself. No two backends in a backend service + are allowed to use same Instance Group resource. + + For Network Endpoint Groups this defines list of endpoints. All + endpoints of Network Endpoint Group must be hosted on instances + located in the same zone as the Network Endpoint Group. + + Backend services cannot mix Instance Group and + Network Endpoint Group backends. + + When the `load_balancing_scheme` is INTERNAL, only instance groups + are supported. + + Note that you must specify an Instance Group or Network Endpoint + Group resource using the fully-qualified URL, rather than a + partial URL. + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' + custom_flatten: 'templates/terraform/custom_flatten/go/guard_self_link.go.tmpl' + - name: 'maxConnections' + type: Integer + description: | + The max number of simultaneous connections for the group. Can + be used with either CONNECTION or UTILIZATION balancing modes. + Cannot be set for INTERNAL backend services. + + For CONNECTION mode, either maxConnections or one + of maxConnectionsPerInstance or maxConnectionsPerEndpoint, + as appropriate for group type, must be set. + - name: 'maxConnectionsPerInstance' + type: Integer + description: | + The max number of simultaneous connections that a single + backend instance can handle. Cannot be set for INTERNAL backend + services. + + This is used to calculate the capacity of the group. + Can be used in either CONNECTION or UTILIZATION balancing modes. + For CONNECTION mode, either maxConnections or + maxConnectionsPerInstance must be set. + - name: 'maxConnectionsPerEndpoint' + type: Integer + description: | + The max number of simultaneous connections that a single backend + network endpoint can handle. Cannot be set + for INTERNAL backend services. + + This is used to calculate the capacity of the group. Can be + used in either CONNECTION or UTILIZATION balancing modes. For + CONNECTION mode, either maxConnections or + maxConnectionsPerEndpoint must be set. + - name: 'maxRate' + type: Integer + description: | + The max requests per second (RPS) of the group. Cannot be set + for INTERNAL backend services. + + Can be used with either RATE or UTILIZATION balancing modes, + but required if RATE mode. Either maxRate or one + of maxRatePerInstance or maxRatePerEndpoint, as appropriate for + group type, must be set. + - name: 'maxRatePerInstance' + type: Double + description: | + The max requests per second (RPS) that a single backend + instance can handle. This is used to calculate the capacity of + the group. Can be used in either balancing mode. For RATE mode, + either maxRate or maxRatePerInstance must be set. Cannot be set + for INTERNAL backend services. + - name: 'maxRatePerEndpoint' + type: Double + description: | + The max requests per second (RPS) that a single backend network + endpoint can handle. This is used to calculate the capacity of + the group. Can be used in either balancing mode. For RATE mode, + either maxRate or maxRatePerEndpoint must be set. Cannot be set + for INTERNAL backend services. + - name: 'maxUtilization' + type: Double + description: | + Used when balancingMode is UTILIZATION. This ratio defines the + CPU utilization target for the group. Valid range is [0.0, 1.0]. + Cannot be set for INTERNAL backend services. + - name: 'circuitBreakers' + type: NestedObject + description: | + Settings controlling the volume of connections to a backend service. This field + is applicable only when the `load_balancing_scheme` is set to INTERNAL_MANAGED + and the `protocol` is set to HTTP, HTTPS, or HTTP2. + properties: + - name: 'connectTimeout' + type: NestedObject + description: | + The timeout for new network connections to hosts. + min_version: 'beta' + at_least_one_of: + - 'circuit_breakers.0.connect_timeout' + - 'circuit_breakers.0.max_requests_per_connection' + - 'circuit_breakers.0.max_connections' + - 'circuit_breakers.0.max_pending_requests' + - 'circuit_breakers.0.max_requests' + - 'circuit_breakers.0.max_retries' + properties: + - name: 'seconds' + type: Integer + description: | + Span of time at a resolution of a second. + Must be from 0 to 315,576,000,000 inclusive. + required: true + - name: 'nanos' + type: Integer + description: | + Span of time that's a fraction of a second at nanosecond + resolution. Durations less than one second are represented + with a 0 seconds field and a positive nanos field. Must + be from 0 to 999,999,999 inclusive. + - name: 'maxRequestsPerConnection' + type: Integer + description: | + Maximum requests for a single backend connection. This parameter + is respected by both the HTTP/1.1 and HTTP/2 implementations. If + not specified, there is no limit. Setting this parameter to 1 + will effectively disable keep alive. + at_least_one_of: + - 'circuit_breakers.0.connect_timeout' + - 'circuit_breakers.0.max_requests_per_connection' + - 'circuit_breakers.0.max_connections' + - 'circuit_breakers.0.max_pending_requests' + - 'circuit_breakers.0.max_requests' + - 'circuit_breakers.0.max_retries' + - name: 'maxConnections' + type: Integer + description: | + The maximum number of connections to the backend cluster. + Defaults to 1024. + at_least_one_of: + - 'circuit_breakers.0.connect_timeout' + - 'circuit_breakers.0.max_requests_per_connection' + - 'circuit_breakers.0.max_connections' + - 'circuit_breakers.0.max_pending_requests' + - 'circuit_breakers.0.max_requests' + - 'circuit_breakers.0.max_retries' + default_value: 1024 + - name: 'maxPendingRequests' + type: Integer + description: | + The maximum number of pending requests to the backend cluster. + Defaults to 1024. + at_least_one_of: + - 'circuit_breakers.0.connect_timeout' + - 'circuit_breakers.0.max_requests_per_connection' + - 'circuit_breakers.0.max_connections' + - 'circuit_breakers.0.max_pending_requests' + - 'circuit_breakers.0.max_requests' + - 'circuit_breakers.0.max_retries' + default_value: 1024 + - name: 'maxRequests' + type: Integer + description: | + The maximum number of parallel requests to the backend cluster. + Defaults to 1024. + at_least_one_of: + - 'circuit_breakers.0.connect_timeout' + - 'circuit_breakers.0.max_requests_per_connection' + - 'circuit_breakers.0.max_connections' + - 'circuit_breakers.0.max_pending_requests' + - 'circuit_breakers.0.max_requests' + - 'circuit_breakers.0.max_retries' + default_value: 1024 + - name: 'maxRetries' + type: Integer + description: | + The maximum number of parallel retries to the backend cluster. + Defaults to 3. + at_least_one_of: + - 'circuit_breakers.0.connect_timeout' + - 'circuit_breakers.0.max_requests_per_connection' + - 'circuit_breakers.0.max_connections' + - 'circuit_breakers.0.max_pending_requests' + - 'circuit_breakers.0.max_requests' + - 'circuit_breakers.0.max_retries' + default_value: 3 + - name: 'consistentHash' + type: NestedObject + description: | + Consistent Hash-based load balancing can be used to provide soft session + affinity based on HTTP headers, cookies or other properties. This load balancing + policy is applicable only for HTTP connections. The affinity to a particular + destination host will be lost when one or more hosts are added/removed from the + destination service. This field specifies parameters that control consistent + hashing. + This field only applies when all of the following are true - + * `load_balancing_scheme` is set to INTERNAL_MANAGED + * `protocol` is set to HTTP, HTTPS, or HTTP2 + * `locality_lb_policy` is set to MAGLEV or RING_HASH + properties: + - name: 'httpCookie' + type: NestedObject + description: | + Hash is based on HTTP Cookie. This field describes a HTTP cookie + that will be used as the hash key for the consistent hash load + balancer. If the cookie is not present, it will be generated. + This field is applicable if the sessionAffinity is set to HTTP_COOKIE. + at_least_one_of: + - 'consistent_hash.0.http_cookie' + - 'consistent_hash.0.http_header_name' + - 'consistent_hash.0.minimum_ring_size' + properties: + - name: 'ttl' + type: NestedObject + description: | + Lifetime of the cookie. + at_least_one_of: + - 'consistent_hash.0.http_cookie.0.ttl' + - 'consistent_hash.0.http_cookie.0.name' + - 'consistent_hash.0.http_cookie.0.path' + properties: + - name: 'seconds' + type: Integer + description: | + Span of time at a resolution of a second. + Must be from 0 to 315,576,000,000 inclusive. + required: true + - name: 'nanos' + type: Integer + description: | + Span of time that's a fraction of a second at nanosecond + resolution. Durations less than one second are represented + with a 0 seconds field and a positive nanos field. Must + be from 0 to 999,999,999 inclusive. + - name: 'name' + type: String + description: | + Name of the cookie. + at_least_one_of: + - 'consistent_hash.0.http_cookie.0.ttl' + - 'consistent_hash.0.http_cookie.0.name' + - 'consistent_hash.0.http_cookie.0.path' + - name: 'path' + type: String + description: | + Path to set for the cookie. + at_least_one_of: + - 'consistent_hash.0.http_cookie.0.ttl' + - 'consistent_hash.0.http_cookie.0.name' + - 'consistent_hash.0.http_cookie.0.path' + - name: 'httpHeaderName' + type: String + description: | + The hash based on the value of the specified header field. + This field is applicable if the sessionAffinity is set to HEADER_FIELD. + at_least_one_of: + - 'consistent_hash.0.http_cookie' + - 'consistent_hash.0.http_header_name' + - 'consistent_hash.0.minimum_ring_size' + - name: 'minimumRingSize' + type: Integer + description: | + The minimum number of virtual nodes to use for the hash ring. + Larger ring sizes result in more granular load + distributions. If the number of hosts in the load balancing pool + is larger than the ring size, each host will be assigned a single + virtual node. + Defaults to 1024. + at_least_one_of: + - 'consistent_hash.0.http_cookie' + - 'consistent_hash.0.http_header_name' + - 'consistent_hash.0.minimum_ring_size' + default_value: 1024 + - name: 'cdnPolicy' + type: NestedObject + description: 'Cloud CDN configuration for this BackendService.' + default_from_api: true + properties: + - name: 'cacheKeyPolicy' + type: NestedObject + description: 'The CacheKeyPolicy for this CdnPolicy.' + at_least_one_of: + - 'cdn_policy.0.cache_key_policy' + - 'cdn_policy.0.signed_url_cache_max_age_sec' + properties: + - name: 'includeHost' + type: Boolean + description: | + If true requests to different hosts will be cached separately. + send_empty_value: true + at_least_one_of: + - 'cdn_policy.0.cache_key_policy.0.include_host' + - 'cdn_policy.0.cache_key_policy.0.include_protocol' + - 'cdn_policy.0.cache_key_policy.0.include_query_string' + - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' + - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' + - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' + - name: 'includeProtocol' + type: Boolean + description: | + If true, http and https requests will be cached separately. + send_empty_value: true + at_least_one_of: + - 'cdn_policy.0.cache_key_policy.0.include_host' + - 'cdn_policy.0.cache_key_policy.0.include_protocol' + - 'cdn_policy.0.cache_key_policy.0.include_query_string' + - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' + - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' + - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' + - name: 'includeQueryString' + type: Boolean + description: | + If true, include query string parameters in the cache key + according to query_string_whitelist and + query_string_blacklist. If neither is set, the entire query + string will be included. + + If false, the query string will be excluded from the cache + key entirely. + send_empty_value: true + at_least_one_of: + - 'cdn_policy.0.cache_key_policy.0.include_host' + - 'cdn_policy.0.cache_key_policy.0.include_protocol' + - 'cdn_policy.0.cache_key_policy.0.include_query_string' + - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' + - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' + - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' + - name: 'queryStringBlacklist' + type: Array + description: | + Names of query string parameters to exclude in cache keys. + + All other parameters will be included. Either specify + query_string_whitelist or query_string_blacklist, not both. + '&' and '=' will be percent encoded and not treated as + delimiters. + is_set: true + send_empty_value: true + at_least_one_of: + - 'cdn_policy.0.cache_key_policy.0.include_host' + - 'cdn_policy.0.cache_key_policy.0.include_protocol' + - 'cdn_policy.0.cache_key_policy.0.include_query_string' + - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' + - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' + - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' + item_type: + type: String + - name: 'queryStringWhitelist' + type: Array + description: | + Names of query string parameters to include in cache keys. + + All other parameters will be excluded. Either specify + query_string_whitelist or query_string_blacklist, not both. + '&' and '=' will be percent encoded and not treated as + delimiters. + is_set: true + send_empty_value: true + at_least_one_of: + - 'cdn_policy.0.cache_key_policy.0.include_host' + - 'cdn_policy.0.cache_key_policy.0.include_protocol' + - 'cdn_policy.0.cache_key_policy.0.include_query_string' + - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' + - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' + - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' + item_type: + type: String + - name: 'includeNamedCookies' + type: Array + description: | + Names of cookies to include in cache keys. + send_empty_value: true + at_least_one_of: + - 'cdn_policy.0.cache_key_policy.0.include_host' + - 'cdn_policy.0.cache_key_policy.0.include_protocol' + - 'cdn_policy.0.cache_key_policy.0.include_query_string' + - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' + - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' + - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' + item_type: + type: String + - name: 'signedUrlCacheMaxAgeSec' + type: Integer + description: | + Maximum number of seconds the response to a signed URL request + will be considered fresh, defaults to 1hr (3600s). After this + time period, the response will be revalidated before + being served. + + When serving responses to signed URL requests, Cloud CDN will + internally behave as though all responses from this backend had a + "Cache-Control: public, max-age=[TTL]" header, regardless of any + existing Cache-Control header. The actual headers served in + responses will not be altered. + at_least_one_of: + - 'cdn_policy.0.cache_key_policy' + - 'cdn_policy.0.signed_url_cache_max_age_sec' + default_value: 3600 + - name: 'defaultTtl' + type: Integer + description: | + Specifies the default TTL for cached content served by this origin for responses + that do not have an existing valid TTL (max-age or s-max-age). + default_from_api: true + - name: 'maxTtl' + type: Integer + description: | + Specifies the maximum allowed TTL for cached content served by this origin. + default_from_api: true + - name: 'clientTtl' + type: Integer + description: | + Specifies the maximum allowed TTL for cached content served by this origin. + default_from_api: true + - name: 'negativeCaching' + type: Boolean + description: | + Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. + default_from_api: true + send_empty_value: true + - name: 'negativeCachingPolicy' + type: Array + description: | + Sets a cache TTL for the specified HTTP status code. negativeCaching must be enabled to configure negativeCachingPolicy. + Omitting the policy and leaving negativeCaching enabled will use Cloud CDN's default cache TTLs. + item_type: + type: NestedObject + properties: + - name: 'code' + type: Integer + description: | + The HTTP status code to define a TTL against. Only HTTP status codes 300, 301, 308, 404, 405, 410, 421, 451 and 501 + can be specified as values, and you cannot specify a status code more than once. + - name: 'ttl' + type: Integer + description: | + The TTL (in seconds) for which to cache responses with the corresponding status code. The maximum allowed value is 1800s + (30 minutes), noting that infrequently accessed objects may be evicted from the cache before the defined TTL. + min_version: 'beta' + - name: 'cacheMode' + type: Enum + description: | + Specifies the cache setting for all responses from this backend. + The possible values are: USE_ORIGIN_HEADERS, FORCE_CACHE_ALL and CACHE_ALL_STATIC + default_from_api: true + enum_values: + - 'USE_ORIGIN_HEADERS' + - 'FORCE_CACHE_ALL' + - 'CACHE_ALL_STATIC' + - name: 'serveWhileStale' + type: Integer + description: | + Serve existing content from the cache (if available) when revalidating content with the origin, or when an error is encountered when refreshing the cache. + + default_from_api: true + send_empty_value: true + - name: 'connectionDraining' + type: NestedObject + description: | + Settings for connection draining + flatten_object: true + properties: + - name: 'connection_draining_timeout_sec' + type: Integer + description: | + Time for which instance will be drained (not accept new + connections, but still work to finish started). + api_name: drainingTimeoutSec + send_empty_value: true + default_value: 300 + - name: 'creationTimestamp' + type: Time + description: | + Creation timestamp in RFC3339 text format. + output: true + # customRequestHeaders only supported for EXTERNAL load balancing + - name: 'description' + type: String + description: | + An optional description of this resource. + - name: 'failoverPolicy' + type: NestedObject + description: | + Policy for failovers. + properties: + - name: 'disableConnectionDrainOnFailover' + type: Boolean + description: | + On failover or failback, this field indicates whether connection drain + will be honored. Setting this to true has the following effect: connections + to the old active pool are not drained. Connections to the new active pool + use the timeout of 10 min (currently fixed). Setting to false has the + following effect: both old and new connections will have a drain timeout + of 10 min. + This can be set to true only if the protocol is TCP. + The default is false. + default_from_api: true + at_least_one_of: + - 'failover_policy.0.disable_connection_drain_on_failover' + - 'failover_policy.0.drop_traffic_if_unhealthy' + - 'failover_policy.0.failover_ratio' + - name: 'dropTrafficIfUnhealthy' + type: Boolean + description: | + This option is used only when no healthy VMs are detected in the primary + and backup instance groups. When set to true, traffic is dropped. When + set to false, new connections are sent across all VMs in the primary group. + The default is false. + default_from_api: true + send_empty_value: true + at_least_one_of: + - 'failover_policy.0.disable_connection_drain_on_failover' + - 'failover_policy.0.drop_traffic_if_unhealthy' + - 'failover_policy.0.failover_ratio' + - name: 'failoverRatio' + type: Double + description: | + The value of the field must be in [0, 1]. If the ratio of the healthy + VMs in the primary backend is at or below this number, traffic arriving + at the load-balanced IP will be directed to the failover backend. + In case where 'failoverRatio' is not set or all the VMs in the backup + backend are unhealthy, the traffic will be directed back to the primary + backend in the "force" mode, where traffic will be spread to the healthy + VMs with the best effort, or to all VMs when no VM is healthy. + This field is only used with l4 load balancing. + at_least_one_of: + - 'failover_policy.0.disable_connection_drain_on_failover' + - 'failover_policy.0.drop_traffic_if_unhealthy' + - 'failover_policy.0.failover_ratio' + - name: 'enableCDN' + type: Boolean + description: | + If true, enable Cloud CDN for this RegionBackendService. + - name: 'fingerprint' + type: Fingerprint + description: | + Fingerprint of this resource. A hash of the contents stored in this + object. This field is used in optimistic locking. + output: true + - name: 'healthChecks' + type: Array + description: | + The set of URLs to HealthCheck resources for health checking + this RegionBackendService. Currently at most one health + check can be specified. + + A health check must be specified unless the backend service uses an internet + or serverless NEG as a backend. + is_set: true + set_hash_func: 'tpgresource.SelfLinkRelativePathHash' + custom_flatten: 'templates/terraform/custom_flatten/go/guard_self_link_array.go.tmpl' + item_type: + type: String + min_size: 1 + max_size: 1 + - name: 'generated_id' + type: Integer + description: + 'The unique identifier for the resource. This identifier is defined by the + server.' + api_name: id + output: true + - name: 'iap' + type: NestedObject + description: Settings for enabling Cloud Identity Aware Proxy + default_from_api: true + send_empty_value: true + properties: + - name: 'enabled' + type: Boolean + description: Whether the serving infrastructure will authenticate and authorize all incoming requests. + required: true + - name: 'oauth2ClientId' + type: String + description: | + OAuth2 Client ID for IAP + - name: 'oauth2ClientSecret' + type: String + description: | + OAuth2 Client Secret for IAP + ignore_read: true + sensitive: true + send_empty_value: true + - name: 'oauth2ClientSecretSha256' + type: String + description: | + OAuth2 Client Secret SHA-256 for IAP + sensitive: true + output: true + - name: 'loadBalancingScheme' + type: Enum + description: | + Indicates what kind of load balancing this regional backend service + will be used for. A backend service created for one type of load + balancing cannot be used with the other(s). For more information, refer to + [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service). + immutable: true + default_value: "INTERNAL" + enum_values: + - 'EXTERNAL' + - 'EXTERNAL_MANAGED' + - 'INTERNAL' + - 'INTERNAL_MANAGED' + - name: 'localityLbPolicy' + type: Enum + description: | + The load balancing algorithm used within the scope of the locality. + The possible values are: + + * `ROUND_ROBIN`: This is a simple policy in which each healthy backend + is selected in round robin order. + + * `LEAST_REQUEST`: An O(1) algorithm which selects two random healthy + hosts and picks the host which has fewer active requests. + + * `RING_HASH`: The ring/modulo hash load balancer implements consistent + hashing to backends. The algorithm has the property that the + addition/removal of a host from a set of N hosts only affects + 1/N of the requests. + + * `RANDOM`: The load balancer selects a random healthy host. + + * `ORIGINAL_DESTINATION`: Backend host is selected based on the client + connection metadata, i.e., connections are opened + to the same address as the destination address of + the incoming connection before the connection + was redirected to the load balancer. + + * `MAGLEV`: used as a drop in replacement for the ring hash load balancer. + Maglev is not as stable as ring hash but has faster table lookup + build times and host selection times. For more information about + Maglev, refer to https://ai.google/research/pubs/pub44824 + + * `WEIGHTED_MAGLEV`: Per-instance weighted Load Balancing via health check + reported weights. Only applicable to loadBalancingScheme + EXTERNAL. If set, the Backend Service must + configure a non legacy HTTP-based Health Check, and + health check replies are expected to contain + non-standard HTTP response header field + X-Load-Balancing-Endpoint-Weight to specify the + per-instance weights. If set, Load Balancing is weight + based on the per-instance weights reported in the last + processed health check replies, as long as every + instance either reported a valid weight or had + UNAVAILABLE_WEIGHT. Otherwise, Load Balancing remains + equal-weight. + + locality_lb_policy is applicable to either: + + * A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, + and loadBalancingScheme set to INTERNAL_MANAGED. + * A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. + * A regional backend service with loadBalancingScheme set to EXTERNAL (External Network + Load Balancing). Only MAGLEV and WEIGHTED_MAGLEV values are possible for External + Network Load Balancing. The default is MAGLEV. + + If session_affinity is not NONE, and locality_lb_policy is not set to MAGLEV, WEIGHTED_MAGLEV, + or RING_HASH, session affinity settings will not take effect. + + Only ROUND_ROBIN and RING_HASH are supported when the backend service is referenced + by a URL map that is bound to target gRPC proxy that has validate_for_proxyless + field set to true. + enum_values: + - 'ROUND_ROBIN' + - 'LEAST_REQUEST' + - 'RING_HASH' + - 'RANDOM' + - 'ORIGINAL_DESTINATION' + - 'MAGLEV' + - 'WEIGHTED_MAGLEV' + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and match + the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the + first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the last + character, which cannot be a dash. + required: true + immutable: true + - name: 'outlierDetection' + type: NestedObject + description: | + Settings controlling eviction of unhealthy hosts from the load balancing pool. + This field is applicable only when the `load_balancing_scheme` is set + to INTERNAL_MANAGED and the `protocol` is set to HTTP, HTTPS, or HTTP2. + properties: + - name: 'baseEjectionTime' + type: NestedObject + description: | + The base time that a host is ejected for. The real time is equal to the base + time multiplied by the number of times the host has been ejected. Defaults to + 30000ms or 30s. + at_least_one_of: + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + properties: + - name: 'seconds' + type: Integer + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 + inclusive. + required: true + - name: 'nanos' + type: Integer + description: | + Span of time that's a fraction of a second at nanosecond resolution. Durations + less than one second are represented with a 0 `seconds` field and a positive + `nanos` field. Must be from 0 to 999,999,999 inclusive. + - name: 'consecutiveErrors' + type: Integer + description: | + Number of errors before a host is ejected from the connection pool. When the + backend host is accessed over HTTP, a 5xx return code qualifies as an error. + Defaults to 5. + at_least_one_of: + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + - name: 'consecutiveGatewayFailure' + type: Integer + description: | + The number of consecutive gateway failures (502, 503, 504 status or connection + errors that are mapped to one of those status codes) before a consecutive + gateway failure ejection occurs. Defaults to 5. + at_least_one_of: + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + - name: 'enforcingConsecutiveErrors' + type: Integer + description: | + The percentage chance that a host will be actually ejected when an outlier + status is detected through consecutive 5xx. This setting can be used to disable + ejection or to ramp it up slowly. Defaults to 100. + at_least_one_of: + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + - name: 'enforcingConsecutiveGatewayFailure' + type: Integer + description: | + The percentage chance that a host will be actually ejected when an outlier + status is detected through consecutive gateway failures. This setting can be + used to disable ejection or to ramp it up slowly. Defaults to 0. + at_least_one_of: + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + - name: 'enforcingSuccessRate' + type: Integer + description: | + The percentage chance that a host will be actually ejected when an outlier + status is detected through success rate statistics. This setting can be used to + disable ejection or to ramp it up slowly. Defaults to 100. + at_least_one_of: + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + - name: 'interval' + type: NestedObject + description: | + Time interval between ejection sweep analysis. This can result in both new + ejections as well as hosts being returned to service. Defaults to 10 seconds. + at_least_one_of: + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + properties: + - name: 'seconds' + type: Integer + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 + inclusive. + required: true + - name: 'nanos' + type: Integer + description: | + Span of time that's a fraction of a second at nanosecond resolution. Durations + less than one second are represented with a 0 `seconds` field and a positive + `nanos` field. Must be from 0 to 999,999,999 inclusive. + - name: 'maxEjectionPercent' + type: Integer + description: | + Maximum percentage of hosts in the load balancing pool for the backend service + that can be ejected. Defaults to 10%. + at_least_one_of: + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + - name: 'successRateMinimumHosts' + type: Integer + description: | + The number of hosts in a cluster that must have enough request volume to detect + success rate outliers. If the number of hosts is less than this setting, outlier + detection via success rate statistics is not performed for any host in the + cluster. Defaults to 5. + at_least_one_of: + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + - name: 'successRateRequestVolume' + type: Integer + description: | + The minimum number of total requests that must be collected in one interval (as + defined by the interval duration above) to include this host in success rate + based outlier detection. If the volume is lower than this setting, outlier + detection via success rate statistics is not performed for that host. Defaults + to 100. + at_least_one_of: + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + - name: 'successRateStdevFactor' + type: Integer + description: | + This factor is used to determine the ejection threshold for success rate outlier + ejection. The ejection threshold is the difference between the mean success + rate, and the product of this factor and the standard deviation of the mean + success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided + by a thousand to get a double. That is, if the desired factor is 1.9, the + runtime value should be 1900. Defaults to 1900. + at_least_one_of: + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + - name: 'portName' + type: String + description: | + A named port on a backend instance group representing the port for + communication to the backend VMs in that group. Required when the + loadBalancingScheme is EXTERNAL, EXTERNAL_MANAGED, INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED + and the backends are instance groups. The named port must be defined on each + backend instance group. This parameter has no meaning if the backends are NEGs. API sets a + default of "http" if not given. + Must be omitted when the loadBalancingScheme is INTERNAL (Internal TCP/UDP Load Balancing). + default_from_api: true + - name: 'protocol' + type: Enum + description: | + The protocol this RegionBackendService uses to communicate with backends. + The default is HTTP. **NOTE**: HTTP2 is only valid for beta HTTP/2 load balancer + types and may result in errors if used with the GA API. + default_from_api: true + # This is removed to avoid breaking terraform, as default values cannot be + # unspecified. Providers should include this as needed via overrides + # default_value: :TCP + enum_values: + - 'HTTP' + - 'HTTPS' + - 'HTTP2' + - 'SSL' + - 'TCP' + - 'UDP' + - 'GRPC' + - 'UNSPECIFIED' + - name: 'securityPolicy' + type: String + description: | + The security policy associated with this backend service. + min_version: 'beta' + update_url: 'projects/{{project}}/regions/{{region}}/backendServices/{{name}}/setSecurityPolicy' + update_verb: 'POST' + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - name: 'sessionAffinity' + type: Enum + description: | + Type of session affinity to use. The default is NONE. Session affinity is + not applicable if the protocol is UDP. + default_from_api: true + enum_values: + - 'NONE' + - 'CLIENT_IP' + - 'CLIENT_IP_PORT_PROTO' + - 'CLIENT_IP_PROTO' + - 'GENERATED_COOKIE' + - 'HEADER_FIELD' + - 'HTTP_COOKIE' + - 'CLIENT_IP_NO_DESTINATION' + - name: 'connectionTrackingPolicy' + type: NestedObject + description: | + Connection Tracking configuration for this BackendService. + This is available only for Layer 4 Internal Load Balancing and + Network Load Balancing. + min_version: 'beta' + properties: + - name: 'idleTimeoutSec' + type: Integer + description: | + Specifies how long to keep a Connection Tracking entry while there is + no matching traffic (in seconds). + + For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours. + + For NLB the minimum(default) is 60 seconds and the maximum is 16 hours. + default_from_api: true + - name: 'trackingMode' + type: Enum + description: | + Specifies the key used for connection tracking. There are two options: + `PER_CONNECTION`: The Connection Tracking is performed as per the + Connection Key (default Hash Method) for the specific protocol. + + `PER_SESSION`: The Connection Tracking is performed as per the + configured Session Affinity. It matches the configured Session Affinity. + default_value: "PER_CONNECTION" + enum_values: + - 'PER_CONNECTION' + - 'PER_SESSION' + - name: 'connectionPersistenceOnUnhealthyBackends' + type: Enum + description: | + Specifies connection persistence when backends are unhealthy. + + If set to `DEFAULT_FOR_PROTOCOL`, the existing connections persist on + unhealthy backends only for connection-oriented protocols (TCP and SCTP) + and only if the Tracking Mode is PER_CONNECTION (default tracking mode) + or the Session Affinity is configured for 5-tuple. They do not persist + for UDP. + + If set to `NEVER_PERSIST`, after a backend becomes unhealthy, the existing + connections on the unhealthy backend are never persisted on the unhealthy + backend. They are always diverted to newly selected healthy backends + (unless all backends are unhealthy). + + If set to `ALWAYS_PERSIST`, existing connections always persist on + unhealthy backends regardless of protocol and session affinity. It is + generally not recommended to use this mode overriding the default. + default_value: "DEFAULT_FOR_PROTOCOL" + enum_values: + - 'DEFAULT_FOR_PROTOCOL' + - 'NEVER_PERSIST' + - 'ALWAYS_PERSIST' + - name: 'enableStrongAffinity' + type: Boolean + description: Enable Strong Session Affinity for Network Load Balancing. This option is not available publicly. + - name: 'timeoutSec' + type: Integer + description: | + The backend service timeout has a different meaning depending on the type of load balancer. + For more information see, [Backend service settings](https://cloud.google.com/compute/docs/reference/rest/v1/backendServices). + The default is 30 seconds. + The full range of timeout values allowed goes from 1 through 2,147,483,647 seconds. + default_from_api: true + - name: 'logConfig' + type: NestedObject + description: | + This field denotes the logging options for the load balancer traffic served by this backend service. + If logging is enabled, logs will be exported to Stackdriver. + default_from_api: true + properties: + - name: 'enable' + type: Boolean + description: | + Whether to enable logging for the load balancer traffic served by this backend service. + send_empty_value: true + at_least_one_of: + - 'log_config.0.enable' + - 'log_config.0.sample_rate' + - name: 'sampleRate' + type: Double + description: | + This field can only be specified if logging is enabled for this backend service. The value of + the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer + where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. + The default value is 1.0. + at_least_one_of: + - 'log_config.0.enable' + - 'log_config.0.sample_rate' + diff_suppress_func: 'suppressWhenDisabled' + default_value: 1.0 + - name: 'network' + type: ResourceRef + description: | + The URL of the network to which this backend service belongs. + This field can only be specified when the load balancing scheme is set to INTERNAL. + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Network' + imports: 'selfLink' + - name: 'subsetting' + type: NestedObject + description: | + Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing and Internal HTTP(S) load balancing. + min_version: 'beta' + properties: + - name: 'policy' + type: Enum + description: | + The algorithm used for subsetting. + required: true + enum_values: + - 'CONSISTENT_HASH_SUBSETTING' diff --git a/mmv1/products/compute/go_RegionCommitment.yaml b/mmv1/products/compute/go_RegionCommitment.yaml new file mode 100644 index 000000000000..98ef7b215ab5 --- /dev/null +++ b/mmv1/products/compute/go_RegionCommitment.yaml @@ -0,0 +1,212 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'RegionCommitment' +kind: 'compute#commitment' +description: | + Represents a regional Commitment resource. + + Creating a commitment resource means that you are purchasing a committed + use contract with an explicit start and end time. You can create commitments + based on vCPUs and memory usage and receive discounted rates. +references: + guides: + 'Committed use discounts for Compute Engine': 'https://cloud.google.com/compute/docs/instances/committed-use-discounts-overview' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionCommitments' +docs: +base_url: 'projects/{{project}}/regions/{{region}}/commitments' +has_self_link: true +# Cannot be deleted +exclude_delete: true +# Cannot be updated (as of implementation date) +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: +examples: + - name: 'compute_region_commitment_basic' + primary_resource_id: 'foobar' + vars: + region_commitment_name: 'my-region-commitment' + # Creating a resource means signing a contract + # Spanning years that cannot be deleted + exclude_test: true + - name: 'compute_region_commitment_full' + primary_resource_id: 'foobar' + vars: + region_commitment_name: 'my-full-commitment' + # Creating a resource means signing a contract + # Spanning years that cannot be deleted + exclude_test: true +parameters: + - name: 'region' + type: ResourceRef + description: | + URL of the region where this commitment may be used. + required: false + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' +properties: + - name: 'commitment_id' + type: Integer + description: 'Unique identifier for the resource.' + api_name: id + output: true + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'name' + type: String + description: | + Name of the resource. The name must be 1-63 characters long and match + the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the + first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the last + character, which cannot be a dash. + required: true + validation: + function: 'verify.ValidateGCEName' + - name: 'description' + type: String + description: | + An optional description of this resource. + - name: 'status' + type: Enum + description: | + Status of the commitment with regards to eventual expiration + (each commitment has an end date defined). + output: true + enum_values: + - 'NOT_YET_ACTIVE' + - 'ACTIVE' + - 'EXPIRED' + - name: 'statusMessage' + type: String + description: | + A human-readable explanation of the status. + output: true + - name: 'plan' + type: Enum + description: | + The plan for this commitment, which determines duration and discount rate. + The currently supported plans are TWELVE_MONTH (1 year), and THIRTY_SIX_MONTH (3 years). + required: true + enum_values: + - 'TWELVE_MONTH' + - 'THIRTY_SIX_MONTH' + - name: 'startTimestamp' + type: Time + description: 'Commitment start time in RFC3339 text format.' + output: true + - name: 'endTimestamp' + type: Time + description: 'Commitment end time in RFC3339 text format.' + output: true + - name: 'resources' + type: Array + description: | + A list of commitment amounts for particular resources. + Note that VCPU and MEMORY resource commitments must occur together. + item_type: + type: NestedObject + properties: + - name: 'type' + type: String + description: | + Type of resource for which this commitment applies. + Possible values are VCPU, MEMORY, LOCAL_SSD, and ACCELERATOR. + - name: 'amount' + type: String + description: | + The amount of the resource purchased (in a type-dependent unit, + such as bytes). For vCPUs, this can just be an integer. For memory, + this must be provided in MB. Memory must be a multiple of 256 MB, + with up to 6.5GB of memory per every vCPU. + - name: 'acceleratorType' + type: String + description: | + Name of the accelerator type resource. Applicable only when the type is ACCELERATOR. + - name: 'type' + type: String + description: | + The type of commitment, which affects the discount rate and the eligible resources. + The type could be one of the following value: `MEMORY_OPTIMIZED`, `ACCELERATOR_OPTIMIZED`, + `GENERAL_PURPOSE_N1`, `GENERAL_PURPOSE_N2`, `GENERAL_PURPOSE_N2D`, `GENERAL_PURPOSE_E2`, + `GENERAL_PURPOSE_T2D`, `GENERAL_PURPOSE_C3`, `COMPUTE_OPTIMIZED_C2`, `COMPUTE_OPTIMIZED_C2D` and + `GRAPHICS_OPTIMIZED_G2` + default_from_api: true + - name: 'category' + type: Enum + description: | + The category of the commitment. Category MACHINE specifies commitments composed of + machine resources such as VCPU or MEMORY, listed in resources. Category LICENSE + specifies commitments composed of software licenses, listed in licenseResources. + Note that only MACHINE commitments should have a Type specified. + default_from_api: true + enum_values: + - 'LICENSE' + - 'MACHINE' + - name: 'licenseResource' + type: NestedObject + description: | + The license specification required as part of a license commitment. + properties: + - name: 'license' + type: String + description: | + Any applicable license URI. + required: true + - name: 'amount' + type: String + description: | + The number of licenses purchased. + - name: 'coresPerLicense' + type: String + description: | + Specifies the core range of the instance for which this license applies. + - name: 'autoRenew' + type: Boolean + description: | + Specifies whether to enable automatic renewal for the commitment. + The default value is false if not specified. + If the field is set to true, the commitment will be automatically renewed for either + one or three years according to the terms of the existing commitment. + default_from_api: true + - name: 'existingReservations' + type: String + description: | + Specifies the already existing reservations to attach to the Commitment. + default_from_api: true diff --git a/mmv1/products/compute/go_RegionDisk.yaml b/mmv1/products/compute/go_RegionDisk.yaml new file mode 100644 index 000000000000..799b151d9444 --- /dev/null +++ b/mmv1/products/compute/go_RegionDisk.yaml @@ -0,0 +1,372 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'RegionDisk' +kind: 'compute#disk' +description: | + Persistent disks are durable storage devices that function similarly to + the physical disks in a desktop or a server. Compute Engine manages the + hardware behind these devices to ensure data redundancy and optimize + performance for you. Persistent disks are available as either standard + hard disk drives (HDD) or solid-state drives (SSD). + + Persistent disks are located independently from your virtual machine + instances, so you can detach or move persistent disks to keep your data + even after you delete your instances. Persistent disk performance scales + automatically with size, so you can resize your existing persistent disks + or add more persistent disks to an instance to meet your performance and + storage space requirements. + + Add a persistent disk to your instance when you need reliable and + affordable storage with consistent performance characteristics. +references: + guides: + 'Adding or Resizing Regional Persistent Disks': 'https://cloud.google.com/compute/docs/disks/regional-persistent-disk' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionDisks' +docs: +base_url: 'projects/{{project}}/regions/{{region}}/disks' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +iam_policy: + parent_resource_attribute: 'name' + base_url: 'projects/{{project}}/regions/{{region}}/disks/{{name}}' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/regions/{{region}}/disks/{{name}}' + - '{{name}}' +custom_code: + encoder: 'templates/terraform/encoders/go/disk.tmpl' + decoder: 'templates/terraform/decoders/go/disk.tmpl' + pre_delete: 'templates/terraform/pre_delete/go/detach_disk.tmpl' +custom_diff: + - 'customdiff.ForceNewIfChange("size", IsDiskShrinkage)' + - 'hyperDiskIopsUpdateDiffSupress' +examples: + - name: 'region_disk_basic' + primary_resource_id: 'regiondisk' + primary_resource_name: 'fmt.Sprintf("tf-test-my-region-disk%s", context["random_suffix"])' + vars: + region_disk_name: 'my-region-disk' + disk_name: 'my-disk' + snapshot_name: 'my-snapshot' + - name: 'region_disk_async' + primary_resource_id: 'primary' + primary_resource_name: 'fmt.Sprintf("tf-test-my-region-disk%s", context["random_suffix"])' + vars: + region_disk_name: 'primary-region-disk' + secondary_region_disk_name: 'secondary-region-disk' + - name: 'region_disk_features' + primary_resource_id: 'regiondisk' + primary_resource_name: 'fmt.Sprintf("tf-test-my-region-disk%s", context["random_suffix"])' + vars: + region_disk_name: 'my-region-features-disk' +parameters: + - name: 'region' + type: ResourceRef + description: 'A reference to the region where the disk resides.' + required: false + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' + - name: 'diskEncryptionKey' + type: NestedObject + description: | + Encrypts the disk using a customer-supplied encryption key. + + After you encrypt a disk with a customer-supplied key, you must + provide the same key if you use the disk later (e.g. to create a disk + snapshot or an image, or to attach the disk to a virtual machine). + + Customer-supplied encryption keys do not protect access to metadata of + the disk. + + If you do not provide an encryption key when creating the disk, then + the disk will be encrypted using an automatically generated key and + you do not need to provide a key to use the disk later. + immutable: true + properties: + - name: 'rawKey' + type: String + description: | + Specifies a 256-bit customer-supplied encryption key, encoded in + RFC 4648 base64 to either encrypt or decrypt this resource. + sensitive: true + - name: 'sha256' + type: String + description: | + The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied + encryption key that protects this resource. + output: true + # TODO(chrisst) Change to ResourceRef once KMS is in Magic Modules + - name: 'kmsKeyName' + type: String + description: | + The name of the encryption key that is stored in Google Cloud KMS. + - name: 'snapshot' + type: ResourceRef + description: | + The source snapshot used to create this disk. You can provide this as + a partial or full URL to the resource. For example, the following are + valid values: + + * `https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot` + * `projects/project/global/snapshots/snapshot` + * `global/snapshots/snapshot` + * `snapshot` + api_name: sourceSnapshot + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Snapshot' + imports: 'selfLink' + - name: 'sourceSnapshotEncryptionKey' + type: NestedObject + description: | + The customer-supplied encryption key of the source snapshot. Required + if the source snapshot is protected by a customer-supplied encryption + key. + immutable: true + properties: + - name: 'rawKey' + type: String + description: | + Specifies a 256-bit customer-supplied encryption key, encoded in + RFC 4648 base64 to either encrypt or decrypt this resource. + # TODO(chrisst) Change to ResourceRef once KMS is in Magic Modules + - name: 'kmsKeyName' + type: String + description: | + The name of the encryption key that is stored in Google Cloud KMS. + min_version: 'beta' + - name: 'sha256' + type: String + description: | + The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied + encryption key that protects this resource. + output: true + - name: 'sourceSnapshotId' + type: String + description: | + The unique ID of the snapshot used to create this disk. This value + identifies the exact snapshot that was used to create this persistent + disk. For example, if you created the persistent disk from a snapshot + that was later deleted and recreated under the same name, the source + snapshot ID would identify the exact version of the snapshot that was + used. + output: true +properties: + - name: 'labelFingerprint' + type: Fingerprint + description: | + The fingerprint used for optimistic locking of this resource. Used + internally during updates. + output: true + update_url: 'projects/{{project}}/regions/{{region}}/disks/{{name}}/setLabels' + update_verb: 'POST' + key_expander: '' + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'description' + type: String + description: | + An optional description of this resource. Provide this property when + you create the resource. + - name: 'lastAttachTimestamp' + type: Time + description: 'Last attach timestamp in RFC3339 text format.' + output: true + - name: 'lastDetachTimestamp' + type: Time + description: 'Last detach timestamp in RFC3339 text format.' + output: true + - name: 'labels' + type: KeyValueLabels + description: | + Labels to apply to this disk. A list of key->value pairs. + update_url: 'projects/{{project}}/regions/{{region}}/disks/{{name}}/setLabels' + update_verb: 'POST' + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and match + the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the + first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the last + character, which cannot be a dash. + required: true + immutable: true + - name: 'size' + type: Integer + description: | + Size of the persistent disk, specified in GB. You can specify this + field when creating a persistent disk using the sourceImage or + sourceSnapshot parameter, or specify it alone to create an empty + persistent disk. + + If you specify this field along with sourceImage or sourceSnapshot, + the value of sizeGb must not be less than the size of the sourceImage + or the size of the snapshot. + api_name: sizeGb + default_from_api: true + update_url: 'projects/{{project}}/regions/{{region}}/disks/{{name}}/resize' + update_verb: 'POST' + - name: 'users' + type: Array + description: | + Links to the users of the disk (attached instances) in form: + project/zones/zone/instances/instance + output: true + custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' + item_type: + name: 'user' + type: ResourceRef + description: 'A reference to a user of this disk' + resource: 'Instance' + imports: 'selfLink' + - name: 'physicalBlockSizeBytes' + type: Integer + description: | + Physical block size of the persistent disk, in bytes. If not present + in a request, a default value is used. Currently supported sizes + are 4096 and 16384, other sizes may be added in the future. + If an unsupported value is requested, the error message will list + the supported values for the caller's project. + default_from_api: true + - name: 'replicaZones' + type: Array + description: 'URLs of the zones where the disk should be replicated to.' + required: true + custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' + item_type: + name: 'zone' + type: ResourceRef + description: | + A reference to a zone where the disk should be replicated to. + resource: 'Zone' + imports: 'selfLink' + min_size: 2 + max_size: 2 + - name: 'type' + type: ResourceRef + description: | + URL of the disk type resource describing which disk type to use to + create the disk. Provide this when creating the disk. + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + default_value: "pd-standard" + resource: 'RegionDiskType' + imports: 'selfLink' + - name: 'interface' + type: String + description: | + Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI. + min_version: 'beta' + # interface is removed using url_param_only to preserve schema definition + # and prevent sending or reading in API requests + url_param_only: true + diff_suppress_func: 'AlwaysDiffSuppress' + default_value: "SCSI" + deprecation_message: '`interface` is deprecated and will be removed in a future major release. This field is no longer used and can be safely removed from your configurations; disk interfaces are automatically determined on attachment.' + - name: 'sourceDisk' + type: String + description: | + The source disk used to create this disk. You can provide this as a partial or full URL to the resource. + For example, the following are valid values: + + * https://www.googleapis.com/compute/v1/projects/{project}/zones/{zone}/disks/{disk} + * https://www.googleapis.com/compute/v1/projects/{project}/regions/{region}/disks/{disk} + * projects/{project}/zones/{zone}/disks/{disk} + * projects/{project}/regions/{region}/disks/{disk} + * zones/{zone}/disks/{disk} + * regions/{region}/disks/{disk} + diff_suppress_func: 'sourceDiskDiffSupress' + - name: 'sourceDiskId' + type: String + description: | + The ID value of the disk used to create this image. This value may + be used to determine whether the image was taken from the current + or a previous instance of a given disk name. + output: true + - name: 'asyncPrimaryDisk' + type: NestedObject + diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' + properties: + - name: 'disk' + type: String + description: | + Primary disk for asynchronous disk replication. + required: true + - name: 'guestOsFeatures' + type: Array + description: | + A list of features to enable on the guest operating system. + Applicable only for bootable disks. + is_set: true + default_from_api: true + item_type: + type: NestedObject + properties: + - name: 'type' + type: Enum + description: | + The type of supported feature. Read [Enabling guest operating system features](https://cloud.google.com/compute/docs/images/create-delete-deprecate-private-images#guest-os-features) to see a list of available options. + required: true + enum_values: + - 'MULTI_IP_SUBNET' + - 'SECURE_BOOT' + - 'SEV_CAPABLE' + - 'UEFI_COMPATIBLE' + - 'VIRTIO_SCSI_MULTIQUEUE' + - 'WINDOWS' + - 'GVNIC' + - 'SEV_LIVE_MIGRATABLE' + - 'SEV_SNP_CAPABLE' + - 'SUSPEND_RESUME_COMPATIBLE' + - 'TDX_CAPABLE' + - name: 'licenses' + type: Array + description: Any applicable license URI. + immutable: true + default_from_api: true + custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' + item_type: + name: 'license' + type: ResourceRef + description: 'An applicable license URI' + resource: 'License' + imports: 'selfLink' diff --git a/mmv1/products/compute/go_RegionDiskResourcePolicyAttachment.yaml b/mmv1/products/compute/go_RegionDiskResourcePolicyAttachment.yaml new file mode 100644 index 000000000000..f70f7da5fd89 --- /dev/null +++ b/mmv1/products/compute/go_RegionDiskResourcePolicyAttachment.yaml @@ -0,0 +1,90 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'RegionDiskResourcePolicyAttachment' +description: | + Adds existing resource policies to a disk. You can only add one policy + which will be applied to this disk for scheduling snapshot creation. + + ~> **Note:** This resource does not support zonal disks (`google_compute_disk`). For zonal disks, please refer to [`google_compute_disk_resource_policy_attachment`](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_disk_resource_policy_attachment) +docs: +id_format: '{{project}}/{{region}}/{{disk}}/{{name}}' +base_url: 'projects/{{project}}/regions/{{region}}/disks/{{disk}}' +self_link: 'projects/{{project}}/regions/{{region}}/disks/{{disk}}' +create_url: 'projects/{{project}}/regions/{{region}}/disks/{{disk}}/addResourcePolicies' +delete_url: 'projects/{{project}}/regions/{{region}}/disks/{{disk}}/removeResourcePolicies' +delete_verb: 'POST' +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +identity: + - name +nested_query: + keys: + - resourcePolicies + is_list_of_ids: true + modify_by_patch: false +custom_code: + encoder: 'templates/terraform/encoders/go/compute_region_disk_resource_policies_attachment.go.tmpl' + decoder: 'templates/terraform/decoders/go/compute_disk_resource_policies_attachment.go.tmpl' + pre_delete: 'templates/terraform/pre_delete/go/compute_region_disk_resource_policies_attachment.go.tmpl' +examples: + - name: 'region_disk_resource_policy_attachment_basic' + primary_resource_id: 'attachment' + vars: + base_disk_name: 'my-base-disk' + snapshot_name: 'my-snapshot' + disk_name: 'my-disk' + policy_name: 'my-resource-policy' +parameters: + - name: 'disk' + type: ResourceRef + description: | + The name of the regional disk in which the resource policies are attached to. + url_param_only: true + required: true + resource: 'Disk' + imports: 'name' + - name: 'region' + type: ResourceRef + description: 'A reference to the region where the disk resides.' + url_param_only: true + required: false + default_from_api: true + resource: 'Region' + imports: 'name' +properties: + - name: 'name' + type: String + description: | + The resource policy to be attached to the disk for scheduling snapshot + creation. Do not specify the self link. + required: true diff --git a/mmv1/products/compute/go_RegionDiskType.yaml b/mmv1/products/compute/go_RegionDiskType.yaml new file mode 100644 index 000000000000..ea29643f962a --- /dev/null +++ b/mmv1/products/compute/go_RegionDiskType.yaml @@ -0,0 +1,110 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'RegionDiskType' +kind: 'compute#diskType' +description: | + Represents a regional DiskType resource. A DiskType resource represents + the type of disk to use, such as a pd-ssd, pd-balanced or pd-standard. To reference a + disk type, use the disk type's full or partial URL. +exclude: true +readonly: true +docs: +base_url: 'projects/{{project}}/regions/{{region}}/diskTypes' +has_self_link: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +collection_url_key: 'items' +custom_code: +parameters: + - name: 'region' + type: ResourceRef + description: 'A reference to the region where the disk type resides.' + required: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' +properties: + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'defaultDiskSizeGb' + type: Integer + description: 'Server-defined default disk size in GB.' + output: true + - name: 'deprecated' + type: NestedObject + description: 'The deprecation status associated with this disk type.' + output: true + properties: + - name: 'deleted' + type: Time + description: | + An optional RFC3339 timestamp on or after which the deprecation state + of this resource will be changed to DELETED. + output: true + - name: 'deprecated' + type: Time + description: | + An optional RFC3339 timestamp on or after which the deprecation state + of this resource will be changed to DEPRECATED. + output: true + - name: 'obsolete' + type: Time + description: | + An optional RFC3339 timestamp on or after which the deprecation state + of this resource will be changed to OBSOLETE. + output: true + - name: 'replacement' + type: String + description: | + The URL of the suggested replacement for a deprecated resource. The + suggested replacement resource must be the same kind of resource as + the deprecated resource. + output: true + - name: 'state' + type: Enum + description: | + The deprecation state of this resource. This can be DEPRECATED, + OBSOLETE, or DELETED. Operations which create a new resource using a + DEPRECATED resource will return successfully, but with a warning + indicating the deprecated resource and recommending its replacement. + Operations which use OBSOLETE or DELETED resources will be rejected + and result in an error. + output: true + enum_values: + - 'DEPRECATED' + - 'OBSOLETE' + - 'DELETED' + - name: 'description' + type: String + description: 'An optional description of this resource.' + output: true + - name: 'id' + type: Integer + description: 'The unique identifier for the resource.' + output: true + - name: 'name' + type: String + description: 'Name of the resource.' + - name: 'validDiskSize' + type: String + description: | + An optional textual description of the valid disk size, such as + "10GB-10TB". + output: true diff --git a/mmv1/products/compute/go_RegionHealthCheck.yaml b/mmv1/products/compute/go_RegionHealthCheck.yaml new file mode 100644 index 000000000000..c53f7405f68e --- /dev/null +++ b/mmv1/products/compute/go_RegionHealthCheck.yaml @@ -0,0 +1,858 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'RegionHealthCheck' +kind: 'compute#healthCheck' +description: | + Health Checks determine whether instances are responsive and able to do work. + They are an important part of a comprehensive load balancing configuration, + as they enable monitoring instances behind load balancers. + + Health Checks poll instances at a specified interval. Instances that + do not respond successfully to some number of probes in a row are marked + as unhealthy. No new connections are sent to unhealthy instances, + though existing connections will continue. The health check will + continue to poll unhealthy instances. If an instance later responds + successfully to some number of consecutive probes, it is marked + healthy again and can receive new connections. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/health-checks' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionHealthChecks' +docs: +base_url: 'projects/{{project}}/regions/{{region}}/healthChecks' +has_self_link: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: + encoder: 'templates/terraform/encoders/go/health_check_type.tmpl' +custom_diff: + - 'healthCheckCustomizeDiff' +examples: + - name: 'region_health_check_tcp' + primary_resource_id: 'tcp-region-health-check' + vars: + health_check_name: 'tcp-region-health-check' + - name: 'region_health_check_tcp_full' + primary_resource_id: 'tcp-region-health-check' + vars: + health_check_name: 'tcp-region-health-check' + - name: 'region_health_check_ssl' + primary_resource_id: 'ssl-region-health-check' + vars: + health_check_name: 'ssl-region-health-check' + - name: 'region_health_check_ssl_full' + primary_resource_id: 'ssl-region-health-check' + vars: + health_check_name: 'ssl-region-health-check' + - name: 'region_health_check_http' + primary_resource_id: 'http-region-health-check' + vars: + health_check_name: 'http-region-health-check' + - name: 'region_health_check_http_logs' + primary_resource_id: 'http-region-health-check' + min_version: 'beta' + vars: + health_check_name: 'http-region-health-check' + - name: 'region_health_check_http_full' + primary_resource_id: 'http-region-health-check' + vars: + health_check_name: 'http-region-health-check' + - name: 'region_health_check_https' + primary_resource_id: 'https-region-health-check' + vars: + health_check_name: 'https-region-health-check' + - name: 'region_health_check_https_full' + primary_resource_id: 'https-region-health-check' + vars: + health_check_name: 'https-region-health-check' + - name: 'region_health_check_http2' + primary_resource_id: 'http2-region-health-check' + vars: + health_check_name: 'http2-region-health-check' + - name: 'region_health_check_http2_full' + primary_resource_id: 'http2-region-health-check' + vars: + health_check_name: 'http2-region-health-check' + - name: 'region_health_check_grpc' + primary_resource_id: 'grpc-region-health-check' + vars: + health_check_name: 'grpc-region-health-check' + - name: 'region_health_check_grpc_full' + primary_resource_id: 'grpc-region-health-check' + vars: + health_check_name: 'grpc-region-health-check' +parameters: + - name: 'region' + type: ResourceRef + description: | + The Region in which the created health check should reside. + If it is not provided, the provider region is used. + required: false + immutable: true + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'selfLink' +properties: + - name: 'checkIntervalSec' + type: Integer + description: | + How often (in seconds) to send a health check. The default value is 5 + seconds. + default_value: 5 + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'description' + type: String + description: | + An optional description of this resource. Provide this property when + you create the resource. + send_empty_value: true + - name: 'healthyThreshold' + type: Integer + description: | + A so-far unhealthy instance will be marked healthy after this many + consecutive successes. The default value is 2. + default_value: 2 + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and + match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means + the first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the + last character, which cannot be a dash. + required: true + immutable: true + - name: 'unhealthyThreshold' + type: Integer + description: | + A so-far healthy instance will be marked unhealthy after this many + consecutive failures. The default value is 2. + default_value: 2 + - name: 'timeoutSec' + type: Integer + description: | + How long (in seconds) to wait before claiming failure. + The default value is 5 seconds. It is invalid for timeoutSec to have + greater value than checkIntervalSec. + default_value: 5 + - name: 'type' + type: Enum + description: |- + The type of the health check. One of HTTP, HTTP2, HTTPS, TCP, or SSL. + output: true + enum_values: + - 'TCP' + - 'SSL' + - 'HTTP' + - 'HTTPS' + - 'HTTP2' + - name: 'httpHealthCheck' + type: NestedObject + exactly_one_of: + - 'http_health_check' + - 'https_health_check' + - 'http2_health_check' + - 'tcp_health_check' + - 'ssl_health_check' + - 'grpc_health_check' + diff_suppress_func: 'portDiffSuppress' + properties: + - name: 'host' + type: String + description: | + The value of the host header in the HTTP health check request. + If left empty (default value), the public IP on behalf of which this health + check is performed will be used. + at_least_one_of: + - 'http_health_check.0.host' + - 'http_health_check.0.request_path' + - 'http_health_check.0.response' + - 'http_health_check.0.port' + - 'http_health_check.0.port_name' + - 'http_health_check.0.proxy_header' + - 'http_health_check.0.port_specification' + - name: 'requestPath' + type: String + description: | + The request path of the HTTP health check request. + The default value is /. + at_least_one_of: + - 'http_health_check.0.host' + - 'http_health_check.0.request_path' + - 'http_health_check.0.response' + - 'http_health_check.0.port' + - 'http_health_check.0.port_name' + - 'http_health_check.0.proxy_header' + - 'http_health_check.0.port_specification' + default_value: "/" + - name: 'response' + type: String + description: | + The bytes to match against the beginning of the response data. If left empty + (the default value), any response will indicate health. The response data + can only be ASCII. + at_least_one_of: + - 'http_health_check.0.host' + - 'http_health_check.0.request_path' + - 'http_health_check.0.response' + - 'http_health_check.0.port' + - 'http_health_check.0.port_name' + - 'http_health_check.0.proxy_header' + - 'http_health_check.0.port_specification' + - name: 'port' + type: Integer + description: | + The TCP port number for the HTTP health check request. + The default value is 80. + at_least_one_of: + - 'http_health_check.0.host' + - 'http_health_check.0.request_path' + - 'http_health_check.0.response' + - 'http_health_check.0.port' + - 'http_health_check.0.port_name' + - 'http_health_check.0.proxy_header' + - 'http_health_check.0.port_specification' + - name: 'portName' + type: String + description: | + Port name as defined in InstanceGroup#NamedPort#name. If both port and + port_name are defined, port takes precedence. + at_least_one_of: + - 'http_health_check.0.host' + - 'http_health_check.0.request_path' + - 'http_health_check.0.response' + - 'http_health_check.0.port' + - 'http_health_check.0.port_name' + - 'http_health_check.0.proxy_header' + - 'http_health_check.0.port_specification' + - name: 'proxyHeader' + type: Enum + description: | + Specifies the type of proxy header to append before sending data to the + backend. + at_least_one_of: + - 'http_health_check.0.host' + - 'http_health_check.0.request_path' + - 'http_health_check.0.response' + - 'http_health_check.0.port' + - 'http_health_check.0.port_name' + - 'http_health_check.0.proxy_header' + - 'http_health_check.0.port_specification' + default_value: "NONE" + enum_values: + - 'NONE' + - 'PROXY_V1' + - name: 'portSpecification' + type: Enum + description: | + Specifies how port is selected for health checking, can be one of the + following values: + + * `USE_FIXED_PORT`: The port number in `port` is used for health checking. + + * `USE_NAMED_PORT`: The `portName` is used for health checking. + + * `USE_SERVING_PORT`: For NetworkEndpointGroup, the port specified for each + network endpoint is used for health checking. For other backends, the + port or named port specified in the Backend Service is used for health + checking. + + If not specified, HTTP health check follows behavior specified in `port` and + `portName` fields. + at_least_one_of: + - 'http_health_check.0.host' + - 'http_health_check.0.request_path' + - 'http_health_check.0.response' + - 'http_health_check.0.port' + - 'http_health_check.0.port_name' + - 'http_health_check.0.proxy_header' + - 'http_health_check.0.port_specification' + enum_values: + - 'USE_FIXED_PORT' + - 'USE_NAMED_PORT' + - 'USE_SERVING_PORT' + - name: 'httpsHealthCheck' + type: NestedObject + exactly_one_of: + - 'http_health_check' + - 'https_health_check' + - 'http2_health_check' + - 'tcp_health_check' + - 'ssl_health_check' + - 'grpc_health_check' + diff_suppress_func: 'portDiffSuppress' + properties: + - name: 'host' + type: String + description: | + The value of the host header in the HTTPS health check request. + If left empty (default value), the public IP on behalf of which this health + check is performed will be used. + at_least_one_of: + - 'https_health_check.0.host' + - 'https_health_check.0.request_path' + - 'https_health_check.0.response' + - 'https_health_check.0.port' + - 'https_health_check.0.port_name' + - 'https_health_check.0.proxy_header' + - 'https_health_check.0.port_specification' + - name: 'requestPath' + type: String + description: | + The request path of the HTTPS health check request. + The default value is /. + at_least_one_of: + - 'https_health_check.0.host' + - 'https_health_check.0.request_path' + - 'https_health_check.0.response' + - 'https_health_check.0.port' + - 'https_health_check.0.port_name' + - 'https_health_check.0.proxy_header' + - 'https_health_check.0.port_specification' + default_value: "/" + - name: 'response' + type: String + description: | + The bytes to match against the beginning of the response data. If left empty + (the default value), any response will indicate health. The response data + can only be ASCII. + at_least_one_of: + - 'https_health_check.0.host' + - 'https_health_check.0.request_path' + - 'https_health_check.0.response' + - 'https_health_check.0.port' + - 'https_health_check.0.port_name' + - 'https_health_check.0.proxy_header' + - 'https_health_check.0.port_specification' + - name: 'port' + type: Integer + description: | + The TCP port number for the HTTPS health check request. + The default value is 443. + at_least_one_of: + - 'https_health_check.0.host' + - 'https_health_check.0.request_path' + - 'https_health_check.0.response' + - 'https_health_check.0.port' + - 'https_health_check.0.port_name' + - 'https_health_check.0.proxy_header' + - 'https_health_check.0.port_specification' + - name: 'portName' + type: String + description: | + Port name as defined in InstanceGroup#NamedPort#name. If both port and + port_name are defined, port takes precedence. + at_least_one_of: + - 'https_health_check.0.host' + - 'https_health_check.0.request_path' + - 'https_health_check.0.response' + - 'https_health_check.0.port' + - 'https_health_check.0.port_name' + - 'https_health_check.0.proxy_header' + - 'https_health_check.0.port_specification' + - name: 'proxyHeader' + type: Enum + description: | + Specifies the type of proxy header to append before sending data to the + backend. + at_least_one_of: + - 'https_health_check.0.host' + - 'https_health_check.0.request_path' + - 'https_health_check.0.response' + - 'https_health_check.0.port' + - 'https_health_check.0.port_name' + - 'https_health_check.0.proxy_header' + - 'https_health_check.0.port_specification' + default_value: "NONE" + enum_values: + - 'NONE' + - 'PROXY_V1' + - name: 'portSpecification' + type: Enum + description: | + Specifies how port is selected for health checking, can be one of the + following values: + + * `USE_FIXED_PORT`: The port number in `port` is used for health checking. + + * `USE_NAMED_PORT`: The `portName` is used for health checking. + + * `USE_SERVING_PORT`: For NetworkEndpointGroup, the port specified for each + network endpoint is used for health checking. For other backends, the + port or named port specified in the Backend Service is used for health + checking. + + If not specified, HTTPS health check follows behavior specified in `port` and + `portName` fields. + at_least_one_of: + - 'https_health_check.0.host' + - 'https_health_check.0.request_path' + - 'https_health_check.0.response' + - 'https_health_check.0.port' + - 'https_health_check.0.port_name' + - 'https_health_check.0.proxy_header' + - 'https_health_check.0.port_specification' + enum_values: + - 'USE_FIXED_PORT' + - 'USE_NAMED_PORT' + - 'USE_SERVING_PORT' + - name: 'tcpHealthCheck' + type: NestedObject + exactly_one_of: + - 'http_health_check' + - 'https_health_check' + - 'http2_health_check' + - 'tcp_health_check' + - 'ssl_health_check' + - 'grpc_health_check' + diff_suppress_func: 'portDiffSuppress' + properties: + - name: 'request' + type: String + description: | + The application data to send once the TCP connection has been + established (default value is empty). If both request and response are + empty, the connection establishment alone will indicate health. The request + data can only be ASCII. + at_least_one_of: + - 'tcp_health_check.0.request' + - 'tcp_health_check.0.response' + - 'tcp_health_check.0.port' + - 'tcp_health_check.0.port_name' + - 'tcp_health_check.0.proxy_header' + - 'tcp_health_check.0.port_specification' + - name: 'response' + type: String + description: | + The bytes to match against the beginning of the response data. If left empty + (the default value), any response will indicate health. The response data + can only be ASCII. + at_least_one_of: + - 'tcp_health_check.0.request' + - 'tcp_health_check.0.response' + - 'tcp_health_check.0.port' + - 'tcp_health_check.0.port_name' + - 'tcp_health_check.0.proxy_header' + - 'tcp_health_check.0.port_specification' + - name: 'port' + type: Integer + description: | + The TCP port number for the TCP health check request. + The default value is 80. + at_least_one_of: + - 'tcp_health_check.0.request' + - 'tcp_health_check.0.response' + - 'tcp_health_check.0.port' + - 'tcp_health_check.0.port_name' + - 'tcp_health_check.0.proxy_header' + - 'tcp_health_check.0.port_specification' + - name: 'portName' + type: String + description: | + Port name as defined in InstanceGroup#NamedPort#name. If both port and + port_name are defined, port takes precedence. + at_least_one_of: + - 'tcp_health_check.0.request' + - 'tcp_health_check.0.response' + - 'tcp_health_check.0.port' + - 'tcp_health_check.0.port_name' + - 'tcp_health_check.0.proxy_header' + - 'tcp_health_check.0.port_specification' + - name: 'proxyHeader' + type: Enum + description: | + Specifies the type of proxy header to append before sending data to the + backend. + at_least_one_of: + - 'tcp_health_check.0.request' + - 'tcp_health_check.0.response' + - 'tcp_health_check.0.port' + - 'tcp_health_check.0.port_name' + - 'tcp_health_check.0.proxy_header' + - 'tcp_health_check.0.port_specification' + default_value: "NONE" + enum_values: + - 'NONE' + - 'PROXY_V1' + - name: 'portSpecification' + type: Enum + description: | + Specifies how port is selected for health checking, can be one of the + following values: + + * `USE_FIXED_PORT`: The port number in `port` is used for health checking. + + * `USE_NAMED_PORT`: The `portName` is used for health checking. + + * `USE_SERVING_PORT`: For NetworkEndpointGroup, the port specified for each + network endpoint is used for health checking. For other backends, the + port or named port specified in the Backend Service is used for health + checking. + + If not specified, TCP health check follows behavior specified in `port` and + `portName` fields. + at_least_one_of: + - 'tcp_health_check.0.request' + - 'tcp_health_check.0.response' + - 'tcp_health_check.0.port' + - 'tcp_health_check.0.port_name' + - 'tcp_health_check.0.proxy_header' + - 'tcp_health_check.0.port_specification' + enum_values: + - 'USE_FIXED_PORT' + - 'USE_NAMED_PORT' + - 'USE_SERVING_PORT' + - name: 'sslHealthCheck' + type: NestedObject + exactly_one_of: + - 'http_health_check' + - 'https_health_check' + - 'http2_health_check' + - 'tcp_health_check' + - 'ssl_health_check' + - 'grpc_health_check' + diff_suppress_func: 'portDiffSuppress' + properties: + - name: 'request' + type: String + description: | + The application data to send once the SSL connection has been + established (default value is empty). If both request and response are + empty, the connection establishment alone will indicate health. The request + data can only be ASCII. + at_least_one_of: + - 'ssl_health_check.0.request' + - 'ssl_health_check.0.response' + - 'ssl_health_check.0.port' + - 'ssl_health_check.0.port_name' + - 'ssl_health_check.0.proxy_header' + - 'ssl_health_check.0.port_specification' + - name: 'response' + type: String + description: | + The bytes to match against the beginning of the response data. If left empty + (the default value), any response will indicate health. The response data + can only be ASCII. + at_least_one_of: + - 'ssl_health_check.0.request' + - 'ssl_health_check.0.response' + - 'ssl_health_check.0.port' + - 'ssl_health_check.0.port_name' + - 'ssl_health_check.0.proxy_header' + - 'ssl_health_check.0.port_specification' + - name: 'port' + type: Integer + description: | + The TCP port number for the SSL health check request. + The default value is 443. + at_least_one_of: + - 'ssl_health_check.0.request' + - 'ssl_health_check.0.response' + - 'ssl_health_check.0.port' + - 'ssl_health_check.0.port_name' + - 'ssl_health_check.0.proxy_header' + - 'ssl_health_check.0.port_specification' + - name: 'portName' + type: String + description: | + Port name as defined in InstanceGroup#NamedPort#name. If both port and + port_name are defined, port takes precedence. + at_least_one_of: + - 'ssl_health_check.0.request' + - 'ssl_health_check.0.response' + - 'ssl_health_check.0.port' + - 'ssl_health_check.0.port_name' + - 'ssl_health_check.0.proxy_header' + - 'ssl_health_check.0.port_specification' + - name: 'proxyHeader' + type: Enum + description: | + Specifies the type of proxy header to append before sending data to the + backend. + at_least_one_of: + - 'ssl_health_check.0.request' + - 'ssl_health_check.0.response' + - 'ssl_health_check.0.port' + - 'ssl_health_check.0.port_name' + - 'ssl_health_check.0.proxy_header' + - 'ssl_health_check.0.port_specification' + default_value: "NONE" + enum_values: + - 'NONE' + - 'PROXY_V1' + - name: 'portSpecification' + type: Enum + description: | + Specifies how port is selected for health checking, can be one of the + following values: + + * `USE_FIXED_PORT`: The port number in `port` is used for health checking. + + * `USE_NAMED_PORT`: The `portName` is used for health checking. + + * `USE_SERVING_PORT`: For NetworkEndpointGroup, the port specified for each + network endpoint is used for health checking. For other backends, the + port or named port specified in the Backend Service is used for health + checking. + + If not specified, SSL health check follows behavior specified in `port` and + `portName` fields. + at_least_one_of: + - 'ssl_health_check.0.request' + - 'ssl_health_check.0.response' + - 'ssl_health_check.0.port' + - 'ssl_health_check.0.port_name' + - 'ssl_health_check.0.proxy_header' + - 'ssl_health_check.0.port_specification' + enum_values: + - 'USE_FIXED_PORT' + - 'USE_NAMED_PORT' + - 'USE_SERVING_PORT' + - name: 'http2HealthCheck' + type: NestedObject + exactly_one_of: + - 'http_health_check' + - 'https_health_check' + - 'http2_health_check' + - 'tcp_health_check' + - 'ssl_health_check' + - 'grpc_health_check' + diff_suppress_func: 'portDiffSuppress' + properties: + - name: 'host' + type: String + description: | + The value of the host header in the HTTP2 health check request. + If left empty (default value), the public IP on behalf of which this health + check is performed will be used. + at_least_one_of: + - 'http2_health_check.0.host' + - 'http2_health_check.0.request_path' + - 'http2_health_check.0.response' + - 'http2_health_check.0.port' + - 'http2_health_check.0.port_name' + - 'http2_health_check.0.proxy_header' + - 'http2_health_check.0.port_specification' + - name: 'requestPath' + type: String + description: | + The request path of the HTTP2 health check request. + The default value is /. + at_least_one_of: + - 'http2_health_check.0.host' + - 'http2_health_check.0.request_path' + - 'http2_health_check.0.response' + - 'http2_health_check.0.port' + - 'http2_health_check.0.port_name' + - 'http2_health_check.0.proxy_header' + - 'http2_health_check.0.port_specification' + default_value: "/" + - name: 'response' + type: String + description: | + The bytes to match against the beginning of the response data. If left empty + (the default value), any response will indicate health. The response data + can only be ASCII. + at_least_one_of: + - 'http2_health_check.0.host' + - 'http2_health_check.0.request_path' + - 'http2_health_check.0.response' + - 'http2_health_check.0.port' + - 'http2_health_check.0.port_name' + - 'http2_health_check.0.proxy_header' + - 'http2_health_check.0.port_specification' + - name: 'port' + type: Integer + description: | + The TCP port number for the HTTP2 health check request. + The default value is 443. + at_least_one_of: + - 'http2_health_check.0.host' + - 'http2_health_check.0.request_path' + - 'http2_health_check.0.response' + - 'http2_health_check.0.port' + - 'http2_health_check.0.port_name' + - 'http2_health_check.0.proxy_header' + - 'http2_health_check.0.port_specification' + - name: 'portName' + type: String + description: | + Port name as defined in InstanceGroup#NamedPort#name. If both port and + port_name are defined, port takes precedence. + at_least_one_of: + - 'http2_health_check.0.host' + - 'http2_health_check.0.request_path' + - 'http2_health_check.0.response' + - 'http2_health_check.0.port' + - 'http2_health_check.0.port_name' + - 'http2_health_check.0.proxy_header' + - 'http2_health_check.0.port_specification' + - name: 'proxyHeader' + type: Enum + description: | + Specifies the type of proxy header to append before sending data to the + backend. + at_least_one_of: + - 'http2_health_check.0.host' + - 'http2_health_check.0.request_path' + - 'http2_health_check.0.response' + - 'http2_health_check.0.port' + - 'http2_health_check.0.port_name' + - 'http2_health_check.0.proxy_header' + - 'http2_health_check.0.port_specification' + default_value: "NONE" + enum_values: + - 'NONE' + - 'PROXY_V1' + - name: 'portSpecification' + type: Enum + description: | + Specifies how port is selected for health checking, can be one of the + following values: + + * `USE_FIXED_PORT`: The port number in `port` is used for health checking. + + * `USE_NAMED_PORT`: The `portName` is used for health checking. + + * `USE_SERVING_PORT`: For NetworkEndpointGroup, the port specified for each + network endpoint is used for health checking. For other backends, the + port or named port specified in the Backend Service is used for health + checking. + + If not specified, HTTP2 health check follows behavior specified in `port` and + `portName` fields. + at_least_one_of: + - 'http2_health_check.0.host' + - 'http2_health_check.0.request_path' + - 'http2_health_check.0.response' + - 'http2_health_check.0.port' + - 'http2_health_check.0.port_name' + - 'http2_health_check.0.proxy_header' + - 'http2_health_check.0.port_specification' + enum_values: + - 'USE_FIXED_PORT' + - 'USE_NAMED_PORT' + - 'USE_SERVING_PORT' + - name: 'grpcHealthCheck' + type: NestedObject + exactly_one_of: + - 'http_health_check' + - 'https_health_check' + - 'http2_health_check' + - 'tcp_health_check' + - 'ssl_health_check' + - 'grpc_health_check' + diff_suppress_func: 'portDiffSuppress' + properties: + - name: 'port' + type: Integer + description: | + The port number for the health check request. + Must be specified if portName and portSpecification are not set + or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535. + at_least_one_of: + - 'grpc_health_check.0.port' + - 'grpc_health_check.0.port_name' + - 'grpc_health_check.0.port_specification' + - 'grpc_health_check.0.grpc_service_name' + - name: 'portName' + type: String + description: | + Port name as defined in InstanceGroup#NamedPort#name. If both port and + port_name are defined, port takes precedence. + at_least_one_of: + - 'grpc_health_check.0.port' + - 'grpc_health_check.0.port_name' + - 'grpc_health_check.0.port_specification' + - 'grpc_health_check.0.grpc_service_name' + - name: 'portSpecification' + type: Enum + description: | + Specifies how port is selected for health checking, can be one of the + following values: + + * `USE_FIXED_PORT`: The port number in `port` is used for health checking. + + * `USE_NAMED_PORT`: The `portName` is used for health checking. + + * `USE_SERVING_PORT`: For NetworkEndpointGroup, the port specified for each + network endpoint is used for health checking. For other backends, the + port or named port specified in the Backend Service is used for health + checking. + + If not specified, gRPC health check follows behavior specified in `port` and + `portName` fields. + at_least_one_of: + - 'grpc_health_check.0.port' + - 'grpc_health_check.0.port_name' + - 'grpc_health_check.0.port_specification' + - 'grpc_health_check.0.grpc_service_name' + enum_values: + - 'USE_FIXED_PORT' + - 'USE_NAMED_PORT' + - 'USE_SERVING_PORT' + - name: 'grpcServiceName' + type: String + description: | + The gRPC service name for the health check. + The value of grpcServiceName has the following meanings by convention: + + * Empty serviceName means the overall status of all services at the backend. + * Non-empty serviceName means the health of that gRPC service, as defined by the owner of the service. + + The grpcServiceName can only be ASCII. + at_least_one_of: + - 'grpc_health_check.0.port' + - 'grpc_health_check.0.port_name' + - 'grpc_health_check.0.port_specification' + - 'grpc_health_check.0.grpc_service_name' + - name: 'logConfig' + type: NestedObject + description: | + Configure logging on this health check. + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/go/health_check_log_config.go.tmpl' + properties: + - name: 'enable' + type: Boolean + description: | + Indicates whether or not to export logs. This is false by default, + which means no health check logging will be done. + default_value: false diff --git a/mmv1/products/compute/go_RegionInstanceGroupManager.yaml b/mmv1/products/compute/go_RegionInstanceGroupManager.yaml new file mode 100644 index 000000000000..9c3f3698c53f --- /dev/null +++ b/mmv1/products/compute/go_RegionInstanceGroupManager.yaml @@ -0,0 +1,230 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'RegionInstanceGroupManager' +kind: 'compute#instanceGroupManager' +description: | + Creates a managed instance group using the information that you specify in + the request. After the group is created, it schedules an action to create + instances in the group using the specified instance template. This + operation is marked as DONE when the group is created even if the + instances in the group have not yet been created. You must separately + verify the status of the individual instances. + + A managed instance group can have up to 1000 VM instances per group. +exclude: true +docs: +base_url: 'projects/{{project}}/regions/{{region}}/instanceGroupManagers' +has_self_link: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: +parameters: + - name: 'region' + type: ResourceRef + description: 'The region the managed instance group resides.' + required: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' +properties: + - name: 'baseInstanceName' + type: String + description: | + The base instance name to use for instances in this group. The value + must be 1-58 characters long. Instances are named by appending a + hyphen and a random four-character string to the base instance name. + The base instance name must comply with RFC1035. + required: true + - name: 'creationTimestamp' + type: Time + description: | + The creation timestamp for this managed instance group in RFC3339 + text format. + output: true + - name: 'currentActions' + type: NestedObject + description: | + The list of instance actions and the number of instances in this + managed instance group that are scheduled for each of those actions. + output: true + properties: + - name: 'abandoning' + type: Integer + description: | + The total number of instances in the managed instance group that + are scheduled to be abandoned. Abandoning an instance removes it + from the managed instance group without deleting it. + output: true + - name: 'creating' + type: Integer + description: | + The number of instances in the managed instance group that are + scheduled to be created or are currently being created. If the + group fails to create any of these instances, it tries again until + it creates the instance successfully. + + If you have disabled creation retries, this field will not be + populated; instead, the creatingWithoutRetries field will be + populated. + output: true + - name: 'creatingWithoutRetries' + type: Integer + description: | + The number of instances that the managed instance group will + attempt to create. The group attempts to create each instance only + once. If the group fails to create any of these instances, it + decreases the group's targetSize value accordingly. + output: true + - name: 'deleting' + type: Integer + description: | + The number of instances in the managed instance group that are + scheduled to be deleted or are currently being deleted. + output: true + - name: 'none' + type: Integer + description: | + The number of instances in the managed instance group that are + running and have no scheduled actions. + output: true + - name: 'recreating' + type: Integer + description: | + The number of instances in the managed instance group that are + scheduled to be recreated or are currently being being recreated. + Recreating an instance deletes the existing root persistent disk + and creates a new disk from the image that is defined in the + instance template. + output: true + - name: 'refreshing' + type: Integer + description: | + The number of instances in the managed instance group that are + being reconfigured with properties that do not require a restart + or a recreate action. For example, setting or removing target + pools for the instance. + output: true + - name: 'restarting' + type: Integer + description: | + The number of instances in the managed instance group that are + scheduled to be restarted or are currently being restarted. + output: true + - name: 'description' + type: String + description: | + An optional description of this resource. Provide this property when + you create the resource. + immutable: true + # fingerprint ignored as it is an internal locking detail + - name: 'id' + type: Integer + description: 'A unique identifier for this resource' + output: true + - name: 'instanceGroup' + type: ResourceRef + description: 'The instance group being managed' + output: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'InstanceGroup' + imports: 'selfLink' + - name: 'instanceTemplate' + type: ResourceRef + description: | + The instance template that is specified for this managed instance + group. The group uses this template to create all new instances in the + managed instance group. + required: true + # kind is internal transport detail + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'InstanceTemplate' + imports: 'selfLink' + - name: 'name' + type: String + description: | + The name of the managed instance group. The name must be 1-63 + characters long, and comply with RFC1035. + required: true + # TODO(nelsonjr): Make namedPorts a NameValue(name[string], port[integer]) + - name: 'namedPorts' + type: Array + description: + Named ports configured for the Instance Groups complementary to this + Instance Group Manager. + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + The name for this named port. The name must be 1-63 characters + long, and comply with RFC1035. + - name: 'port' + type: Integer + description: + The port number, which can be a value between 1 and 65535. + - name: 'targetPools' + type: Array + description: | + TargetPool resources to which instances in the instanceGroup field are + added. The target pools automatically apply to all of the instances in + the managed instance group. + custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' + item_type: + name: 'targetPool' + type: ResourceRef + description: 'The targetPool to receive managed instances.' + resource: 'TargetPool' + imports: 'selfLink' + - name: 'targetSize' + type: Integer + description: | + The target number of running instances for this managed instance + group. Deleting or abandoning instances reduces this number. Resizing + the group changes this number. + - name: 'autoHealingPolicies' + type: Array + description: | + The autohealing policy for this managed instance group + item_type: + type: NestedObject + properties: + - name: 'healthCheck' + type: String + description: | + The URL for the health check that signals autohealing. + - name: 'initialDelaySec' + type: Integer + description: | + The number of seconds that the managed instance group waits + before it applies autohealing policies to new instances or recently recreated instances diff --git a/mmv1/products/compute/go_RegionNetworkEndpoint.yaml b/mmv1/products/compute/go_RegionNetworkEndpoint.yaml new file mode 100644 index 000000000000..895013d04350 --- /dev/null +++ b/mmv1/products/compute/go_RegionNetworkEndpoint.yaml @@ -0,0 +1,150 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'RegionNetworkEndpoint' +kind: 'compute#networkEndpoint' +description: | + A Region network endpoint represents a IP address/FQDN and port combination that is + part of a specific network endpoint group (NEG). + + ~> **NOTE**: Network endpoints cannot be created outside of a network endpoint group. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/' + 'Internet NEGs Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/internet-neg-concepts' + api: 'https://cloud.google.com/compute/docs/reference/rest/beta/regionNetworkEndpointGroups' +docs: +id_format: '{{project}}/{{region}}/{{region_network_endpoint_group}}/{{ip_address}}/{{fqdn}}/{{port}}' +base_url: 'projects/{{project}}/regions/{{region}}/networkEndpointGroups/{{region_network_endpoint_group}}' +self_link: 'projects/{{project}}/regions/{{region}}/networkEndpointGroups/{{region_network_endpoint_group}}/listNetworkEndpoints' +create_url: 'projects/{{project}}/regions/{{region}}/networkEndpointGroups/{{region_network_endpoint_group}}/attachNetworkEndpoints' +read_verb: 'POST' +delete_url: 'projects/{{project}}/regions/{{region}}/networkEndpointGroups/{{region_network_endpoint_group}}/detachNetworkEndpoints' +delete_verb: 'POST' +immutable: true +mutex: 'networkEndpoint/{{project}}/{{region}}/{{region_network_endpoint_group}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +identity: + - ipAddress + - fqdn + - port +nested_query: + keys: + - items + is_list_of_ids: false + modify_by_patch: false +custom_code: + encoder: 'templates/terraform/encoders/go/compute_region_network_endpoint.go.tmpl' + decoder: 'templates/terraform/decoders/go/network_endpoint.go.tmpl' + pre_delete: 'templates/terraform/pre_delete/go/compute_region_network_endpoint.go.tmpl' + custom_import: 'templates/terraform/custom_import/go/compute_region_network_endpoint.go.tmpl' +exclude_tgc: true +examples: + - name: 'region_network_endpoint_internet_ip_port' + primary_resource_id: 'region-internet-ip-port-endpoint' + vars: + neg_name: 'ip-port-neg' + network_name: 'network' + - name: 'region_network_endpoint_internet_fqdn_port' + primary_resource_id: 'region-internet-fqdn-port-endpoint' + vars: + neg_name: 'fqdn-port-neg' + network_name: 'network' + - name: 'region_network_endpoint_portmap' + primary_resource_id: 'region_network_endpoint_portmap' + vars: + network_name: 'network' + subnetwork_name: 'subnetwork' + instance_name: 'instance' + neg_name: 'portmap-neg' + # Fine-grained resource need different autogenerated tests, as + # we need to check destroy during a test step where the parent resource + # still exists, rather than during CheckDestroy (when read returns + # nothing because the parent resource has then also been destroyed) + exclude_test: true +parameters: + - name: 'region' + type: ResourceRef + description: | + Region where the containing network endpoint group is located. + url_param_only: true + required: false + ignore_read: true + default_from_api: true + resource: 'Region' + imports: 'name' + - name: 'regionNetworkEndpointGroup' + type: ResourceRef + description: | + The network endpoint group this endpoint is part of. + url_param_only: true + required: true + ignore_read: true + diff_suppress_func: 'tpgresource.CompareResourceNames' + resource: 'RegionNetworkEndpointGroup' + imports: 'name' +properties: + - name: 'port' + type: Integer + description: | + Port number of network endpoint. + required: true + custom_flatten: 'templates/terraform/custom_flatten/go/float64_to_int.go.tmpl' + validation: + function: 'validation.IntAtLeast(1)' + - name: 'ipAddress' + type: String + description: | + IPv4 address external endpoint. + + This can only be specified when network_endpoint_type of the NEG is INTERNET_IP_PORT. + - name: 'fqdn' + type: String + description: | + Fully qualified domain name of network endpoint. + + This can only be specified when network_endpoint_type of the NEG is INTERNET_FQDN_PORT. + at_least_one_of: + - 'fqdn' + - 'ip_address' + - name: 'clientDestinationPort' + type: Integer + description: | + Client destination port for the `GCE_VM_IP_PORTMAP` NEG. + custom_flatten: 'templates/terraform/custom_flatten/go/float64_to_int.go.tmpl' + - name: 'instance' + type: ResourceRef + description: | + The name for a specific VM instance that the IP address belongs to. + This is required for network endpoints of type GCE_VM_IP_PORTMAP. + resource: 'Instance' + imports: 'name' diff --git a/mmv1/products/compute/go_RegionNetworkEndpointGroup.yaml b/mmv1/products/compute/go_RegionNetworkEndpointGroup.yaml new file mode 100644 index 000000000000..0e299c1263ca --- /dev/null +++ b/mmv1/products/compute/go_RegionNetworkEndpointGroup.yaml @@ -0,0 +1,324 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'RegionNetworkEndpointGroup' +kind: 'compute#networkEndpointGroup' +description: | + A regional NEG that can support Serverless Products, proxying traffic to + external backends and providing traffic to the PSC port mapping endpoints. + + Recreating a region network endpoint group that's in use by another resource will give a + `resourceInUseByAnotherResource` error. Use `lifecycle.create_before_destroy` + to avoid this type of error. +references: + guides: + 'Serverless NEGs Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/serverless-neg-concepts' + 'Internet NEGs Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/internet-neg-concepts' + api: 'https://cloud.google.com/compute/docs/reference/rest/beta/regionNetworkEndpointGroups' +docs: +base_url: 'projects/{{project}}/regions/{{region}}/networkEndpointGroups' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: +examples: + - name: 'region_network_endpoint_group_functions' + primary_resource_id: 'function_neg' + vars: + neg_name: 'function-neg' + function_name: 'function-neg' + bucket_name: 'cloudfunctions-function-example-bucket' + zip_path: 'path/to/index.zip' + test_vars_overrides: + 'zip_path': 'acctest.CreateZIPArchiveForCloudFunctionSource(t, "./test-fixtures/http_trigger.js")' + - name: 'region_network_endpoint_group_cloudrun' + primary_resource_id: 'cloudrun_neg' + vars: + neg_name: 'cloudrun-neg' + - name: 'region_network_endpoint_group_appengine' + primary_resource_id: 'appengine_neg' + vars: + neg_name: 'appengine-neg' + - name: 'region_network_endpoint_group_appengine_empty' + primary_resource_id: 'appengine_neg' + vars: + neg_name: 'appengine-neg' + - name: 'region_network_endpoint_group_psc' + primary_resource_id: 'psc_neg' + vars: + neg_name: 'psc-neg' + - name: 'region_network_endpoint_group_psc_service_attachment' + primary_resource_id: 'psc_neg_service_attachment' + vars: + neg_name: 'psc-neg' + network_name: 'psc-network' + subnetwork_name: 'psc-subnetwork' + psc_subnetwork_name: 'psc-subnetwork-nat' + backend_service_name: 'psc-backend' + forwarding_rule_name: 'psc-forwarding-rule' + service_attachment_name: 'psc-service-attachment' + health_check_name: 'psc-healthcheck' + - name: 'region_network_endpoint_group_internet_ip_port' + primary_resource_id: 'region_network_endpoint_group_internet_ip_port' + vars: + neg_name: 'ip-port-neg' + network_name: 'network' + - name: 'region_network_endpoint_group_internet_fqdn_port' + primary_resource_id: 'region_network_endpoint_group_internet_fqdn_port' + vars: + neg_name: 'ip-port-neg' + network_name: 'network' + - name: 'region_network_endpoint_group_portmap' + primary_resource_id: 'region_network_endpoint_group_portmap' + vars: + network_name: 'network' + subnetwork_name: 'subnetwork' + neg_name: 'portmap-neg' +parameters: + - name: 'region' + type: ResourceRef + description: | + A reference to the region where the regional NEGs reside. + required: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' +properties: + - name: 'name' + type: String + description: | + Name of the resource; provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and match + the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the + first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the last + character, which cannot be a dash. + required: true + validation: + function: 'verify.ValidateGCEName' + - name: 'description' + type: String + description: | + An optional description of this resource. Provide this property when + you create the resource. + - name: 'networkEndpointType' + type: Enum + description: | + Type of network endpoints in this network endpoint group. Defaults to SERVERLESS. + default_value: "SERVERLESS" + enum_values: + - 'SERVERLESS' + - 'PRIVATE_SERVICE_CONNECT' + - 'INTERNET_IP_PORT' + - 'INTERNET_FQDN_PORT' + - 'GCE_VM_IP_PORTMAP' + - name: 'pscTargetService' + type: String + description: | + This field is only used for PSC and INTERNET NEGs. + + The target service url used to set up private service connection to + a Google API or a PSC Producer Service Attachment. + - name: 'network' + type: ResourceRef + description: | + This field is only used for PSC and INTERNET NEGs. + + The URL of the network to which all network endpoints in the NEG belong. Uses + "default" project network if unspecified. + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Network' + imports: 'selfLink' + - name: 'subnetwork' + type: ResourceRef + description: | + This field is only used for PSC NEGs. + + Optional URL of the subnetwork to which all network endpoints in the NEG belong. + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Subnetwork' + imports: 'selfLink' + - name: 'cloudRun' + type: NestedObject + description: | + This field is only used for SERVERLESS NEGs. + + Only one of cloud_run, app_engine, cloud_function or serverless_deployment may be set. + conflicts: + - cloud_function + - app_engine + - serverless_deployment + properties: + - name: 'service' + type: String + description: | + Cloud Run service is the main resource of Cloud Run. + The service must be 1-63 characters long, and comply with RFC1035. + Example value: "run-service". + at_least_one_of: + - 'cloud_run.0.service' + - 'cloud_run.0.url_mask' + - name: 'tag' + type: String + description: | + Cloud Run tag represents the "named-revision" to provide + additional fine-grained traffic routing information. + The tag must be 1-63 characters long, and comply with RFC1035. + Example value: "revision-0010". + - name: 'urlMask' + type: String + description: | + A template to parse service and tag fields from a request URL. + URL mask allows for routing to multiple Run services without having + to create multiple network endpoint groups and backend services. + + For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" + an be backed by the same Serverless Network Endpoint Group (NEG) with + URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } + and { service="bar2", tag="foo2" } respectively. + at_least_one_of: + - 'cloud_run.0.service' + - 'cloud_run.0.url_mask' + - name: 'appEngine' + type: NestedObject + description: | + This field is only used for SERVERLESS NEGs. + + Only one of cloud_run, app_engine, cloud_function or serverless_deployment may be set. + send_empty_value: true + allow_empty_object: true + conflicts: + - cloud_run + - cloud_function + - serverless_deployment + properties: + - name: 'service' + type: String + description: | + Optional serving service. + The service name must be 1-63 characters long, and comply with RFC1035. + Example value: "default", "my-service". + - name: 'version' + type: String + description: | + Optional serving version. + The version must be 1-63 characters long, and comply with RFC1035. + Example value: "v1", "v2". + - name: 'urlMask' + type: String + description: | + A template to parse service and version fields from a request URL. + URL mask allows for routing to multiple App Engine services without + having to create multiple Network Endpoint Groups and backend services. + + For example, the request URLs "foo1-dot-appname.appspot.com/v1" and + "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with + URL mask "-dot-appname.appspot.com/". The URL mask will parse + them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively. + - name: 'cloudFunction' + type: NestedObject + description: | + This field is only used for SERVERLESS NEGs. + + Only one of cloud_run, app_engine, cloud_function or serverless_deployment may be set. + conflicts: + - cloud_run + - app_engine + - serverless_deployment + properties: + - name: 'function' + type: String + description: | + A user-defined name of the Cloud Function. + The function name is case-sensitive and must be 1-63 characters long. + Example value: "func1". + at_least_one_of: + - 'cloud_function.0.function' + - 'cloud_function.0.url_mask' + - name: 'urlMask' + type: String + description: | + A template to parse function field from a request URL. URL mask allows + for routing to multiple Cloud Functions without having to create + multiple Network Endpoint Groups and backend services. + + For example, request URLs "mydomain.com/function1" and "mydomain.com/function2" + can be backed by the same Serverless NEG with URL mask "/". The URL mask + will parse them to { function = "function1" } and { function = "function2" } respectively. + at_least_one_of: + - 'cloud_function.0.function' + - 'cloud_function.0.url_mask' + - name: 'serverlessDeployment' + type: NestedObject + description: | + This field is only used for SERVERLESS NEGs. + + Only one of cloudRun, appEngine, cloudFunction or serverlessDeployment may be set. + min_version: 'beta' + send_empty_value: true + allow_empty_object: true + conflicts: + - cloud_run + - cloud_function + - app_engine + properties: + - name: 'platform' + type: String + # Docs (https://cloud.google.com/compute/docs/reference/rest/beta/regionNetworkEndpointGroups) say support is offered for: + # API Gateway: apigateway.googleapis.com, App Engine: appengine.googleapis.com, + # Cloud Functions: cloudfunctions.googleapis.com, Cloud Run: run.googleapis.com + # However, only API Gateway is currently supported + description: | + The platform of the NEG backend target(s). Possible values: + API Gateway: apigateway.googleapis.com + required: true + - name: 'resource' + type: String + description: | + The user-defined name of the workload/instance. This value must be provided explicitly or in the urlMask. + The resource identified by this value is platform-specific and is as follows: API Gateway: The gateway ID, App Engine: The service name, + Cloud Functions: The function name, Cloud Run: The service name + - name: 'version' + type: String + description: | + The optional resource version. The version identified by this value is platform-specific and is follows: + API Gateway: Unused, App Engine: The service version, Cloud Functions: Unused, Cloud Run: The service tag + - name: 'urlMask' + type: String + description: | + A template to parse platform-specific fields from a request URL. URL mask allows for routing to multiple resources + on the same serverless platform without having to create multiple Network Endpoint Groups and backend resources. + The fields parsed by this template are platform-specific and are as follows: API Gateway: The gateway ID, + App Engine: The service and version, Cloud Functions: The function name, Cloud Run: The service and tag + required: false diff --git a/mmv1/products/compute/go_RegionNetworkFirewallPolicy.yaml b/mmv1/products/compute/go_RegionNetworkFirewallPolicy.yaml new file mode 100644 index 000000000000..f727fdbc6f72 --- /dev/null +++ b/mmv1/products/compute/go_RegionNetworkFirewallPolicy.yaml @@ -0,0 +1,88 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'RegionNetworkFirewallPolicy' +description: "The Compute NetworkFirewallPolicy resource" +docs: +base_url: 'projects/{{project}}/regions/{{region}}/firewallPolicies' +self_link: 'projects/{{project}}/regions/{{region}}/firewallPolicies/{{name}}' +create_url: 'projects/{{project}}/regions/{{region}}/firewallPolicies' +update_verb: 'PATCH' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +custom_code: +legacy_long_form_project: true +examples: + - name: 'region_network_firewall_policy_full' + primary_resource_id: 'policy' + vars: + policy_name: 'tf-test-policy' +parameters: + - name: 'region' + type: String + description: The region of this resource. + url_param_only: true + immutable: true + default_from_api: true +properties: + - name: 'creationTimestamp' + type: String + description: Creation timestamp in RFC3339 text format. + output: true + - name: 'name' + type: String + description: User-provided name of the Network firewall policy. The name should be unique in the project in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + required: true + immutable: true + - name: 'regionNetworkFirewallPolicyId' + type: String + description: The unique identifier for the resource. This identifier is defined by the server. + api_name: id + output: true + - name: 'description' + type: String + description: An optional description of this resource. Provide this property when you create the resource. + - name: 'fingerprint' + type: Fingerprint + description: Fingerprint of the resource. This field is used internally during updates of this resource. + output: true + - name: 'selfLink' + type: String + description: Server-defined URL for the resource. + output: true + - name: 'selfLinkWithId' + type: String + description: Server-defined URL for this resource with the resource id. + output: true + - name: 'ruleTupleCount' + type: Integer + description: Total count of all firewall policy rule tuples. A firewall policy can not exceed a set number of tuples. + output: true diff --git a/mmv1/products/compute/go_RegionNetworkFirewallPolicyWithRules.yaml b/mmv1/products/compute/go_RegionNetworkFirewallPolicyWithRules.yaml new file mode 100644 index 000000000000..9fc93b160f27 --- /dev/null +++ b/mmv1/products/compute/go_RegionNetworkFirewallPolicyWithRules.yaml @@ -0,0 +1,678 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'RegionNetworkFirewallPolicyWithRules' +description: "The Compute NetworkFirewallPolicy with rules resource" +min_version: 'beta' +docs: +base_url: 'projects/{{project}}/regions/{{region}}/firewallPolicies' +self_link: 'projects/{{project}}/regions/{{region}}/firewallPolicies/{{name}}' +create_url: 'projects/{{project}}/regions/{{region}}/firewallPolicies' +update_verb: 'PATCH' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +custom_code: + constants: 'templates/terraform/constants/go/resource_compute_region_network_firewall_policy_with_rules.go.tmpl' + encoder: 'templates/terraform/encoders/go/resource_compute_region_network_firewall_policy_with_rules.go.tmpl' + update_encoder: 'templates/terraform/update_encoder/go/resource_compute_region_network_firewall_policy_with_rules.go.tmpl' + decoder: 'templates/terraform/decoders/go/resource_compute_region_network_firewall_policy_with_rules.go.tmpl' + post_create: 'templates/terraform/post_create/go/resource_compute_region_network_firewall_policy_with_rules.go.tmpl' +legacy_long_form_project: true +examples: + - name: 'compute_region_network_firewall_policy_with_rules_full' + primary_resource_id: 'region-network-firewall-policy-with-rules' + vars: + policy_name: 'tf-region-fw-policy-with-rules' + address_group_name: 'tf-address-group' + tag_key_name: 'tf-tag-key' + tag_value_name: 'tf-tag-value' + test_env_vars: + org_id: 'ORG_ID' +parameters: + - name: 'region' + type: String + description: The region of this resource. + min_version: 'beta' + url_param_only: true + immutable: true + default_from_api: true +properties: + - name: 'creationTimestamp' + type: String + description: Creation timestamp in RFC3339 text format. + min_version: 'beta' + output: true + - name: 'name' + type: String + description: | + User-provided name of the Network firewall policy. + The name should be unique in the project in which the firewall policy is created. + The name must be 1-63 characters long, and comply with RFC1035. Specifically, + the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? + which means the first character must be a lowercase letter, and all following characters must be a dash, + lowercase letter, or digit, except the last character, which cannot be a dash. + min_version: 'beta' + required: true + immutable: true + - name: 'networkFirewallPolicyId' + type: String + description: The unique identifier for the resource. This identifier is defined by the server. + api_name: id + min_version: 'beta' + output: true + - name: 'description' + type: String + description: An optional description of this resource. + min_version: 'beta' + - name: 'rule' + type: Array + description: A list of firewall policy rules. + api_name: rules + min_version: 'beta' + required: true + item_type: + type: NestedObject + properties: + - name: 'description' + type: String + description: | + A description of the rule. + min_version: 'beta' + - name: 'ruleName' + type: String + description: | + An optional name for the rule. This field is not a unique identifier + and can be updated. + min_version: 'beta' + - name: 'priority' + type: Integer + description: | + An integer indicating the priority of a rule in the list. The priority must be a value + between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the + highest priority and 2147483647 is the lowest priority. + min_version: 'beta' + required: true + - name: 'match' + type: NestedObject + description: + A match condition that incoming traffic is evaluated against. If it + evaluates to true, the corresponding 'action' is enforced. + min_version: 'beta' + required: true + properties: + - name: 'srcIpRanges' + type: Array + description: | + Source IP address range in CIDR format. Required for + INGRESS rules. + min_version: 'beta' + item_type: + type: String + - name: 'destIpRanges' + type: Array + description: | + Destination IP address range in CIDR format. Required for + EGRESS rules. + min_version: 'beta' + item_type: + type: String + - name: 'srcAddressGroups' + type: Array + description: | + Address groups which should be matched against the traffic source. + Maximum number of source address groups is 10. + min_version: 'beta' + item_type: + type: String + - name: 'destAddressGroups' + type: Array + description: | + Address groups which should be matched against the traffic destination. + Maximum number of destination address groups is 10. + min_version: 'beta' + item_type: + type: String + - name: 'srcFqdns' + type: Array + description: | + Fully Qualified Domain Name (FQDN) which should be matched against + traffic source. Maximum number of source fqdn allowed is 100. + min_version: 'beta' + item_type: + type: String + - name: 'destFqdns' + type: Array + description: | + Fully Qualified Domain Name (FQDN) which should be matched against + traffic destination. Maximum number of destination fqdn allowed is 100. + min_version: 'beta' + item_type: + type: String + - name: 'srcRegionCodes' + type: Array + description: | + Region codes whose IP addresses will be used to match for source + of traffic. Should be specified as 2 letter country code defined as per + ISO 3166 alpha-2 country codes. ex."US" + Maximum number of source region codes allowed is 5000. + min_version: 'beta' + item_type: + type: String + - name: 'destRegionCodes' + type: Array + description: | + Region codes whose IP addresses will be used to match for destination + of traffic. Should be specified as 2 letter country code defined as per + ISO 3166 alpha-2 country codes. ex."US" + Maximum number of destination region codes allowed is 5000. + min_version: 'beta' + item_type: + type: String + - name: 'srcThreatIntelligences' + type: Array + description: | + Names of Network Threat Intelligence lists. + The IPs in these lists will be matched against traffic source. + min_version: 'beta' + item_type: + type: String + - name: 'destThreatIntelligences' + type: Array + description: | + Names of Network Threat Intelligence lists. + The IPs in these lists will be matched against traffic destination. + min_version: 'beta' + item_type: + type: String + - name: 'layer4Config' + type: Array + description: | + Pairs of IP protocols and ports that the rule should match. + api_name: layer4Configs + min_version: 'beta' + required: true + item_type: + type: NestedObject + properties: + - name: 'ipProtocol' + type: String + description: | + The IP protocol to which this rule applies. The protocol + type is required when creating a firewall rule. + This value can either be one of the following well + known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), + or the IP protocol number. + min_version: 'beta' + required: true + - name: 'ports' + type: Array + description: | + An optional list of ports to which this rule applies. This field + is only applicable for UDP or TCP protocol. Each entry must be + either an integer or a range. If not specified, this rule + applies to connections through any port. + Example inputs include: ["22"], ["80","443"], and + ["12345-12349"]. + min_version: 'beta' + item_type: + type: String + - name: 'srcSecureTag' + type: Array + description: | + List of secure tag values, which should be matched at the source + of the traffic. + For INGRESS rule, if all the srcSecureTag are INEFFECTIVE, + and there is no srcIpRange, this rule will be ignored. + Maximum number of source tag values allowed is 256. + api_name: srcSecureTags + min_version: 'beta' + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + Name of the secure tag, created with TagManager's TagValue API. + @pattern tagValues/[0-9]+ + min_version: 'beta' + - name: 'state' + type: Enum + description: | + [Output Only] State of the secure tag, either `EFFECTIVE` or + `INEFFECTIVE`. A secure tag is `INEFFECTIVE` when it is deleted + or its network is deleted. + min_version: 'beta' + output: true + enum_values: + - 'EFFECTIVE' + - 'INEFFECTIVE' + - name: 'targetSecureTag' + type: Array + description: | + A list of secure tags that controls which instances the firewall rule + applies to. If targetSecureTag are specified, then the + firewall rule applies only to instances in the VPC network that have one + of those EFFECTIVE secure tags, if all the target_secure_tag are in + INEFFECTIVE state, then this rule will be ignored. + targetSecureTag may not be set at the same time as + targetServiceAccounts. + If neither targetServiceAccounts nor + targetSecureTag are specified, the firewall rule applies + to all instances on the specified network. + Maximum number of target label tags allowed is 256. + api_name: targetSecureTags + min_version: 'beta' + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + Name of the secure tag, created with TagManager's TagValue API. + @pattern tagValues/[0-9]+ + min_version: 'beta' + - name: 'state' + type: Enum + description: | + [Output Only] State of the secure tag, either `EFFECTIVE` or + `INEFFECTIVE`. A secure tag is `INEFFECTIVE` when it is deleted + or its network is deleted. + min_version: 'beta' + output: true + enum_values: + - 'EFFECTIVE' + - 'INEFFECTIVE' + - name: 'action' + type: String + description: | + The Action to perform when the client connection triggers the rule. Can currently be either + "allow", "deny", "apply_security_profile_group" or "goto_next". + min_version: 'beta' + required: true + - name: 'direction' + type: Enum + description: | + The direction in which this rule applies. If unspecified an INGRESS rule is created. + min_version: 'beta' + enum_values: + - 'INGRESS' + - 'EGRESS' + - name: 'enableLogging' + type: Boolean + description: | + Denotes whether to enable logging for a particular rule. + If logging is enabled, logs will be exported to the + configured export destination in Stackdriver. + min_version: 'beta' + send_empty_value: true + - name: 'targetServiceAccounts' + type: Array + description: | + A list of service accounts indicating the sets of + instances that are applied with this rule. + min_version: 'beta' + item_type: + type: String + - name: 'securityProfileGroup' + type: String + description: | + A fully-qualified URL of a SecurityProfile resource instance. + Example: + https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group + Must be specified if action is 'apply_security_profile_group'. + min_version: 'beta' + - name: 'tlsInspect' + type: Boolean + description: | + Boolean flag indicating if the traffic should be TLS decrypted. + It can be set only if action = 'apply_security_profile_group' and cannot be set for other actions. + min_version: 'beta' + - name: 'disabled' + type: Boolean + description: | + Denotes whether the firewall policy rule is disabled. When set to true, + the firewall policy rule is not enforced and traffic behaves as if it did + not exist. If this is unspecified, the firewall policy rule will be + enabled. + min_version: 'beta' + - name: 'predefinedRules' + type: Array + description: A list of firewall policy pre-defined rules. + min_version: 'beta' + output: true + item_type: + type: NestedObject + properties: + - name: 'description' + type: String + description: | + A description of the rule. + min_version: 'beta' + output: true + - name: 'ruleName' + type: String + description: | + An optional name for the rule. This field is not a unique identifier + and can be updated. + min_version: 'beta' + output: true + - name: 'priority' + type: Integer + description: | + An integer indicating the priority of a rule in the list. The priority must be a value + between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the + highest priority and 2147483647 is the lowest priority. + min_version: 'beta' + output: true + - name: 'match' + type: NestedObject + description: + A match condition that incoming traffic is evaluated against. If it + evaluates to true, the corresponding 'action' is enforced. + min_version: 'beta' + output: true + properties: + - name: 'srcIpRanges' + type: Array + description: | + Source IP address range in CIDR format. Required for + INGRESS rules. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'destIpRanges' + type: Array + description: | + Destination IP address range in CIDR format. Required for + EGRESS rules. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'srcAddressGroups' + type: Array + description: | + Address groups which should be matched against the traffic source. + Maximum number of source address groups is 10. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'destAddressGroups' + type: Array + description: | + Address groups which should be matched against the traffic destination. + Maximum number of destination address groups is 10. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'srcFqdns' + type: Array + description: | + Fully Qualified Domain Name (FQDN) which should be matched against + traffic source. Maximum number of source fqdn allowed is 100. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'destFqdns' + type: Array + description: | + Fully Qualified Domain Name (FQDN) which should be matched against + traffic destination. Maximum number of destination fqdn allowed is 100. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'srcRegionCodes' + type: Array + description: | + Region codes whose IP addresses will be used to match for source + of traffic. Should be specified as 2 letter country code defined as per + ISO 3166 alpha-2 country codes. ex."US" + Maximum number of source region codes allowed is 5000. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'destRegionCodes' + type: Array + description: | + Region codes whose IP addresses will be used to match for destination + of traffic. Should be specified as 2 letter country code defined as per + ISO 3166 alpha-2 country codes. ex."US" + Maximum number of destination region codes allowed is 5000. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'srcThreatIntelligences' + type: Array + description: | + Names of Network Threat Intelligence lists. + The IPs in these lists will be matched against traffic source. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'destThreatIntelligences' + type: Array + description: | + Names of Network Threat Intelligence lists. + The IPs in these lists will be matched against traffic destination. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'layer4Config' + type: Array + description: | + Pairs of IP protocols and ports that the rule should match. + api_name: layer4Configs + min_version: 'beta' + output: true + item_type: + type: NestedObject + properties: + - name: 'ipProtocol' + type: String + description: | + The IP protocol to which this rule applies. The protocol + type is required when creating a firewall rule. + This value can either be one of the following well + known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), + or the IP protocol number. + min_version: 'beta' + output: true + - name: 'ports' + type: Array + description: | + An optional list of ports to which this rule applies. This field + is only applicable for UDP or TCP protocol. Each entry must be + either an integer or a range. If not specified, this rule + applies to connections through any port. + Example inputs include: ["22"], ["80","443"], and + ["12345-12349"]. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'srcSecureTag' + type: Array + description: | + List of secure tag values, which should be matched at the source + of the traffic. + For INGRESS rule, if all the srcSecureTag are INEFFECTIVE, + and there is no srcIpRange, this rule will be ignored. + Maximum number of source tag values allowed is 256. + api_name: srcSecureTags + min_version: 'beta' + output: true + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + Name of the secure tag, created with TagManager's TagValue API. + @pattern tagValues/[0-9]+ + min_version: 'beta' + output: true + - name: 'state' + type: Enum + description: | + [Output Only] State of the secure tag, either `EFFECTIVE` or + `INEFFECTIVE`. A secure tag is `INEFFECTIVE` when it is deleted + or its network is deleted. + min_version: 'beta' + output: true + enum_values: + - 'EFFECTIVE' + - 'INEFFECTIVE' + - name: 'targetSecureTag' + type: Array + description: | + A list of secure tags that controls which instances the firewall rule + applies to. If targetSecureTag are specified, then the + firewall rule applies only to instances in the VPC network that have one + of those EFFECTIVE secure tags, if all the target_secure_tag are in + INEFFECTIVE state, then this rule will be ignored. + targetSecureTag may not be set at the same time as + targetServiceAccounts. + If neither targetServiceAccounts nor + targetSecureTag are specified, the firewall rule applies + to all instances on the specified network. + Maximum number of target label tags allowed is 256. + api_name: targetSecureTags + min_version: 'beta' + output: true + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + Name of the secure tag, created with TagManager's TagValue API. + @pattern tagValues/[0-9]+ + min_version: 'beta' + output: true + - name: 'state' + type: Enum + description: | + [Output Only] State of the secure tag, either `EFFECTIVE` or + `INEFFECTIVE`. A secure tag is `INEFFECTIVE` when it is deleted + or its network is deleted. + min_version: 'beta' + output: true + enum_values: + - 'EFFECTIVE' + - 'INEFFECTIVE' + - name: 'action' + type: String + description: | + The Action to perform when the client connection triggers the rule. Can currently be either + "allow", "deny", "apply_security_profile_group" or "goto_next". + min_version: 'beta' + output: true + - name: 'direction' + type: Enum + description: | + The direction in which this rule applies. If unspecified an INGRESS rule is created. + min_version: 'beta' + output: true + enum_values: + - 'INGRESS' + - 'EGRESS' + - name: 'enableLogging' + type: Boolean + description: | + Denotes whether to enable logging for a particular rule. + If logging is enabled, logs will be exported to the + configured export destination in Stackdriver. + min_version: 'beta' + output: true + send_empty_value: true + - name: 'targetServiceAccounts' + type: Array + description: | + A list of service accounts indicating the sets of + instances that are applied with this rule. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'securityProfileGroup' + type: String + description: | + A fully-qualified URL of a SecurityProfile resource instance. + Example: + https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group + Must be specified if action is 'apply_security_profile_group'. + min_version: 'beta' + output: true + - name: 'tlsInspect' + type: Boolean + description: | + Boolean flag indicating if the traffic should be TLS decrypted. + It can be set only if action = 'apply_security_profile_group' and cannot be set for other actions. + min_version: 'beta' + output: true + - name: 'disabled' + type: Boolean + description: | + Denotes whether the firewall policy rule is disabled. When set to true, + the firewall policy rule is not enforced and traffic behaves as if it did + not exist. If this is unspecified, the firewall policy rule will be + enabled. + min_version: 'beta' + output: true + - name: 'fingerprint' + type: Fingerprint + description: Fingerprint of the resource. This field is used internally during updates of this resource. + min_version: 'beta' + output: true + - name: 'selfLink' + type: String + description: Server-defined URL for the resource. + min_version: 'beta' + output: true + - name: 'selfLinkWithId' + type: String + description: Server-defined URL for this resource with the resource id. + min_version: 'beta' + output: true + - name: 'ruleTupleCount' + type: Integer + description: Total count of all firewall policy rule tuples. A firewall policy can not exceed a set number of tuples. + min_version: 'beta' + output: true diff --git a/mmv1/products/compute/go_RegionPerInstanceConfig.yaml b/mmv1/products/compute/go_RegionPerInstanceConfig.yaml new file mode 100644 index 000000000000..57b7f9a6bbaf --- /dev/null +++ b/mmv1/products/compute/go_RegionPerInstanceConfig.yaml @@ -0,0 +1,250 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'RegionPerInstanceConfig' +description: | + A config defined for a single managed instance that belongs to an instance group manager. It preserves the instance name + across instance group manager operations and can define stateful disks or metadata that are unique to the instance. + This resource works with regional instance group managers. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/compute/docs/instance-groups/stateful-migs#per-instance_configs' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroupManagers' +docs: +id_format: '{{project}}/{{region}}/{{region_instance_group_manager}}/{{name}}' +base_url: 'projects/{{project}}/regions/{{region}}/instanceGroupManagers/{{region_instance_group_manager}}' +self_link: 'projects/{{project}}/regions/{{region}}/instanceGroupManagers/{{region_instance_group_manager}}/listPerInstanceConfigs' +create_url: 'projects/{{project}}/regions/{{region}}/instanceGroupManagers/{{region_instance_group_manager}}/createInstances' +update_url: 'projects/{{project}}/regions/{{region}}/instanceGroupManagers/{{region_instance_group_manager}}/updatePerInstanceConfigs' +update_verb: 'POST' +read_verb: 'POST' +delete_url: 'projects/{{project}}/regions/{{region}}/instanceGroupManagers/{{region_instance_group_manager}}/deletePerInstanceConfigs' +delete_verb: 'POST' +mutex: 'instanceGroupManager/{{project}}/{{region}}/{{region_instance_group_manager}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +identity: + - name +nested_query: + keys: + - items + is_list_of_ids: false + modify_by_patch: false +custom_code: + encoder: 'templates/terraform/encoders/go/compute_per_instance_config.go.tmpl' + update_encoder: 'templates/terraform/update_encoder/go/compute_per_instance_config.go.tmpl' + post_update: 'templates/terraform/post_update/go/compute_region_per_instance_config.go.tmpl' + custom_delete: 'templates/terraform/custom_delete/go/region_per_instance_config.go.tmpl' +exclude_tgc: true +examples: + - name: 'stateful_rigm' + primary_resource_id: 'stateful-instance' + vars: + template_name: 'my-template' + igm_name: 'my-rigm' + disk_name: 'my-disk-name' + # Fine-grained resource need different autogenerated tests, as + # we need to check destroy during a test step where the parent resource + # still exists, rather than during CheckDestroy (when read returns + # nothing because the parent resource has then also been destroyed) + exclude_test: true +virtual_fields: + - name: 'minimal_action' + description: | + The minimal action to perform on the instance during an update. + Default is `NONE`. Possible values are: + * REPLACE + * RESTART + * REFRESH + * NONE + type: String + default_value: "NONE" + - name: 'most_disruptive_allowed_action' + description: | + The most disruptive action to perform on the instance during an update. + Default is `REPLACE`. Possible values are: + * REPLACE + * RESTART + * REFRESH + * NONE + type: String + default_value: "REPLACE" + - name: 'remove_instance_on_destroy' + description: | + When true, deleting this config will immediately remove the underlying instance. + When false, deleting this config will use the behavior as determined by remove_instance_on_destroy. + type: Boolean + default_value: false + - name: 'remove_instance_state_on_destroy' + description: | + When true, deleting this config will immediately remove any specified state from the underlying instance. + When false, deleting this config will *not* immediately remove any state from the underlying instance. + State will be removed on the next instance recreation or update. + type: Boolean + default_value: false +parameters: + - name: 'region' + type: ResourceRef + description: | + Region where the containing instance group manager is located + url_param_only: true + required: false + immutable: true + ignore_read: true + default_from_api: true + resource: 'Region' + imports: 'name' + - name: 'regionInstanceGroupManager' + type: ResourceRef + description: | + The region instance group manager this instance config is part of. + url_param_only: true + required: true + immutable: true + resource: 'RegionInstanceGroupManager' + imports: 'name' +properties: + - name: 'name' + type: String + description: | + The name for this per-instance config and its corresponding instance. + required: true + immutable: true + - name: 'preservedState' + type: NestedObject + description: 'The preserved state for this instance.' + properties: + - name: 'metadata' + type: KeyValuePairs + description: | + Preserved metadata defined for this instance. This is a list of key->value pairs. + - name: 'disk' + type: Array + description: | + Stateful disks for the instance. + api_name: disks + is_set: true + custom_flatten: 'templates/terraform/custom_flatten/go/preserved_state_disks.go.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/preserved_state_disks.go.tmpl' + item_type: + type: NestedObject + properties: + - name: 'deviceName' + type: String + description: | + A unique device name that is reflected into the /dev/ tree of a Linux operating system running within the instance. + required: true + - name: 'source' + type: String + description: | + The URI of an existing persistent disk to attach under the specified device-name in the format + `projects/project-id/zones/zone/disks/disk-name`. + required: true + - name: 'mode' + type: Enum + description: | + The mode of the disk. + default_value: "READ_WRITE" + enum_values: + - 'READ_ONLY' + - 'READ_WRITE' + - name: 'deleteRule' + type: Enum + description: | + A value that prescribes what should happen to the stateful disk when the VM instance is deleted. + The available options are `NEVER` and `ON_PERMANENT_INSTANCE_DELETION`. + `NEVER` - detach the disk when the VM is deleted, but do not delete the disk. + `ON_PERMANENT_INSTANCE_DELETION` will delete the stateful disk when the VM is permanently + deleted from the instance group. + default_value: "NEVER" + enum_values: + - 'NEVER' + - 'ON_PERMANENT_INSTANCE_DELETION' + - name: 'internalIp' + type: Map + description: | + Preserved internal IPs defined for this instance. This map is keyed with the name of the network interface. + api_name: internalIPs + key_name: 'interface_name' + value_type: + name: internalIp + type: NestedObject + properties: + - name: 'autoDelete' + type: Enum + description: | + These stateful IPs will never be released during autohealing, update or VM instance recreate operations. This flag is used to configure if the IP reservation should be deleted after it is no longer used by the group, e.g. when the given instance or the whole group is deleted. + default_value: "NEVER" + enum_values: + - 'NEVER' + - 'ON_PERMANENT_INSTANCE_DELETION' + - name: 'ipAddress' + type: NestedObject + description: | + Ip address representation + properties: + - name: 'address' + type: ResourceRef + description: | + The URL of the reservation for this IP address. + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Address' + imports: 'selfLink' + - name: 'externalIp' + type: Map + description: | + Preserved external IPs defined for this instance. This map is keyed with the name of the network interface. + api_name: externalIPs + key_name: 'interface_name' + value_type: + name: externalIp + type: NestedObject + properties: + - name: 'autoDelete' + type: Enum + description: | + These stateful IPs will never be released during autohealing, update or VM instance recreate operations. This flag is used to configure if the IP reservation should be deleted after it is no longer used by the group, e.g. when the given instance or the whole group is deleted. + default_value: "NEVER" + enum_values: + - 'NEVER' + - 'ON_PERMANENT_INSTANCE_DELETION' + - name: 'ipAddress' + type: NestedObject + description: | + Ip address representation + properties: + - name: 'address' + type: ResourceRef + description: | + The URL of the reservation for this IP address. + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Address' + imports: 'selfLink' diff --git a/mmv1/products/compute/go_RegionSecurityPolicy.yaml b/mmv1/products/compute/go_RegionSecurityPolicy.yaml new file mode 100644 index 000000000000..65d078bd284d --- /dev/null +++ b/mmv1/products/compute/go_RegionSecurityPolicy.yaml @@ -0,0 +1,196 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'RegionSecurityPolicy' +description: | + Represents a Region Cloud Armor Security Policy resource. +min_version: 'beta' +references: + guides: + 'Official Documentation': 'https://cloud.google.com/armor/docs/security-policy-concepts' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionSecurityPolicies' +docs: +base_url: 'projects/{{project}}/regions/{{region}}/securityPolicies' +self_link: 'projects/{{project}}/regions/{{region}}/securityPolicies/{{name}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/regions/{{region}}/securityPolicies/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +custom_code: +examples: + - name: 'region_security_policy_basic' + primary_resource_id: 'region-sec-policy-basic' + vars: + sec_policy_name: 'my-sec-policy-basic' + - name: 'region_security_policy_with_ddos_protection_config' + primary_resource_id: 'region-sec-policy-ddos-protection' + vars: + sec_policy_name: 'my-sec-policy-ddos-protection' + - name: 'region_security_policy_with_user_defined_fields' + primary_resource_id: 'region-sec-policy-user-defined-fields' + vars: + sec_policy_name: 'my-sec-policy-user-defined-fields' +parameters: + - name: 'region' + type: ResourceRef + description: | + The Region in which the created Region Security Policy should reside. + If it is not provided, the provider region is used. + min_version: 'beta' + required: false + immutable: true + default_from_api: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' +properties: + - name: 'policyId' + type: String + description: | + The unique identifier for the resource. This identifier is defined by the server. + api_name: id + min_version: 'beta' + output: true + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. + Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + min_version: 'beta' + required: true + immutable: true + - name: 'description' + type: String + description: | + An optional description of this resource. Provide this property when you create the resource. + min_version: 'beta' + - name: 'fingerprint' + type: Fingerprint + description: | + Fingerprint of this resource. This field is used internally during + updates of this resource. + min_version: 'beta' + output: true + - name: 'type' + type: Enum + description: | + The type indicates the intended use of the security policy. + - CLOUD_ARMOR: Cloud Armor backend security policies can be configured to filter incoming HTTP requests targeting backend services. They filter requests before they hit the origin servers. + - CLOUD_ARMOR_EDGE: Cloud Armor edge security policies can be configured to filter incoming HTTP requests targeting backend services (including Cloud CDN-enabled) as well as backend buckets (Cloud Storage). They filter requests before the request is served from Google's cache. + - CLOUD_ARMOR_NETWORK: Cloud Armor network policies can be configured to filter packets targeting network load balancing resources such as backend services, target pools, target instances, and instances with external IPs. They filter requests before the request is served from the application. + This field can be set only at resource creation time. + min_version: 'beta' + immutable: true + enum_values: + - 'CLOUD_ARMOR' + - 'CLOUD_ARMOR_EDGE' + - 'CLOUD_ARMOR_NETWORK' + - name: 'ddosProtectionConfig' + type: NestedObject + description: | + Configuration for Google Cloud Armor DDOS Proctection Config. + min_version: 'beta' + properties: + - name: 'ddosProtection' + type: Enum + description: | + Google Cloud Armor offers the following options to help protect systems against DDoS attacks: + - STANDARD: basic always-on protection for network load balancers, protocol forwarding, or VMs with public IP addresses. + - ADVANCED: additional protections for Managed Protection Plus subscribers who use network load balancers, protocol forwarding, or VMs with public IP addresses. + - ADVANCED_PREVIEW: flag to enable the security policy in preview mode. + min_version: 'beta' + required: true + enum_values: + - 'ADVANCED' + - 'ADVANCED_PREVIEW' + - 'STANDARD' + - name: 'selfLink' + type: String + description: | + Server-defined URL for the resource. + min_version: 'beta' + output: true + - name: 'selfLinkWithPolicyId' + type: String + description: | + Server-defined URL for this resource with the resource id. + api_name: selfLinkWithId + min_version: 'beta' + output: true + - name: 'userDefinedFields' + type: Array + description: | + Definitions of user-defined fields for CLOUD_ARMOR_NETWORK policies. + A user-defined field consists of up to 4 bytes extracted from a fixed offset in the packet, relative to the IPv4, IPv6, TCP, or UDP header, with an optional mask to select certain bits. + Rules may then specify matching values for these fields. + min_version: 'beta' + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + The name of this field. Must be unique within the policy. + min_version: 'beta' + - name: 'base' + type: Enum + description: | + The base relative to which 'offset' is measured. Possible values are: + - IPV4: Points to the beginning of the IPv4 header. + - IPV6: Points to the beginning of the IPv6 header. + - TCP: Points to the beginning of the TCP header, skipping over any IPv4 options or IPv6 extension headers. Not present for non-first fragments. + - UDP: Points to the beginning of the UDP header, skipping over any IPv4 options or IPv6 extension headers. Not present for non-first fragments. + min_version: 'beta' + required: true + enum_values: + - 'IPV4' + - 'IPV6' + - 'TCP' + - 'UDP' + - name: 'offset' + type: Integer + description: | + Offset of the first byte of the field (in network byte order) relative to 'base'. + min_version: 'beta' + - name: 'size' + type: Integer + description: | + Size of the field in bytes. Valid values: 1-4. + min_version: 'beta' + - name: 'mask' + type: String + description: | + If specified, apply this mask (bitwise AND) to the field to ignore bits before matching. + Encoded as a hexadecimal number (starting with "0x"). + The last byte of the field (in network byte order) corresponds to the least significant byte of the mask. + min_version: 'beta' diff --git a/mmv1/products/compute/go_RegionSecurityPolicyRule.yaml b/mmv1/products/compute/go_RegionSecurityPolicyRule.yaml new file mode 100644 index 000000000000..07804a0621ab --- /dev/null +++ b/mmv1/products/compute/go_RegionSecurityPolicyRule.yaml @@ -0,0 +1,577 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'RegionSecurityPolicyRule' +description: | + A rule for the RegionSecurityPolicy. +min_version: 'beta' +references: + guides: + 'Creating region security policy rules': 'https://cloud.google.com/armor/docs/configure-security-policies' + api: 'https://cloud.google.com/compute/docs/reference/rest/beta/regionSecurityPolicies/addRule' +docs: +id_format: 'projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}/priority/{{priority}}' +base_url: 'projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}' +self_link: 'projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}/getRule?priority={{priority}}' +create_url: 'projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}/addRule?priority={{priority}}' +update_url: 'projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}/patchRule?priority={{priority}}' +update_verb: 'POST' +update_mask: true +delete_url: 'projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}/removeRule?priority={{priority}}' +delete_verb: 'POST' +import_format: + - 'projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}/priority/{{priority}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +custom_code: +examples: + - name: 'region_security_policy_rule_basic' + primary_resource_id: 'policy_rule' + min_version: 'beta' + vars: + sec_policy_name: 'policyruletest' + - name: 'region_security_policy_rule_multiple_rules' + primary_resource_id: 'policy_rule_one' + min_version: 'beta' + vars: + sec_policy_name: 'policywithmultiplerules' + - name: 'region_security_policy_rule_with_preconfigured_waf_config' + primary_resource_id: 'policy_rule' + min_version: 'beta' + vars: + sec_policy_name: 'policyruletest' + - name: 'region_security_policy_rule_with_network_match' + primary_resource_id: 'policy_rule_network_match' + min_version: 'beta' + vars: + sec_policy_name: 'policyfornetworkmatch' + # it needs to run synchronously because a region can have only one google_compute_network_edge_security_service. + # there is a robust handwritten test which covers this scenario. + exclude_test: true +parameters: + - name: 'region' + type: String + description: | + The Region in which the created Region Security Policy rule should reside. + min_version: 'beta' + url_param_only: true + required: true + immutable: true + - name: 'security_policy' + type: String + description: | + The name of the security policy this rule belongs to. + min_version: 'beta' + url_param_only: true + required: true + immutable: true +properties: + - name: 'description' + type: String + description: | + An optional description of this resource. Provide this property when you create the resource. + min_version: 'beta' + - name: 'priority' + type: Integer + description: | + An integer indicating the priority of a rule in the list. + The priority must be a positive value between 0 and 2147483647. + Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority. + min_version: 'beta' + required: true + immutable: true + - name: 'match' + type: NestedObject + description: | + A match condition that incoming traffic is evaluated against. + If it evaluates to true, the corresponding 'action' is enforced. + min_version: 'beta' + properties: + - name: 'versionedExpr' + type: Enum + description: | + Preconfigured versioned expression. If this field is specified, config must also be specified. + Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding srcIpRange field in config. + min_version: 'beta' + enum_values: + - 'SRC_IPS_V1' + - name: 'expr' + type: NestedObject + description: | + User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header. + min_version: 'beta' + properties: + - name: 'expression' + type: String + description: | + Textual representation of an expression in Common Expression Language syntax. The application context of the containing message determines which well-known feature set of CEL is supported. + min_version: 'beta' + required: true + - name: 'config' + type: NestedObject + description: | + The configuration options available when specifying versionedExpr. + This field must be specified if versionedExpr is specified and cannot be specified if versionedExpr is not specified. + min_version: 'beta' + properties: + - name: 'srcIpRanges' + type: Array + description: | + CIDR IP address range. Maximum number of srcIpRanges allowed is 10. + min_version: 'beta' + item_type: + type: String + - name: 'preconfiguredWafConfig' + type: NestedObject + description: | + Preconfigured WAF configuration to be applied for the rule. + If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect. + min_version: 'beta' + properties: + - name: 'exclusion' + type: Array + description: | + An exclusion to apply during preconfigured WAF evaluation. + api_name: exclusions + min_version: 'beta' + item_type: + type: NestedObject + properties: + - name: 'targetRuleSet' + type: String + description: | + Target WAF rule set to apply the preconfigured WAF exclusion. + min_version: 'beta' + required: true + - name: 'targetRuleIds' + type: Array + description: | + A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. + If omitted, it refers to all the rule IDs under the WAF rule set. + min_version: 'beta' + item_type: + type: String + - name: 'requestHeader' + type: Array + description: | + Request header whose value will be excluded from inspection during preconfigured WAF evaluation. + api_name: requestHeadersToExclude + min_version: 'beta' + item_type: + type: NestedObject + properties: + - name: 'operator' + type: Enum + description: | + You can specify an exact match or a partial match by using a field operator and a field value. + Available options: + EQUALS: The operator matches if the field value equals the specified value. + STARTS_WITH: The operator matches if the field value starts with the specified value. + ENDS_WITH: The operator matches if the field value ends with the specified value. + CONTAINS: The operator matches if the field value contains the specified value. + EQUALS_ANY: The operator matches if the field value is any value. + api_name: op + min_version: 'beta' + required: true + enum_values: + - 'CONTAINS' + - 'ENDS_WITH' + - 'EQUALS' + - 'EQUALS_ANY' + - 'STARTS_WITH' + - name: 'value' + type: String + description: | + A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation. + The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY. + api_name: val + min_version: 'beta' + - name: 'requestCookie' + type: Array + description: | + Request cookie whose value will be excluded from inspection during preconfigured WAF evaluation. + api_name: requestCookiesToExclude + min_version: 'beta' + item_type: + type: NestedObject + properties: + - name: 'operator' + type: Enum + description: | + You can specify an exact match or a partial match by using a field operator and a field value. + Available options: + EQUALS: The operator matches if the field value equals the specified value. + STARTS_WITH: The operator matches if the field value starts with the specified value. + ENDS_WITH: The operator matches if the field value ends with the specified value. + CONTAINS: The operator matches if the field value contains the specified value. + EQUALS_ANY: The operator matches if the field value is any value. + api_name: op + min_version: 'beta' + required: true + enum_values: + - 'CONTAINS' + - 'ENDS_WITH' + - 'EQUALS' + - 'EQUALS_ANY' + - 'STARTS_WITH' + - name: 'value' + type: String + description: | + A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation. + The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY. + api_name: val + min_version: 'beta' + - name: 'requestUri' + type: Array + description: | + Request URI from the request line to be excluded from inspection during preconfigured WAF evaluation. + When specifying this field, the query or fragment part should be excluded. + api_name: requestUrisToExclude + min_version: 'beta' + item_type: + type: NestedObject + properties: + - name: 'operator' + type: Enum + description: | + You can specify an exact match or a partial match by using a field operator and a field value. + Available options: + EQUALS: The operator matches if the field value equals the specified value. + STARTS_WITH: The operator matches if the field value starts with the specified value. + ENDS_WITH: The operator matches if the field value ends with the specified value. + CONTAINS: The operator matches if the field value contains the specified value. + EQUALS_ANY: The operator matches if the field value is any value. + api_name: op + min_version: 'beta' + required: true + enum_values: + - 'CONTAINS' + - 'ENDS_WITH' + - 'EQUALS' + - 'EQUALS_ANY' + - 'STARTS_WITH' + - name: 'value' + type: String + description: | + A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation. + The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY. + api_name: val + min_version: 'beta' + - name: 'requestQueryParam' + type: Array + description: | + Request query parameter whose value will be excluded from inspection during preconfigured WAF evaluation. + Note that the parameter can be in the query string or in the POST body. + api_name: requestQueryParamsToExclude + min_version: 'beta' + item_type: + type: NestedObject + properties: + - name: 'operator' + type: Enum + description: | + You can specify an exact match or a partial match by using a field operator and a field value. + Available options: + EQUALS: The operator matches if the field value equals the specified value. + STARTS_WITH: The operator matches if the field value starts with the specified value. + ENDS_WITH: The operator matches if the field value ends with the specified value. + CONTAINS: The operator matches if the field value contains the specified value. + EQUALS_ANY: The operator matches if the field value is any value. + api_name: op + min_version: 'beta' + required: true + enum_values: + - 'CONTAINS' + - 'ENDS_WITH' + - 'EQUALS' + - 'EQUALS_ANY' + - 'STARTS_WITH' + - name: 'value' + type: String + description: | + A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation. + The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY. + api_name: val + min_version: 'beta' + - name: 'action' + type: String + description: | + The Action to perform when the rule is matched. The following are the valid actions: + + * allow: allow access to target. + + * deny(STATUS): deny access to target, returns the HTTP response code specified. Valid values for STATUS are 403, 404, and 502. + + * rate_based_ban: limit client traffic to the configured threshold and ban the client if the traffic exceeds the threshold. Configure parameters for this action in RateLimitOptions. Requires rateLimitOptions to be set. + + * redirect: redirect to a different target. This can either be an internal reCAPTCHA redirect, or an external URL-based redirect via a 302 response. Parameters for this action can be configured via redirectOptions. This action is only supported in Global Security Policies of type CLOUD_ARMOR. + + * throttle: limit client traffic to the configured threshold. Configure parameters for this action in rateLimitOptions. Requires rateLimitOptions to be set for this. + min_version: 'beta' + required: true + - name: 'rateLimitOptions' + type: NestedObject + description: | + Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions. + min_version: 'beta' + update_mask_fields: + - 'rateLimitOptions.rateLimitThreshold' + - 'rateLimitOptions.conformAction' + - 'rateLimitOptions.exceedAction' + - 'rateLimitOptions.enforceOnKey' + - 'rateLimitOptions.enforceOnKeyName' + - 'rateLimitOptions.enforceOnKeyConfigs' + - 'rateLimitOptions.banThreshold' + - 'rateLimitOptions.banDurationSec' + properties: + - name: 'rateLimitThreshold' + type: NestedObject + description: | + Threshold at which to begin ratelimiting. + min_version: 'beta' + properties: + - name: 'count' + type: Integer + description: | + Number of HTTP(S) requests for calculating the threshold. + min_version: 'beta' + - name: 'intervalSec' + type: Integer + description: | + Interval over which the threshold is computed. + min_version: 'beta' + - name: 'conformAction' + type: String + description: | + Action to take for requests that are under the configured rate limit threshold. + Valid option is "allow" only. + min_version: 'beta' + - name: 'exceedAction' + type: String + description: | + Action to take for requests that are above the configured rate limit threshold, to deny with a specified HTTP response code. + Valid options are deny(STATUS), where valid values for STATUS are 403, 404, 429, and 502. + min_version: 'beta' + - name: 'enforceOnKey' + type: Enum + description: | + Determines the key to enforce the rateLimitThreshold on. Possible values are: + * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKey" is not configured. + * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + * REGION_CODE: The country/region from which the request originates. + * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + min_version: 'beta' + enum_values: + - 'ALL' + - 'IP' + - 'HTTP_HEADER' + - 'XFF_IP' + - 'HTTP_COOKIE' + - 'HTTP_PATH' + - 'SNI' + - 'REGION_CODE' + - 'TLS_JA3_FINGERPRINT' + - 'USER_IP' + - name: 'enforceOnKeyName' + type: String + description: | + Rate limit key name applicable only for the following key types: + HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. + min_version: 'beta' + - name: 'enforceOnKeyConfigs' + type: Array + description: | + If specified, any combination of values of enforceOnKeyType/enforceOnKeyName is treated as the key on which ratelimit threshold/action is enforced. + You can specify up to 3 enforceOnKeyConfigs. + If enforceOnKeyConfigs is specified, enforceOnKey must not be specified. + min_version: 'beta' + item_type: + type: NestedObject + properties: + - name: 'enforceOnKeyType' + type: Enum + description: | + Determines the key to enforce the rateLimitThreshold on. Possible values are: + * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKeyConfigs" is not configured. + * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + * REGION_CODE: The country/region from which the request originates. + * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + min_version: 'beta' + enum_values: + - 'ALL' + - 'IP' + - 'HTTP_HEADER' + - 'XFF_IP' + - 'HTTP_COOKIE' + - 'HTTP_PATH' + - 'SNI' + - 'REGION_CODE' + - 'TLS_JA3_FINGERPRINT' + - 'USER_IP' + - name: 'enforceOnKeyName' + type: String + description: | + Rate limit key name applicable only for the following key types: + HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. + min_version: 'beta' + - name: 'banThreshold' + type: NestedObject + description: | + Can only be specified if the action for the rule is "rate_based_ban". + If specified, the key will be banned for the configured 'banDurationSec' when the number of requests that exceed the 'rateLimitThreshold' also exceed this 'banThreshold'. + min_version: 'beta' + properties: + - name: 'count' + type: Integer + description: | + Number of HTTP(S) requests for calculating the threshold. + min_version: 'beta' + - name: 'intervalSec' + type: Integer + description: | + Interval over which the threshold is computed. + min_version: 'beta' + - name: 'banDurationSec' + type: Integer + description: | + Can only be specified if the action for the rule is "rate_based_ban". + If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold. + min_version: 'beta' + - name: 'preview' + type: Boolean + description: | + If set to true, the specified action is not enforced. + min_version: 'beta' + - name: 'networkMatch' + type: NestedObject + description: | + A match condition that incoming packets are evaluated against for CLOUD_ARMOR_NETWORK security policies. If it matches, the corresponding 'action' is enforced. + The match criteria for a rule consists of built-in match fields (like 'srcIpRanges') and potentially multiple user-defined match fields ('userDefinedFields'). + Field values may be extracted directly from the packet or derived from it (e.g. 'srcRegionCodes'). Some fields may not be present in every packet (e.g. 'srcPorts'). A user-defined field is only present if the base header is found in the packet and the entire field is in bounds. + Each match field may specify which values can match it, listing one or more ranges, prefixes, or exact values that are considered a match for the field. A field value must be present in order to match a specified match field. If no match values are specified for a match field, then any field value is considered to match it, and it's not required to be present. For strings specifying '*' is also equivalent to match all. + For a packet to match a rule, all specified match fields must match the corresponding field values derived from the packet. + Example: + networkMatch: srcIpRanges: - "192.0.2.0/24" - "198.51.100.0/24" userDefinedFields: - name: "ipv4_fragment_offset" values: - "1-0x1fff" + The above match condition matches packets with a source IP in 192.0.2.0/24 or 198.51.100.0/24 and a user-defined field named "ipv4_fragment_offset" with a value between 1 and 0x1fff inclusive + min_version: 'beta' + update_mask_fields: + - 'network_match.userDefinedFields' + - 'network_match.srcIpRanges' + - 'network_match.destIpRanges' + - 'network_match.ipProtocols' + - 'network_match.srcPorts' + - 'network_match.destPorts' + - 'network_match.srcRegionCodes' + - 'network_match.srcAsns' + properties: + - name: 'userDefinedFields' + type: Array + description: | + User-defined fields. Each element names a defined field and lists the matching values for that field. + min_version: 'beta' + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + Name of the user-defined field, as given in the definition. + min_version: 'beta' + - name: 'values' + type: Array + description: | + Matching values of the field. Each element can be a 32-bit unsigned decimal or hexadecimal (starting with "0x") number (e.g. "64") or range (e.g. "0x400-0x7ff"). + min_version: 'beta' + item_type: + type: String + - name: 'srcIpRanges' + type: Array + description: | + Source IPv4/IPv6 addresses or CIDR prefixes, in standard text format. + min_version: 'beta' + item_type: + type: String + - name: 'destIpRanges' + type: Array + description: | + Destination IPv4/IPv6 addresses or CIDR prefixes, in standard text format. + min_version: 'beta' + item_type: + type: String + - name: 'ipProtocols' + type: Array + description: | + IPv4 protocol / IPv6 next header (after extension headers). Each element can be an 8-bit unsigned decimal number (e.g. "6"), range (e.g. "253-254"), or one of the following protocol names: "tcp", "udp", "icmp", "esp", "ah", "ipip", or "sctp". + min_version: 'beta' + item_type: + type: String + - name: 'srcPorts' + type: Array + description: | + Source port numbers for TCP/UDP/SCTP. Each element can be a 16-bit unsigned decimal number (e.g. "80") or range (e.g. "0-1023"). + min_version: 'beta' + item_type: + type: String + - name: 'destPorts' + type: Array + description: | + Destination port numbers for TCP/UDP/SCTP. Each element can be a 16-bit unsigned decimal number (e.g. "80") or range (e.g. "0-1023"). + min_version: 'beta' + item_type: + type: String + - name: 'srcRegionCodes' + type: Array + description: | + Two-letter ISO 3166-1 alpha-2 country code associated with the source IP address. + min_version: 'beta' + item_type: + type: String + - name: 'srcAsns' + type: Array + description: | + BGP Autonomous System Number associated with the source IP address. + min_version: 'beta' + item_type: + type: Integer diff --git a/mmv1/products/compute/go_RegionSslCertificate.yaml b/mmv1/products/compute/go_RegionSslCertificate.yaml new file mode 100644 index 000000000000..8b0f25c2da33 --- /dev/null +++ b/mmv1/products/compute/go_RegionSslCertificate.yaml @@ -0,0 +1,146 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'RegionSslCertificate' +kind: 'compute#sslCertificate' +description: | + A RegionSslCertificate resource, used for HTTPS load balancing. This resource + provides a mechanism to upload an SSL key and certificate to + the load balancer to serve secure connections from the user. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/ssl-certificates' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionSslCertificates' +docs: + optional_properties: | + * `name_prefix` - (Optional) Creates a unique name beginning with the + specified prefix. Conflicts with `name`. Max length is 54 characters. + Prefixes with lengths longer than 37 characters will use a shortened + UUID that will be more prone to collisions. + Resulting name for a `name_prefix` <= 37 characters: + `name_prefix` + YYYYmmddHHSSssss + 8 digit incremental counter + Resulting name for a `name_prefix` 38 - 54 characters: + `name_prefix` + YYmmdd + 3 digit incremental counter +base_url: 'projects/{{project}}/regions/{{region}}/sslCertificates' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: + extra_schema_entry: 'templates/terraform/extra_schema_entry/go/ssl_certificate.tmpl' + constants: 'templates/terraform/constants/go/compute_certificate.go.tmpl' +examples: + - name: 'region_ssl_certificate_basic' + primary_resource_id: 'default' + ignore_read_extra: + - 'name_prefix' + # Uses id.UniqueId + skip_vcr: true + - name: 'region_ssl_certificate_random_provider' + primary_resource_id: 'default' + external_providers: ["random", "time"] + # Uses id.UniqueId + skip_vcr: true + - name: 'region_ssl_certificate_target_https_proxies' + primary_resource_id: 'default' + vars: + region_target_https_proxy_name: 'test-proxy' + region_url_map_name: 'url-map' + region_backend_service_name: 'backend-service' + region_health_check_name: 'http-health-check' + ignore_read_extra: + - 'name_prefix' + # Uses id.UniqueId + skip_vcr: true +parameters: + - name: 'region' + type: ResourceRef + description: | + The Region in which the created regional ssl certificate should reside. + If it is not provided, the provider region is used. + required: false + immutable: true + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' +properties: + - name: 'certificate' + type: String + description: | + The certificate in PEM format. + The certificate chain must be no greater than 5 certs long. + The chain must include at least one intermediate cert. + required: true + sensitive: true + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'description' + type: String + description: 'An optional description of this resource.' + - name: 'expireTime' + type: String + description: 'Expire time of the certificate in RFC3339 text format.' + output: true + - name: 'certificate_id' + type: Integer + description: 'The unique identifier for the resource.' + api_name: id + output: true + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and match + the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the + first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the last + character, which cannot be a dash. + + These are in the same namespace as the managed SSL certificates. + default_from_api: true + custom_expand: 'templates/terraform/custom_expand/go/name_or_name_prefix.go.tmpl' + validation: + function: 'verify.ValidateGCEName' + - name: 'privateKey' + type: String + description: 'The write-only private key in PEM format.' + required: true + immutable: true + ignore_read: true + sensitive: true + diff_suppress_func: 'sha256DiffSuppress' + custom_flatten: 'templates/terraform/custom_flatten/go/sha256.tmpl' diff --git a/mmv1/products/compute/go_RegionSslPolicy.yaml b/mmv1/products/compute/go_RegionSslPolicy.yaml new file mode 100644 index 000000000000..baab545b92e2 --- /dev/null +++ b/mmv1/products/compute/go_RegionSslPolicy.yaml @@ -0,0 +1,138 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'RegionSslPolicy' +kind: 'compute#sslPolicy' +description: | + Represents a Regional SSL policy. SSL policies give you the ability to control the + features of SSL that your SSL proxy or HTTPS load balancer negotiates. +references: + guides: + 'Using SSL Policies': 'https://cloud.google.com/compute/docs/load-balancing/ssl-policies' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionSslPolicies' +docs: +base_url: 'projects/{{project}}/regions/{{region}}/sslPolicies' +has_self_link: true +update_verb: 'PATCH' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: + constants: 'templates/terraform/constants/go/region_ssl_policy.tmpl' +custom_diff: + - 'regionSslPolicyCustomizeDiff' +parameters: + - name: 'region' + type: ResourceRef + description: | + The region where the regional SSL policy resides. + immutable: true + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' +properties: + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'description' + type: String + description: 'An optional description of this resource.' + immutable: true + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and match + the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the + first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the last + character, which cannot be a dash. + required: true + immutable: true + - name: 'profile' + type: Enum + description: | + Profile specifies the set of SSL features that can be used by the + load balancer when negotiating SSL with clients. If using `CUSTOM`, + the set of SSL features to enable must be specified in the + `customFeatures` field. + + See the [official documentation](https://cloud.google.com/compute/docs/load-balancing/ssl-policies#profilefeaturesupport) + for information on what cipher suites each profile provides. If + `CUSTOM` is used, the `custom_features` attribute **must be set**. + default_value: "COMPATIBLE" + enum_values: + - 'COMPATIBLE' + - 'MODERN' + - 'RESTRICTED' + - 'CUSTOM' + - name: 'minTlsVersion' + type: Enum + description: | + The minimum version of SSL protocol that can be used by the clients + to establish a connection with the load balancer. + default_value: "TLS_1_0" + enum_values: + - 'TLS_1_0' + - 'TLS_1_1' + - 'TLS_1_2' + - name: 'enabledFeatures' + type: Array + description: 'The list of features enabled in the SSL policy.' + is_set: true + output: true + item_type: + type: String + - name: 'customFeatures' + type: Array + description: | + A list of features enabled when the selected profile is CUSTOM. The + method returns the set of features that can be specified in this + list. This field must be empty if the profile is not CUSTOM. + + See the [official documentation](https://cloud.google.com/compute/docs/load-balancing/ssl-policies#profilefeaturesupport) + for which ciphers are available to use. **Note**: this argument + *must* be present when using the `CUSTOM` profile. This argument + *must not* be present when using any other profile. + is_set: true + send_empty_value: true + item_type: + type: String + - name: 'fingerprint' + type: Fingerprint + description: | + Fingerprint of this resource. A hash of the contents stored in this + object. This field is used in optimistic locking. + output: true diff --git a/mmv1/products/compute/go_RegionTargetHttpProxy.yaml b/mmv1/products/compute/go_RegionTargetHttpProxy.yaml new file mode 100644 index 000000000000..eeab02a7611a --- /dev/null +++ b/mmv1/products/compute/go_RegionTargetHttpProxy.yaml @@ -0,0 +1,122 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'RegionTargetHttpProxy' +description: | + Represents a RegionTargetHttpProxy resource, which is used by one or more + forwarding rules to route incoming HTTP requests to a URL map. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/compute/docs/load-balancing/http/target-proxies' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionTargetHttpProxies' +docs: +base_url: 'projects/{{project}}/regions/{{region}}/targetHttpProxies' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +custom_code: +examples: + - name: 'region_target_http_proxy_basic' + primary_resource_id: 'default' + vars: + region_target_http_proxy_name: 'test-proxy' + region_url_map_name: 'url-map' + region_backend_service_name: 'backend-service' + region_health_check_name: 'http-health-check' + - name: 'region_target_http_proxy_http_keep_alive_timeout' + primary_resource_id: 'default' + vars: + region_target_http_proxy_name: 'test-http-keep-alive-timeout-proxy' + region_url_map_name: 'url-map' + region_backend_service_name: 'backend-service' + region_health_check_name: 'http-health-check' + - name: 'region_target_http_proxy_https_redirect' + primary_resource_id: 'default' + vars: + region_target_http_proxy_name: 'test-https-redirect-proxy' + region_url_map_name: 'url-map' +parameters: + - name: 'region' + type: ResourceRef + description: | + The Region in which the created target https proxy should reside. + If it is not provided, the provider region is used. + required: false + immutable: true + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' +properties: + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'description' + type: String + description: 'An optional description of this resource.' + - name: 'proxyId' + type: Integer + description: 'The unique identifier for the resource.' + api_name: id + output: true + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and match + the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the + first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the last + character, which cannot be a dash. + required: true + - name: 'urlMap' + type: ResourceRef + description: | + A reference to the RegionUrlMap resource that defines the mapping from URL + to the BackendService. + required: true + update_url: 'projects/{{project}}/regions/{{region}}/targetHttpProxies/{{name}}/setUrlMap' + update_verb: 'POST' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'RegionUrlMap' + imports: 'selfLink' + - name: 'httpKeepAliveTimeoutSec' + type: Integer + description: | + Specifies how long to keep a connection open, after completing a response, + while there is no matching traffic (in seconds). If an HTTP keepalive is + not specified, a default value (600 seconds) will be used. For Regional + HTTP(S) load balancer, the minimum allowed value is 5 seconds and the + maximum allowed value is 600 seconds. diff --git a/mmv1/products/compute/go_RegionTargetHttpsProxy.yaml b/mmv1/products/compute/go_RegionTargetHttpsProxy.yaml new file mode 100644 index 000000000000..3a56c4fa08eb --- /dev/null +++ b/mmv1/products/compute/go_RegionTargetHttpsProxy.yaml @@ -0,0 +1,231 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'RegionTargetHttpsProxy' +description: | + Represents a RegionTargetHttpsProxy resource, which is used by one or more + forwarding rules to route incoming HTTPS requests to a URL map. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/compute/docs/load-balancing/http/target-proxies' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionTargetHttpsProxies' +docs: +base_url: 'projects/{{project}}/regions/{{region}}/targetHttpsProxies' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +custom_code: + encoder: 'templates/terraform/encoders/go/compute_region_target_https_proxy.go.tmpl' + # update_encoder is usually the same as encoder by default. This resource is an uncommon case where the whole resource + # is marked to be immutable, but we have a field specific update that overrides it (e.g certifiacteManagerCertificates). + # This causes the encoder logic to not be applied during update. + update_encoder: 'templates/terraform/encoders/go/compute_region_target_https_proxy.go.tmpl' + decoder: 'templates/terraform/decoders/go/compute_region_target_https_proxy.go.tmpl' +examples: + - name: 'region_target_https_proxy_basic' + primary_resource_id: 'default' + vars: + region_target_https_proxy_name: 'test-proxy' + region_ssl_certificate_name: 'my-certificate' + region_url_map_name: 'url-map' + region_backend_service_name: 'backend-service' + region_health_check_name: 'http-health-check' + - name: 'region_target_https_proxy_http_keep_alive_timeout' + primary_resource_id: 'default' + vars: + region_target_https_proxy_name: 'test-http-keep-alive-timeout-proxy' + region_ssl_certificate_name: 'my-certificate' + region_url_map_name: 'url-map' + region_backend_service_name: 'backend-service' + region_health_check_name: 'http-health-check' + - name: 'region_target_https_proxy_mtls' + primary_resource_id: 'default' + min_version: 'beta' + vars: + target_https_proxy_name: 'test-mtls-proxy' + ssl_certificate_name: 'my-certificate' + url_map_name: 'url-map' + backend_service_name: 'backend-service' + http_health_check_name: 'http-health-check' + server_tls_policy_name: 'my-tls-policy' + trust_config_name: 'my-trust-config' + - name: 'region_target_https_proxy_certificate_manager_certificate' + primary_resource_id: 'default' + vars: + region_target_https_proxy_name: 'target-http-proxy' + certificate_manager_certificate_name: 'my-certificate' + region_url_map_name: 'url-map' + region_backend_service_name: 'backend-service' +parameters: + - name: 'region' + type: ResourceRef + description: | + The Region in which the created target https proxy should reside. + If it is not provided, the provider region is used. + required: false + immutable: true + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' +properties: + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'description' + type: String + description: 'An optional description of this resource.' + immutable: true + - name: 'proxyId' + type: Integer + description: 'The unique identifier for the resource.' + api_name: id + output: true + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and match + the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the + first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the last + character, which cannot be a dash. + required: true + immutable: true + # This field is present in the schema but as of 2019 Sep 23 attempting to set it fails with + # a 400 "QUIC override is supported only with global TargetHttpsProxy". jamessynge@ said in an + # email sent on 2019 Sep 20 that support for this "is probably far in the future." + # - !ruby/object:Api::Type::Enum + # name: 'quicOverride' + # description: | + # Specifies the QUIC override policy for this resource. This determines + # whether the load balancer will attempt to negotiate QUIC with clients + # or not. Can specify one of NONE, ENABLE, or DISABLE. If NONE is + # specified, uses the QUIC policy with no user overrides, which is + # equivalent to DISABLE. Not specifying this field is equivalent to + # specifying NONE. + # values: + # - :NONE + # - :ENABLE + # - :DISABLE + # update_verb: :POST + # update_url: + # 'projects/{{project}}/regions/{{region}}/targetHttpsProxies/{{name}}/setQuicOverride' + - name: 'certificateManagerCertificates' + type: Array + description: | + URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer. + sslCertificates and certificateManagerCertificates can't be defined together. + Accepted format is `//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName}` or just the self_link `projects/{project}/locations/{location}/certificates/{resourceName}` + update_url: 'projects/{{project}}/regions/{{region}}/targetHttpsProxies/{{name}}/setSslCertificates' + update_verb: 'POST' + conflicts: + - ssl_certificates + diff_suppress_func: 'tpgresource.CompareResourceNames' + custom_expand: 'templates/terraform/custom_expand/go/certificate_manager_certificate_construct_full_url.go.tmpl' + item_type: + type: String + - name: 'sslCertificates' + type: Array + description: | + URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. + At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. + sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED. + update_url: 'projects/{{project}}/regions/{{region}}/targetHttpsProxies/{{name}}/setSslCertificates' + update_verb: 'POST' + conflicts: + - certificate_manager_certificates + custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' + item_type: + name: 'sslCertificate' + type: ResourceRef + description: 'The SSL certificates used by this TargetHttpsProxy' + resource: 'RegionSslCertificate' + imports: 'selfLink' + - name: 'sslPolicy' + type: ResourceRef + description: | + A reference to the Region SslPolicy resource that will be associated with + the TargetHttpsProxy resource. If not set, the TargetHttpsProxy + resource will not have any SSL policy configured. + update_url: 'projects/{{project}}/regions/{{region}}/targetHttpsProxies/{{name}}' + update_verb: 'PATCH' + update_id: 'sslPolicy' + fingerprint_name: 'fingerprint' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'RegionSslPolicy' + imports: 'selfLink' + - name: 'urlMap' + type: ResourceRef + description: | + A reference to the RegionUrlMap resource that defines the mapping from URL + to the RegionBackendService. + required: true + update_url: 'projects/{{project}}/regions/{{region}}/targetHttpsProxies/{{name}}/setUrlMap' + update_verb: 'POST' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'RegionUrlMap' + imports: 'selfLink' + - name: 'httpKeepAliveTimeoutSec' + type: Integer + description: | + Specifies how long to keep a connection open, after completing a response, + while there is no matching traffic (in seconds). If an HTTP keepalive is + not specified, a default value (600 seconds) will be used. For Regioanl + HTTP(S) load balancer, the minimum allowed value is 5 seconds and the + maximum allowed value is 600 seconds. + - name: 'serverTlsPolicy' + type: ResourceRef + description: | + A URL referring to a networksecurity.ServerTlsPolicy + resource that describes how the proxy should authenticate inbound + traffic. serverTlsPolicy only applies to a global TargetHttpsProxy + attached to globalForwardingRules with the loadBalancingScheme + set to INTERNAL_SELF_MANAGED or EXTERNAL or EXTERNAL_MANAGED. + For details which ServerTlsPolicy resources are accepted with + INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED + loadBalancingScheme consult ServerTlsPolicy documentation. + If left blank, communications are not encrypted. + + If you remove this field from your configuration at the same time as + deleting or recreating a referenced ServerTlsPolicy resource, you will + receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy + within the ServerTlsPolicy resource to avoid this. + update_url: 'projects/{{project}}/regions/{{region}}/targetHttpsProxies/{{name}}' + update_verb: 'PATCH' + update_id: 'serverTlsPolicy' + fingerprint_name: 'fingerprint' + resource: 'SslPolicy' + imports: 'selfLink' diff --git a/mmv1/products/compute/go_RegionTargetTcpProxy.yaml b/mmv1/products/compute/go_RegionTargetTcpProxy.yaml new file mode 100644 index 000000000000..66f45937d3fd --- /dev/null +++ b/mmv1/products/compute/go_RegionTargetTcpProxy.yaml @@ -0,0 +1,117 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'RegionTargetTcpProxy' +description: | + Represents a RegionTargetTcpProxy resource, which is used by one or more + forwarding rules to route incoming TCP requests to a regional TCP proxy load + balancer. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/tcp/internal-proxy' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionTargetTcpProxies' +docs: +base_url: 'projects/{{project}}/regions/{{region}}/targetTcpProxies' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +custom_code: +examples: + - name: 'region_target_tcp_proxy_basic' + primary_resource_id: 'default' + vars: + region_target_tcp_proxy_name: 'test-proxy' + region_backend_service_name: 'backend-service' + health_check_name: 'health-check' +parameters: + - name: 'region' + type: ResourceRef + description: | + The Region in which the created target TCP proxy should reside. + If it is not provided, the provider region is used. + required: false + immutable: true + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' +properties: + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'description' + type: String + description: 'An optional description of this resource.' + immutable: true + - name: 'proxyId' + type: Integer + description: 'The unique identifier for the resource.' + api_name: id + output: true + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and match + the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the + first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the last + character, which cannot be a dash. + required: true + immutable: true + - name: 'proxyHeader' + type: Enum + description: | + Specifies the type of proxy header to append before sending data to + the backend. + default_value: "NONE" + enum_values: + - 'NONE' + - 'PROXY_V1' + - name: 'backendService' + type: ResourceRef + description: | + A reference to the BackendService resource. + api_name: service + required: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'RegionBackendService' + imports: 'selfLink' + - name: 'proxyBind' + type: Boolean + description: | + This field only applies when the forwarding rule that references + this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. + default_from_api: true diff --git a/mmv1/products/compute/go_RegionUrlMap.yaml b/mmv1/products/compute/go_RegionUrlMap.yaml new file mode 100644 index 000000000000..401067154ee8 --- /dev/null +++ b/mmv1/products/compute/go_RegionUrlMap.yaml @@ -0,0 +1,2123 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'RegionUrlMap' +kind: 'compute#urlMap' +description: | + UrlMaps are used to route requests to a backend service based on rules + that you define for the host and path of an incoming URL. +docs: +base_url: 'projects/{{project}}/regions/{{region}}/urlMaps' +has_self_link: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: +examples: + - name: 'region_url_map_basic' + primary_resource_id: 'regionurlmap' + vars: + region_url_map_name: 'regionurlmap' + login_region_backend_service_name: 'login' + home_region_backend_service_name: 'home' + region_health_check_name: 'health-check' + - name: 'region_url_map_default_route_action' + primary_resource_id: 'regionurlmap' + vars: + region_url_map_name: 'regionurlmap' + login_region_backend_service_name: 'login' + home_region_backend_service_name: 'home' + region_health_check_name: 'health-check' + - name: 'region_url_map_l7_ilb_path' + primary_resource_id: 'regionurlmap' + vars: + region_url_map_name: 'regionurlmap' + home_region_backend_service_name: 'home' + region_health_check_name: 'health-check' + - name: 'region_url_map_l7_ilb_path_partial' + primary_resource_id: 'regionurlmap' + vars: + region_url_map_name: 'regionurlmap' + home_region_backend_service_name: 'home' + region_health_check_name: 'health-check' + - name: 'region_url_map_l7_ilb_route' + primary_resource_id: 'regionurlmap' + vars: + region_url_map_name: 'regionurlmap' + home_region_backend_service_name: 'home' + region_health_check_name: 'health-check' + - name: 'region_url_map_l7_ilb_route_partial' + primary_resource_id: 'regionurlmap' + vars: + region_url_map_name: 'regionurlmap' + home_region_backend_service_name: 'home' + region_health_check_name: 'health-check' + - name: 'int_https_lb_https_redirect' + primary_resource_id: 'redirect' + min_version: 'beta' + vars: + l7_ilb_network: 'l7-ilb-network' + l7_ilb_proxy_subnet: 'l7-ilb-proxy-subnet' + l7_ilb_subnet: 'l7-ilb-subnet' + l7_ilb_ip: 'l7-ilb-ip' + l7_ilb_forwarding_rule: 'l7-ilb-forwarding-rule' + l7_ilb_target_https_proxy: 'l7-ilb-target-https-proxy' + l7_ilb_regional_url_map: 'l7-ilb-regional-url-map' + l7_ilb_backend_service: 'l7-ilb-backend-service' + l7_ilb_mig_template: 'l7-ilb-mig-template' + l7_ilb_hc: 'l7-ilb-hc' + l7_ilb_mig1: 'l7-ilb-mig1' + l7_ilb_fw_allow_hc: 'l7-ilb-fw-allow-hc' + l7_ilb_fw_allow_ilb_to_backends: 'l7-ilb-fw-allow-ilb-to-backends' + l7_ilb_test_vm: 'l7-ilb-test-vm' + l7_ilb_redirect: 'l7-ilb-redirect' + l7_ilb_target_http_proxy: 'l7-ilb-target-http-proxy' + l7_ilb_redirect_url_map: 'l7-ilb-redirect-url-map' + ignore_read_extra: + - 'target' + - 'ip_address' + exclude_test: true + - name: 'regional_external_http_load_balancer' + primary_resource_id: 'default' + min_version: 'beta' + vars: + lb_network: 'lb-network' + backend_subnet: 'backend-subnet' + proxy_only_subnet: 'proxy-only-subnet' + fw_allow_health_check: 'fw-allow-health-check' + fw_allow_proxies: 'fw-allow-proxies' + l7_xlb_backend_template: 'l7-xlb-backend-template' + l7_xlb_backend_example: 'l7-xlb-backend-example' + address_name: 'address-name' + l7_xlb_basic_check: 'l7-xlb-basic-check' + l7_xlb_backend_service: 'l7-xlb-backend-service' + regional_l7_xlb_map: 'regional-l7-xlb-map' + l7_xlb_proxy: 'l7-xlb-proxy' + l7_xlb_forwarding_rule: 'l7-xlb-forwarding-rule' + # Similar to other samples + exclude_test: true + exclude_docs: true + - name: 'region_url_map_path_template_match' + primary_resource_id: 'urlmap' + vars: + url_map_name: 'urlmap' + home_backend_service_name: 'home-service' + cart_backend_service_name: 'cart-service' + user_backend_service_name: 'user-service' + health_check_name: 'health-check' +parameters: + - name: 'region' + type: ResourceRef + description: | + The Region in which the url map should reside. + If it is not provided, the provider region is used. + required: false + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' +properties: + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'defaultService' + type: ResourceRef + description: | + The full or partial URL of the defaultService resource to which traffic is directed if + none of the hostRules match. If defaultRouteAction is additionally specified, advanced + routing actions like URL Rewrites, etc. take effect prior to sending the request to the + backend. However, if defaultService is specified, defaultRouteAction cannot contain any + weightedBackendServices. Conversely, if routeAction specifies any + weightedBackendServices, service must not be specified. Only one of defaultService, + defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. + exactly_one_of: + - 'default_service' + - 'default_url_redirect' + - 'default_route_action.0.weighted_backend_services' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'RegionBackendService' + imports: 'selfLink' + - name: 'description' + type: String + description: | + An optional description of this resource. Provide this property when + you create the resource. + # 'fingerprint' used internally for object consistency. + - name: 'host_rule' + type: Array + description: 'The list of HostRules to use against the URL.' + api_name: hostRules + is_set: true + item_type: + type: NestedObject + properties: + - name: 'description' + type: String + description: | + An optional description of this HostRule. Provide this property + when you create the resource. + - name: 'hosts' + type: Array + description: | + The list of host patterns to match. They must be valid + hostnames, except * will match any string of ([a-z0-9-.]*). In + that case, * must be the first character and must be followed in + the pattern by either - or .. + is_set: true + required: true + item_type: + type: String + - name: 'pathMatcher' + type: String + description: | + The name of the PathMatcher to use to match the path portion of + the URL if the hostRule matches the URL's host portion. + required: true + - name: 'map_id' + type: Integer + description: 'The unique identifier for the resource.' + api_name: id + output: true + - name: 'fingerprint' + type: Fingerprint + description: | + Fingerprint of this resource. This field is used internally during + updates of this resource. + output: true + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and match + the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the + first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the last + character, which cannot be a dash. + required: true + immutable: true + - name: 'path_matcher' + type: Array + description: 'The list of named PathMatchers to use against the URL.' + api_name: pathMatchers + item_type: + type: NestedObject + properties: + - name: 'defaultService' + type: ResourceRef + description: | + A reference to a RegionBackendService resource. This will be used if + none of the pathRules defined by this PathMatcher is matched by + the URL's path portion. + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + # TODO: (mbang) won't work for array path matchers yet, uncomment here once they are supported. + # (github.com/hashicorp/terraform-plugin-sdk/issues/470) + # TODO: add defaultRouteAction.weightedBackendService here once they are supported. + # exactly_one_of: + # - path_matchers.0.default_service + # - path_matchers.0.default_url_redirect + resource: 'RegionBackendService' + imports: 'selfLink' + - name: 'description' + type: String + description: 'An optional description of this resource.' + - name: 'name' + type: String + description: | + The name to which this PathMatcher is referred by the HostRule. + required: true + - name: 'routeRules' + type: Array + description: | + The list of ordered HTTP route rules. Use this list instead of pathRules when + advanced route matching and routing actions are desired. The order of specifying + routeRules matters: the first rule that matches will cause its specified routing + action to take effect. Within a given pathMatcher, only one of pathRules or + routeRules must be set. routeRules are not supported in UrlMaps intended for + External load balancers. + item_type: + type: NestedObject + properties: + - name: 'priority' + type: Integer + description: | + For routeRules within a given pathMatcher, priority determines the order + in which load balancer will interpret routeRules. RouteRules are evaluated + in order of priority, from the lowest to highest number. The priority of + a rule decreases as its number increases (1, 2, 3, N+1). The first rule + that matches the request is applied. + + You cannot configure two or more routeRules with the same priority. + Priority for each rule must be set to a number between 0 and + 2147483647 inclusive. + + Priority numbers can have gaps, which enable you to add or remove rules + in the future without affecting the rest of the rules. For example, + 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which + you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the + future without any impact on existing rules. + required: true + - name: 'service' + type: ResourceRef + description: | + The region backend service resource to which traffic is + directed if this rule is matched. If routeAction is additionally specified, + advanced routing actions like URL Rewrites, etc. take effect prior to sending + the request to the backend. However, if service is specified, routeAction cannot + contain any weightedBackendService s. Conversely, if routeAction specifies any + weightedBackendServices, service must not be specified. Only one of urlRedirect, + service or routeAction.weightedBackendService must be set. + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'RegionBackendService' + imports: 'selfLink' + - name: 'headerAction' + type: NestedObject + description: | + Specifies changes to request and response headers that need to take effect for + the selected backendService. The headerAction specified here are applied before + the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].r + outeAction.weightedBackendService.backendServiceWeightAction[].headerAction + properties: + - name: 'requestHeadersToAdd' + type: Array + description: | + Headers to add to a matching request prior to forwarding the request to the + backendService. + item_type: + type: NestedObject + properties: + - name: 'headerName' + type: String + description: | + The name of the header. + required: true + - name: 'headerValue' + type: String + description: | + The value of the header to add. + required: true + - name: 'replace' + type: Boolean + description: | + If false, headerValue is appended to any values that already exist for the + header. If true, headerValue is set for the header, discarding any values that + were set for that header. + required: true + - name: 'requestHeadersToRemove' + type: Array + description: | + A list of header names for headers that need to be removed from the request + prior to forwarding the request to the backendService. + item_type: + type: String + - name: 'responseHeadersToAdd' + type: Array + description: | + Headers to add the response prior to sending the response back to the client. + item_type: + type: NestedObject + properties: + - name: 'headerName' + type: String + description: | + The name of the header. + required: true + - name: 'headerValue' + type: String + description: | + The value of the header to add. + required: true + - name: 'replace' + type: Boolean + description: | + If false, headerValue is appended to any values that already exist for the + header. If true, headerValue is set for the header, discarding any values that + were set for that header. + required: true + - name: 'responseHeadersToRemove' + type: Array + description: | + A list of header names for headers that need to be removed from the response + prior to sending the response back to the client. + item_type: + type: String + - name: 'matchRules' + type: Array + description: | + The rules for determining a match. + item_type: + type: NestedObject + properties: + - name: 'fullPathMatch' + type: String + description: | + For satisfying the matchRule condition, the path of the request must exactly + match the value specified in fullPathMatch after removing any query parameters + and anchor that may be part of the original URL. FullPathMatch must be between 1 + and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must + be specified. + - name: 'headerMatches' + type: Array + description: | + Specifies a list of header match criteria, all of which must match corresponding + headers in the request. + item_type: + type: NestedObject + properties: + - name: 'exactMatch' + type: String + description: | + The value should exactly match contents of exactMatch. Only one of exactMatch, + prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. + - name: 'headerName' + type: String + description: | + The name of the HTTP header to match. For matching against the HTTP request's + authority, use a headerMatch with the header name ":authority". For matching a + request's method, use the headerName ":method". + required: true + - name: 'invertMatch' + type: Boolean + description: | + If set to false, the headerMatch is considered a match if the match criteria + above are met. If set to true, the headerMatch is considered a match if the + match criteria above are NOT met. Defaults to false. + default_value: false + - name: 'prefixMatch' + type: String + description: | + The value of the header must start with the contents of prefixMatch. Only one of + exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch + must be set. + - name: 'presentMatch' + type: Boolean + description: | + A header with the contents of headerName must exist. The match takes place + whether or not the request's header has a value or not. Only one of exactMatch, + prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. + - name: 'rangeMatch' + type: NestedObject + description: | + The header value must be an integer and its value must be in the range specified + in rangeMatch. If the header does not contain an integer, number or is empty, + the match fails. For example for a range [-5, 0] + + * -3 will match + * 0 will not match + * 0.25 will not match + * -3someString will not match. + + Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or + rangeMatch must be set. + properties: + - name: 'rangeEnd' + type: Integer + description: | + The end of the range (exclusive). + required: true + - name: 'rangeStart' + type: Integer + description: | + The start of the range (inclusive). + required: true + - name: 'regexMatch' + type: String + description: | + The value of the header must match the regular expression specified in + regexMatch. For regular expression grammar, please see: + en.cppreference.com/w/cpp/regex/ecmascript For matching against a port + specified in the HTTP request, use a headerMatch with headerName set to PORT and + a regular expression that satisfies the RFC2616 Host header's port specifier. + Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or + rangeMatch must be set. + - name: 'suffixMatch' + type: String + description: | + The value of the header must end with the contents of suffixMatch. Only one of + exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch + must be set. + - name: 'ignoreCase' + type: Boolean + description: | + Specifies that prefixMatch and fullPathMatch matches are case sensitive. + Defaults to false. + default_value: false + - name: 'metadataFilters' + type: Array + description: | + Opaque filter criteria used by Loadbalancer to restrict routing configuration to + a limited set xDS compliant clients. In their xDS requests to Loadbalancer, xDS + clients present node metadata. If a match takes place, the relevant routing + configuration is made available to those proxies. For each metadataFilter in + this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the + filterLabels must match the corresponding label provided in the metadata. If its + filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match + with corresponding labels in the provided metadata. metadataFilters specified + here can be overrides those specified in ForwardingRule that refers to this + UrlMap. metadataFilters only applies to Loadbalancers that have their + loadBalancingScheme set to INTERNAL_SELF_MANAGED. + item_type: + type: NestedObject + properties: + - name: 'filterLabels' + type: Array + description: | + The list of label value pairs that must match labels in the provided metadata + based on filterMatchCriteria This list must not be empty and can have at the + most 64 entries. + required: true + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + Name of metadata label. The name can have a maximum length of 1024 characters + and must be at least 1 character long. + required: true + - name: 'value' + type: String + description: | + The value of the label must match the specified value. value can have a maximum + length of 1024 characters. + required: true + min_size: 1 + max_size: 64 + - name: 'filterMatchCriteria' + type: Enum + description: | + Specifies how individual filterLabel matches within the list of filterLabels + contribute towards the overall metadataFilter match. Supported values are: + + * MATCH_ANY: At least one of the filterLabels must have a matching label in the + provided metadata. + * MATCH_ALL: All filterLabels must have matching labels in + the provided metadata. + required: true + enum_values: + - 'MATCH_ALL' + - 'MATCH_ANY' + - name: 'prefixMatch' + type: String + description: | + For satisfying the matchRule condition, the request's path must begin with the + specified prefixMatch. prefixMatch must begin with a /. The value must be + between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or + regexMatch must be specified. + - name: 'queryParameterMatches' + type: Array + description: | + Specifies a list of query parameter match criteria, all of which must match + corresponding query parameters in the request. + item_type: + type: NestedObject + properties: + - name: 'exactMatch' + type: String + description: | + The queryParameterMatch matches if the value of the parameter exactly matches + the contents of exactMatch. Only one of presentMatch, exactMatch and regexMatch + must be set. + - name: 'name' + type: String + description: | + The name of the query parameter to match. The query parameter must exist in the + request, in the absence of which the request match fails. + required: true + - name: 'presentMatch' + type: Boolean + description: | + Specifies that the queryParameterMatch matches if the request contains the query + parameter, irrespective of whether the parameter has a value or not. Only one of + presentMatch, exactMatch and regexMatch must be set. + - name: 'regexMatch' + type: String + description: | + The queryParameterMatch matches if the value of the parameter matches the + regular expression specified by regexMatch. For the regular expression grammar, + please see en.cppreference.com/w/cpp/regex/ecmascript Only one of presentMatch, + exactMatch and regexMatch must be set. + - name: 'regexMatch' + type: String + description: | + For satisfying the matchRule condition, the path of the request must satisfy the + regular expression specified in regexMatch after removing any query parameters + and anchor supplied with the original URL. For regular expression grammar please + see en.cppreference.com/w/cpp/regex/ecmascript Only one of prefixMatch, + fullPathMatch or regexMatch must be specified. + - name: 'pathTemplateMatch' + type: String + description: | + For satisfying the matchRule condition, the path of the request + must match the wildcard pattern specified in pathTemplateMatch + after removing any query parameters and anchor that may be part + of the original URL. + + pathTemplateMatch must be between 1 and 255 characters + (inclusive). The pattern specified by pathTemplateMatch may + have at most 5 wildcard operators and at most 5 variable + captures in total. + - name: 'routeAction' + type: NestedObject + description: | + In response to a matching matchRule, the load balancer performs advanced routing + actions like URL rewrites, header transformations, etc. prior to forwarding the + request to the selected backend. If routeAction specifies any + weightedBackendServices, service must not be set. Conversely if service is set, + routeAction cannot contain any weightedBackendServices. Only one of routeAction + or urlRedirect must be set. + properties: + - name: 'corsPolicy' + type: NestedObject + description: | + The specification for allowing client side cross-origin requests. Please see W3C + Recommendation for Cross Origin Resource Sharing + properties: + - name: 'allowCredentials' + type: Boolean + description: | + In response to a preflight request, setting this to true indicates that the + actual request can include user credentials. This translates to the Access- + Control-Allow-Credentials header. Defaults to false. + default_value: false + - name: 'allowHeaders' + type: Array + description: | + Specifies the content for the Access-Control-Allow-Headers header. + item_type: + type: String + - name: 'allowMethods' + type: Array + description: | + Specifies the content for the Access-Control-Allow-Methods header. + item_type: + type: String + - name: 'allowOriginRegexes' + type: Array + description: | + Specifies the regular expression patterns that match allowed origins. For + regular expression grammar please see en.cppreference.com/w/cpp/regex/ecmascript + An origin is allowed if it matches either allow_origins or allow_origin_regex. + item_type: + type: String + - name: 'allowOrigins' + type: Array + description: | + Specifies the list of origins that will be allowed to do CORS requests. An + origin is allowed if it matches either allow_origins or allow_origin_regex. + item_type: + type: String + - name: 'disabled' + type: Boolean + description: | + If true, specifies the CORS policy is disabled. + which indicates that the CORS policy is in effect. Defaults to false. + default_value: false + - name: 'exposeHeaders' + type: Array + description: | + Specifies the content for the Access-Control-Expose-Headers header. + item_type: + type: String + - name: 'maxAge' + type: Integer + description: | + Specifies how long the results of a preflight request can be cached. This + translates to the content for the Access-Control-Max-Age header. + - name: 'faultInjectionPolicy' + type: NestedObject + description: | + The specification for fault injection introduced into traffic to test the + resiliency of clients to backend service failure. As part of fault injection, + when clients send requests to a backend service, delays can be introduced by + Loadbalancer on a percentage of requests before sending those request to the + backend service. Similarly requests from clients can be aborted by the + Loadbalancer for a percentage of requests. timeout and retry_policy will be + ignored by clients that are configured with a fault_injection_policy. + properties: + - name: 'abort' + type: NestedObject + description: | + The specification for how client requests are aborted as part of fault + injection. + properties: + - name: 'httpStatus' + type: Integer + description: | + The HTTP status code used to abort the request. The value must be between 200 + and 599 inclusive. + - name: 'percentage' + type: Double + description: | + The percentage of traffic (connections/operations/requests) which will be + aborted as part of fault injection. The value must be between 0.0 and 100.0 + inclusive. + - name: 'delay' + type: NestedObject + description: | + The specification for how client requests are delayed as part of fault + injection, before being sent to a backend service. + properties: + - name: 'fixedDelay' + type: NestedObject + description: | + Specifies the value of the fixed delay interval. + properties: + - name: 'nanos' + type: Integer + description: | + Span of time that's a fraction of a second at nanosecond resolution. Durations + less than one second are represented with a 0 `seconds` field and a positive + `nanos` field. Must be from 0 to 999,999,999 inclusive. + - name: 'seconds' + type: String + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 + inclusive. + required: true + - name: 'percentage' + type: Double + description: | + The percentage of traffic (connections/operations/requests) on which delay will + be introduced as part of fault injection. The value must be between 0.0 and + 100.0 inclusive. + - name: 'requestMirrorPolicy' + type: NestedObject + description: | + Specifies the policy on how requests intended for the route's backends are + shadowed to a separate mirrored backend service. Loadbalancer does not wait for + responses from the shadow service. Prior to sending traffic to the shadow + service, the host / authority header is suffixed with -shadow. + properties: + - name: 'backendService' + type: ResourceRef + description: | + The RegionBackendService resource being mirrored to. + required: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'RegionBackendService' + imports: 'selfLink' + - name: 'retryPolicy' + type: NestedObject + description: | + Specifies the retry policy associated with this route. + properties: + - name: 'numRetries' + type: Integer + description: | + Specifies the allowed number retries. This number must be > 0. + required: true + - name: 'perTryTimeout' + type: NestedObject + description: | + Specifies a non-zero timeout per retry attempt. + properties: + - name: 'nanos' + type: Integer + description: | + Span of time that's a fraction of a second at nanosecond resolution. Durations + less than one second are represented with a 0 `seconds` field and a positive + `nanos` field. Must be from 0 to 999,999,999 inclusive. + - name: 'seconds' + type: String + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 + inclusive. + required: true + - name: 'retryConditions' + type: Array + description: | + Specifies one or more conditions when this retry rule applies. Valid values are: + + * 5xx: Loadbalancer will attempt a retry if the backend service responds with + any 5xx response code, or if the backend service does not respond at all, + for example: disconnects, reset, read timeout, connection failure, and refused + streams. + * gateway-error: Similar to 5xx, but only applies to response codes + 502, 503 or 504. + * connect-failure: Loadbalancer will retry on failures + connecting to backend services, for example due to connection timeouts. + * retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. + Currently the only retriable error supported is 409. + * refused-stream: Loadbalancer will retry if the backend service resets the stream with a + REFUSED_STREAM error code. This reset type indicates that it is safe to retry. + * cancelled: Loadbalancer will retry if the gRPC status code in the response + header is set to cancelled + * deadline-exceeded: Loadbalancer will retry if the + gRPC status code in the response header is set to deadline-exceeded + * resource-exhausted: Loadbalancer will retry if the gRPC status code in the response + header is set to resource-exhausted + * unavailable: Loadbalancer will retry if the gRPC status code in + the response header is set to unavailable + item_type: + type: String + - name: 'timeout' + type: NestedObject + description: | + Specifies the timeout for the selected route. Timeout is computed from the time + the request is has been fully processed (i.e. end-of-stream) up until the + response has been completely processed. Timeout includes all retries. If not + specified, the default value is 15 seconds. + properties: + - name: 'nanos' + type: Integer + description: | + Span of time that's a fraction of a second at nanosecond resolution. Durations + less than one second are represented with a 0 `seconds` field and a positive + `nanos` field. Must be from 0 to 999,999,999 inclusive. + - name: 'seconds' + type: String + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 + inclusive. + required: true + - name: 'urlRewrite' + type: NestedObject + description: | + The spec to modify the URL of the request, prior to forwarding the request to + the matched service + properties: + - name: 'hostRewrite' + type: String + description: | + Prior to forwarding the request to the selected service, the request's host + header is replaced with contents of hostRewrite. The value must be between 1 and + 255 characters. + - name: 'pathPrefixRewrite' + type: String + description: | + Prior to forwarding the request to the selected backend service, the matching + portion of the request's path is replaced by pathPrefixRewrite. The value must + be between 1 and 1024 characters. + - name: 'pathTemplateRewrite' + type: String + description: | + Prior to forwarding the request to the selected origin, if the + request matched a pathTemplateMatch, the matching portion of the + request's path is replaced re-written using the pattern specified + by pathTemplateRewrite. + + pathTemplateRewrite must be between 1 and 255 characters + (inclusive), must start with a '/', and must only use variables + captured by the route's pathTemplate matchers. + + pathTemplateRewrite may only be used when all of a route's + MatchRules specify pathTemplate. + + Only one of pathPrefixRewrite and pathTemplateRewrite may be + specified. + - name: 'weightedBackendServices' + type: Array + description: | + A list of weighted backend services to send traffic to when a route match + occurs. The weights determine the fraction of traffic that flows to their + corresponding backend service. If all traffic needs to go to a single backend + service, there must be one weightedBackendService with weight set to a non 0 + number. Once a backendService is identified and before forwarding the request to + the backend service, advanced routing actions like Url rewrites and header + transformations are applied depending on additional settings specified in this + HttpRouteAction. + item_type: + type: NestedObject + properties: + - name: 'backendService' + type: ResourceRef + description: | + The default RegionBackendService resource. Before + forwarding the request to backendService, the loadbalancer applies any relevant + headerActions specified as part of this backendServiceWeight. + required: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'RegionBackendService' + imports: 'selfLink' + - name: 'headerAction' + type: NestedObject + description: | + Specifies changes to request and response headers that need to take effect for + the selected backendService. headerAction specified here take effect before + headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. + properties: + - name: 'requestHeadersToAdd' + type: Array + description: | + Headers to add to a matching request prior to forwarding the request to the + backendService. + item_type: + type: NestedObject + properties: + - name: 'headerName' + type: String + description: | + The name of the header. + required: true + - name: 'headerValue' + type: String + description: | + The value of the header to add. + required: true + - name: 'replace' + type: Boolean + description: | + If false, headerValue is appended to any values that already exist for the + header. If true, headerValue is set for the header, discarding any values that + were set for that header. + required: true + - name: 'requestHeadersToRemove' + type: Array + description: | + A list of header names for headers that need to be removed from the request + prior to forwarding the request to the backendService. + item_type: + type: String + - name: 'responseHeadersToAdd' + type: Array + description: | + Headers to add the response prior to sending the response back to the client. + item_type: + type: NestedObject + properties: + - name: 'headerName' + type: String + description: | + The name of the header. + required: true + - name: 'headerValue' + type: String + description: | + The value of the header to add. + required: true + - name: 'replace' + type: Boolean + description: | + If false, headerValue is appended to any values that already exist for the + header. If true, headerValue is set for the header, discarding any values that + were set for that header. + required: true + - name: 'responseHeadersToRemove' + type: Array + description: | + A list of header names for headers that need to be removed from the response + prior to sending the response back to the client. + item_type: + type: String + - name: 'weight' + type: Integer + description: | + Specifies the fraction of traffic sent to backendService, computed as weight / + (sum of all weightedBackendService weights in routeAction) . The selection of a + backend service is determined only for new traffic. Once a user's request has + been directed to a backendService, subsequent requests will be sent to the same + backendService as determined by the BackendService's session affinity policy. + The value must be between 0 and 1000 + required: true + - name: 'urlRedirect' + type: NestedObject + description: | + When this rule is matched, the request is redirected to a URL specified by + urlRedirect. If urlRedirect is specified, service or routeAction must not be + set. + properties: + - name: 'hostRedirect' + type: String + description: | + The host that will be used in the redirect response instead of the one + that was supplied in the request. The value must be between 1 and 255 + characters. + - name: 'httpsRedirect' + type: Boolean + description: | + If set to true, the URL scheme in the redirected request is set to https. + If set to false, the URL scheme of the redirected request will remain the + same as that of the request. This must only be set for UrlMaps used in + TargetHttpProxys. Setting this true for TargetHttpsProxy is not + permitted. The default is set to false. + default_value: false + - name: 'pathRedirect' + type: String + description: | + The path that will be used in the redirect response instead of the one + that was supplied in the request. pathRedirect cannot be supplied + together with prefixRedirect. Supply one alone or neither. If neither is + supplied, the path of the original request will be used for the redirect. + The value must be between 1 and 1024 characters. + - name: 'prefixRedirect' + type: String + description: | + The prefix that replaces the prefixMatch specified in the + HttpRouteRuleMatch, retaining the remaining portion of the URL before + redirecting the request. prefixRedirect cannot be supplied together with + pathRedirect. Supply one alone or neither. If neither is supplied, the + path of the original request will be used for the redirect. The value + must be between 1 and 1024 characters. + - name: 'redirectResponseCode' + type: Enum + description: | + The HTTP Status code to use for this RedirectAction. Supported values are: + + * MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. + + * FOUND, which corresponds to 302. + + * SEE_OTHER which corresponds to 303. + + * TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method + will be retained. + + * PERMANENT_REDIRECT, which corresponds to 308. In this case, + the request method will be retained. + enum_values: + - 'FOUND' + - 'MOVED_PERMANENTLY_DEFAULT' + - 'PERMANENT_REDIRECT' + - 'SEE_OTHER' + - 'TEMPORARY_REDIRECT' + exclude_docs_values: true + - name: 'stripQuery' + type: Boolean + description: | + If set to true, any accompanying query portion of the original URL is + removed prior to redirecting the request. If set to false, the query + portion of the original URL is retained. The default value is false. + default_value: false + - name: 'pathRule' + type: Array + description: | + The list of path rules. Use this list instead of routeRules when routing based + on simple path matching is all that's required. The order by which path rules + are specified does not matter. Matches are always done on the longest-path-first + basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* + irrespective of the order in which those paths appear in this list. Within a + given pathMatcher, only one of pathRules or routeRules must be set. + api_name: pathRules + item_type: + type: NestedObject + properties: + - name: 'service' + type: ResourceRef + description: | + The region backend service resource to which traffic is + directed if this rule is matched. If routeAction is additionally specified, + advanced routing actions like URL Rewrites, etc. take effect prior to sending + the request to the backend. However, if service is specified, routeAction cannot + contain any weightedBackendService s. Conversely, if routeAction specifies any + weightedBackendServices, service must not be specified. Only one of urlRedirect, + service or routeAction.weightedBackendService must be set. + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'RegionBackendService' + imports: 'selfLink' + - name: 'paths' + type: Array + description: | + The list of path patterns to match. Each must start with / and the only place a + \* is allowed is at the end following a /. The string fed to the path matcher + does not include any text after the first ? or #, and those chars are not + allowed here. + is_set: true + required: true + item_type: + type: String + - name: 'routeAction' + type: NestedObject + description: | + In response to a matching path, the load balancer performs advanced routing + actions like URL rewrites, header transformations, etc. prior to forwarding the + request to the selected backend. If routeAction specifies any + weightedBackendServices, service must not be set. Conversely if service is set, + routeAction cannot contain any weightedBackendServices. Only one of routeAction + or urlRedirect must be set. + properties: + - name: 'corsPolicy' + type: NestedObject + description: | + The specification for allowing client side cross-origin requests. Please see W3C + Recommendation for Cross Origin Resource Sharing + properties: + - name: 'allowCredentials' + type: Boolean + description: | + In response to a preflight request, setting this to true indicates that the + actual request can include user credentials. This translates to the Access- + Control-Allow-Credentials header. Defaults to false. + default_value: false + - name: 'allowHeaders' + type: Array + description: | + Specifies the content for the Access-Control-Allow-Headers header. + item_type: + type: String + - name: 'allowMethods' + type: Array + description: | + Specifies the content for the Access-Control-Allow-Methods header. + item_type: + type: String + - name: 'allowOriginRegexes' + type: Array + description: | + Specifies the regular expression patterns that match allowed origins. For + regular expression grammar please see en.cppreference.com/w/cpp/regex/ecmascript + An origin is allowed if it matches either allow_origins or allow_origin_regex. + item_type: + type: String + - name: 'allowOrigins' + type: Array + description: | + Specifies the list of origins that will be allowed to do CORS requests. An + origin is allowed if it matches either allow_origins or allow_origin_regex. + item_type: + type: String + - name: 'disabled' + type: Boolean + description: | + If true, specifies the CORS policy is disabled. + required: true + - name: 'exposeHeaders' + type: Array + description: | + Specifies the content for the Access-Control-Expose-Headers header. + item_type: + type: String + - name: 'maxAge' + type: Integer + description: | + Specifies how long the results of a preflight request can be cached. This + translates to the content for the Access-Control-Max-Age header. + - name: 'faultInjectionPolicy' + type: NestedObject + description: | + The specification for fault injection introduced into traffic to test the + resiliency of clients to backend service failure. As part of fault injection, + when clients send requests to a backend service, delays can be introduced by + Loadbalancer on a percentage of requests before sending those request to the + backend service. Similarly requests from clients can be aborted by the + Loadbalancer for a percentage of requests. timeout and retry_policy will be + ignored by clients that are configured with a fault_injection_policy. + properties: + - name: 'abort' + type: NestedObject + description: | + The specification for how client requests are aborted as part of fault + injection. + properties: + - name: 'httpStatus' + type: Integer + description: | + The HTTP status code used to abort the request. The value must be between 200 + and 599 inclusive. + required: true + - name: 'percentage' + type: Double + description: | + The percentage of traffic (connections/operations/requests) which will be + aborted as part of fault injection. The value must be between 0.0 and 100.0 + inclusive. + required: true + - name: 'delay' + type: NestedObject + description: | + The specification for how client requests are delayed as part of fault + injection, before being sent to a backend service. + properties: + - name: 'fixedDelay' + type: NestedObject + description: | + Specifies the value of the fixed delay interval. + required: true + properties: + - name: 'nanos' + type: Integer + description: | + Span of time that's a fraction of a second at nanosecond resolution. Durations + less than one second are represented with a 0 `seconds` field and a positive + `nanos` field. Must be from 0 to 999,999,999 inclusive. + - name: 'seconds' + type: String + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 + inclusive. + required: true + - name: 'percentage' + type: Double + description: | + The percentage of traffic (connections/operations/requests) on which delay will + be introduced as part of fault injection. The value must be between 0.0 and + 100.0 inclusive. + required: true + - name: 'requestMirrorPolicy' + type: NestedObject + description: | + Specifies the policy on how requests intended for the route's backends are + shadowed to a separate mirrored backend service. Loadbalancer does not wait for + responses from the shadow service. Prior to sending traffic to the shadow + service, the host / authority header is suffixed with -shadow. + properties: + - name: 'backendService' + type: ResourceRef + description: | + The RegionBackendService resource being mirrored to. + required: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'RegionBackendService' + imports: 'selfLink' + - name: 'retryPolicy' + type: NestedObject + description: | + Specifies the retry policy associated with this route. + properties: + - name: 'numRetries' + type: Integer + description: | + Specifies the allowed number retries. This number must be > 0. + - name: 'perTryTimeout' + type: NestedObject + description: | + Specifies a non-zero timeout per retry attempt. + properties: + - name: 'nanos' + type: Integer + description: | + Span of time that's a fraction of a second at nanosecond resolution. Durations + less than one second are represented with a 0 `seconds` field and a positive + `nanos` field. Must be from 0 to 999,999,999 inclusive. + - name: 'seconds' + type: String + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 + inclusive. + required: true + - name: 'retryConditions' + type: Array + description: | + Specifies one or more conditions when this retry rule applies. Valid values are: + + - 5xx: Loadbalancer will attempt a retry if the backend service responds with + any 5xx response code, or if the backend service does not respond at all, + for example: disconnects, reset, read timeout, connection failure, and refused + streams. + - gateway-error: Similar to 5xx, but only applies to response codes + 502, 503 or 504. + - connect-failure: Loadbalancer will retry on failures + connecting to backend services, for example due to connection timeouts. + - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. + Currently the only retriable error supported is 409. + - refused-stream: Loadbalancer will retry if the backend service resets the stream with a + REFUSED_STREAM error code. This reset type indicates that it is safe to retry. + - cancelled: Loadbalancer will retry if the gRPC status code in the response + header is set to cancelled + - deadline-exceeded: Loadbalancer will retry if the + gRPC status code in the response header is set to deadline-exceeded + - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response + header is set to resource-exhausted + - unavailable: Loadbalancer will retry if + the gRPC status code in the response header is set to unavailable + item_type: + type: String + - name: 'timeout' + type: NestedObject + description: | + Specifies the timeout for the selected route. Timeout is computed from the time + the request is has been fully processed (i.e. end-of-stream) up until the + response has been completely processed. Timeout includes all retries. If not + specified, the default value is 15 seconds. + properties: + - name: 'nanos' + type: Integer + description: | + Span of time that's a fraction of a second at nanosecond resolution. Durations + less than one second are represented with a 0 `seconds` field and a positive + `nanos` field. Must be from 0 to 999,999,999 inclusive. + - name: 'seconds' + type: String + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 + inclusive. + required: true + - name: 'urlRewrite' + type: NestedObject + description: | + The spec to modify the URL of the request, prior to forwarding the request to + the matched service + properties: + - name: 'hostRewrite' + type: String + description: | + Prior to forwarding the request to the selected service, the request's host + header is replaced with contents of hostRewrite. The value must be between 1 and + 255 characters. + - name: 'pathPrefixRewrite' + type: String + description: | + Prior to forwarding the request to the selected backend service, the matching + portion of the request's path is replaced by pathPrefixRewrite. The value must + be between 1 and 1024 characters. + - name: 'weightedBackendServices' + type: Array + description: | + A list of weighted backend services to send traffic to when a route match + occurs. The weights determine the fraction of traffic that flows to their + corresponding backend service. If all traffic needs to go to a single backend + service, there must be one weightedBackendService with weight set to a non 0 + number. Once a backendService is identified and before forwarding the request to + the backend service, advanced routing actions like Url rewrites and header + transformations are applied depending on additional settings specified in this + HttpRouteAction. + item_type: + type: NestedObject + properties: + - name: 'backendService' + type: ResourceRef + description: | + The default RegionBackendService resource. Before + forwarding the request to backendService, the loadbalancer applies any relevant + headerActions specified as part of this backendServiceWeight. + required: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'RegionBackendService' + imports: 'selfLink' + - name: 'headerAction' + type: NestedObject + description: | + Specifies changes to request and response headers that need to take effect for + the selected backendService. headerAction specified here take effect before + headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. + properties: + - name: 'requestHeadersToAdd' + type: Array + description: | + Headers to add to a matching request prior to forwarding the request to the + backendService. + item_type: + type: NestedObject + properties: + - name: 'headerName' + type: String + description: | + The name of the header. + required: true + - name: 'headerValue' + type: String + description: | + The value of the header to add. + required: true + - name: 'replace' + type: Boolean + description: | + If false, headerValue is appended to any values that already exist for the + header. If true, headerValue is set for the header, discarding any values that + were set for that header. + required: true + - name: 'requestHeadersToRemove' + type: Array + description: | + A list of header names for headers that need to be removed from the request + prior to forwarding the request to the backendService. + item_type: + type: String + - name: 'responseHeadersToAdd' + type: Array + description: | + Headers to add the response prior to sending the response back to the client. + item_type: + type: NestedObject + properties: + - name: 'headerName' + type: String + description: | + The name of the header. + required: true + - name: 'headerValue' + type: String + description: | + The value of the header to add. + required: true + - name: 'replace' + type: Boolean + description: | + If false, headerValue is appended to any values that already exist for the + header. If true, headerValue is set for the header, discarding any values that + were set for that header. + required: true + - name: 'responseHeadersToRemove' + type: Array + description: | + A list of header names for headers that need to be removed from the response + prior to sending the response back to the client. + item_type: + type: String + - name: 'weight' + type: Integer + description: | + Specifies the fraction of traffic sent to backendService, computed as weight / + (sum of all weightedBackendService weights in routeAction) . The selection of a + backend service is determined only for new traffic. Once a user's request has + been directed to a backendService, subsequent requests will be sent to the same + backendService as determined by the BackendService's session affinity policy. + The value must be between 0 and 1000 + required: true + - name: 'urlRedirect' + type: NestedObject + description: | + When a path pattern is matched, the request is redirected to a URL specified + by urlRedirect. If urlRedirect is specified, service or routeAction must not + be set. + properties: + - name: 'hostRedirect' + type: String + description: | + The host that will be used in the redirect response instead of the one + that was supplied in the request. The value must be between 1 and 255 + characters. + - name: 'httpsRedirect' + type: Boolean + description: | + If set to true, the URL scheme in the redirected request is set to https. + If set to false, the URL scheme of the redirected request will remain the + same as that of the request. This must only be set for UrlMaps used in + TargetHttpProxys. Setting this true for TargetHttpsProxy is not + permitted. The default is set to false. + default_value: false + - name: 'pathRedirect' + type: String + description: | + The path that will be used in the redirect response instead of the one + that was supplied in the request. pathRedirect cannot be supplied + together with prefixRedirect. Supply one alone or neither. If neither is + supplied, the path of the original request will be used for the redirect. + The value must be between 1 and 1024 characters. + - name: 'prefixRedirect' + type: String + description: | + The prefix that replaces the prefixMatch specified in the + HttpRouteRuleMatch, retaining the remaining portion of the URL before + redirecting the request. prefixRedirect cannot be supplied together with + pathRedirect. Supply one alone or neither. If neither is supplied, the + path of the original request will be used for the redirect. The value + must be between 1 and 1024 characters. + - name: 'redirectResponseCode' + type: Enum + description: | + The HTTP Status code to use for this RedirectAction. Supported values are: + + * MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. + + * FOUND, which corresponds to 302. + + * SEE_OTHER which corresponds to 303. + + * TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method + will be retained. + + * PERMANENT_REDIRECT, which corresponds to 308. In this case, + the request method will be retained. + enum_values: + - 'FOUND' + - 'MOVED_PERMANENTLY_DEFAULT' + - 'PERMANENT_REDIRECT' + - 'SEE_OTHER' + - 'TEMPORARY_REDIRECT' + exclude_docs_values: true + - name: 'stripQuery' + type: Boolean + description: | + If set to true, any accompanying query portion of the original URL is removed + prior to redirecting the request. If set to false, the query portion of the + original URL is retained. + This field is required to ensure an empty block is not set. The normal default value is false. + required: true + - name: 'defaultUrlRedirect' + type: NestedObject + # TODO: (mbang) won't work for array path matchers yet, uncomment here once they are supported. + # (github.com/hashicorp/terraform-plugin-sdk/issues/470) + # TODO: add defaultRouteAction.weightedBackendService here once they are supported. + # exactly_one_of: + # - path_matchers.0.default_service + # - path_matchers.0.default_url_redirect + description: | + When none of the specified hostRules match, the request is redirected to a URL specified + by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or + defaultRouteAction must not be set. + properties: + - name: 'hostRedirect' + type: String + description: | + The host that will be used in the redirect response instead of the one that was + supplied in the request. The value must be between 1 and 255 characters. + - name: 'httpsRedirect' + type: Boolean + description: | + If set to true, the URL scheme in the redirected request is set to https. If set to + false, the URL scheme of the redirected request will remain the same as that of the + request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this + true for TargetHttpsProxy is not permitted. The default is set to false. + default_value: false + - name: 'pathRedirect' + type: String + description: | + The path that will be used in the redirect response instead of the one that was + supplied in the request. pathRedirect cannot be supplied together with + prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the + original request will be used for the redirect. The value must be between 1 and 1024 + characters. + - name: 'prefixRedirect' + type: String + description: | + The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, + retaining the remaining portion of the URL before redirecting the request. + prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or + neither. If neither is supplied, the path of the original request will be used for + the redirect. The value must be between 1 and 1024 characters. + - name: 'redirectResponseCode' + type: Enum + description: | + The HTTP Status code to use for this RedirectAction. Supported values are: + + * MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. + + * FOUND, which corresponds to 302. + + * SEE_OTHER which corresponds to 303. + + * TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method + will be retained. + + * PERMANENT_REDIRECT, which corresponds to 308. In this case, + the request method will be retained. + enum_values: + - 'FOUND' + - 'MOVED_PERMANENTLY_DEFAULT' + - 'PERMANENT_REDIRECT' + - 'SEE_OTHER' + - 'TEMPORARY_REDIRECT' + exclude_docs_values: true + - name: 'stripQuery' + type: Boolean + description: | + If set to true, any accompanying query portion of the original URL is removed prior + to redirecting the request. If set to false, the query portion of the original URL is + retained. + This field is required to ensure an empty block is not set. The normal default value is false. + required: true + - name: 'test' + type: Array + description: | + The list of expected URL mappings. Requests to update this UrlMap will + succeed only if all of the test cases pass. + api_name: tests + item_type: + type: NestedObject + properties: + - name: 'description' + type: String + description: 'Description of this test case.' + - name: 'host' + type: String + description: 'Host portion of the URL.' + required: true + - name: 'path' + type: String + description: 'Path portion of the URL.' + required: true + - name: 'service' + type: ResourceRef + description: + A reference to expected RegionBackendService resource the given URL + should be mapped to. + required: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'RegionBackendService' + imports: 'selfLink' + - name: 'defaultUrlRedirect' + type: NestedObject + description: | + When none of the specified hostRules match, the request is redirected to a URL specified + by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or + defaultRouteAction must not be set. + conflicts: + - default_route_action + exactly_one_of: + - 'default_service' + - 'default_url_redirect' + - 'default_route_action.0.weighted_backend_services' + properties: + - name: 'hostRedirect' + type: String + description: | + The host that will be used in the redirect response instead of the one that was + supplied in the request. The value must be between 1 and 255 characters. + - name: 'httpsRedirect' + type: Boolean + description: | + If set to true, the URL scheme in the redirected request is set to https. If set to + false, the URL scheme of the redirected request will remain the same as that of the + request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this + true for TargetHttpsProxy is not permitted. The default is set to false. + default_value: false + - name: 'pathRedirect' + type: String + description: | + The path that will be used in the redirect response instead of the one that was + supplied in the request. pathRedirect cannot be supplied together with + prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the + original request will be used for the redirect. The value must be between 1 and 1024 + characters. + - name: 'prefixRedirect' + type: String + description: | + The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, + retaining the remaining portion of the URL before redirecting the request. + prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or + neither. If neither is supplied, the path of the original request will be used for + the redirect. The value must be between 1 and 1024 characters. + - name: 'redirectResponseCode' + type: Enum + description: | + The HTTP Status code to use for this RedirectAction. Supported values are: + + * MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. + + * FOUND, which corresponds to 302. + + * SEE_OTHER which corresponds to 303. + + * TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method + will be retained. + + * PERMANENT_REDIRECT, which corresponds to 308. In this case, + the request method will be retained. + enum_values: + - 'FOUND' + - 'MOVED_PERMANENTLY_DEFAULT' + - 'PERMANENT_REDIRECT' + - 'SEE_OTHER' + - 'TEMPORARY_REDIRECT' + exclude_docs_values: true + - name: 'stripQuery' + type: Boolean + description: | + If set to true, any accompanying query portion of the original URL is removed prior + to redirecting the request. If set to false, the query portion of the original URL is + retained. + This field is required to ensure an empty block is not set. The normal default value is false. + required: true + - name: 'defaultRouteAction' + type: NestedObject + description: | + defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions, such as URL rewrites and header transformations, before forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. + Only one of defaultRouteAction or defaultUrlRedirect must be set. + URL maps for Classic external HTTP(S) load balancers only support the urlRewrite action within defaultRouteAction. + defaultRouteAction has no effect when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true. + conflicts: + - default_url_redirect + properties: + - name: 'weightedBackendServices' + type: Array + description: | + A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. + After a backend service is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction. + at_least_one_of: + - 'default_route_action.0.weighted_backend_services' + - 'default_route_action.0.url_rewrite' + - 'default_route_action.0.timeout' + - 'default_route_action.0.retry_policy' + - 'default_route_action.0.request_mirror_policy' + - 'default_route_action.0.cors_policy' + - 'default_route_action.0.fault_injection_policy' + exactly_one_of: + - 'default_service' + - 'default_url_redirect' + - 'default_route_action.0.weighted_backend_services' + item_type: + type: NestedObject + properties: + - name: 'backendService' + type: ResourceRef + description: | + The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the load balancer applies any relevant headerActions specified as part of this backendServiceWeight. + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'RegionBackendService' + imports: 'selfLink' + - name: 'weight' + type: Integer + description: | + Specifies the fraction of traffic sent to a backend service, computed as weight / (sum of all weightedBackendService weights in routeAction) . + The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backend service, subsequent requests are sent to the same backend service as determined by the backend service's session affinity policy. + The value must be from 0 to 1000. + validation: + function: 'validation.IntBetween(0, 1000)' + - name: 'headerAction' + type: NestedObject + description: | + Specifies changes to request and response headers that need to take effect for the selected backendService. + headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. + headerAction is not supported for load balancers that have their loadBalancingScheme set to EXTERNAL. + Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true. + properties: + - name: 'requestHeadersToRemove' + type: Array + description: | + A list of header names for headers that need to be removed from the request before forwarding the request to the backendService. + item_type: + type: String + - name: 'requestHeadersToAdd' + type: Array + description: | + Headers to add to a matching request before forwarding the request to the backendService. + item_type: + type: NestedObject + properties: + - name: 'headerName' + type: String + description: 'The name of the header.' + - name: 'headerValue' + type: String + description: 'The value of the header to add.' + - name: 'replace' + type: Boolean + description: | + If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. + The default value is false. + default_value: false + - name: 'responseHeadersToRemove' + type: Array + description: | + A list of header names for headers that need to be removed from the response before sending the response back to the client. + item_type: + type: String + - name: 'responseHeadersToAdd' + type: Array + description: | + Headers to add the response before sending the response back to the client. + item_type: + type: NestedObject + properties: + - name: 'headerName' + type: String + description: 'The name of the header.' + - name: 'headerValue' + type: String + description: 'The value of the header to add.' + - name: 'replace' + type: Boolean + description: | + If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. + The default value is false. + default_value: false + - name: 'urlRewrite' + type: NestedObject + description: | + The spec to modify the URL of the request, before forwarding the request to the matched service. + urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. + Not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true. + at_least_one_of: + - 'default_route_action.0.weighted_backend_services' + - 'default_route_action.0.url_rewrite' + - 'default_route_action.0.timeout' + - 'default_route_action.0.retry_policy' + - 'default_route_action.0.request_mirror_policy' + - 'default_route_action.0.cors_policy' + - 'default_route_action.0.fault_injection_policy' + properties: + - name: 'pathPrefixRewrite' + type: String + description: | + Before forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. + The value must be from 1 to 1024 characters. + at_least_one_of: + - 'default_route_action.0.url_rewrite.0.path_prefix_rewrite' + - 'default_route_action.0.url_rewrite.0.host_rewrite' + validation: + function: 'validation.StringLenBetween(1, 1024)' + - name: 'hostRewrite' + type: String + description: | + Before forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. + The value must be from 1 to 255 characters. + at_least_one_of: + - 'default_route_action.0.url_rewrite.0.path_prefix_rewrite' + - 'default_route_action.0.url_rewrite.0.host_rewrite' + validation: + function: 'validation.StringLenBetween(1, 255)' + - name: 'timeout' + type: NestedObject + description: | + Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (known as end-of-stream) up until the response has been processed. Timeout includes all retries. + If not specified, this field uses the largest timeout among all backend services associated with the route. + Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true. + at_least_one_of: + - 'default_route_action.0.weighted_backend_services' + - 'default_route_action.0.url_rewrite' + - 'default_route_action.0.timeout' + - 'default_route_action.0.retry_policy' + - 'default_route_action.0.request_mirror_policy' + - 'default_route_action.0.cors_policy' + - 'default_route_action.0.fault_injection_policy' + properties: + - name: 'seconds' + type: String + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years + at_least_one_of: + - 'default_route_action.0.timeout.0.seconds' + - 'default_route_action.0.timeout.0.nanos' + - name: 'nanos' + type: Integer + description: | + Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. + at_least_one_of: + - 'default_route_action.0.timeout.0.seconds' + - 'default_route_action.0.timeout.0.nanos' + validation: + function: 'validation.IntBetween(0, 999999999)' + - name: 'retryPolicy' + type: NestedObject + description: | + Specifies the retry policy associated with this route. + at_least_one_of: + - 'default_route_action.0.weighted_backend_services' + - 'default_route_action.0.url_rewrite' + - 'default_route_action.0.timeout' + - 'default_route_action.0.retry_policy' + - 'default_route_action.0.request_mirror_policy' + - 'default_route_action.0.cors_policy' + - 'default_route_action.0.fault_injection_policy' + properties: + - name: 'retryConditions' + type: Array + description: | + Specifies one or more conditions when this retry policy applies. + Valid values are listed below. Only the following codes are supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true: cancelled, deadline-exceeded, internal, resource-exhausted, unavailable. + - 5xx : retry is attempted if the instance or endpoint responds with any 5xx response code, or if the instance or endpoint does not respond at all. For example, disconnects, reset, read timeout, connection failure, and refused streams. + - gateway-error : Similar to 5xx, but only applies to response codes 502, 503 or 504. + - connect-failure : a retry is attempted on failures connecting to the instance or endpoint. For example, connection timeouts. + - retriable-4xx : a retry is attempted if the instance or endpoint responds with a 4xx response code. The only error that you can retry is error code 409. + - refused-stream : a retry is attempted if the instance or endpoint resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. + - cancelled : a retry is attempted if the gRPC status code in the response header is set to cancelled. + - deadline-exceeded : a retry is attempted if the gRPC status code in the response header is set to deadline-exceeded. + - internal : a retry is attempted if the gRPC status code in the response header is set to internal. + - resource-exhausted : a retry is attempted if the gRPC status code in the response header is set to resource-exhausted. + - unavailable : a retry is attempted if the gRPC status code in the response header is set to unavailable. + at_least_one_of: + - 'default_route_action.0.retry_policy.0.retry_conditions' + - 'default_route_action.0.retry_policy.0.num_retries' + - 'default_route_action.0.retry_policy.0.per_try_timeout' + item_type: + type: String + - name: 'numRetries' + type: Integer + description: | + Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1. + at_least_one_of: + - 'default_route_action.0.retry_policy.0.retry_conditions' + - 'default_route_action.0.retry_policy.0.num_retries' + - 'default_route_action.0.retry_policy.0.per_try_timeout' + validation: + function: 'validation.IntAtLeast(1)' + default_value: 1 + - name: 'perTryTimeout' + type: NestedObject + description: | + Specifies a non-zero timeout per retry attempt. + + If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, + will use the largest timeout among all backend services associated with the route. + at_least_one_of: + - 'default_route_action.0.retry_policy.0.retry_conditions' + - 'default_route_action.0.retry_policy.0.num_retries' + - 'default_route_action.0.retry_policy.0.per_try_timeout' + properties: + - name: 'seconds' + type: String + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. + Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years + at_least_one_of: + - 'default_route_action.0.retry_policy.0.per_try_timeout.0.seconds' + - 'default_route_action.0.retry_policy.0.per_try_timeout.0.nanos' + - name: 'nanos' + type: Integer + description: | + Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are + represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. + at_least_one_of: + - 'default_route_action.0.retry_policy.0.per_try_timeout.0.seconds' + - 'default_route_action.0.retry_policy.0.per_try_timeout.0.nanos' + validation: + function: 'validation.IntBetween(0, 999999999)' + - name: 'requestMirrorPolicy' + type: NestedObject + description: | + Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. + The load balancer does not wait for responses from the shadow service. Before sending traffic to the shadow service, the host / authority header is suffixed with -shadow. + Not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true. + at_least_one_of: + - 'default_route_action.0.weighted_backend_services' + - 'default_route_action.0.url_rewrite' + - 'default_route_action.0.timeout' + - 'default_route_action.0.retry_policy' + - 'default_route_action.0.request_mirror_policy' + - 'default_route_action.0.cors_policy' + - 'default_route_action.0.fault_injection_policy' + properties: + - name: 'backendService' + type: ResourceRef + description: | + The full or partial URL to the RegionBackendService resource being mirrored to. + The backend service configured for a mirroring policy must reference backends that are of the same type as the original backend service matched in the URL map. + Serverless NEG backends are not currently supported as a mirrored backend service. + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'RegionBackendService' + imports: 'selfLink' + - name: 'corsPolicy' + type: NestedObject + description: | + The specification for allowing client side cross-origin requests. Please see + [W3C Recommendation for Cross Origin Resource Sharing](https://www.w3.org/TR/cors/) + at_least_one_of: + - 'default_route_action.0.weighted_backend_services' + - 'default_route_action.0.url_rewrite' + - 'default_route_action.0.timeout' + - 'default_route_action.0.retry_policy' + - 'default_route_action.0.request_mirror_policy' + - 'default_route_action.0.cors_policy' + - 'default_route_action.0.fault_injection_policy' + properties: + - name: 'allowOrigins' + type: Array + description: | + Specifies the list of origins that will be allowed to do CORS requests. + An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. + at_least_one_of: + - 'default_route_action.0.cors_policy.0.allow_origins' + - 'default_route_action.0.cors_policy.0.allow_origin_regexes' + - 'default_route_action.0.cors_policy.0.allow_methods' + - 'default_route_action.0.cors_policy.0.allow_headers' + - 'default_route_action.0.cors_policy.0.expose_headers' + - 'default_route_action.0.cors_policy.0.max_age' + - 'default_route_action.0.cors_policy.0.allow_credentials' + - 'default_route_action.0.cors_policy.0.disabled' + item_type: + type: String + - name: 'allowOriginRegexes' + type: Array + description: | + Specifies the regualar expression patterns that match allowed origins. For regular expression grammar + please see en.cppreference.com/w/cpp/regex/ecmascript + An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. + at_least_one_of: + - 'default_route_action.0.cors_policy.0.allow_origins' + - 'default_route_action.0.cors_policy.0.allow_origin_regexes' + - 'default_route_action.0.cors_policy.0.allow_methods' + - 'default_route_action.0.cors_policy.0.allow_headers' + - 'default_route_action.0.cors_policy.0.expose_headers' + - 'default_route_action.0.cors_policy.0.max_age' + - 'default_route_action.0.cors_policy.0.allow_credentials' + - 'default_route_action.0.cors_policy.0.disabled' + item_type: + type: String + - name: 'allowMethods' + type: Array + description: | + Specifies the content for the Access-Control-Allow-Methods header. + at_least_one_of: + - 'default_route_action.0.cors_policy.0.allow_origins' + - 'default_route_action.0.cors_policy.0.allow_origin_regexes' + - 'default_route_action.0.cors_policy.0.allow_methods' + - 'default_route_action.0.cors_policy.0.allow_headers' + - 'default_route_action.0.cors_policy.0.expose_headers' + - 'default_route_action.0.cors_policy.0.max_age' + - 'default_route_action.0.cors_policy.0.allow_credentials' + - 'default_route_action.0.cors_policy.0.disabled' + item_type: + type: String + - name: 'allowHeaders' + type: Array + description: | + Specifies the content for the Access-Control-Allow-Headers header. + at_least_one_of: + - 'default_route_action.0.cors_policy.0.allow_origins' + - 'default_route_action.0.cors_policy.0.allow_origin_regexes' + - 'default_route_action.0.cors_policy.0.allow_methods' + - 'default_route_action.0.cors_policy.0.allow_headers' + - 'default_route_action.0.cors_policy.0.expose_headers' + - 'default_route_action.0.cors_policy.0.max_age' + - 'default_route_action.0.cors_policy.0.allow_credentials' + - 'default_route_action.0.cors_policy.0.disabled' + item_type: + type: String + - name: 'exposeHeaders' + type: Array + description: | + Specifies the content for the Access-Control-Expose-Headers header. + at_least_one_of: + - 'default_route_action.0.cors_policy.0.allow_origins' + - 'default_route_action.0.cors_policy.0.allow_origin_regexes' + - 'default_route_action.0.cors_policy.0.allow_methods' + - 'default_route_action.0.cors_policy.0.allow_headers' + - 'default_route_action.0.cors_policy.0.expose_headers' + - 'default_route_action.0.cors_policy.0.max_age' + - 'default_route_action.0.cors_policy.0.allow_credentials' + - 'default_route_action.0.cors_policy.0.disabled' + item_type: + type: String + - name: 'maxAge' + type: Integer + description: | + Specifies how long results of a preflight request can be cached in seconds. + This translates to the Access-Control-Max-Age header. + at_least_one_of: + - 'default_route_action.0.cors_policy.0.allow_origins' + - 'default_route_action.0.cors_policy.0.allow_origin_regexes' + - 'default_route_action.0.cors_policy.0.allow_methods' + - 'default_route_action.0.cors_policy.0.allow_headers' + - 'default_route_action.0.cors_policy.0.expose_headers' + - 'default_route_action.0.cors_policy.0.max_age' + - 'default_route_action.0.cors_policy.0.allow_credentials' + - 'default_route_action.0.cors_policy.0.disabled' + - name: 'allowCredentials' + type: Boolean + description: | + In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This field translates to the Access-Control-Allow-Credentials header. + Default is false. + at_least_one_of: + - 'default_route_action.0.cors_policy.0.allow_origins' + - 'default_route_action.0.cors_policy.0.allow_origin_regexes' + - 'default_route_action.0.cors_policy.0.allow_methods' + - 'default_route_action.0.cors_policy.0.allow_headers' + - 'default_route_action.0.cors_policy.0.expose_headers' + - 'default_route_action.0.cors_policy.0.max_age' + - 'default_route_action.0.cors_policy.0.allow_credentials' + - 'default_route_action.0.cors_policy.0.disabled' + default_value: false + - name: 'disabled' + type: Boolean + description: | + If true, the setting specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect. + at_least_one_of: + - 'default_route_action.0.cors_policy.0.allow_origins' + - 'default_route_action.0.cors_policy.0.allow_origin_regexes' + - 'default_route_action.0.cors_policy.0.allow_methods' + - 'default_route_action.0.cors_policy.0.allow_headers' + - 'default_route_action.0.cors_policy.0.expose_headers' + - 'default_route_action.0.cors_policy.0.max_age' + - 'default_route_action.0.cors_policy.0.allow_credentials' + - 'default_route_action.0.cors_policy.0.disabled' + default_value: false + - name: 'faultInjectionPolicy' + type: NestedObject + description: | + The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. + As part of fault injection, when clients send requests to a backend service, delays can be introduced by a load balancer on a percentage of requests before sending those requests to the backend service. + Similarly requests from clients can be aborted by the load balancer for a percentage of requests. + timeout and retryPolicy is ignored by clients that are configured with a faultInjectionPolicy if: 1. The traffic is generated by fault injection AND 2. The fault injection is not a delay fault injection. + Fault injection is not supported with the global external HTTP(S) load balancer (classic). To see which load balancers support fault injection, see Load balancing: [Routing and traffic management features](https://cloud.google.com/load-balancing/docs/features#routing-traffic-management). + at_least_one_of: + - 'default_route_action.0.weighted_backend_services' + - 'default_route_action.0.url_rewrite' + - 'default_route_action.0.timeout' + - 'default_route_action.0.retry_policy' + - 'default_route_action.0.request_mirror_policy' + - 'default_route_action.0.cors_policy' + - 'default_route_action.0.fault_injection_policy' + properties: + - name: 'delay' + type: NestedObject + description: | + The specification for how client requests are delayed as part of fault injection, before being sent to a backend service. + at_least_one_of: + - 'default_route_action.0.fault_injection_policy.0.delay' + - 'default_route_action.0.fault_injection_policy.0.abort' + properties: + - name: 'fixedDelay' + type: NestedObject + description: | + Specifies the value of the fixed delay interval. + at_least_one_of: + - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay' + - 'default_route_action.0.fault_injection_policy.0.delay.0.percentage' + properties: + - name: 'seconds' + type: String + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. + Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years + at_least_one_of: + - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.seconds' + - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.nanos' + - name: 'nanos' + type: Integer + description: | + Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are + represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. + at_least_one_of: + - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.seconds' + - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.nanos' + validation: + function: 'validation.IntBetween(0, 999999999)' + - name: 'percentage' + type: Double + description: | + The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. + The value must be between 0.0 and 100.0 inclusive. + at_least_one_of: + - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay' + - 'default_route_action.0.fault_injection_policy.0.delay.0.percentage' + validation: + function: 'validation.FloatBetween(0, 100)' + - name: 'abort' + type: NestedObject + description: | + The specification for how client requests are aborted as part of fault injection. + at_least_one_of: + - 'default_route_action.0.fault_injection_policy.0.delay' + - 'default_route_action.0.fault_injection_policy.0.abort' + properties: + - name: 'httpStatus' + type: Integer + description: | + The HTTP status code used to abort the request. + The value must be between 200 and 599 inclusive. + at_least_one_of: + - 'default_route_action.0.fault_injection_policy.0.abort.0.http_status' + - 'default_route_action.0.fault_injection_policy.0.abort.0.percentage' + validation: + function: 'validation.IntBetween(200, 599)' + - name: 'percentage' + type: Double + description: | + The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. + The value must be between 0.0 and 100.0 inclusive. + at_least_one_of: + - 'default_route_action.0.fault_injection_policy.0.abort.0.http_status' + - 'default_route_action.0.fault_injection_policy.0.abort.0.percentage' + validation: + function: 'validation.FloatBetween(0, 100)' diff --git a/mmv1/products/compute/go_Reservation.yaml b/mmv1/products/compute/go_Reservation.yaml new file mode 100644 index 000000000000..987061daeb2a --- /dev/null +++ b/mmv1/products/compute/go_Reservation.yaml @@ -0,0 +1,249 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Reservation' +description: | + Represents a reservation resource. A reservation ensures that capacity is + held in a specific zone even if the reserved VMs are not running. + + Reservations apply only to Compute Engine, Cloud Dataproc, and Google + Kubernetes Engine VM usage.Reservations do not apply to `f1-micro` or + `g1-small` machine types, preemptible VMs, sole tenant nodes, or other + services not listed above + like Cloud SQL and Dataflow. +references: + guides: + 'Reserving zonal resources': 'https://cloud.google.com/compute/docs/instances/reserving-zonal-resources' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/reservations' +docs: +base_url: 'projects/{{project}}/zones/{{zone}}/reservations' +has_self_link: true +update_url: 'projects/{{project}}/zones/{{zone}}/reservations/{{name}}' +update_verb: 'PATCH' +update_mask: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: + update_encoder: 'templates/terraform/update_encoder/go/reservation.go.tmpl' + pre_update: 'templates/terraform/pre_update/go/shared_reservation_update.go.tmpl' +examples: + - name: 'reservation_basic' + primary_resource_id: 'gce_reservation' + vars: + reservation_name: 'gce-reservation' + - name: 'shared_reservation_basic' + primary_resource_id: 'gce_reservation' + vars: + reservation_name: 'gce-shared-reservation' + test_env_vars: + project: 'PROJECT_NAME' + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true + # Resource creation race + skip_vcr: true +parameters: + - name: 'zone' + type: ResourceRef + description: | + The zone where the reservation is made. + required: true + immutable: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Zone' + imports: 'name' +properties: + - name: 'creationTimestamp' + type: Time + description: | + Creation timestamp in RFC3339 text format. + output: true + - name: 'description' + type: String + description: | + An optional description of this resource. + immutable: true + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and match + the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the + first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the last + character, which cannot be a dash. + required: true + immutable: true + - name: 'commitment' + type: String + description: | + Full or partial URL to a parent commitment. This field displays for + reservations that are tied to a commitment. + output: true + - name: 'specificReservationRequired' + type: Boolean + description: | + When set to true, only VMs that target this reservation by name can + consume this reservation. Otherwise, it can be consumed by VMs with + affinity for any reservation. Defaults to false. + immutable: true + # Not a hard API default, but this should help avoid a unset/true/false + # trinary. + default_value: false + - name: 'status' + type: String + description: | + The status of the reservation. + output: true + - name: 'shareSettings' + type: NestedObject + description: | + The share setting for reservations. + ignore_read: true + default_from_api: true + properties: + - name: 'shareType' + type: Enum + description: | + Type of sharing for this shared-reservation + immutable: true + default_from_api: true + enum_values: + - 'LOCAL' + - 'SPECIFIC_PROJECTS' + - name: 'projectMap' + type: Map + description: | + A map of project number and project config. This is only valid when shareType's value is SPECIFIC_PROJECTS. + key_name: 'id' + key_description: | + The project id/number which is deleting or adding to the project list. + value_type: + name: projectConfig + type: NestedObject + properties: + - name: 'projectId' + type: String + description: | + The project id/number, should be same as the key of this project config in the project map. + - name: 'specificReservation' + type: NestedObject + description: | + Reservation for instances with specific machine shapes. + required: true + update_url: 'projects/{{project}}/zones/{{zone}}/reservations/{{name}}/resize' + update_verb: 'POST' + properties: + - name: 'count' + type: Integer + description: | + The number of resources that are allocated. + required: true + validation: + function: 'validation.IntAtLeast(1)' + - name: 'inUseCount' + type: Integer + description: | + How many instances are in use. + output: true + - name: 'instanceProperties' + type: NestedObject + description: | + The instance properties for the reservation. + required: true + immutable: true + properties: + - name: 'machineType' + type: String + description: | + The name of the machine type to reserve. + required: true + immutable: true + - name: 'minCpuPlatform' + type: String + description: | + The minimum CPU platform for the reservation. For example, + `"Intel Skylake"`. See + the CPU platform availability reference](https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform#availablezones) + for information on available CPU platforms. + immutable: true + default_from_api: true + - name: 'guestAccelerators' + type: Array + description: | + Guest accelerator type and count. + immutable: true + item_type: + type: NestedObject + properties: + - name: 'acceleratorType' + type: String + description: | + The full or partial URL of the accelerator type to + attach to this instance. For example: + `projects/my-project/zones/us-central1-c/acceleratorTypes/nvidia-tesla-p100` + + If you are creating an instance template, specify only the accelerator name. + required: true + immutable: true + - name: 'acceleratorCount' + type: Integer + description: | + The number of the guest accelerator cards exposed to + this instance. + required: true + immutable: true + - name: 'localSsds' + type: Array + description: | + The amount of local ssd to reserve with each instance. This + reserves disks of type `local-ssd`. + immutable: true + item_type: + type: NestedObject + properties: + - name: 'interface' + type: Enum + description: | + The disk interface to use for attaching this disk. + immutable: true + default_value: "SCSI" + enum_values: + - 'SCSI' + - 'NVME' + - name: 'diskSizeGb' + type: Integer + description: | + The size of the disk in base-2 GB. + required: true + immutable: true diff --git a/mmv1/products/compute/go_ResizeRequest.yaml b/mmv1/products/compute/go_ResizeRequest.yaml new file mode 100644 index 000000000000..eada52878a1a --- /dev/null +++ b/mmv1/products/compute/go_ResizeRequest.yaml @@ -0,0 +1,412 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'ResizeRequest' +kind: 'compute#instanceGroupManagerResizeRequest' +description: | + Represents a Managed Instance Group Resize Request + + Resize Requests are the Managed Instance Group implementation of Dynamic Workload Scheduler Flex Start. + + With Dynamic Workload Scheduler in Flex Start mode, you submit a GPU capacity request for your AI/ML jobs by indicating how many you need, a duration, and your preferred region. Dynamic Workload Scheduler intelligently persists the request; once the capacity becomes available, it automatically provisions your VMs enabling your workloads to run continuously for the entire duration of the capacity allocation. +references: + guides: + # Link to quickstart in the API's Guides section. For example: + # 'Create and connect to a database': 'https://cloud.google.com/alloydb/docs/quickstart/create-and-connect' + 'QUICKSTART_TITLE': 'https://cloud.google.com/compute/docs/instance-groups/create-resize-requests-mig' + # Link to the REST API reference for the resource. For example, + # https://cloud.google.com/alloydb/docs/reference/rest/v1/projects.locations.backups + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroupManagerResizeRequests' +docs: +### List Method ### +base_url: 'projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}/resizeRequests' +### Get Method +self_link: 'projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}/resizeRequests/{{name}}' +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +# Sets parameters for handling operations returned by the API. +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + # Overrides which API calls return operations. Default: ['create', + # 'update', 'delete'] + # actions: ['create', 'update', 'delete'] + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +### Update method ### +# Resize requests are currently not update-able + +### Delete Method ### +# Custom delete method to handle resize request cancellations vs. deletions. +# If a resize request is in the ACCEPTED state, it must be canceled before it can be +# deleted. If a resize request is NOT in the ACCEPTED state, it can be directly deleted. +custom_code: + custom_delete: 'templates/terraform/custom_delete/go/compute_mig_resize_request_delete.go.tmpl' +# Examples for testing +examples: + - name: 'compute_mig_resize_request' + primary_resource_id: 'a3_resize_request' + vars: + resize_request_name: 'a3-dws' +# Resize request parameters injected via URL +parameters: + - name: 'zone' + type: ResourceRef + description: | + Name of the compute zone scoping this request. Name should conform to RFC1035. + url_param_only: true + required: true + resource: 'Zone' + imports: 'name' + - name: 'instanceGroupManager' + type: ResourceRef + description: | + The name of the managed instance group. The name should conform to RFC1035 or be a resource ID. + Authorization requires the following IAM permission on the specified resource instanceGroupManager: + *compute.instanceGroupManagers.update + url_param_only: true + required: true + resource: 'InstanceGroupManager' + imports: 'name' +# Non-URL parameters including input and output parameters +properties: + - name: 'creationTimestamp' + type: Time + description: | + The creation timestamp for this resize request in RFC3339 text format. + output: true + - name: 'state' + type: Enum + description: | + [Output only] Current state of the request. + output: true + enum_values: + - 'CREATING' + - 'ACCEPTED' + - 'FAILED' + - 'SUCCEEDED' + - 'CANCELLED' + - name: 'name' + type: String + description: | + The name of this resize request. The name must be 1-63 characters long, and comply with RFC1035. + required: true + - name: 'description' + type: String + description: | + An optional description of this resize-request. + - name: 'resizeBy' + type: Integer + description: | + The number of instances to be created by this resize request. The group's target size will be increased by this number. + required: true + - name: 'requestedRunDuration' + type: NestedObject + description: | + Requested run duration for instances that will be created by this request. At the end of the run duration instance will be deleted. + properties: + - name: 'seconds' + type: String + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years + required: true + - name: 'nanos' + type: Integer + description: | + Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. + - name: 'status' + type: NestedObject + description: | + [Output only] Status of the request. + output: true + properties: + # Status.error + - name: 'error' + type: NestedObject + description: | + [Output only] Fatal errors encountered during the queueing or provisioning phases of the ResizeRequest that caused the transition to the FAILED state. Contrary to the lastAttempt errors, this field is final and errors are never removed from here, as the ResizeRequest is not going to retry. + output: true + properties: + - name: 'errors' + type: NestedObject + description: | + [Output Only] The array of errors encountered while processing this operation. + output: true + properties: + - name: 'code' + type: String + description: | + [Output Only] The error type identifier for this error. + output: true + - name: 'location' + type: String + description: | + Output Only] Indicates the field in the request that caused the error. This property is optional. + output: true + - name: 'message' + type: String + description: | + [Output Only] An optional, human-readable error message. + output: true + - name: 'errorDetails' + type: NestedObject + description: | + [Output Only] An optional list of messages that contain the error details. There is a set of defined message types to use for providing details.The syntax depends on the error code. For example, QuotaExceededInfo will have details when the error code is QUOTA_EXCEEDED. + output: true + properties: + - name: 'errorInfo' + type: NestedObject + description: | + [Output Only] + output: true + properties: + - name: 'reason' + type: String + description: | + The reason of the error. This is a constant value that identifies the proximate cause of the error. Error reasons are unique within a particular domain of errors. This should be at most 63 characters and match a regular expression of [A-Z][A-Z0-9_]+[A-Z0-9], which represents UPPER_SNAKE_CASE. + output: true + - name: 'domain' + type: String + description: | + The logical grouping to which the "reason" belongs. The error domain is typically the registered service name of the tool or product that generates the error. Example: "pubsub.googleapis.com". If the error is generated by some common infrastructure, the error domain must be a globally unique value that identifies the infrastructure. For Google API infrastructure, the error domain is "googleapis.com". + output: true + - name: 'metadatas' + type: KeyValuePairs + description: | + Additional structured details about this error. + Keys must match /[a-z][a-zA-Z0-9-_]+/ but should ideally be lowerCamelCase. Also they must be limited to 64 characters in length. When identifying the current value of an exceeded limit, the units should be contained in the key, not the value. For example, rather than {"instanceLimit": "100/request"}, should be returned as, {"instanceLimitPerRequest": "100"}, if the client exceeds the number of instances that can be created in a single (batch) request. + output: true + - name: 'quotaInfo' + type: NestedObject + description: | + [Output Only] + output: true + properties: + - name: 'metricName' + type: String + description: | + The Compute Engine quota metric name. + output: true + - name: 'limitName' + type: String + description: | + The name of the quota limit. + output: true + - name: 'dimensions' + type: KeyValuePairs + description: | + The map holding related quota dimensions + output: true + - name: 'limit' + type: Integer + description: | + Current effective quota limit. The limit's unit depends on the quota type or metric. + output: true + - name: 'futureLimit' + type: Integer + description: | + Future quota limit being rolled out. The limit's unit depends on the quota type or metric. + output: true + - name: 'rolloutStatus' + type: String + description: | + Rollout status of the future quota limit. + output: true + - name: 'help' + type: NestedObject + description: | + [Output Only] + output: true + properties: + - name: 'links' + type: NestedObject + description: | + [Output Only] + output: true + properties: + - name: 'description' + type: String + description: | + Describes what the link offers. + output: true + - name: 'url' + type: String + description: | + The URL of the link. + output: true + - name: 'localizedMessage' + type: NestedObject + description: | + [Output Only] + output: true + properties: + - name: 'locale' + type: String + description: | + The locale used following the specification defined at https://www.rfc-editor.org/rfc/bcp/bcp47.txt. Examples are: "en-US", "fr-CH", "es-MX" + output: true + - name: 'message' + type: String + description: | + The localized error message in the above locale. + output: true + # Status.lastAttempt + - name: 'lastAttempt' + type: NestedObject + description: | + [Output only] Information about the last attempt to fulfill the request. The value is temporary since the ResizeRequest can retry, as long as it's still active and the last attempt value can either be cleared or replaced with a different error. Since ResizeRequest retries infrequently, the value may be stale and no longer show an active problem. The value is cleared when ResizeRequest transitions to the final state (becomes inactive). If the final state is FAILED the error describing it will be storred in the "error" field only. + output: true + properties: + - name: 'error' + type: NestedObject + description: | + [Output only] Fatal errors encountered during the queueing or provisioning phases of the ResizeRequest that caused the transition to the FAILED state. Contrary to the lastAttempt errors, this field is final and errors are never removed from here, as the ResizeRequest is not going to retry. + output: true + properties: + - name: 'errors' + type: NestedObject + description: | + [Output Only] The array of errors encountered while processing this operation. + output: true + properties: + - name: 'code' + type: String + description: | + [Output Only] The error type identifier for this error. + output: true + - name: 'location' + type: String + description: | + Output Only] Indicates the field in the request that caused the error. This property is optional. + output: true + - name: 'message' + type: String + description: | + [Output Only] An optional, human-readable error message. + output: true + - name: 'errorDetails' + type: NestedObject + description: | + [Output Only] An optional list of messages that contain the error details. There is a set of defined message types to use for providing details.The syntax depends on the error code. For example, QuotaExceededInfo will have details when the error code is QUOTA_EXCEEDED. + output: true + properties: + - name: 'errorInfo' + type: NestedObject + description: | + [Output Only] + output: true + properties: + - name: 'reason' + type: String + description: | + The reason of the error. This is a constant value that identifies the proximate cause of the error. Error reasons are unique within a particular domain of errors. This should be at most 63 characters and match a regular expression of [A-Z][A-Z0-9_]+[A-Z0-9], which represents UPPER_SNAKE_CASE. + output: true + - name: 'domain' + type: String + description: | + The logical grouping to which the "reason" belongs. The error domain is typically the registered service name of the tool or product that generates the error. Example: "pubsub.googleapis.com". If the error is generated by some common infrastructure, the error domain must be a globally unique value that identifies the infrastructure. For Google API infrastructure, the error domain is "googleapis.com". + output: true + - name: 'metadatas' + type: KeyValuePairs + description: | + Additional structured details about this error. + Keys must match /[a-z][a-zA-Z0-9-_]+/ but should ideally be lowerCamelCase. Also they must be limited to 64 characters in length. When identifying the current value of an exceeded limit, the units should be contained in the key, not the value. For example, rather than {"instanceLimit": "100/request"}, should be returned as, {"instanceLimitPerRequest": "100"}, if the client exceeds the number of instances that can be created in a single (batch) request. + output: true + - name: 'quotaInfo' + type: NestedObject + description: | + [Output Only] + output: true + properties: + - name: 'metricName' + type: String + description: | + The Compute Engine quota metric name. + output: true + - name: 'limitName' + type: String + description: | + The name of the quota limit. + output: true + - name: 'dimensions' + type: KeyValuePairs + description: | + The map holding related quota dimensions + output: true + - name: 'limit' + type: Integer + description: | + Current effective quota limit. The limit's unit depends on the quota type or metric. + output: true + - name: 'futureLimit' + type: Integer + description: | + Future quota limit being rolled out. The limit's unit depends on the quota type or metric. + output: true + - name: 'rolloutStatus' + type: String + description: | + Rollout status of the future quota limit. + output: true + - name: 'help' + type: NestedObject + description: | + [Output Only] + output: true + properties: + - name: 'links' + type: NestedObject + description: | + [Output Only] + output: true + properties: + - name: 'description' + type: String + description: | + Describes what the link offers. + output: true + - name: 'url' + type: String + description: | + The URL of the link. + output: true + - name: 'localizedMessage' + type: NestedObject + description: | + [Output Only] + output: true + properties: + - name: 'locale' + type: String + description: | + The locale used following the specification defined at https://www.rfc-editor.org/rfc/bcp/bcp47.txt. Examples are: "en-US", "fr-CH", "es-MX" + output: true + - name: 'message' + type: String + description: | + The localized error message in the above locale. + output: true diff --git a/mmv1/products/compute/go_ResourcePolicy.yaml b/mmv1/products/compute/go_ResourcePolicy.yaml new file mode 100644 index 000000000000..e2c781fb43e4 --- /dev/null +++ b/mmv1/products/compute/go_ResourcePolicy.yaml @@ -0,0 +1,373 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'ResourcePolicy' +kind: 'compute#resourcePolicy' +description: | + A policy that can be attached to a resource to specify or schedule actions on that resource. +references: + guides: + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/resourcePolicies' +docs: +base_url: 'projects/{{project}}/regions/{{region}}/resourcePolicies' +has_self_link: true +update_url: 'projects/{{project}}/regions/{{region}}/resourcePolicies/{{name}}' +update_verb: 'PATCH' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: + constants: 'templates/terraform/constants/go/compute_resource_policy.go.tmpl' +examples: + - name: 'resource_policy_basic' + primary_resource_id: 'foo' + vars: + name: 'gce-policy' + - name: 'resource_policy_hourly_format' + primary_resource_id: 'foo' + vars: + name: 'gce-policy' + exclude_docs: true + - name: 'resource_policy_full' + primary_resource_id: 'bar' + vars: + name: 'gce-policy' + - name: 'resource_policy_placement_policy' + primary_resource_id: 'baz' + vars: + name: 'gce-policy' + - name: 'resource_policy_placement_policy_max_distance' + primary_resource_id: 'baz' + min_version: 'beta' + vars: + name: 'gce-policy' + - name: 'resource_policy_instance_schedule_policy' + primary_resource_id: 'hourly' + vars: + name: 'gce-policy' + - name: 'resource_policy_snapshot_schedule_chain_name' + primary_resource_id: 'hourly' + vars: + name: 'gce-policy' + - name: 'resource_policy_consistency_group' + primary_resource_id: 'cgroup' + vars: + name: 'gce-policy' +parameters: + - name: 'region' + type: ResourceRef + description: Region where resource policy resides. + required: false + immutable: true + ignore_read: true + default_from_api: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' +properties: + - name: 'name' + type: String + description: | + The name of the resource, provided by the client when initially creating + the resource. The resource name must be 1-63 characters long, and comply + with RFC1035. Specifically, the name must be 1-63 characters long and + match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])`? which means the + first character must be a lowercase letter, and all following characters + must be a dash, lowercase letter, or digit, except the last character, + which cannot be a dash. + required: true + - name: 'description' + type: String + description: | + An optional description of this resource. Provide this property when you create the resource. + - name: 'snapshotSchedulePolicy' + type: NestedObject + description: | + Policy for creating snapshots of persistent disks. + conflicts: + - group_placement_policy + - instance_schedule_policy + - disk_consistency_group_policy + properties: + - name: 'schedule' + type: NestedObject + description: | + Contains one of an `hourlySchedule`, `dailySchedule`, or `weeklySchedule`. + required: true + properties: + - name: 'hourlySchedule' + type: NestedObject + description: | + The policy will execute every nth hour starting at the specified time. + exactly_one_of: + - 'snapshot_schedule_policy.0.schedule.0.hourly_schedule' + - 'snapshot_schedule_policy.0.schedule.0.daily_schedule' + - 'snapshot_schedule_policy.0.schedule.0.weekly_schedule' + properties: + - name: 'hoursInCycle' + type: Integer + description: | + The number of hours between snapshots. + required: true + - name: 'startTime' + type: String + description: | + Time within the window to start the operations. + It must be in an hourly format "HH:MM", + where HH : [00-23] and MM : [00] GMT. eg: 21:00 + required: true + diff_suppress_func: 'HourlyFormatSuppressDiff' + validation: + function: 'verify.ValidateHourlyOnly' + - name: 'dailySchedule' + type: NestedObject + description: | + The policy will execute every nth day at the specified time. + exactly_one_of: + - 'snapshot_schedule_policy.0.schedule.0.hourly_schedule' + - 'snapshot_schedule_policy.0.schedule.0.daily_schedule' + - 'snapshot_schedule_policy.0.schedule.0.weekly_schedule' + properties: + - name: 'daysInCycle' + type: Integer + description: | + Defines a schedule with units measured in days. The value determines how many days pass between the start of each cycle. Days in cycle for snapshot schedule policy must be 1. + required: true + - name: 'startTime' + type: String + description: | + This must be in UTC format that resolves to one of + 00:00, 04:00, 08:00, 12:00, 16:00, or 20:00. For example, + both 13:00-5 and 08:00 are valid. + required: true + diff_suppress_func: 'HourlyFormatSuppressDiff' + validation: + function: 'verify.ValidateHourlyOnly' + - name: 'weeklySchedule' + type: NestedObject + description: | + Allows specifying a snapshot time for each day of the week. + exactly_one_of: + - 'snapshot_schedule_policy.0.schedule.0.hourly_schedule' + - 'snapshot_schedule_policy.0.schedule.0.daily_schedule' + - 'snapshot_schedule_policy.0.schedule.0.weekly_schedule' + properties: + - name: 'dayOfWeeks' + type: Array + description: | + May contain up to seven (one for each day of the week) snapshot times. + is_set: true + required: true + item_type: + type: NestedObject + properties: + - name: 'startTime' + type: String + description: | + Time within the window to start the operations. + It must be in format "HH:MM", where HH : [00-23] and MM : [00-00] GMT. + required: true + - name: 'day' + type: Enum + description: | + The day of the week to create the snapshot. e.g. MONDAY + required: true + enum_values: + - 'MONDAY' + - 'TUESDAY' + - 'WEDNESDAY' + - 'THURSDAY' + - 'FRIDAY' + - 'SATURDAY' + - 'SUNDAY' + min_size: 1 + max_size: 7 + - name: 'retentionPolicy' + type: NestedObject + description: | + Retention policy applied to snapshots created by this resource policy. + properties: + - name: 'maxRetentionDays' + type: Integer + description: | + Maximum age of the snapshot that is allowed to be kept. + required: true + - name: 'onSourceDiskDelete' + type: Enum + description: | + Specifies the behavior to apply to scheduled snapshots when + the source disk is deleted. + default_value: "KEEP_AUTO_SNAPSHOTS" + enum_values: + - 'KEEP_AUTO_SNAPSHOTS' + - 'APPLY_RETENTION_POLICY' + - name: 'snapshotProperties' + type: NestedObject + description: | + Properties with which the snapshots are created, such as labels. + properties: + - name: 'labels' + type: KeyValuePairs + description: | + A set of key-value pairs. + at_least_one_of: + - 'snapshot_schedule_policy.0.snapshot_properties.0.labels' + - 'snapshot_schedule_policy.0.snapshot_properties.0.storage_locations' + - 'snapshot_schedule_policy.0.snapshot_properties.0.guest_flush' + - name: 'storageLocations' + type: Array + description: | + Cloud Storage bucket location to store the auto snapshot + (regional or multi-regional) + is_set: true + at_least_one_of: + - 'snapshot_schedule_policy.0.snapshot_properties.0.labels' + - 'snapshot_schedule_policy.0.snapshot_properties.0.storage_locations' + - 'snapshot_schedule_policy.0.snapshot_properties.0.guest_flush' + item_type: + type: String + max_size: 1 + - name: 'guestFlush' + type: Boolean + description: | + Whether to perform a 'guest aware' snapshot. + send_empty_value: true + at_least_one_of: + - 'snapshot_schedule_policy.0.snapshot_properties.0.labels' + - 'snapshot_schedule_policy.0.snapshot_properties.0.storage_locations' + - 'snapshot_schedule_policy.0.snapshot_properties.0.guest_flush' + - name: 'chainName' + type: String + description: | + Creates the new snapshot in the snapshot chain labeled with the + specified name. The chain name must be 1-63 characters long and comply + with RFC1035. + - name: 'groupPlacementPolicy' + type: NestedObject + description: | + Resource policy for instances used for placement configuration. + conflicts: + - instance_schedule_policy + - snapshot_schedule_policy + - disk_consistency_group_policy + properties: + - name: 'vmCount' + type: Integer + description: | + Number of VMs in this placement group. Google does not recommend that you use this field + unless you use a compact policy and you want your policy to work only if it contains this + exact number of VMs. + - name: 'availabilityDomainCount' + type: Integer + description: | + The number of availability domains instances will be spread across. If two instances are in different + availability domain, they will not be put in the same low latency network + - name: 'collocation' + type: Enum + description: | + Collocation specifies whether to place VMs inside the same availability domain on the same low-latency network. + Specify `COLLOCATED` to enable collocation. Can only be specified with `vm_count`. If compute instances are created + with a COLLOCATED policy, then exactly `vm_count` instances must be created at the same time with the resource policy + attached. + enum_values: + - 'COLLOCATED' + - name: 'maxDistance' + type: Integer + description: | + Specifies the number of max logical switches. + min_version: 'beta' + - name: 'instanceSchedulePolicy' + type: NestedObject + description: | + Resource policy for scheduling instance operations. + conflicts: + - snapshot_schedule_policy + - group_placement_policy + - disk_consistency_group_policy + properties: + - name: 'vmStartSchedule' + type: NestedObject + description: | + Specifies the schedule for starting instances. + at_least_one_of: + - 'instance_schedule_policy.0.vm_start_schedule' + - 'instance_schedule_policy.0.vm_stop_schedule' + properties: + - name: 'schedule' + type: String + description: | + Specifies the frequency for the operation, using the unix-cron format. + required: true + - name: 'vmStopSchedule' + type: NestedObject + description: | + Specifies the schedule for stopping instances. + at_least_one_of: + - 'instance_schedule_policy.0.vm_start_schedule' + - 'instance_schedule_policy.0.vm_stop_schedule' + properties: + - name: 'schedule' + type: String + description: | + Specifies the frequency for the operation, using the unix-cron format. + required: true + - name: 'timeZone' + type: String + description: | + Specifies the time zone to be used in interpreting the schedule. The value of this field must be a time zone name + from the tz database: http://en.wikipedia.org/wiki/Tz_database. + required: true + - name: 'startTime' + type: String + description: | + The start time of the schedule. The timestamp is an RFC3339 string. + - name: 'expirationTime' + type: String + description: | + The expiration time of the schedule. The timestamp is an RFC3339 string. + - name: 'diskConsistencyGroupPolicy' + type: NestedObject + description: | + Replication consistency group for asynchronous disk replication. + send_empty_value: true + conflicts: + - snapshot_schedule_policy + - group_placement_policy + - instance_schedule_policy + custom_flatten: 'templates/terraform/custom_flatten/go/disk_consistency_group_policy.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/disk_consistency_group_policy.tmpl' + properties: + - name: 'enabled' + type: Boolean + description: | + Enable disk consistency on the resource policy. + required: true + immutable: true diff --git a/mmv1/products/compute/go_Route.yaml b/mmv1/products/compute/go_Route.yaml new file mode 100644 index 000000000000..089cc6ff29b9 --- /dev/null +++ b/mmv1/products/compute/go_Route.yaml @@ -0,0 +1,258 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Route' +kind: 'compute#route' +description: | + Represents a Route resource. + + A route is a rule that specifies how certain packets should be handled by + the virtual network. Routes are associated with virtual machines by tag, + and the set of routes for a particular virtual machine is called its + routing table. For each packet leaving a virtual machine, the system + searches that virtual machine's routing table for a single best matching + route. + + Routes match packets by destination IP address, preferring smaller or more + specific ranges over larger ones. If there is a tie, the system selects + the route with the smallest priority value. If there is still a tie, it + uses the layer three and four packet headers to select just one of the + remaining matching routes. The packet is then forwarded as specified by + the next_hop field of the winning route -- either to another virtual + machine destination, a virtual machine gateway or a Compute + Engine-operated gateway. Packets that do not match any route in the + sending virtual machine's routing table will be dropped. + + A Route resource must have exactly one specification of either + nextHopGateway, nextHopInstance, nextHopIp, nextHopVpnTunnel, or + nextHopIlb. + +references: + guides: + 'Using Routes': 'https://cloud.google.com/vpc/docs/using-routes' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/routes' +docs: + optional_properties: | + * `next_hop_instance_zone` - (Optional when `next_hop_instance` is + specified) The zone of the instance specified in + `next_hop_instance`. Omit if `next_hop_instance` is specified as + a URL. +base_url: 'projects/{{project}}/global/routes' +has_self_link: true +immutable: true +mutex: 'projects/{{project}}/global/networks/{{network}}/peerings' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: + extra_schema_entry: 'templates/terraform/extra_schema_entry/go/route.tmpl' + constants: 'templates/terraform/constants/go/compute_route.go.tmpl' + decoder: 'templates/terraform/decoders/go/route.tmpl' +error_retry_predicates: + + - 'transport_tpg.IsPeeringOperationInProgress' +examples: + - name: 'route_basic' + primary_resource_id: 'default' + vars: + route_name: 'network-route' + network_name: 'compute-network' + - name: 'route_ilb' + primary_resource_id: 'route-ilb' + vars: + network_name: 'compute-network' + subnet_name: 'compute-subnet' + forwarding_rule_name: 'compute-forwarding-rule' + health_check_name: 'proxy-health-check' + backend_name: 'compute-backend' + route_name: 'route-ilb' + - name: 'route_ilb_vip' + primary_resource_id: 'route-ilb' + min_version: 'beta' + vars: + producer_name: 'producer' + consumer_name: 'consumer' + forwarding_rule_name: 'compute-forwarding-rule' + health_check_name: 'proxy-health-check' + backend_name: 'compute-backend' + route_name: 'route-ilb' +parameters: +properties: + - name: 'destRange' + type: String + description: | + The destination range of outgoing packets that this route applies to. + Only IPv4 is supported. + required: true + - name: 'description' + type: String + description: | + An optional description of this resource. Provide this property + when you create the resource. + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and + match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means + the first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the + last character, which cannot be a dash. + required: true + validation: + regex: '^[a-z]([-a-z0-9]*[a-z0-9])?$' + - name: 'network' + type: ResourceRef + description: 'The network that this route applies to.' + required: true + immutable: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Network' + imports: 'selfLink' + - name: 'priority' + type: Integer + description: | + The priority of this route. Priority is used to break ties in cases + where there is more than one matching route of equal prefix length. + + In the case of two routes with equal prefix length, the one with the + lowest-numbered priority value wins. + + Default value is 1000. Valid range is 0 through 65535. + immutable: true + send_empty_value: true + default_value: 1000 + - name: 'tags' + type: Array + description: 'A list of instance tags to which this route applies.' + is_set: true + immutable: true + custom_expand: 'templates/terraform/custom_expand/go/set_to_list.tmpl' + item_type: + type: String + - name: 'nextHopGateway' + type: String + description: | + URL to a gateway that should handle matching packets. + Currently, you can only specify the internet gateway, using a full or + partial valid URL: + * `https://www.googleapis.com/compute/v1/projects/project/global/gateways/default-internet-gateway` + * `projects/project/global/gateways/default-internet-gateway` + * `global/gateways/default-internet-gateway` + * The string `default-internet-gateway`. + immutable: true + exactly_one_of: + - 'next_hop_gateway' + - 'next_hop_instance' + - 'next_hop_ip' + - 'next_hop_vpn_tunnel' + - 'next_hop_ilb' + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + custom_expand: 'templates/terraform/custom_expand/go/route_gateway.tmpl' + - name: 'nextHopInstance' + type: ResourceRef + description: | + URL to an instance that should handle matching packets. + You can specify this as a full or partial URL. For example: + * `https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance` + * `projects/project/zones/zone/instances/instance` + * `zones/zone/instances/instance` + * Just the instance name, with the zone in `next_hop_instance_zone`. + immutable: true + exactly_one_of: + - 'next_hop_gateway' + - 'next_hop_instance' + - 'next_hop_ip' + - 'next_hop_vpn_tunnel' + - 'next_hop_ilb' + custom_expand: 'templates/terraform/custom_expand/go/route_instance.tmpl' + resource: 'Instance' + imports: 'selfLink' + - name: 'nextHopIp' + type: String + description: | + Network IP address of an instance that should handle matching packets. + immutable: true + default_from_api: true + exactly_one_of: + - 'next_hop_gateway' + - 'next_hop_instance' + - 'next_hop_ip' + - 'next_hop_vpn_tunnel' + - 'next_hop_ilb' + - name: 'nextHopVpnTunnel' + type: ResourceRef + description: | + URL to a VpnTunnel that should handle matching packets. + immutable: true + exactly_one_of: + - 'next_hop_gateway' + - 'next_hop_instance' + - 'next_hop_ip' + - 'next_hop_vpn_tunnel' + - 'next_hop_ilb' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'VpnTunnel' + imports: 'selfLink' + - name: 'nextHopNetwork' + type: String + description: | + URL to a Network that should handle matching packets. + output: true + - name: 'nextHopIlb' + type: String + description: | + The IP address or URL to a forwarding rule of type + loadBalancingScheme=INTERNAL that should handle matching + packets. + + With the GA provider you can only specify the forwarding + rule as a partial or full URL. For example, the following + are all valid values: + * 10.128.0.56 + * https://www.googleapis.com/compute/v1/projects/project/regions/region/forwardingRules/forwardingRule + * regions/region/forwardingRules/forwardingRule + + When the beta provider, you can also specify the IP address + of a forwarding rule from the same VPC or any peered VPC. + + Note that this can only be used when the destinationRange is + a public (non-RFC 1918) IP CIDR range. + immutable: true + exactly_one_of: + - 'next_hop_gateway' + - 'next_hop_instance' + - 'next_hop_ip' + - 'next_hop_vpn_tunnel' + - 'next_hop_ilb' + diff_suppress_func: 'CompareIpAddressOrSelfLinkOrResourceName' diff --git a/mmv1/products/compute/go_Router.yaml b/mmv1/products/compute/go_Router.yaml new file mode 100644 index 000000000000..84eb7d6656c9 --- /dev/null +++ b/mmv1/products/compute/go_Router.yaml @@ -0,0 +1,211 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Router' +kind: 'compute#router' +description: | + Represents a Router resource. +references: + guides: + 'Google Cloud Router': 'https://cloud.google.com/router/docs/' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/routers' +docs: +base_url: 'projects/{{project}}/regions/{{region}}/routers' +has_self_link: true +# Since Terraform has separate resources for router, router interface, and +# router peer, calling PUT on the router will delete the interface and peer. +# Use patch instead. +update_verb: 'PATCH' +mutex: 'router/{{region}}/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: + constants: 'templates/terraform/constants/go/router.go.tmpl' +custom_diff: + - 'resourceComputeRouterCustomDiff' +examples: + - name: 'router_basic' + primary_resource_id: 'foobar' + vars: + router_name: 'my-router' + network_name: 'my-network' + ignore_read_extra: + - 'advertisedIpRanges' + - name: 'compute_router_encrypted_interconnect' + primary_resource_id: 'encrypted-interconnect-router' + vars: + router_name: 'test-router' + network_name: 'test-network' + ignore_read_extra: + - 'advertisedIpRanges' +parameters: + - name: 'region' + type: ResourceRef + description: Region where the router resides. + required: false + immutable: true + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' +properties: + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'name' + type: String + description: | + Name of the resource. The name must be 1-63 characters long, and + comply with RFC1035. Specifically, the name must be 1-63 characters + long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` + which means the first character must be a lowercase letter, and all + following characters must be a dash, lowercase letter, or digit, + except the last character, which cannot be a dash. + required: true + immutable: true + validation: + function: 'verify.ValidateGCEName' + - name: 'description' + type: String + description: | + An optional description of this resource. + send_empty_value: true + - name: 'network' + type: ResourceRef + description: | + A reference to the network to which this router belongs. + required: true + immutable: true + # TODO: Figure out the story for interfaces/bgpPeers. Right + # now in Terraform we have three separate resources: router, + # router_interface, and router_peer. Decide whether we want to keep that + # pattern for the other providers, keep it unique for Terraform, or add + # these fields to the Terraform resource (and then within that, decide + # whether to deprecate router_interface and router_peer or leave them + # alone). + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Network' + imports: 'selfLink' + - name: 'bgp' + type: NestedObject + description: | + BGP information specific to this router. + send_empty_value: true + properties: + - name: 'asn' + type: Integer + description: | + Local BGP Autonomous System Number (ASN). Must be an RFC6996 + private ASN, either 16-bit or 32-bit. The value will be fixed for + this router resource. All VPN tunnels that link to this router + will have the same local ASN. + required: true + validation: + function: 'verify.ValidateRFC6996Asn' + - name: 'advertiseMode' + type: Enum + description: | + User-specified flag to indicate which mode to use for advertisement. + default_value: "DEFAULT" + enum_values: + - 'DEFAULT' + - 'CUSTOM' + - name: 'advertisedGroups' + type: Array + description: | + User-specified list of prefix groups to advertise in custom mode. + This field can only be populated if advertiseMode is CUSTOM and + is advertised to all peers of the router. These groups will be + advertised in addition to any specified prefixes. Leave this field + blank to advertise no custom groups. + + This enum field has the one valid value: ALL_SUBNETS + send_empty_value: true + # TODO(#324): enum? + item_type: + type: String + - name: 'advertisedIpRanges' + type: Array + description: | + User-specified list of individual IP ranges to advertise in + custom mode. This field can only be populated if advertiseMode + is CUSTOM and is advertised to all peers of the router. These IP + ranges will be advertised in addition to any specified groups. + Leave this field blank to advertise no custom IP ranges. + send_empty_value: true + custom_flatten: 'templates/terraform/custom_flatten/go/compute_router_range.go.tmpl' + item_type: + type: NestedObject + properties: + - name: 'range' + type: String + description: | + The IP range to advertise. The value must be a + CIDR-formatted string. + required: true + send_empty_value: true + - name: 'description' + type: String + description: | + User-specified description for the IP range. + send_empty_value: true + - name: 'keepaliveInterval' + type: Integer + description: | + The interval in seconds between BGP keepalive messages that are sent + to the peer. Hold time is three times the interval at which keepalive + messages are sent, and the hold time is the maximum number of seconds + allowed to elapse between successive keepalive messages that BGP + receives from a peer. + + BGP will use the smaller of either the local hold time value or the + peer's hold time value as the hold time for the BGP connection + between the two peers. If set, this value must be between 20 and 60. + The default is 20. + default_value: 20 + - name: 'identifierRange' + type: String + description: | + Explicitly specifies a range of valid BGP Identifiers for this Router. + It is provided as a link-local IPv4 range (from 169.254.0.0/16), of + size at least /30, even if the BGP sessions are over IPv6. It must + not overlap with any IPv4 BGP session ranges. Other vendors commonly + call this router ID. + default_from_api: true + - name: 'encryptedInterconnectRouter' + type: Boolean + description: | + Indicates if a router is dedicated for use with encrypted VLAN + attachments (interconnectAttachments). + immutable: true diff --git a/mmv1/products/compute/go_RouterNat.yaml b/mmv1/products/compute/go_RouterNat.yaml new file mode 100644 index 000000000000..c107b4da8d2d --- /dev/null +++ b/mmv1/products/compute/go_RouterNat.yaml @@ -0,0 +1,498 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'RouterNat' +description: | + A NAT service created in a router. + + ~> **Note:** Recreating a `google_compute_address` that is being used by `google_compute_router_nat` will give a `resourceInUseByAnotherResource` error. + Use `lifecycle.create_before_destroy` on this address resource to avoid this type of error as shown in the Manual Ips example. +references: + guides: + 'Google Cloud Router': 'https://cloud.google.com/router/docs/' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/routers' +docs: +id_format: '{{project}}/{{region}}/{{router}}/{{name}}' +base_url: 'projects/{{project}}/regions/{{region}}/routers/{{router}}' +self_link: 'projects/{{project}}/regions/{{region}}/routers/{{router}}' +create_url: 'projects/{{project}}/regions/{{region}}/routers/{{router}}' +create_verb: 'PATCH' +update_url: 'projects/{{project}}/regions/{{region}}/routers/{{router}}' +update_verb: 'PATCH' +delete_url: 'projects/{{project}}/regions/{{region}}/routers/{{router}}' +delete_verb: 'PATCH' +mutex: 'router/{{region}}/{{router}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'nats' +identity: + - name +nested_query: + keys: + - nats + is_list_of_ids: false + modify_by_patch: true +custom_code: + constants: 'templates/terraform/constants/go/router_nat.go.tmpl' + encoder: 'templates/terraform/encoders/go/router_nat_set_initial_nat_ips.go.tmpl' + pre_create: 'templates/terraform/constants/go/router_nat_validate_action_active_range.go.tmpl' + pre_update: 'templates/terraform/constants/go/router_nat_validate_action_active_range.go.tmpl' +custom_diff: + - 'resourceComputeRouterNatDrainNatIpsCustomDiff' +exclude_tgc: true +examples: + # These examples are not used to autogenerate tests, as fine-grained + # resources do not fit the normal test flow - we need to test deletion + # in a test step while parent resource still exists vs in CheckDestroy + # when all resources have been deleted. + - name: 'router_nat_basic' + primary_resource_id: 'nat' + vars: + router_name: 'my-router' + nat_name: 'my-router-nat' + network_name: 'my-network' + subnet_name: 'my-subnetwork' + exclude_test: true + - name: 'router_nat_manual_ips' + primary_resource_id: 'nat_manual' + vars: + router_name: 'my-router' + nat_name: 'my-router-nat' + network_name: 'my-network' + subnet_name: 'my-subnetwork' + address_name: 'nat-manual-ip' + exclude_test: true + - name: 'router_nat_rules' + primary_resource_id: 'nat_rules' + vars: + router_name: 'my-router' + nat_name: 'my-router-nat' + network_name: 'my-network' + subnet_name: 'my-subnetwork' + address_name1: 'nat-address1' + address_name2: 'nat-address2' + address_name3: 'nat-address3' + exclude_test: true + - name: 'router_nat_private' + primary_resource_id: 'nat_type' + min_version: 'beta' + vars: + router_name: 'my-router' + nat_name: 'my-router-nat' + network_name: 'my-network' + subnet_name: 'my-subnetwork' + hub_name: 'my-hub' + spoke_name: 'my-spoke' + exclude_test: true +parameters: + - name: 'router' + type: ResourceRef + description: | + The name of the Cloud Router in which this NAT will be configured. + url_param_only: true + required: true + immutable: true + resource: 'Router' + imports: 'name' + - name: 'region' + type: ResourceRef + description: Region where the router and NAT reside. + url_param_only: true + required: false + immutable: true + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + resource: 'Region' + imports: 'name' +properties: + - name: 'name' + type: String + description: | + Name of the NAT service. The name must be 1-63 characters long and + comply with RFC1035. + required: true + immutable: true + validation: + function: 'verify.ValidateRFC1035Name(2, 63)' + - name: 'natIpAllocateOption' + type: Enum + description: | + How external IPs should be allocated for this NAT. Valid values are + `AUTO_ONLY` for only allowing NAT IPs allocated by Google Cloud + Platform, or `MANUAL_ONLY` for only user-allocated NAT IP addresses. + required: false + enum_values: + - 'MANUAL_ONLY' + - 'AUTO_ONLY' + - name: 'initialNatIps' + type: Array + description: | + Self-links of NAT IPs to be used as initial value for creation alongside a RouterNatAddress resource. + Conflicts with natIps and drainNatIps. Only valid if natIpAllocateOption is set to MANUAL_ONLY. + is_set: true + immutable: true + ignore_read: true + send_empty_value: true + conflicts: + - natIps + - drainNatIps + set_hash_func: computeRouterNatIPsHash + custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' + item_type: + name: 'address' + type: ResourceRef + description: 'A reference to an address associated with this NAT' + resource: 'Address' + imports: 'selfLink' + - name: 'natIps' + type: Array + description: | + Self-links of NAT IPs. Only valid if natIpAllocateOption + is set to MANUAL_ONLY. + If this field is used alongside with a count created list of address resources `google_compute_address.foobar.*.self_link`, + the access level resource for the address resource must have a `lifecycle` block with `create_before_destroy = true` so + the number of resources can be increased/decreased without triggering the `resourceInUseByAnotherResource` error. + is_set: true + default_from_api: true + send_empty_value: true + set_hash_func: computeRouterNatIPsHash + custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' + item_type: + name: 'address' + type: ResourceRef + description: 'A reference to an address associated with this NAT' + resource: 'Address' + imports: 'selfLink' + - name: 'drainNatIps' + type: Array + description: | + A list of URLs of the IP resources to be drained. These IPs must be + valid static external IPs that have been assigned to the NAT. + is_set: true + default_from_api: true + send_empty_value: true + custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' + item_type: + name: 'address' + type: ResourceRef + description: 'A reference to an address associated with this NAT' + resource: 'Address' + imports: 'selfLink' + - name: 'sourceSubnetworkIpRangesToNat' + type: Enum + description: | + How NAT should be configured per Subnetwork. + If `ALL_SUBNETWORKS_ALL_IP_RANGES`, all of the + IP ranges in every Subnetwork are allowed to Nat. + If `ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES`, all of the primary IP + ranges in every Subnetwork are allowed to Nat. + `LIST_OF_SUBNETWORKS`: A list of Subnetworks are allowed to Nat + (specified in the field subnetwork below). Note that if this field + contains ALL_SUBNETWORKS_ALL_IP_RANGES or + ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any + other RouterNat section in any Router for this network in this region. + required: true + enum_values: + - 'ALL_SUBNETWORKS_ALL_IP_RANGES' + - 'ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES' + - 'LIST_OF_SUBNETWORKS' + - name: 'subnetwork' + type: Array + description: | + One or more subnetwork NAT configurations. Only used if + `source_subnetwork_ip_ranges_to_nat` is set to `LIST_OF_SUBNETWORKS` + api_name: subnetworks + is_set: true + send_empty_value: true + set_hash_func: computeRouterNatSubnetworkHash + item_type: + type: NestedObject + properties: + - name: 'name' + type: ResourceRef + description: 'Self-link of subnetwork to NAT' + required: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Subnetwork' + imports: 'selfLink' + - name: 'sourceIpRangesToNat' + type: Array + description: | + List of options for which source IPs in the subnetwork + should have NAT enabled. Supported values include: + `ALL_IP_RANGES`, `LIST_OF_SECONDARY_IP_RANGES`, + `PRIMARY_IP_RANGE`. + is_set: true + required: true + item_type: + type: String + min_size: 1 + - name: 'secondaryIpRangeNames' + type: Array + description: | + List of the secondary ranges of the subnetwork that are allowed + to use NAT. This can be populated only if + `LIST_OF_SECONDARY_IP_RANGES` is one of the values in + sourceIpRangesToNat + is_set: true + item_type: + type: String + - name: 'minPortsPerVm' + type: Integer + description: | + Minimum number of ports allocated to a VM from this NAT. Defaults to 64 for static port allocation and 32 dynamic port allocation if not set. + default_from_api: true + - name: 'maxPortsPerVm' + type: Integer + description: | + Maximum number of ports allocated to a VM from this NAT. + This field can only be set when enableDynamicPortAllocation is enabled. + - name: 'enableDynamicPortAllocation' + type: Boolean + description: | + Enable Dynamic Port Allocation. + If minPortsPerVm is set, minPortsPerVm must be set to a power of two greater than or equal to 32. + If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config. + If maxPortsPerVm is set, maxPortsPerVm must be set to a power of two greater than minPortsPerVm. + If maxPortsPerVm is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config. + + Mutually exclusive with enableEndpointIndependentMapping. + default_from_api: true + send_empty_value: true + - name: 'udpIdleTimeoutSec' + type: Integer + description: | + Timeout (in seconds) for UDP connections. Defaults to 30s if not set. + custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' + default_value: 30 + - name: 'icmpIdleTimeoutSec' + type: Integer + description: | + Timeout (in seconds) for ICMP connections. Defaults to 30s if not set. + custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' + default_value: 30 + - name: 'tcpEstablishedIdleTimeoutSec' + type: Integer + description: | + Timeout (in seconds) for TCP established connections. + Defaults to 1200s if not set. + custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' + default_value: 1200 + - name: 'tcpTransitoryIdleTimeoutSec' + type: Integer + description: | + Timeout (in seconds) for TCP transitory connections. + Defaults to 30s if not set. + custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' + default_value: 30 + - name: 'tcpTimeWaitTimeoutSec' + type: Integer + description: | + Timeout (in seconds) for TCP connections that are in TIME_WAIT state. + Defaults to 120s if not set. + custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' + default_value: 120 + - name: 'logConfig' + type: NestedObject + description: | + Configuration for logging on NAT + send_empty_value: true + properties: + - name: 'enable' + type: Boolean + description: | + Indicates whether or not to export logs. + required: true + - name: 'filter' + type: Enum + description: | + Specifies the desired filtering of logs on this NAT. + required: true + enum_values: + - 'ERRORS_ONLY' + - 'TRANSLATIONS_ONLY' + - 'ALL' + - name: 'endpointTypes' + type: Array + description: | + Specifies the endpoint Types supported by the NAT Gateway. + Supported values include: + `ENDPOINT_TYPE_VM`, `ENDPOINT_TYPE_SWG`, + `ENDPOINT_TYPE_MANAGED_PROXY_LB`. + immutable: true + default_from_api: true + item_type: + type: String + min_size: 1 + - name: 'rules' + type: Array + description: 'A list of rules associated with this NAT.' + is_set: true + send_empty_value: true + set_hash_func: computeRouterNatRulesHash + item_type: + type: NestedObject + properties: + - name: 'ruleNumber' + type: Integer + description: | + An integer uniquely identifying a rule in the list. + The rule number must be a positive value between 0 and 65000, and must be unique among rules within a NAT. + required: true + send_empty_value: true + validation: + function: 'validation.IntBetween(0, 65000)' + - name: 'description' + type: String + description: 'An optional description of this rule.' + - name: 'match' + type: String + description: | + CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. + If it evaluates to true, the corresponding action is enforced. + + The following examples are valid match expressions for public NAT: + + "inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')" + + "destination.ip == '1.1.0.1' || destination.ip == '8.8.8.8'" + + The following example is a valid match expression for private NAT: + + "nexthop.hub == 'https://networkconnectivity.googleapis.com/v1alpha1/projects/my-project/global/hub/hub-1'" + required: true + - name: 'action' + type: NestedObject + description: + 'The action to be enforced for traffic that matches this rule.' + default_from_api: true + properties: + - name: 'sourceNatActiveIps' + type: Array + description: | + A list of URLs of the IP resources used for this NAT rule. + These IP addresses must be valid static external IP addresses assigned to the project. + This field is used for public NAT. + is_set: true + set_hash_func: computeRouterNatIPsHash + custom_flatten: 'templates/terraform/custom_flatten/go/nat_rules_ip_set.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' + item_type: + name: 'address' + type: ResourceRef + description: + 'A reference to an address associated with this NAT' + resource: 'Address' + imports: 'selfLink' + - name: 'sourceNatDrainIps' + type: Array + description: | + A list of URLs of the IP resources to be drained. + These IPs must be valid static external IPs that have been assigned to the NAT. + These IPs should be used for updating/patching a NAT rule only. + This field is used for public NAT. + is_set: true + set_hash_func: computeRouterNatIPsHash + custom_flatten: 'templates/terraform/custom_flatten/go/nat_rules_ip_set.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' + item_type: + name: 'address' + type: ResourceRef + description: + 'A reference to an address associated with this NAT' + resource: 'Address' + imports: 'selfLink' + - name: 'sourceNatActiveRanges' + type: Array + description: | + A list of URLs of the subnetworks used as source ranges for this NAT Rule. + These subnetworks must have purpose set to PRIVATE_NAT. + This field is used for private NAT. + is_set: true + min_version: 'beta' + set_hash_func: computeRouterNatRulesSubnetHash + custom_flatten: 'templates/terraform/custom_flatten/go/nat_rules_subnets_set.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' + item_type: + name: 'subnet' + type: ResourceRef + description: + 'A reference to a subnetwork address associated with this NAT' + resource: 'Subnetwork' + imports: 'selfLink' + - name: 'sourceNatDrainRanges' + type: Array + description: | + A list of URLs of subnetworks representing source ranges to be drained. + This is only supported on patch/update, and these subnetworks must have previously been used as active ranges in this NAT Rule. + This field is used for private NAT. + is_set: true + min_version: 'beta' + set_hash_func: computeRouterNatRulesSubnetHash + custom_flatten: 'templates/terraform/custom_flatten/go/nat_rules_subnets_set.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' + item_type: + name: 'subnet' + type: ResourceRef + description: + 'A reference to a subnetwork address associated with this NAT' + resource: 'Subnetwork' + imports: 'selfLink' + - name: 'enableEndpointIndependentMapping' + type: Boolean + description: | + Enable endpoint independent mapping. + For more information see the [official documentation](https://cloud.google.com/nat/docs/overview#specs-rfcs). + default_from_api: true + send_empty_value: true + - name: 'type' + type: Enum + description: | + Indicates whether this NAT is used for public or private IP translation. + If unspecified, it defaults to PUBLIC. + If `PUBLIC` NAT used for public IP translation. + If `PRIVATE` NAT used for private IP translation. + min_version: 'beta' + immutable: true + default_value: "PUBLIC" + enum_values: + - 'PUBLIC' + - 'PRIVATE' + - name: 'autoNetworkTier' + type: Enum + description: | + The network tier to use when automatically reserving NAT IP addresses. + Must be one of: PREMIUM, STANDARD. If not specified, then the current + project-level default tier is used. + default_from_api: true + enum_values: + - 'PREMIUM' + - 'STANDARD' diff --git a/mmv1/products/compute/go_RouterNatAddress.yaml b/mmv1/products/compute/go_RouterNatAddress.yaml new file mode 100644 index 000000000000..fba640c46d9d --- /dev/null +++ b/mmv1/products/compute/go_RouterNatAddress.yaml @@ -0,0 +1,143 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'RouterNatAddress' +description: | + A resource used to set the list of IP addresses to be used in a NAT service and manage the draining of destroyed IPs. + + ~> **Note:** This resource is to be used alongside a `google_compute_router_nat` resource, + the router nat resource must have no defined `nat_ips` or `drain_nat_ips` parameters, + instead using the `initial_nat_ips` parameter to set at least one IP for the creation of the resource. +references: + guides: + 'Google Cloud Router': 'https://cloud.google.com/router/docs/' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/routers' +docs: +id_format: 'projects/{{project}}/regions/{{region}}/routers/{{router}}/{{router_nat}}' +base_url: 'projects/{{project}}/regions/{{region}}/routers/{{router}}' +self_link: 'projects/{{project}}/regions/{{region}}/routers/{{router}}' +create_url: 'projects/{{project}}/regions/{{region}}/routers/{{router}}' +create_verb: 'PATCH' +update_url: 'projects/{{project}}/regions/{{region}}/routers/{{router}}' +update_verb: 'PATCH' +delete_url: 'projects/{{project}}/regions/{{region}}/routers/{{router}}' +delete_verb: 'PATCH' +mutex: 'router/{{region}}/{{router}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: 'projects/{{project}}/regions/{{regions}}/operations/{{op_id}}' + kind: 'compute#operation' + path: 'routerNat' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'nats' +identity: + - routerNat +nested_query: + keys: + - nats + is_list_of_ids: false + modify_by_patch: true +# ToDo: We use a custom code for CREATE since the generated code is erroneously not replacing the generated encoder with the custom one provided +custom_code: + constants: 'templates/terraform/constants/go/router_nat_address.go.tmpl' + encoder: 'templates/terraform/encoders/go/router_nat_address_patch_on_create.go.tmpl' + update_encoder: 'templates/terraform/encoders/go/router_nat_address_update_skip_encoder.go.tmpl' + custom_create: 'templates/terraform/custom_create/go/router_nat_address_nested_query_create_encoder.go.tmpl' + pre_delete: 'templates/terraform/pre_delete/go/compute_router_nat_address_delete_nat_ips_only.go.tmpl' +custom_diff: + - 'resourceComputeRouterNatAddressDrainNatIpsCustomDiff' +exclude_tgc: true +examples: + - name: 'router_nat_address_count' + primary_resource_id: 'nat_address' + vars: + router_name: 'my-router' + nat_name: 'my-router-nat' + network_name: 'my-network' + subnet_name: 'my-subnetwork' + address_name: 'nat-manual-ip' + exclude_test: true +parameters: + - name: 'router' + type: ResourceRef + description: | + The name of the Cloud Router in which the referenced NAT service is configured. + url_param_only: true + required: true + immutable: true + resource: 'Router' + imports: 'name' + - name: 'routerNat' + type: ResourceRef + description: | + The name of the Nat service in which this address will be configured. + api_name: name + required: true + immutable: true + resource: 'RouterNat' + imports: 'name' + - name: 'region' + type: ResourceRef + description: Region where the NAT service reside. + url_param_only: true + required: false + immutable: true + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + resource: 'Region' + imports: 'name' +properties: + - name: 'natIps' + type: Array + description: | + Self-links of NAT IPs to be used in a Nat service. Only valid if the referenced RouterNat + natIpAllocateOption is set to MANUAL_ONLY. + is_set: true + required: true + send_empty_value: true + set_hash_func: computeRouterNatIPsHash + custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' + item_type: + name: 'address' + type: ResourceRef + description: 'A reference to an address to be associated with this NAT' + resource: 'Address' + imports: 'selfLink' + - name: 'drainNatIps' + type: Array + description: | + A list of URLs of the IP resources to be drained. These IPs must be + valid static external IPs that have been assigned to the NAT. + is_set: true + send_empty_value: true + custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' + item_type: + name: 'address' + type: ResourceRef + description: 'A reference to an address associated with this NAT' + resource: 'Address' + imports: 'selfLink' diff --git a/mmv1/products/compute/go_RouterRoutePolicy.yaml b/mmv1/products/compute/go_RouterRoutePolicy.yaml new file mode 100644 index 000000000000..67d22276db4d --- /dev/null +++ b/mmv1/products/compute/go_RouterRoutePolicy.yaml @@ -0,0 +1,191 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'RouterRoutePolicy' +description: A route policy created in a router +min_version: 'beta' +references: + guides: + 'Google Cloud Router': 'https://cloud.google.com/router/docs/' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/routers' +docs: +id_format: '{{project}}/{{region}}/{{router}}/routePolicies/{{name}}' +base_url: 'projects/{{project}}/regions/{{region}}/routers/{{router}}' +self_link: 'projects/{{project}}/regions/{{region}}/routers/{{router}}/getRoutePolicy?policy={{name}}' +create_url: 'projects/{{project}}/regions/{{region}}/routers/{{router}}/updateRoutePolicy' +update_url: 'projects/{{project}}/regions/{{region}}/routers/{{router}}/updateRoutePolicy' +update_verb: 'POST' +update_mask: true +delete_url: 'projects/{{project}}/regions/{{region}}/routers/{{router}}/deleteRoutePolicy?policy={{name}}' +delete_verb: 'POST' +import_format: + - '{{project}}/{{region}}/{{router}}/routePolicies/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +custom_code: + decoder: 'templates/terraform/decoders/go/unwrap_route_policy_resource.go.tmpl' +examples: + - name: 'router_route_policy_export' + primary_resource_id: 'rp-export' + vars: + router_name: 'my-router' + network_name: 'my-network' + subnet_name: 'my-subnetwork' + route_policy_name: 'my-rp1' + - name: 'router_route_policy_import' + primary_resource_id: 'rp-import' + vars: + router_name: 'my-router' + network_name: 'my-network' + subnet_name: 'my-subnetwork' + route_policy_name: 'my-rp2' +parameters: + - name: 'router' + type: ResourceRef + description: | + The name of the Cloud Router in which this route policy will be configured. + min_version: 'beta' + url_param_only: true + required: true + immutable: true + resource: 'Router' + imports: 'name' + - name: 'region' + type: ResourceRef + description: Region where the router and NAT reside. + min_version: 'beta' + url_param_only: true + required: false + immutable: true + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + resource: 'Region' + imports: 'name' + - name: 'name' + type: String + description: | + Name of the route policy. This policy's name, which must be a resource ID segment and unique within all policies owned by the Router + min_version: 'beta' + required: true + immutable: true +properties: + - name: 'type' + type: Enum + description: | + This is policy's type, which is one of IMPORT or EXPORT + min_version: 'beta' + enum_values: + - 'ROUTE_POLICY_TYPE_IMPORT' + - 'ROUTE_POLICY_TYPE_EXPORT' + - name: 'terms' + type: Array + description: | + List of terms (the order in the list is not important, they are evaluated in order of priority). + min_version: 'beta' + required: true + immutable: true + item_type: + type: NestedObject + properties: + - name: 'priority' + type: Integer + description: | + The evaluation priority for this term, which must be between 0 (inclusive) and 231 (exclusive), and unique within the list. + min_version: 'beta' + required: true + - name: 'match' + type: NestedObject + description: | + CEL expression evaluated against a route to determine if this term applies (see Policy Language). When not set, the term applies to all routes. + min_version: 'beta' + properties: + - name: 'expression' + type: String + description: + Textual representation of an expression in Common Expression + Language syntax. + min_version: 'beta' + required: true + - name: 'title' + type: String + description: + Title for the expression, i.e. a short string describing its + purpose. + min_version: 'beta' + - name: 'description' + type: String + description: Description of the expression + min_version: 'beta' + - name: 'location' + type: String + description: + String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file + min_version: 'beta' + - name: 'actions' + type: Array + description: | + 'CEL expressions to evaluate to modify a route when this term matches.'\ + min_version: 'beta' + item_type: + type: NestedObject + properties: + - name: 'expression' + type: String + description: | + Textual representation of an expression in Common Expression + Language syntax. + min_version: 'beta' + required: true + - name: 'title' + type: String + description: | + Title for the expression, i.e. a short string describing its + purpose. + min_version: 'beta' + - name: 'description' + type: String + description: | + Description of the expression + min_version: 'beta' + - name: 'location' + type: String + description: | + String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file + min_version: 'beta' + - name: 'fingerprint' + type: Fingerprint + description: | + The fingerprint used for optimistic locking of this resource. Used + internally during updates. + min_version: 'beta' + output: true diff --git a/mmv1/products/compute/go_SecurityPolicyRule.yaml b/mmv1/products/compute/go_SecurityPolicyRule.yaml new file mode 100644 index 000000000000..6b5de6fb585f --- /dev/null +++ b/mmv1/products/compute/go_SecurityPolicyRule.yaml @@ -0,0 +1,460 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'SecurityPolicyRule' +description: | + A rule for the SecurityPolicy. +references: + guides: + 'Creating global security policy rules': 'https://cloud.google.com/armor/docs/configure-security-policies' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/securityPolicies/addRule' +docs: +id_format: 'projects/{{project}}/global/securityPolicies/{{security_policy}}/priority/{{priority}}' +base_url: 'projects/{{project}}/global/securityPolicies/{{security_policy}}' +self_link: 'projects/{{project}}/global/securityPolicies/{{security_policy}}/getRule?priority={{priority}}' +create_url: 'projects/{{project}}/global/securityPolicies/{{security_policy}}/addRule?priority={{priority}}' +update_url: 'projects/{{project}}/global/securityPolicies/{{security_policy}}/patchRule?priority={{priority}}' +update_verb: 'POST' +update_mask: true +delete_url: 'projects/{{project}}/global/securityPolicies/{{security_policy}}/removeRule?priority={{priority}}' +delete_verb: 'POST' +import_format: + - 'projects/{{project}}/global/securityPolicies/{{security_policy}}/priority/{{priority}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +custom_code: +examples: + - name: 'security_policy_rule_basic' + primary_resource_id: 'policy_rule' + vars: + sec_policy_name: 'policyruletest' + - name: 'security_policy_rule_default_rule' + primary_resource_id: 'policy_rule' + vars: + sec_policy_name: 'policyruletest' + project_id: 'PROJECT_NAME' + exclude_test: true + - name: 'security_policy_rule_multiple_rules' + primary_resource_id: 'policy_rule_one' + vars: + sec_policy_name: 'policywithmultiplerules' +parameters: + - name: 'security_policy' + type: String + description: | + The name of the security policy this rule belongs to. + url_param_only: true + required: true + immutable: true +properties: + - name: 'description' + type: String + description: | + An optional description of this resource. Provide this property when you create the resource. + - name: 'priority' + type: Integer + description: | + An integer indicating the priority of a rule in the list. + The priority must be a positive value between 0 and 2147483647. + Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority. + required: true + immutable: true + - name: 'match' + type: NestedObject + description: | + A match condition that incoming traffic is evaluated against. + If it evaluates to true, the corresponding 'action' is enforced. + properties: + - name: 'versionedExpr' + type: Enum + description: | + Preconfigured versioned expression. If this field is specified, config must also be specified. + Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding srcIpRange field in config. + enum_values: + - 'SRC_IPS_V1' + - name: 'expr' + type: NestedObject + description: | + User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header. + properties: + - name: 'expression' + type: String + description: | + Textual representation of an expression in Common Expression Language syntax. The application context of the containing message determines which well-known feature set of CEL is supported. + required: true + # >> These fields are not yet supported, following the global security policy resource. + # - !ruby/object:Api::Type::String + # name: 'title' + # description: | + # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression. + # - !ruby/object:Api::Type::String + # name: 'description' + # description: | + # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI. + # - !ruby/object:Api::Type::String + # name: 'location' + # description: | + # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file. + - name: 'exprOptions' + type: NestedObject + description: | + The configuration options available when specifying a user defined CEVAL expression (i.e., 'expr'). + properties: + - name: 'recaptchaOptions' + type: NestedObject + description: | + reCAPTCHA configuration options to be applied for the rule. If the rule does not evaluate reCAPTCHA tokens, this field has no effect. + required: true + properties: + - name: 'actionTokenSiteKeys' + type: Array + description: | + A list of site keys to be used during the validation of reCAPTCHA action-tokens. The provided site keys need to be created from reCAPTCHA API under the same project where the security policy is created. + item_type: + type: String + - name: 'sessionTokenSiteKeys' + type: Array + description: | + A list of site keys to be used during the validation of reCAPTCHA session-tokens. The provided site keys need to be created from reCAPTCHA API under the same project where the security policy is created. + item_type: + type: String + - name: 'config' + type: NestedObject + description: | + The configuration options available when specifying versionedExpr. + This field must be specified if versionedExpr is specified and cannot be specified if versionedExpr is not specified. + properties: + - name: 'srcIpRanges' + type: Array + description: | + CIDR IP address range. Maximum number of srcIpRanges allowed is 10. + item_type: + type: String + - name: 'preconfiguredWafConfig' + type: NestedObject + description: | + Preconfigured WAF configuration to be applied for the rule. + If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect. + properties: + - name: 'exclusion' + type: Array + description: | + An exclusion to apply during preconfigured WAF evaluation. + api_name: exclusions + item_type: + type: NestedObject + properties: + - name: 'requestHeader' + type: Array + description: | + Request header whose value will be excluded from inspection during preconfigured WAF evaluation. + api_name: requestHeadersToExclude + item_type: + type: NestedObject + properties: + - name: 'operator' + type: String + description: | + You can specify an exact match or a partial match by using a field operator and a field value. + Available options: + EQUALS: The operator matches if the field value equals the specified value. + STARTS_WITH: The operator matches if the field value starts with the specified value. + ENDS_WITH: The operator matches if the field value ends with the specified value. + CONTAINS: The operator matches if the field value contains the specified value. + EQUALS_ANY: The operator matches if the field value is any value. + api_name: op + required: true + validation: + function: 'validation.StringInSlice([]string{"EQUALS", "STARTS_WITH", "ENDS_WITH", "CONTAINS", "EQUALS_ANY"}, false)' + - name: 'value' + type: String + description: | + A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation. + The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY. + api_name: val + - name: 'requestCookie' + type: Array + description: | + Request cookie whose value will be excluded from inspection during preconfigured WAF evaluation. + api_name: requestCookiesToExclude + item_type: + type: NestedObject + properties: + - name: 'operator' + type: String + description: | + You can specify an exact match or a partial match by using a field operator and a field value. + Available options: + EQUALS: The operator matches if the field value equals the specified value. + STARTS_WITH: The operator matches if the field value starts with the specified value. + ENDS_WITH: The operator matches if the field value ends with the specified value. + CONTAINS: The operator matches if the field value contains the specified value. + EQUALS_ANY: The operator matches if the field value is any value. + api_name: op + required: true + validation: + function: 'validation.StringInSlice([]string{"EQUALS", "STARTS_WITH", "ENDS_WITH", "CONTAINS", "EQUALS_ANY"}, false)' + - name: 'value' + type: String + description: | + A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation. + The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY. + api_name: val + - name: 'requestUri' + type: Array + description: | + Request URI from the request line to be excluded from inspection during preconfigured WAF evaluation. + When specifying this field, the query or fragment part should be excluded. + api_name: requestUrisToExclude + item_type: + type: NestedObject + properties: + - name: 'operator' + type: String + description: | + You can specify an exact match or a partial match by using a field operator and a field value. + Available options: + EQUALS: The operator matches if the field value equals the specified value. + STARTS_WITH: The operator matches if the field value starts with the specified value. + ENDS_WITH: The operator matches if the field value ends with the specified value. + CONTAINS: The operator matches if the field value contains the specified value. + EQUALS_ANY: The operator matches if the field value is any value. + api_name: op + required: true + validation: + function: 'validation.StringInSlice([]string{"EQUALS", "STARTS_WITH", "ENDS_WITH", "CONTAINS", "EQUALS_ANY"}, false)' + - name: 'value' + type: String + description: | + A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation. + The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY. + api_name: val + - name: 'requestQueryParam' + type: Array + description: | + Request query parameter whose value will be excluded from inspection during preconfigured WAF evaluation. + Note that the parameter can be in the query string or in the POST body. + api_name: requestQueryParamsToExclude + item_type: + type: NestedObject + properties: + - name: 'operator' + type: String + description: | + You can specify an exact match or a partial match by using a field operator and a field value. + Available options: + EQUALS: The operator matches if the field value equals the specified value. + STARTS_WITH: The operator matches if the field value starts with the specified value. + ENDS_WITH: The operator matches if the field value ends with the specified value. + CONTAINS: The operator matches if the field value contains the specified value. + EQUALS_ANY: The operator matches if the field value is any value. + api_name: op + required: true + validation: + function: 'validation.StringInSlice([]string{"EQUALS", "STARTS_WITH", "ENDS_WITH", "CONTAINS", "EQUALS_ANY"}, false)' + - name: 'value' + type: String + description: | + A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation. + The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY. + api_name: val + - name: 'targetRuleSet' + type: String + description: | + Target WAF rule set to apply the preconfigured WAF exclusion. + required: true + - name: 'targetRuleIds' + type: Array + description: | + A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. + If omitted, it refers to all the rule IDs under the WAF rule set. + item_type: + type: String + - name: 'action' + type: String + description: | + The Action to perform when the rule is matched. The following are the valid actions: + + * allow: allow access to target. + + * deny(STATUS): deny access to target, returns the HTTP response code specified. Valid values for STATUS are 403, 404, and 502. + + * rate_based_ban: limit client traffic to the configured threshold and ban the client if the traffic exceeds the threshold. Configure parameters for this action in RateLimitOptions. Requires rateLimitOptions to be set. + + * redirect: redirect to a different target. This can either be an internal reCAPTCHA redirect, or an external URL-based redirect via a 302 response. Parameters for this action can be configured via redirectOptions. This action is only supported in Global Security Policies of type CLOUD_ARMOR. + + * throttle: limit client traffic to the configured threshold. Configure parameters for this action in rateLimitOptions. Requires rateLimitOptions to be set for this. + required: true + - name: 'rateLimitOptions' + type: NestedObject + description: | + Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions. + update_mask_fields: + - 'rateLimitOptions.rateLimitThreshold' + - 'rateLimitOptions.conformAction' + - 'rateLimitOptions.exceedRedirectOptions' + - 'rateLimitOptions.exceedAction' + - 'rateLimitOptions.enforceOnKey' + - 'rateLimitOptions.enforceOnKeyName' + - 'rateLimitOptions.enforceOnKeyConfigs' + - 'rateLimitOptions.banThreshold' + - 'rateLimitOptions.banDurationSec' + properties: + - name: 'rateLimitThreshold' + type: NestedObject + description: | + Threshold at which to begin ratelimiting. + properties: + - name: 'count' + type: Integer + description: | + Number of HTTP(S) requests for calculating the threshold. + - name: 'intervalSec' + type: Integer + description: | + Interval over which the threshold is computed. + - name: 'conformAction' + type: String + description: | + Action to take for requests that are under the configured rate limit threshold. + Valid option is "allow" only. + - name: 'exceedRedirectOptions' + type: NestedObject + description: | + Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. This field is only supported in Global Security Policies of type CLOUD_ARMOR. + properties: + - name: 'type' + type: String + description: | + Type of the redirect action. + - name: 'target' + type: String + description: | + Target for the redirect action. This is required if the type is EXTERNAL_302 and cannot be specified for GOOGLE_RECAPTCHA. + - name: 'exceedAction' + type: String + description: | + Action to take for requests that are above the configured rate limit threshold, to either deny with a specified HTTP response code, or redirect to a different endpoint. + Valid options are deny(STATUS), where valid values for STATUS are 403, 404, 429, and 502. + - name: 'enforceOnKey' + type: Enum + description: | + Determines the key to enforce the rateLimitThreshold on. Possible values are: + * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKey" is not configured. + * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + * REGION_CODE: The country/region from which the request originates. + * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + enum_values: + - 'ALL' + - 'IP' + - 'HTTP_HEADER' + - 'XFF_IP' + - 'HTTP_COOKIE' + - 'HTTP_PATH' + - 'SNI' + - 'REGION_CODE' + - 'TLS_JA3_FINGERPRINT' + - 'USER_IP' + - name: 'enforceOnKeyName' + type: String + description: | + Rate limit key name applicable only for the following key types: + HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. + - name: 'enforceOnKeyConfigs' + type: Array + description: | + If specified, any combination of values of enforceOnKeyType/enforceOnKeyName is treated as the key on which ratelimit threshold/action is enforced. + You can specify up to 3 enforceOnKeyConfigs. + If enforceOnKeyConfigs is specified, enforceOnKey must not be specified. + item_type: + type: NestedObject + properties: + - name: 'enforceOnKeyType' + type: Enum + description: | + Determines the key to enforce the rateLimitThreshold on. Possible values are: + * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKeyConfigs" is not configured. + * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + * REGION_CODE: The country/region from which the request originates. + * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + enum_values: + - 'ALL' + - 'IP' + - 'HTTP_HEADER' + - 'XFF_IP' + - 'HTTP_COOKIE' + - 'HTTP_PATH' + - 'SNI' + - 'REGION_CODE' + - 'TLS_JA3_FINGERPRINT' + - 'USER_IP' + - name: 'enforceOnKeyName' + type: String + description: | + Rate limit key name applicable only for the following key types: + HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. + - name: 'banThreshold' + type: NestedObject + description: | + Can only be specified if the action for the rule is "rate_based_ban". + If specified, the key will be banned for the configured 'banDurationSec' when the number of requests that exceed the 'rateLimitThreshold' also exceed this 'banThreshold'. + properties: + - name: 'count' + type: Integer + description: | + Number of HTTP(S) requests for calculating the threshold. + - name: 'intervalSec' + type: Integer + description: | + Interval over which the threshold is computed. + - name: 'banDurationSec' + type: Integer + description: | + Can only be specified if the action for the rule is "rate_based_ban". + If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold. + - name: 'preview' + type: Boolean + description: | + If set to true, the specified action is not enforced. diff --git a/mmv1/products/compute/go_ServiceAttachment.yaml b/mmv1/products/compute/go_ServiceAttachment.yaml new file mode 100644 index 000000000000..5df7b4505bf4 --- /dev/null +++ b/mmv1/products/compute/go_ServiceAttachment.yaml @@ -0,0 +1,271 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'ServiceAttachment' +kind: 'compute#ServiceAttachment' +description: | + Represents a ServiceAttachment resource. +references: + guides: + 'Configuring Private Service Connect to access services': 'https://cloud.google.com/vpc/docs/configure-private-service-connect-services' + api: 'https://cloud.google.com/compute/docs/reference/beta/serviceAttachments' +docs: +base_url: 'projects/{{project}}/regions/{{region}}/serviceAttachments' +has_self_link: true +update_verb: 'PATCH' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +custom_code: + constants: 'templates/terraform/constants/go/compute_service_attachment.go.tmpl' + update_encoder: 'templates/terraform/update_encoder/go/compute_service_attachment.go.tmpl' +examples: + - name: 'service_attachment_basic' + primary_resource_id: 'psc_ilb_service_attachment' + vars: + service_attachment_name: 'my-psc-ilb' + network_name: 'psc-ilb-network' + nat_subnetwork_name: 'psc-ilb-nat' + producer_subnetwork_name: 'psc-ilb-producer-subnetwork' + producer_health_check_name: 'producer-service-health-check' + producer_service_name: 'producer-service' + producer_forwarding_rule_name: 'producer-forwarding-rule' + consumer_address_name: 'psc-ilb-consumer-address' + consumer_forwarding_rule_name: 'psc-ilb-consumer-forwarding-rule' + - name: 'service_attachment_explicit_projects' + primary_resource_id: 'psc_ilb_service_attachment' + vars: + service_attachment_name: 'my-psc-ilb' + network_name: 'psc-ilb-network' + nat_subnetwork_name: 'psc-ilb-nat' + producer_subnetwork_name: 'psc-ilb-producer-subnetwork' + producer_health_check_name: 'producer-service-health-check' + producer_service_name: 'producer-service' + producer_forwarding_rule_name: 'producer-forwarding-rule' + consumer_address_name: 'psc-ilb-consumer-address' + consumer_forwarding_rule_name: 'psc-ilb-consumer-forwarding-rule' + - name: 'service_attachment_explicit_networks' + primary_resource_id: 'psc_ilb_service_attachment' + vars: + service_attachment_name: 'my-psc-ilb' + network_name: 'psc-ilb-network' + nat_subnetwork_name: 'psc-ilb-nat' + producer_subnetwork_name: 'psc-ilb-producer-subnetwork' + producer_health_check_name: 'producer-service-health-check' + producer_service_name: 'producer-service' + producer_forwarding_rule_name: 'producer-forwarding-rule' + consumer_network_name: 'psc-ilb-consumer-network' + consumer_address_name: 'psc-ilb-consumer-address' + consumer_forwarding_rule_name: 'psc-ilb-consumer-forwarding-rule' + - name: 'service_attachment_reconcile_connections' + primary_resource_id: 'psc_ilb_service_attachment' + vars: + service_attachment_name: 'my-psc-ilb' + network_name: 'psc-ilb-network' + nat_subnetwork_name: 'psc-ilb-nat' + producer_subnetwork_name: 'psc-ilb-producer-subnetwork' + producer_health_check_name: 'producer-service-health-check' + producer_service_name: 'producer-service' + producer_forwarding_rule_name: 'producer-forwarding-rule' + consumer_address_name: 'psc-ilb-consumer-address' + consumer_forwarding_rule_name: 'psc-ilb-consumer-forwarding-rule' +parameters: + - name: 'region' + type: ResourceRef + description: | + URL of the region where the resource resides. + required: false + immutable: true + ignore_read: true + default_from_api: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' +properties: + - name: 'name' + type: String + description: | + Name of the resource. The name must be 1-63 characters long, and + comply with RFC1035. Specifically, the name must be 1-63 characters + long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` + which means the first character must be a lowercase letter, and all + following characters must be a dash, lowercase letter, or digit, + except the last character, which cannot be a dash. + required: true + immutable: true + - name: 'description' + type: String + description: | + An optional description of this resource. + - name: 'fingerprint' + type: Fingerprint + description: | + Fingerprint of this resource. This field is used internally during + updates of this resource. + output: true + - name: 'connectionPreference' + type: String + description: | + The connection preference to use for this service attachment. Valid + values include "ACCEPT_AUTOMATIC", "ACCEPT_MANUAL". + required: true + - name: 'connectedEndpoints' + type: Array + description: | + An array of the consumer forwarding rules connected to this service + attachment. + output: true + item_type: + type: NestedObject + properties: + - name: 'endpoint' + type: String + description: | + The URL of the consumer forwarding rule. + output: true + - name: 'status' + type: String + description: | + The status of the connection from the consumer forwarding rule to + this service attachment. + output: true + - name: 'consumerNetwork' + type: String + description: | + The url of the consumer network. + output: true + - name: 'pscConnectionId' + type: String + description: | + The PSC connection id of the connected endpoint. + output: true + - name: 'propagatedConnectionCount' + type: Integer + description: | + The number of consumer Network Connectivity Center spokes that the connected Private Service Connect endpoint has propagated to. + min_version: 'beta' + output: true + - name: 'targetService' + type: String + description: | + The URL of a service serving the endpoint identified by this service attachment. + required: true + immutable: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - name: 'natSubnets' + type: Array + description: | + An array of subnets that is provided for NAT in this service attachment. + required: true + send_empty_value: true + custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' + item_type: + name: 'subnet' + type: ResourceRef + description: | + A subnet that is provided for NAT in this service attachment. + resource: 'Subnetwork' + imports: 'selfLink' + - name: 'enableProxyProtocol' + type: Boolean + description: | + If true, enable the proxy protocol which is for supplying client TCP/IP + address data in TCP connections that traverse proxies on their way to + destination servers. + required: true + - name: 'domainNames' + type: Array + description: | + If specified, the domain name will be used during the integration between + the PSC connected endpoints and the Cloud DNS. For example, this is a + valid domain name: "p.mycompany.com.". Current max number of domain names + supported is 1. + immutable: true + item_type: + type: String + - name: 'consumerRejectLists' + type: Array + description: | + An array of projects that are not allowed to connect to this service + attachment. + send_empty_value: true + item_type: + type: String + - name: 'consumerAcceptLists' + type: Array + description: | + An array of projects that are allowed to connect to this service + attachment. + is_set: true + send_empty_value: true + set_hash_func: computeServiceAttachmentConsumerAcceptListsHash + item_type: + type: NestedObject + properties: + - name: 'projectIdOrNum' + type: String + # TODO (laurensknoll): add exactly_one_of when it can be applied to lists (https://github.com/hashicorp/terraform-plugin-sdk/issues/470) + description: | + A project that is allowed to connect to this service attachment. + Only one of project_id_or_num and network_url may be set. + - name: 'networkUrl' + type: String + # TODO (laurensknoll): add exactly_one_of when it can be applied to lists (https://github.com/hashicorp/terraform-plugin-sdk/issues/470) + description: | + The network that is allowed to connect to this service attachment. + Only one of project_id_or_num and network_url may be set. + diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' + - name: 'connectionLimit' + type: Integer + description: | + The number of consumer forwarding rules the consumer project can + create. + required: true + - name: 'reconcileConnections' + type: Boolean + description: | + This flag determines whether a consumer accept/reject list change can reconcile the statuses of existing ACCEPTED or REJECTED PSC endpoints. + + If false, connection policy update will only affect existing PENDING PSC endpoints. Existing ACCEPTED/REJECTED endpoints will remain untouched regardless how the connection policy is modified . + If true, update will affect both PENDING and ACCEPTED/REJECTED PSC endpoints. For example, an ACCEPTED PSC endpoint will be moved to REJECTED if its project is added to the reject list. + default_from_api: true + send_empty_value: true + - name: 'propagatedConnectionLimit' + type: Integer + description: | + The number of consumer spokes that connected Private Service Connect endpoints can be propagated to through Network Connectivity Center. + This limit lets the service producer limit how many propagated Private Service Connect connections can be established to this service attachment from a single consumer. + + If the connection preference of the service attachment is ACCEPT_MANUAL, the limit applies to each project or network that is listed in the consumer accept list. + If the connection preference of the service attachment is ACCEPT_AUTOMATIC, the limit applies to each project that contains a connected endpoint. + + If unspecified, the default propagated connection limit is 250. + min_version: 'beta' + default_from_api: true diff --git a/mmv1/products/compute/go_Snapshot.yaml b/mmv1/products/compute/go_Snapshot.yaml new file mode 100644 index 000000000000..084f6addf38a --- /dev/null +++ b/mmv1/products/compute/go_Snapshot.yaml @@ -0,0 +1,253 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Snapshot' +kind: 'compute#snapshot' +description: | + Represents a Persistent Disk Snapshot resource. + + Use snapshots to back up data from your persistent disks. Snapshots are + different from public images and custom images, which are used primarily + to create instances or configure instance templates. Snapshots are useful + for periodic backup of the data on your persistent disks. You can create + snapshots from persistent disks even while they are attached to running + instances. + + Snapshots are incremental, so you can create regular snapshots on a + persistent disk faster and at a much lower cost than if you regularly + created a full image of the disk. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/compute/docs/disks/create-snapshots' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/snapshots' +docs: +base_url: 'projects/{{project}}/global/snapshots' +has_self_link: true +create_url: 'PRE_CREATE_REPLACE_ME/createSnapshot' +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +# 'createSnapshot' is a zonal operation while 'snapshot.delete' is a global +# operation. we'll leave the object as global operation and use the disk's +# zonal operation for the create action. +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + full_url: 'selfLink' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +iam_policy: + parent_resource_attribute: 'name' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/global/snapshots/{{name}}' + - '{{name}}' +custom_code: + decoder: 'templates/terraform/decoders/go/snapshot.go.tmpl' + pre_create: 'templates/terraform/pre_create/go/compute_snapshot_precreate_url.go.tmpl' +examples: + - name: 'snapshot_basic' + primary_resource_id: 'snapshot' + primary_resource_name: 'fmt.Sprintf("tf-test-my-snapshot%s", context["random_suffix"])' + vars: + snapshot_name: 'my-snapshot' + disk_name: 'debian-disk' + - name: 'snapshot_chainname' + primary_resource_id: 'snapshot' + primary_resource_name: 'fmt.Sprintf("tf-test-snapshot-chainname%s", context["random_suffix"])' + vars: + snapshot_name: 'my-snapshot' + disk_name: 'debian-disk' + chain_name: 'snapshot-chain' +parameters: + - name: 'sourceDisk' + type: ResourceRef + description: 'A reference to the disk used to create this snapshot.' + required: true + immutable: true + # ignore_read in providers - this is only used in Create + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Disk' + imports: 'name' + - name: 'zone' + type: ResourceRef + description: 'A reference to the zone where the disk is hosted.' + required: false + immutable: true + ignore_read: true + default_from_api: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Zone' + imports: 'name' + - name: 'snapshotEncryptionKey' + type: NestedObject + description: | + Encrypts the snapshot using a customer-supplied encryption key. + + After you encrypt a snapshot using a customer-supplied key, you must + provide the same key if you use the snapshot later. For example, you + must provide the encryption key when you create a disk from the + encrypted snapshot in a future request. + + Customer-supplied encryption keys do not protect access to metadata of + the snapshot. + + If you do not provide an encryption key when creating the snapshot, + then the snapshot will be encrypted using an automatically generated + key and you do not need to provide a key to use the snapshot later. + properties: + - name: 'rawKey' + type: String + description: | + Specifies a 256-bit customer-supplied encryption key, encoded in + RFC 4648 base64 to either encrypt or decrypt this resource. + ignore_read: true + sensitive: true + custom_flatten: 'templates/terraform/custom_flatten/go/compute_snapshot_snapshot_encryption_raw_key.go.tmpl' + - name: 'sha256' + type: String + description: | + The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied + encryption key that protects this resource. + output: true + # TODO(chrisst) Change to ResourceRef once KMS is in Magic Modules + - name: 'kmsKeySelfLink' + type: String + description: | + The name of the encryption key that is stored in Google Cloud KMS. + api_name: kmsKeyName + - name: 'kmsKeyServiceAccount' + type: String + description: | + The service account used for the encryption request for the given KMS key. + If absent, the Compute Engine Service Agent service account is used. + # ignore_read in providers - this is only used in Create + - name: 'sourceDiskEncryptionKey' + type: NestedObject + description: | + The customer-supplied encryption key of the source snapshot. Required + if the source snapshot is protected by a customer-supplied encryption + key. + ignore_read: true + properties: + - name: 'rawKey' + type: String + description: | + Specifies a 256-bit customer-supplied encryption key, encoded in + RFC 4648 base64 to either encrypt or decrypt this resource. + # The docs list this field but it is never returned. + sensitive: true + - name: 'kmsKeyServiceAccount' + type: String + description: | + The service account used for the encryption request for the given KMS key. + If absent, the Compute Engine Service Agent service account is used. +properties: + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'snapshot_id' + type: Integer + description: 'The unique identifier for the resource.' + api_name: id + output: true + # 'status' not useful for object convergence. + - name: 'diskSizeGb' + type: Integer + description: 'Size of the snapshot, specified in GB.' + output: true + - name: 'chainName' + type: String + description: | + Creates the new snapshot in the snapshot chain labeled with the + specified name. The chain name must be 1-63 characters long and + comply with RFC1035. This is an uncommon option only for advanced + service owners who needs to create separate snapshot chains, for + example, for chargeback tracking. When you describe your snapshot + resource, this field is visible only if it has a non-empty value. + - name: 'name' + type: String + description: | + Name of the resource; provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and match + the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the + first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the last + character, which cannot be a dash. + required: true + immutable: true + - name: 'description' + type: String + description: 'An optional description of this resource.' + immutable: true + # 'sourceDiskId' not useful for object convergence. + - name: 'storageBytes' + type: Integer + description: | + A size of the storage used by the snapshot. As snapshots share + storage, this number is expected to change with snapshot + creation/deletion. + output: true + # 'storageBytesStatus' not useful for object convergence. + - name: 'storageLocations' + type: Array + description: | + Cloud Storage bucket storage location of the snapshot (regional or multi-regional). + default_from_api: true + item_type: + type: String + - name: 'licenses' + type: Array + description: | + A list of public visible licenses that apply to this snapshot. This + can be because the original image had licenses attached (such as a + Windows image). snapshotEncryptionKey nested object Encrypts the + snapshot using a customer-supplied encryption key. + output: true + custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' + item_type: + name: 'license' + type: ResourceRef + description: 'A reference to a license associated with this snapshot' + resource: 'License' + imports: 'selfLink' + - name: 'labels' + type: KeyValueLabels + description: Labels to apply to this Snapshot. + update_url: 'projects/{{project}}/global/snapshots/{{name}}/setLabels' + update_verb: 'POST' + - name: 'labelFingerprint' + type: Fingerprint + description: | + The fingerprint used for optimistic locking of this resource. Used + internally during updates. + output: true + update_url: 'projects/{{project}}/global/snapshots/{{name}}/setLabels' + update_verb: 'POST' + key_expander: '' diff --git a/mmv1/products/compute/go_SslCertificate.yaml b/mmv1/products/compute/go_SslCertificate.yaml new file mode 100644 index 000000000000..dd9b66e9dd2b --- /dev/null +++ b/mmv1/products/compute/go_SslCertificate.yaml @@ -0,0 +1,133 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'SslCertificate' +kind: 'compute#sslCertificate' +description: | + An SslCertificate resource, used for HTTPS load balancing. This resource + provides a mechanism to upload an SSL key and certificate to + the load balancer to serve secure connections from the user. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/ssl-certificates' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/sslCertificates' +docs: + optional_properties: | + * `name_prefix` - (Optional) Creates a unique name beginning with the + specified prefix. Conflicts with `name`. Max length is 54 characters. + Prefixes with lengths longer than 37 characters will use a shortened + UUID that will be more prone to collisions. + Resulting name for a `name_prefix` <= 37 characters: + `name_prefix` + YYYYmmddHHSSssss + 8 digit incremental counter + Resulting name for a `name_prefix` 38 - 54 characters: + `name_prefix` + YYmmdd + 3 digit incremental counter +base_url: 'projects/{{project}}/global/sslCertificates' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: + extra_schema_entry: 'templates/terraform/extra_schema_entry/go/ssl_certificate.tmpl' +examples: + - name: 'ssl_certificate_basic' + primary_resource_id: 'default' + ignore_read_extra: + - 'name_prefix' + # Uses id.UniqueId + skip_vcr: true + - name: 'ssl_certificate_random_provider' + primary_resource_id: 'default' + external_providers: ["random", "time"] + # Uses id.UniqueId + skip_vcr: true + - name: 'ssl_certificate_target_https_proxies' + primary_resource_id: 'default' + vars: + target_https_proxy_name: 'test-proxy' + url_map_name: 'url-map' + backend_service_name: 'backend-service' + http_health_check_name: 'http-health-check' + ignore_read_extra: + - 'name_prefix' + # Uses id.UniqueId + skip_vcr: true +parameters: +properties: + - name: 'certificate' + type: String + description: | + The certificate in PEM format. + The certificate chain must be no greater than 5 certs long. + The chain must include at least one intermediate cert. + required: true + sensitive: true + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'description' + type: String + description: 'An optional description of this resource.' + - name: 'expireTime' + type: String + description: 'Expire time of the certificate in RFC3339 text format.' + output: true + - name: 'certificate_id' + type: Integer + description: 'The unique identifier for the resource.' + api_name: id + output: true + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and match + the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the + first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the last + character, which cannot be a dash. + + These are in the same namespace as the managed SSL certificates. + default_from_api: true + custom_expand: 'templates/terraform/custom_expand/go/name_or_name_prefix.go.tmpl' + validation: + function: 'verify.ValidateGCEName' + - name: 'privateKey' + type: String + description: 'The write-only private key in PEM format.' + required: true + immutable: true + ignore_read: true + sensitive: true + diff_suppress_func: 'sha256DiffSuppress' + custom_flatten: 'templates/terraform/custom_flatten/go/sha256.tmpl' diff --git a/mmv1/products/compute/go_SslPolicy.yaml b/mmv1/products/compute/go_SslPolicy.yaml new file mode 100644 index 000000000000..f84a7345f86e --- /dev/null +++ b/mmv1/products/compute/go_SslPolicy.yaml @@ -0,0 +1,138 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'SslPolicy' +kind: 'compute#sslPolicy' +description: | + Represents a SSL policy. SSL policies give you the ability to control the + features of SSL that your SSL proxy or HTTPS load balancer negotiates. +references: + guides: + 'Using SSL Policies': 'https://cloud.google.com/compute/docs/load-balancing/ssl-policies' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/sslPolicies' +docs: +base_url: 'projects/{{project}}/global/sslPolicies' +has_self_link: true +update_verb: 'PATCH' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: + constants: 'templates/terraform/constants/go/ssl_policy.tmpl' + update_encoder: 'templates/terraform/update_encoder/go/ssl_policy.tmpl' +custom_diff: + - 'sslPolicyCustomizeDiff' +examples: + - name: 'ssl_policy_basic' + primary_resource_id: 'prod-ssl-policy' + vars: + production_ssl_policy_name: 'production-ssl-policy' + nonprod_ssl_policy_name: 'nonprod-ssl-policy' + custom_ssl_policy_name: 'custom-ssl-policy' +parameters: +properties: + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'description' + type: String + description: 'An optional description of this resource.' + immutable: true + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and match + the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the + first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the last + character, which cannot be a dash. + required: true + immutable: true + # TODO: profile, minTlsVersion, enabledFeatures, customFeatures, fingerprint, warnings, kind + - name: 'profile' + type: Enum + description: | + Profile specifies the set of SSL features that can be used by the + load balancer when negotiating SSL with clients. If using `CUSTOM`, + the set of SSL features to enable must be specified in the + `customFeatures` field. + + See the [official documentation](https://cloud.google.com/compute/docs/load-balancing/ssl-policies#profilefeaturesupport) + for information on what cipher suites each profile provides. If + `CUSTOM` is used, the `custom_features` attribute **must be set**. + default_value: "COMPATIBLE" + enum_values: + - 'COMPATIBLE' + - 'MODERN' + - 'RESTRICTED' + - 'CUSTOM' + - name: 'minTlsVersion' + type: Enum + description: | + The minimum version of SSL protocol that can be used by the clients + to establish a connection with the load balancer. + default_value: "TLS_1_0" + enum_values: + - 'TLS_1_0' + - 'TLS_1_1' + - 'TLS_1_2' + - name: 'enabledFeatures' + type: Array + description: 'The list of features enabled in the SSL policy.' + is_set: true + output: true + item_type: + type: String + - name: 'customFeatures' + type: Array + description: | + Profile specifies the set of SSL features that can be used by the + load balancer when negotiating SSL with clients. This can be one of + `COMPATIBLE`, `MODERN`, `RESTRICTED`, or `CUSTOM`. If using `CUSTOM`, + the set of SSL features to enable must be specified in the + `customFeatures` field. + + See the [official documentation](https://cloud.google.com/compute/docs/load-balancing/ssl-policies#profilefeaturesupport) + for which ciphers are available to use. **Note**: this argument + *must* be present when using the `CUSTOM` profile. This argument + *must not* be present when using any other profile. + is_set: true + item_type: + type: String + - name: 'fingerprint' + type: String + description: | + Fingerprint of this resource. A hash of the contents stored in this + object. This field is used in optimistic locking. + output: true diff --git a/mmv1/products/compute/go_Subnetwork.yaml b/mmv1/products/compute/go_Subnetwork.yaml new file mode 100644 index 000000000000..ed22a7b12c16 --- /dev/null +++ b/mmv1/products/compute/go_Subnetwork.yaml @@ -0,0 +1,445 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Subnetwork' +kind: 'compute#subnetwork' +description: | + A VPC network is a virtual version of the traditional physical networks + that exist within and between physical data centers. A VPC network + provides connectivity for your Compute Engine virtual machine (VM) + instances, Container Engine containers, App Engine Flex services, and + other network-related resources. + + Each GCP project contains one or more VPC networks. Each VPC network is a + global entity spanning all GCP regions. This global VPC network allows VM + instances and other resources to communicate with each other via internal, + private IP addresses. + + Each VPC network is subdivided into subnets, and each subnet is contained + within a single region. You can have more than one subnet in a region for + a given VPC network. Each subnet has a contiguous private RFC1918 IP + space. You create instances, containers, and the like in these subnets. + When you create an instance, you must create it in a subnet, and the + instance draws its internal IP address from that subnet. + + Virtual machine (VM) instances in a VPC network can communicate with + instances in all other subnets of the same VPC network, regardless of + region, using their RFC1918 private IP addresses. You can isolate portions + of the network, even entire subnets, using firewall rules. +references: + guides: + 'Private Google Access': 'https://cloud.google.com/vpc/docs/configure-private-google-access' + 'Cloud Networking': 'https://cloud.google.com/vpc/docs/using-vpc' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks' +docs: +base_url: 'projects/{{project}}/regions/{{region}}/subnetworks' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +iam_policy: + allowed_iam_role: 'roles/compute.networkUser' + parent_resource_attribute: 'subnetwork' + iam_conditions_request_type: 'QUERY_PARAM' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' +custom_code: + extra_schema_entry: 'templates/terraform/extra_schema_entry/go/subnetwork.tmpl' + constants: 'templates/terraform/constants/go/subnetwork.tmpl' + post_update: 'templates/terraform/post_update/go/compute_subnetwork.go.tmpl' +custom_diff: + - 'customdiff.ForceNewIfChange("ip_cidr_range", IsShrinkageIpCidr)' + - 'sendSecondaryIpRangeIfEmptyDiff' +examples: + - name: 'subnetwork_basic' + primary_resource_id: 'network-with-private-secondary-ip-ranges' + primary_resource_name: 'fmt.Sprintf("tf-test-test-subnetwork%s", context["random_suffix"])' + vars: + subnetwork_name: 'test-subnetwork' + network_name: 'test-network' + - name: 'subnetwork_logging_config' + primary_resource_id: 'subnet-with-logging' + vars: + subnetwork_name: 'log-test-subnetwork' + network_name: 'log-test-network' + - name: 'subnetwork_internal_l7lb' + primary_resource_id: 'network-for-l7lb' + min_version: 'beta' + vars: + subnetwork_name: 'l7lb-test-subnetwork' + network_name: 'l7lb-test-network' + - name: 'subnetwork_ipv6' + primary_resource_id: 'subnetwork-ipv6' + vars: + subnetwork_name: 'ipv6-test-subnetwork' + network_name: 'ipv6-test-network' + - name: 'subnetwork_internal_ipv6' + primary_resource_id: 'subnetwork-internal-ipv6' + vars: + subnetwork_name: 'internal-ipv6-test-subnetwork' + network_name: 'internal-ipv6-test-network' + - name: 'subnetwork_purpose_private_nat' + primary_resource_id: 'subnetwork-purpose-private-nat' + min_version: 'beta' + vars: + subnetwork_name: 'subnet-purpose-test-subnetwork' + network_name: 'subnet-purpose-test-network' + - name: 'subnetwork_cidr_overlap' + primary_resource_id: 'subnetwork-cidr-overlap' + min_version: 'beta' + vars: + subnetwork_name: 'subnet-cidr-overlap' + network_name: 'net-cidr-overlap' + - name: 'subnetwork_reserved_internal_range' + primary_resource_id: 'subnetwork-reserved-internal-range' + min_version: 'beta' + vars: + subnetwork_name: 'subnetwork-reserved-internal-range' + network_name: 'network-reserved-internal-range' + - name: 'subnetwork_reserved_secondary_range' + primary_resource_id: 'subnetwork-reserved-secondary-range' + min_version: 'beta' + vars: + subnetwork_name: 'subnetwork-reserved-secondary-range' + network_name: 'network-reserved-secondary-range' +virtual_fields: + - name: 'send_secondary_ip_range_if_empty' + description: | + Controls the removal behavior of secondary_ip_range. + When false, removing secondary_ip_range from config will not produce a diff as + the provider will default to the API's value. + When true, the provider will treat removing secondary_ip_range as sending an + empty list of secondary IP ranges to the API. + Defaults to false. + type: Boolean +parameters: +properties: + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'description' + type: String + description: | + An optional description of this resource. Provide this property when + you create the resource. This field can be set only at resource + creation time. + - name: 'gatewayAddress' + type: String + description: | + The gateway address for default routes to reach destination addresses + outside this subnetwork. + output: true + - name: 'ipCidrRange' + type: String + description: | + The range of internal addresses that are owned by this subnetwork. + Provide this property when you create the subnetwork. For example, + 10.0.0.0/8 or 192.168.0.0/16. Ranges must be unique and + non-overlapping within a network. Only IPv4 is supported. + Field is optional when `reserved_internal_range` is defined, otherwise required. + required: false + default_from_api: true + update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}/expandIpCidrRange' + update_verb: 'POST' + validation: + function: 'verify.ValidateIpCidrRange' + - name: 'reservedInternalRange' + type: ResourceRef + description: | + The ID of the reserved internal range. Must be prefixed with `networkconnectivity.googleapis.com` + E.g. `networkconnectivity.googleapis.com/projects/{project}/locations/global/internalRanges/{rangeId}` + resource: 'InternalRange' + imports: 'selfLink' + - name: 'name' + type: String + description: | + The name of the resource, provided by the client when initially + creating the resource. The name must be 1-63 characters long, and + comply with RFC1035. Specifically, the name must be 1-63 characters + long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which + means the first character must be a lowercase letter, and all + following characters must be a dash, lowercase letter, or digit, + except the last character, which cannot be a dash. + required: true + validation: + function: 'verify.ValidateGCEName' + - name: 'network' + type: ResourceRef + description: | + The network this subnet belongs to. + Only networks that are in the distributed mode can have subnetworks. + required: true + immutable: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Network' + imports: 'selfLink' + - name: 'purpose' + type: String + description: | + The purpose of the resource. This field can be either `PRIVATE`, `REGIONAL_MANAGED_PROXY`, `GLOBAL_MANAGED_PROXY`, `PRIVATE_SERVICE_CONNECT` or `PRIVATE_NAT`([Beta](https://terraform.io/docs/providers/google/guides/provider_versions.html)). + A subnet with purpose set to `REGIONAL_MANAGED_PROXY` is a user-created subnetwork that is reserved for regional Envoy-based load balancers. + A subnetwork in a given region with purpose set to `GLOBAL_MANAGED_PROXY` is a proxy-only subnet and is shared between all the cross-regional Envoy-based load balancers. + A subnetwork with purpose set to `PRIVATE_SERVICE_CONNECT` reserves the subnet for hosting a Private Service Connect published service. + A subnetwork with purpose set to `PRIVATE_NAT` is used as source range for Private NAT gateways. + Note that `REGIONAL_MANAGED_PROXY` is the preferred setting for all regional Envoy load balancers. + If unspecified, the purpose defaults to `PRIVATE`. + immutable: true + default_from_api: true + - name: 'role' + type: Enum + description: | + The role of subnetwork. + Currently, this field is only used when `purpose` is `REGIONAL_MANAGED_PROXY`. + The value can be set to `ACTIVE` or `BACKUP`. + An `ACTIVE` subnetwork is one that is currently being used for Envoy-based load balancers in a region. + A `BACKUP` subnetwork is one that is ready to be promoted to `ACTIVE` or is currently draining. + update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}' + update_verb: 'PATCH' + update_id: 'role' + fingerprint_name: 'fingerprint' + enum_values: + - 'ACTIVE' + - 'BACKUP' + - name: 'secondaryIpRange' + type: Array + description: | + An array of configurations for secondary IP ranges for VM instances + contained in this subnetwork. The primary IP of such VM must belong + to the primary ipCidrRange of the subnetwork. The alias IPs may belong + to either primary or secondary ranges. + + **Note**: This field uses [attr-as-block mode](https://www.terraform.io/docs/configuration/attr-as-blocks.html) to avoid + breaking users during the 0.12 upgrade. To explicitly send a list of zero objects, + set `send_secondary_ip_range_if_empty = true` + api_name: secondaryIpRanges + unordered_list: true + default_from_api: true + send_empty_value: true + update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}' + update_verb: 'PATCH' + update_id: 'secondaryIpRanges' + fingerprint_name: 'fingerprint' + item_type: + type: NestedObject + properties: + - name: 'rangeName' + type: String + description: | + The name associated with this subnetwork secondary range, used + when adding an alias IP range to a VM instance. The name must + be 1-63 characters long, and comply with RFC1035. The name + must be unique within the subnetwork. + required: true + validation: + function: 'verify.ValidateGCEName' + - name: 'ipCidrRange' + type: String + description: | + The range of IP addresses belonging to this subnetwork secondary + range. Provide this property when you create the subnetwork. + Ranges must be unique and non-overlapping with all primary and + secondary IP ranges within a network. Only IPv4 is supported. + Field is optional when `reserved_internal_range` is defined, otherwise required. + required: false + default_from_api: true + validation: + function: 'verify.ValidateIpCidrRange' + - name: 'reservedInternalRange' + type: ResourceRef + description: | + The ID of the reserved internal range. Must be prefixed with `networkconnectivity.googleapis.com` + E.g. `networkconnectivity.googleapis.com/projects/{project}/locations/global/internalRanges/{rangeId}` + resource: 'InternalRange' + imports: 'selfLink' + - name: 'privateIpGoogleAccess' + type: Boolean + description: | + When enabled, VMs in this subnetwork without external IP addresses can + access Google APIs and services by using Private Google Access. + default_from_api: true + update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}/setPrivateIpGoogleAccess' + update_verb: 'POST' + - name: 'privateIpv6GoogleAccess' + type: String + description: The private IPv6 google access type for the VMs in this subnet. + default_from_api: true + update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}' + update_verb: 'PATCH' + fingerprint_name: 'fingerprint' + - name: 'region' + type: ResourceRef + description: | + The GCP region for this subnetwork. + required: false + immutable: true + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' + - name: 'logConfig' + type: NestedObject + description: | + This field denotes the VPC flow logging options for this subnetwork. If + logging is enabled, logs are exported to Cloud Logging. Flow logging + isn't supported if the subnet `purpose` field is set to subnetwork is + `REGIONAL_MANAGED_PROXY` or `GLOBAL_MANAGED_PROXY`. + send_empty_value: true + update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}' + update_verb: 'PATCH' + update_id: 'logConfig' + fingerprint_name: 'fingerprint' + custom_flatten: 'templates/terraform/custom_flatten/go/subnetwork_log_config.go.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/subnetwork_log_config.go.tmpl' + properties: + - name: 'aggregationInterval' + type: Enum + description: | + Can only be specified if VPC flow logging for this subnetwork is enabled. + Toggles the aggregation interval for collecting flow logs. Increasing the + interval time will reduce the amount of generated flow logs for long + lasting connections. Default is an interval of 5 seconds per connection. + at_least_one_of: + - 'log_config.0.aggregation_interval' + - 'log_config.0.flow_sampling' + - 'log_config.0.metadata' + - 'log_config.0.filterExpr' + default_value: "INTERVAL_5_SEC" + enum_values: + - 'INTERVAL_5_SEC' + - 'INTERVAL_30_SEC' + - 'INTERVAL_1_MIN' + - 'INTERVAL_5_MIN' + - 'INTERVAL_10_MIN' + - 'INTERVAL_15_MIN' + - name: 'flowSampling' + type: Double + description: | + Can only be specified if VPC flow logging for this subnetwork is enabled. + The value of the field must be in [0, 1]. Set the sampling rate of VPC + flow logs within the subnetwork where 1.0 means all collected logs are + reported and 0.0 means no logs are reported. Default is 0.5 which means + half of all collected logs are reported. + at_least_one_of: + - 'log_config.0.aggregation_interval' + - 'log_config.0.flow_sampling' + - 'log_config.0.metadata' + - 'log_config.0.filterExpr' + default_value: 0.5 + - name: 'metadata' + type: Enum + description: | + Can only be specified if VPC flow logging for this subnetwork is enabled. + Configures whether metadata fields should be added to the reported VPC + flow logs. + at_least_one_of: + - 'log_config.0.aggregation_interval' + - 'log_config.0.flow_sampling' + - 'log_config.0.metadata' + - 'log_config.0.filterExpr' + default_value: "INCLUDE_ALL_METADATA" + enum_values: + - 'EXCLUDE_ALL_METADATA' + - 'INCLUDE_ALL_METADATA' + - 'CUSTOM_METADATA' + - name: 'metadataFields' + type: Array + description: | + List of metadata fields that should be added to reported logs. + Can only be specified if VPC flow logs for this subnetwork is enabled and "metadata" is set to CUSTOM_METADATA. + is_set: true + item_type: + type: String + - name: 'filterExpr' + type: String + description: | + Export filter used to define which VPC flow logs should be logged, as as CEL expression. See + https://cloud.google.com/vpc/docs/flow-logs#filtering for details on how to format this field. + The default value is 'true', which evaluates to include everything. + at_least_one_of: + - 'log_config.0.aggregation_interval' + - 'log_config.0.flow_sampling' + - 'log_config.0.metadata' + - 'log_config.0.filterExpr' + default_value: "true" + - name: 'stackType' + type: Enum + description: | + The stack type for this subnet to identify whether the IPv6 feature is enabled or not. + If not specified IPV4_ONLY will be used. + default_from_api: true + update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}' + update_verb: 'PATCH' + fingerprint_name: 'fingerprint' + enum_values: + - 'IPV4_ONLY' + - 'IPV4_IPV6' + - name: 'ipv6AccessType' + type: Enum + description: | + The access type of IPv6 address this subnet holds. It's immutable and can only be specified during creation + or the first time the subnet is updated into IPV4_IPV6 dual stack. If the ipv6_type is EXTERNAL then this subnet + cannot enable direct path. + update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}' + update_verb: 'PATCH' + fingerprint_name: 'fingerprint' + enum_values: + - 'EXTERNAL' + - 'INTERNAL' + - name: 'ipv6CidrRange' + type: String + description: | + The range of internal IPv6 addresses that are owned by this subnetwork. + output: true + - name: 'internalIpv6Prefix' + type: String + description: | + The internal IPv6 address range that is assigned to this subnetwork. + output: true + - name: 'externalIpv6Prefix' + type: String + description: | + The range of external IPv6 addresses that are owned by this subnetwork. + default_from_api: true + - name: 'allowSubnetCidrRoutesOverlap' + type: Boolean + description: | + Typically packets destined to IPs within the subnetwork range that do not match + existing resources are dropped and prevented from leaving the VPC. + Setting this field to true will allow these packets to match dynamic routes injected + via BGP even if their destinations match existing subnet ranges. + min_version: 'beta' + default_from_api: true + send_empty_value: true + update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}' + update_verb: 'PATCH' + fingerprint_name: 'fingerprint' diff --git a/mmv1/products/compute/go_TargetGrpcProxy.yaml b/mmv1/products/compute/go_TargetGrpcProxy.yaml new file mode 100644 index 000000000000..d4f48f713af9 --- /dev/null +++ b/mmv1/products/compute/go_TargetGrpcProxy.yaml @@ -0,0 +1,118 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'TargetGrpcProxy' +kind: 'compute#targetGrpcProxy' +description: | + Represents a Target gRPC Proxy resource. A target gRPC proxy is a component + of load balancers intended for load balancing gRPC traffic. Global forwarding + rules reference a target gRPC proxy. The Target gRPC Proxy references + a URL map which specifies how traffic routes to gRPC backend services. +references: + guides: + 'Using Target gRPC Proxies': 'https://cloud.google.com/traffic-director/docs/proxyless-overview' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/targetGrpcProxies' +docs: +base_url: 'projects/{{project}}/global/targetGrpcProxies' +has_self_link: true +update_verb: 'PATCH' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: +examples: + - name: 'target_grpc_proxy_basic' + primary_resource_id: 'default' + vars: + proxy_name: 'proxy' + urlmap_name: 'urlmap' + backend_name: 'backend' + healthcheck_name: 'healthcheck' +parameters: +properties: + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource + is created. The name must be 1-63 characters long, and comply + with RFC1035. Specifically, the name must be 1-63 characters long + and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which + means the first character must be a lowercase letter, and all + following characters must be a dash, lowercase letter, or digit, + except the last character, which cannot be a dash. + required: true + immutable: true + - name: 'description' + type: String + description: 'An optional description of this resource.' + - name: 'selfLinkWithId' + type: String + description: 'Server-defined URL with id for the resource.' + output: true + - name: 'urlMap' + type: String + description: | + URL to the UrlMap resource that defines the mapping from URL to + the BackendService. The protocol field in the BackendService + must be set to GRPC. + immutable: true + update_id: 'urlMap' + fingerprint_name: 'fingerprint' + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - name: 'validateForProxyless' + type: Boolean + description: | + If true, indicates that the BackendServices referenced by + the urlMap may be accessed by gRPC applications without using + a sidecar proxy. This will enable configuration checks on urlMap + and its referenced BackendServices to not allow unsupported features. + A gRPC application must use "xds:///" scheme in the target URI + of the service it is connecting to. If false, indicates that the + BackendServices referenced by the urlMap will be accessed by gRPC + applications via a sidecar proxy. In this case, a gRPC application + must not use "xds:///" scheme in the target URI of the service + it is connecting to + immutable: true + - name: 'fingerprint' + type: Fingerprint + description: | + Fingerprint of this resource. A hash of the contents stored in + this object. This field is used in optimistic locking. This field + will be ignored when inserting a TargetGrpcProxy. An up-to-date + fingerprint must be provided in order to patch/update the + TargetGrpcProxy; otherwise, the request will fail with error + 412 conditionNotMet. To see the latest fingerprint, make a get() + request to retrieve the TargetGrpcProxy. A base64-encoded string. + output: true diff --git a/mmv1/products/compute/go_TargetHttpProxy.yaml b/mmv1/products/compute/go_TargetHttpProxy.yaml new file mode 100644 index 000000000000..734d6028af4a --- /dev/null +++ b/mmv1/products/compute/go_TargetHttpProxy.yaml @@ -0,0 +1,122 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'TargetHttpProxy' +kind: 'compute#targetHttpProxy' +description: | + Represents a TargetHttpProxy resource, which is used by one or more global + forwarding rule to route incoming HTTP requests to a URL map. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/compute/docs/load-balancing/http/target-proxies' + api: 'https://cloud.google.com/compute/docs/reference/v1/targetHttpProxies' +docs: +base_url: 'projects/{{project}}/global/targetHttpProxies' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: +examples: + - name: 'target_http_proxy_basic' + primary_resource_id: 'default' + vars: + target_http_proxy_name: 'test-proxy' + url_map_name: 'url-map' + backend_service_name: 'backend-service' + http_health_check_name: 'http-health-check' + - name: 'target_http_proxy_http_keep_alive_timeout' + primary_resource_id: 'default' + vars: + target_http_proxy_name: 'test-http-keep-alive-timeout-proxy' + url_map_name: 'url-map' + backend_service_name: 'backend-service' + http_health_check_name: 'http-health-check' + - name: 'target_http_proxy_https_redirect' + primary_resource_id: 'default' + vars: + target_http_proxy_name: 'test-https-redirect-proxy' + url_map_name: 'url-map' +parameters: +properties: + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'description' + type: String + description: 'An optional description of this resource.' + - name: 'proxyId' + type: Integer + description: 'The unique identifier for the resource.' + api_name: id + output: true + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and match + the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the + first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the last + character, which cannot be a dash. + required: true + - name: 'urlMap' + type: ResourceRef + description: | + A reference to the UrlMap resource that defines the mapping from URL + to the BackendService. + required: true + update_url: 'projects/{{project}}/targetHttpProxies/{{name}}/setUrlMap' + update_verb: 'POST' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'UrlMap' + imports: 'selfLink' + - name: 'proxyBind' + type: Boolean + description: | + This field only applies when the forwarding rule that references + this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. + default_from_api: true + - name: 'httpKeepAliveTimeoutSec' + type: Integer + description: | + Specifies how long to keep a connection open, after completing a response, + while there is no matching traffic (in seconds). If an HTTP keepalive is + not specified, a default value will be used. For Global + external HTTP(S) load balancer, the default value is 610 seconds, the + minimum allowed value is 5 seconds and the maximum allowed value is 1200 + seconds. For cross-region internal HTTP(S) load balancer, the default + value is 600 seconds, the minimum allowed value is 5 seconds, and the + maximum allowed value is 600 seconds. For Global external HTTP(S) load + balancer (classic), this option is not available publicly. diff --git a/mmv1/products/compute/go_TargetHttpsProxy.yaml b/mmv1/products/compute/go_TargetHttpsProxy.yaml new file mode 100644 index 000000000000..b0af3e28c227 --- /dev/null +++ b/mmv1/products/compute/go_TargetHttpsProxy.yaml @@ -0,0 +1,247 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'TargetHttpsProxy' +kind: 'compute#targetHttpsProxy' +description: | + Represents a TargetHttpsProxy resource, which is used by one or more + global forwarding rule to route incoming HTTPS requests to a URL map. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/compute/docs/load-balancing/http/target-proxies' + api: 'https://cloud.google.com/compute/docs/reference/v1/targetHttpsProxies' +docs: +base_url: 'projects/{{project}}/global/targetHttpsProxies' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: + encoder: 'templates/terraform/encoders/go/compute_target_https_proxy.go.tmpl' + # update_encoder is usually the same as encoder by default. This resource is an uncommon case where the whole resource + # is marked to be immutable, but we have a field specific update that overrides it (e.g certifiacteManagerCertificates). + # This causes the encoder logic to not be applied during update. + update_encoder: 'templates/terraform/encoders/go/compute_target_https_proxy.go.tmpl' + decoder: 'templates/terraform/decoders/go/compute_target_https_proxy.go.tmpl' +examples: + - name: 'target_https_proxy_basic' + primary_resource_id: 'default' + vars: + target_https_proxy_name: 'test-proxy' + ssl_certificate_name: 'my-certificate' + url_map_name: 'url-map' + backend_service_name: 'backend-service' + http_health_check_name: 'http-health-check' + - name: 'target_https_proxy_http_keep_alive_timeout' + primary_resource_id: 'default' + vars: + target_https_proxy_name: 'test-http-keep-alive-timeout-proxy' + ssl_certificate_name: 'my-certificate' + url_map_name: 'url-map' + backend_service_name: 'backend-service' + http_health_check_name: 'http-health-check' + - name: 'target_https_proxy_mtls' + primary_resource_id: 'default' + min_version: 'beta' + vars: + target_https_proxy_name: 'test-mtls-proxy' + ssl_certificate_name: 'my-certificate' + url_map_name: 'url-map' + backend_service_name: 'backend-service' + http_health_check_name: 'http-health-check' + server_tls_policy_name: 'my-tls-policy' + trust_config_name: 'my-trust-config' + - name: 'target_https_proxy_certificate_manager_certificate' + primary_resource_id: 'default' + vars: + target_https_proxy_name: 'target-http-proxy' + certificate_manager_certificate_name: 'my-certificate' + url_map_name: 'url-map' + backend_service_name: 'backend-service' +parameters: +properties: + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'description' + type: String + description: 'An optional description of this resource.' + immutable: true + - name: 'proxyId' + type: Integer + description: 'The unique identifier for the resource.' + api_name: id + output: true + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and match + the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the + first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the last + character, which cannot be a dash. + required: true + immutable: true + - name: 'quicOverride' + type: Enum + description: | + Specifies the QUIC override policy for this resource. This determines + whether the load balancer will attempt to negotiate QUIC with clients + or not. Can specify one of NONE, ENABLE, or DISABLE. If NONE is + specified, Google manages whether QUIC is used. + update_url: 'projects/{{project}}/global/targetHttpsProxies/{{name}}/setQuicOverride' + update_verb: 'POST' + custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' + default_value: "NONE" + enum_values: + - 'NONE' + - 'ENABLE' + - 'DISABLE' + - name: 'tlsEarlyData' + type: Enum + description: | + Specifies whether TLS 1.3 0-RTT Data (“Early Data”) should be accepted for this service. + Early Data allows a TLS resumption handshake to include the initial application payload + (a HTTP request) alongside the handshake, reducing the effective round trips to “zero”. + This applies to TLS 1.3 connections over TCP (HTTP/2) as well as over UDP (QUIC/h3). + default_from_api: true + enum_values: + - 'STRICT' + - 'PERMISSIVE' + - 'DISABLED' + - name: 'certificateManagerCertificates' + type: Array + description: | + URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer. + Certificate manager certificates only apply when the load balancing scheme is set to INTERNAL_MANAGED. + For EXTERNAL and EXTERNAL_MANAGED, use certificate_map instead. + sslCertificates and certificateManagerCertificates fields can not be defined together. + Accepted format is `//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName}` or just the self_link `projects/{project}/locations/{location}/certificates/{resourceName}` + update_url: 'projects/{{project}}/targetHttpsProxies/{{name}}/setSslCertificates' + update_verb: 'POST' + conflicts: + - ssl_certificates + diff_suppress_func: 'tpgresource.CompareResourceNames' + custom_expand: 'templates/terraform/custom_expand/go/certificate_manager_certificate_construct_full_url.go.tmpl' + item_type: + type: String + - name: 'sslCertificates' + type: Array + description: | + URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. + Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED. + sslCertificates and certificateManagerCertificates can not be defined together. + update_url: 'projects/{{project}}/targetHttpsProxies/{{name}}/setSslCertificates' + update_verb: 'POST' + conflicts: + - certificate_manager_certificates + custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' + item_type: + name: 'sslCertificate' + type: ResourceRef + description: 'The SSL certificate URL used by this TargetHttpsProxy' + resource: 'SslCertificate' + imports: 'selfLink' + - name: 'certificateMap' + type: String + description: | + A reference to the CertificateMap resource uri that identifies a certificate map + associated with the given target proxy. This field is only supported for EXTERNAL and EXTERNAL_MANAGED load balancing schemes. + For INTERNAL_MANAGED, use certificate_manager_certificates instead. + Accepted format is `//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificateMaps/{resourceName}`. + update_url: 'projects/{{project}}/global/targetHttpsProxies/{{name}}/setCertificateMap' + update_verb: 'POST' + - name: 'sslPolicy' + type: ResourceRef + description: | + A reference to the SslPolicy resource that will be associated with + the TargetHttpsProxy resource. If not set, the TargetHttpsProxy + resource will not have any SSL policy configured. + update_url: 'projects/{{project}}/global/targetHttpsProxies/{{name}}/setSslPolicy' + update_verb: 'POST' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'SslPolicy' + imports: 'selfLink' + - name: 'urlMap' + type: ResourceRef + description: | + A reference to the UrlMap resource that defines the mapping from URL + to the BackendService. + required: true + update_url: 'projects/{{project}}/targetHttpsProxies/{{name}}/setUrlMap' + update_verb: 'POST' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'UrlMap' + imports: 'selfLink' + - name: 'proxyBind' + type: Boolean + description: | + This field only applies when the forwarding rule that references + this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. + default_from_api: true + - name: 'httpKeepAliveTimeoutSec' + type: Integer + description: | + Specifies how long to keep a connection open, after completing a response, + while there is no matching traffic (in seconds). If an HTTP keepalive is + not specified, a default value will be used. For Global + external HTTP(S) load balancer, the default value is 610 seconds, the + minimum allowed value is 5 seconds and the maximum allowed value is 1200 + seconds. For cross-region internal HTTP(S) load balancer, the default + value is 600 seconds, the minimum allowed value is 5 seconds, and the + maximum allowed value is 600 seconds. For Global external HTTP(S) load + balancer (classic), this option is not available publicly. + - name: 'serverTlsPolicy' + type: ResourceRef + description: | + A URL referring to a networksecurity.ServerTlsPolicy + resource that describes how the proxy should authenticate inbound + traffic. serverTlsPolicy only applies to a global TargetHttpsProxy + attached to globalForwardingRules with the loadBalancingScheme + set to INTERNAL_SELF_MANAGED or EXTERNAL or EXTERNAL_MANAGED. + For details which ServerTlsPolicy resources are accepted with + INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED + loadBalancingScheme consult ServerTlsPolicy documentation. + If left blank, communications are not encrypted. + + If you remove this field from your configuration at the same time as + deleting or recreating a referenced ServerTlsPolicy resource, you will + receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy + within the ServerTlsPolicy resource to avoid this. + update_url: 'projects/{{project}}/global/targetHttpsProxies/{{name}}' + update_verb: 'PATCH' + fingerprint_name: 'fingerprint' + resource: 'ServerTlsPolicy' + imports: 'selfLink' diff --git a/mmv1/products/compute/go_TargetInstance.yaml b/mmv1/products/compute/go_TargetInstance.yaml new file mode 100644 index 000000000000..085880499322 --- /dev/null +++ b/mmv1/products/compute/go_TargetInstance.yaml @@ -0,0 +1,143 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'TargetInstance' +kind: 'compute#targetInstance' +description: | + Represents a TargetInstance resource which defines an endpoint instance + that terminates traffic of certain protocols. In particular, they are used + in Protocol Forwarding, where forwarding rules can send packets to a + non-NAT'ed target instance. Each target instance contains a single + virtual machine instance that receives and handles traffic from the + corresponding forwarding rules. +references: + guides: + 'Using Protocol Forwarding': 'https://cloud.google.com/compute/docs/protocol-forwarding' + api: 'https://cloud.google.com/compute/docs/reference/v1/targetInstances' +docs: +base_url: 'projects/{{project}}/zones/{{zone}}/targetInstances' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: + post_create: 'templates/terraform/post_create/go/compute_target_instance_security_policy.go.tmpl' +examples: + - name: 'target_instance_basic' + primary_resource_id: 'default' + vars: + target_name: 'target' + instance_name: 'target-vm' + - name: 'target_instance_custom_network' + primary_resource_id: 'custom_network' + min_version: 'beta' + vars: + target_name: 'custom-network' + instance_name: 'custom-network-target-vm' + - name: 'target_instance_with_security_policy' + primary_resource_id: 'default' + min_version: 'beta' + vars: + network_name: 'custom-default-network' + subnetname_name: 'custom-default-subnet' + instance_name: 'target-vm' + region_sec_policy: 'region-secpolicy' + target_name: 'target-instance' +parameters: + - name: 'zone' + type: ResourceRef + description: | + URL of the zone where the target instance resides. + required: false + immutable: true + default_from_api: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Zone' + imports: 'name' +properties: + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and match + the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the + first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the last + character, which cannot be a dash. + required: true + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'network' + type: String + description: + 'The URL of the network this target instance uses to forward traffic. If + not specified, the traffic will be forwarded to the network that the + default network interface belongs to.' + min_version: 'beta' + immutable: true + - name: 'description' + type: String + description: 'An optional description of this resource.' + - name: 'instance' + type: ResourceRef + description: | + The Compute instance VM handling traffic for this target instance. + Accepts the instance self-link, relative path + (e.g. `projects/project/zones/zone/instances/instance`) or name. If + name is given, the zone will default to the given zone or + the provider-default zone and the project will default to the + provider-level project. + required: true + immutable: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + custom_expand: 'templates/terraform/custom_expand/go/self_link_from_name.tmpl' + resource: 'Instance' + imports: 'selfLink' + - name: 'natPolicy' + type: Enum + description: | + NAT option controlling how IPs are NAT'ed to the instance. + Currently only NO_NAT (default value) is supported. + immutable: true + default_value: "NO_NAT" + enum_values: + - 'NO_NAT' + - name: 'securityPolicy' + type: String + description: | + The resource URL for the security policy associated with this target instance. + min_version: 'beta' + update_url: 'projects/{{project}}/zones/{{zone}}/targetInstances/{{name}}/setSecurityPolicy' + update_verb: 'POST' diff --git a/mmv1/products/compute/go_TargetSslProxy.yaml b/mmv1/products/compute/go_TargetSslProxy.yaml new file mode 100644 index 000000000000..c18954fcb63e --- /dev/null +++ b/mmv1/products/compute/go_TargetSslProxy.yaml @@ -0,0 +1,146 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'TargetSslProxy' +kind: 'compute#targetSslProxy' +description: | + Represents a TargetSslProxy resource, which is used by one or more + global forwarding rule to route incoming SSL requests to a backend + service. +references: + guides: + 'Setting Up SSL proxy for Google Cloud Load Balancing': 'https://cloud.google.com/compute/docs/load-balancing/tcp-ssl/' + api: 'https://cloud.google.com/compute/docs/reference/v1/targetSslProxies' +docs: +base_url: 'projects/{{project}}/global/targetSslProxies' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: +examples: + - name: 'target_ssl_proxy_basic' + primary_resource_id: 'default' + vars: + target_ssl_proxy_name: 'test-proxy' + ssl_certificate_name: 'default-cert' + backend_service_name: 'backend-service' + health_check_name: 'health-check' +parameters: +properties: + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'description' + type: String + description: 'An optional description of this resource.' + immutable: true + - name: 'proxyId' + type: Integer + description: 'The unique identifier for the resource.' + api_name: id + output: true + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and match + the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the + first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the last + character, which cannot be a dash. + required: true + immutable: true + - name: 'proxyHeader' + type: Enum + description: | + Specifies the type of proxy header to append before sending data to + the backend. + update_url: 'projects/{{project}}/global/targetSslProxies/{{name}}/setProxyHeader' + update_verb: 'POST' + default_value: "NONE" + enum_values: + - 'NONE' + - 'PROXY_V1' + - name: 'backendService' + type: ResourceRef + description: | + A reference to the BackendService resource. + api_name: service + required: true + update_url: 'projects/{{project}}/global/targetSslProxies/{{name}}/setBackendService' + update_verb: 'POST' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'BackendService' + imports: 'selfLink' + - name: 'sslCertificates' + type: Array + description: | + A list of SslCertificate resources that are used to authenticate + connections between users and the load balancer. At least one + SSL certificate must be specified. + update_url: 'projects/{{project}}/global/targetSslProxies/{{name}}/setSslCertificates' + update_verb: 'POST' + exactly_one_of: + - 'sslCertificates' + - 'certificateMap' + custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' + item_type: + name: 'sslCertificate' + type: ResourceRef + description: 'The SSL certificates used by this TargetSslProxy' + resource: 'SslCertificate' + imports: 'selfLink' + - name: 'certificateMap' + type: String + description: | + A reference to the CertificateMap resource uri that identifies a certificate map + associated with the given target proxy. This field can only be set for global target proxies. + Accepted format is `//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificateMaps/{resourceName}`. + update_url: 'projects/{{project}}/global/targetSslProxies/{{name}}/setCertificateMap' + update_verb: 'POST' + exactly_one_of: + - 'sslCertificates' + - 'certificateMap' + - name: 'sslPolicy' + type: ResourceRef + description: | + A reference to the SslPolicy resource that will be associated with + the TargetSslProxy resource. If not set, the TargetSslProxy + resource will not have any SSL policy configured. + update_url: 'projects/{{project}}/global/targetSslProxies/{{name}}/setSslPolicy' + update_verb: 'POST' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'SslPolicy' + imports: 'selfLink' diff --git a/mmv1/products/compute/go_TargetTcpProxy.yaml b/mmv1/products/compute/go_TargetTcpProxy.yaml new file mode 100644 index 000000000000..88ca21a43799 --- /dev/null +++ b/mmv1/products/compute/go_TargetTcpProxy.yaml @@ -0,0 +1,111 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'TargetTcpProxy' +kind: 'compute#targetTcpProxy' +description: | + Represents a TargetTcpProxy resource, which is used by one or more + global forwarding rule to route incoming TCP requests to a Backend + service. +references: + guides: + 'Setting Up TCP proxy for Google Cloud Load Balancing': 'https://cloud.google.com/compute/docs/load-balancing/tcp-ssl/tcp-proxy' + api: 'https://cloud.google.com/compute/docs/reference/v1/targetTcpProxies' +docs: +base_url: 'projects/{{project}}/global/targetTcpProxies' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: +examples: + - name: 'target_tcp_proxy_basic' + primary_resource_id: 'default' + vars: + target_tcp_proxy_name: 'test-proxy' + backend_service_name: 'backend-service' + health_check_name: 'health-check' +parameters: +properties: + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'description' + type: String + description: 'An optional description of this resource.' + immutable: true + - name: 'proxyId' + type: Integer + description: 'The unique identifier for the resource.' + api_name: id + output: true + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and match + the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the + first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the last + character, which cannot be a dash. + required: true + immutable: true + - name: 'proxyHeader' + type: Enum + description: | + Specifies the type of proxy header to append before sending data to + the backend. + update_url: 'projects/{{project}}/global/targetTcpProxies/{{name}}/setProxyHeader' + update_verb: 'POST' + default_value: "NONE" + enum_values: + - 'NONE' + - 'PROXY_V1' + - name: 'backendService' + type: ResourceRef + description: | + A reference to the BackendService resource. + api_name: service + required: true + update_url: 'projects/{{project}}/global/targetTcpProxies/{{name}}/setBackendService' + update_verb: 'POST' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'BackendService' + imports: 'selfLink' + - name: 'proxyBind' + type: Boolean + description: | + This field only applies when the forwarding rule that references + this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. + default_from_api: true diff --git a/mmv1/products/compute/go_UrlMap.yaml b/mmv1/products/compute/go_UrlMap.yaml new file mode 100644 index 000000000000..8a7fb48c2929 --- /dev/null +++ b/mmv1/products/compute/go_UrlMap.yaml @@ -0,0 +1,2784 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'UrlMap' +kind: 'compute#urlMap' +description: | + UrlMaps are used to route requests to a backend service based on rules + that you define for the host and path of an incoming URL. +references: + guides: + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/urlMaps' +docs: +base_url: 'projects/{{project}}/global/urlMaps' +has_self_link: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: +examples: + - name: 'url_map_bucket_and_service' + primary_resource_id: 'urlmap' + vars: + url_map_name: 'urlmap' + login_backend_service_name: 'login' + http_health_check_name: 'health-check' + backend_bucket_name: 'static-asset-backend-bucket' + storage_bucket_name: 'static-asset-bucket' + - name: 'url_map_traffic_director_route' + primary_resource_id: 'urlmap' + vars: + url_map_name: 'urlmap' + home_backend_service_name: 'home' + health_check_name: 'health-check' + - name: 'url_map_traffic_director_route_partial' + primary_resource_id: 'urlmap' + vars: + url_map_name: 'urlmap' + home_backend_service_name: 'home' + health_check_name: 'health-check' + - name: 'url_map_traffic_director_path' + primary_resource_id: 'urlmap' + vars: + url_map_name: 'urlmap' + home_backend_service_name: 'home' + health_check_name: 'health-check' + - name: 'url_map_traffic_director_path_partial' + primary_resource_id: 'urlmap' + vars: + url_map_name: 'urlmap' + home_backend_service_name: 'home' + health_check_name: 'health-check' + - name: 'url_map_header_based_routing' + primary_resource_id: 'urlmap' + vars: + url_map_name: 'urlmap' + default_backend_service_name: 'default' + service_a_backend_service_name: 'service-a' + service_b_backend_service_name: 'service-b' + health_check_name: 'health-check' + - name: 'url_map_parameter_based_routing' + primary_resource_id: 'urlmap' + vars: + url_map_name: 'urlmap' + default_backend_service_name: 'default' + service_a_backend_service_name: 'service-a' + service_b_backend_service_name: 'service-b' + health_check_name: 'health-check' + - name: 'external_http_lb_mig_backend' + primary_resource_id: 'default' + vars: + lb_backend_template: 'lb-backend-template' + lb_backend_example: 'lb-backend-example' + fw_allow_health_check: 'fw-allow-health-check' + lb_ipv4_1: 'lb-ipv4-1' + http_basic_check: 'http-basic-check' + web_backend_service: 'web-backend-service' + web_map_http: 'web-map-http' + http_lb_proxy: 'http-lb-proxy' + http_content_rule: 'http-content-rule' + ignore_read_extra: + - 'metadata' + - 'metadata_startup_script' + # Very similar to external_http_lb_mig_backend_custom_header + exclude_test: true + exclude_docs: true + - name: 'url_map_path_template_match' + primary_resource_id: 'urlmap' + vars: + url_map_name: 'urlmap' + cart_backend_service_name: 'cart-service' + user_backend_service_name: 'user-service' + http_health_check_name: 'health-check' + backend_bucket_name: 'static-asset-backend-bucket' + storage_bucket_name: 'static-asset-bucket' + - name: 'url_map_custom_error_response_policy' + primary_resource_id: 'urlmap' + min_version: 'beta' + vars: + url_map_name: 'urlmap' + backend_service_name: 'login' + http_health_check_name: 'health-check' + storage_bucket_name: 'static-asset-bucket' + error_backend_bucket_name: 'error-backend-bucket' +parameters: +properties: + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'defaultService' + type: ResourceRef + description: |- + The backend service or backend bucket to use when none of the given rules match. + exactly_one_of: + - 'default_service' + - 'default_url_redirect' + - 'default_route_action.0.weighted_backend_services' + custom_expand: 'templates/terraform/custom_expand/go/reference_to_backend.tmpl' + resource: 'BackendService' + imports: 'selfLink' + - name: 'description' + type: String + description: | + An optional description of this resource. Provide this property when you create + the resource. + - name: 'map_id' + type: Integer + description: 'The unique identifier for the resource.' + api_name: id + output: true + - name: 'fingerprint' + type: Fingerprint + description: | + Fingerprint of this resource. A hash of the contents stored in this object. This + field is used in optimistic locking. + output: true + - name: 'headerAction' + type: NestedObject + description: | + Specifies changes to request and response headers that need to take effect for + the selected backendService. The headerAction specified here take effect after + headerAction specified under pathMatcher. + properties: + - name: 'requestHeadersToAdd' + type: Array + description: | + Headers to add to a matching request prior to forwarding the request to the + backendService. + at_least_one_of: + - 'header_action.0.request_headers_to_add' + - 'header_action.0.request_headers_to_remove' + - 'header_action.0.response_headers_to_add' + - 'header_action.0.response_headers_to_remove' + item_type: + type: NestedObject + properties: + - name: 'headerName' + type: String + description: | + The name of the header. + required: true + - name: 'headerValue' + type: String + description: | + The value of the header to add. + required: true + - name: 'replace' + type: Boolean + description: | + If false, headerValue is appended to any values that already exist for the + header. If true, headerValue is set for the header, discarding any values that + were set for that header. + required: true + - name: 'requestHeadersToRemove' + type: Array + description: | + A list of header names for headers that need to be removed from the request + prior to forwarding the request to the backendService. + at_least_one_of: + - 'header_action.0.request_headers_to_add' + - 'header_action.0.request_headers_to_remove' + - 'header_action.0.response_headers_to_add' + - 'header_action.0.response_headers_to_remove' + item_type: + type: String + - name: 'responseHeadersToAdd' + type: Array + description: | + Headers to add the response prior to sending the response back to the client. + at_least_one_of: + - 'header_action.0.request_headers_to_add' + - 'header_action.0.request_headers_to_remove' + - 'header_action.0.response_headers_to_add' + - 'header_action.0.response_headers_to_remove' + item_type: + type: NestedObject + properties: + - name: 'headerName' + type: String + description: | + The name of the header. + required: true + - name: 'headerValue' + type: String + description: | + The value of the header to add. + required: true + - name: 'replace' + type: Boolean + description: | + If false, headerValue is appended to any values that already exist for the + header. If true, headerValue is set for the header, discarding any values that + were set for that header. + required: true + - name: 'responseHeadersToRemove' + type: Array + description: | + A list of header names for headers that need to be removed from the response + prior to sending the response back to the client. + at_least_one_of: + - 'header_action.0.request_headers_to_add' + - 'header_action.0.request_headers_to_remove' + - 'header_action.0.response_headers_to_add' + - 'header_action.0.response_headers_to_remove' + item_type: + type: String + - name: 'host_rule' + type: Array + description: | + The list of HostRules to use against the URL. + api_name: hostRules + is_set: true + item_type: + type: NestedObject + properties: + - name: 'description' + type: String + description: | + An optional description of this resource. Provide this property when you create + the resource. + - name: 'hosts' + type: Array + description: | + The list of host patterns to match. They must be valid hostnames, except * will + match any string of ([a-z0-9-.]*). In that case, * must be the first character + and must be followed in the pattern by either - or .. + is_set: true + required: true + item_type: + type: String + - name: 'pathMatcher' + type: String + description: | + The name of the PathMatcher to use to match the path portion of the URL if the + hostRule matches the URL's host portion. + required: true + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is created. The + name must be 1-63 characters long, and comply with RFC1035. Specifically, the + name must be 1-63 characters long and match the regular expression + `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase + letter, and all following characters must be a dash, lowercase letter, or digit, + except the last character, which cannot be a dash. + required: true + immutable: true + - name: 'path_matcher' + type: Array + description: | + The list of named PathMatchers to use against the URL. + api_name: pathMatchers + item_type: + type: NestedObject + properties: + - name: 'defaultService' + type: ResourceRef + description: The backend service or backend bucket to use when none of the given paths match. + # TODO: (mbang) won't work for array path matchers yet, uncomment here once they are supported. + # (github.com/hashicorp/terraform-plugin-sdk/issues/470) + # exactly_one_of: + # - path_matchers.0.default_service + # - path_matchers.0.default_url_redirect + # - path_matchers.0.default_route_action.0.weighted_backend_services + custom_expand: 'templates/terraform/custom_expand/go/reference_to_backend.tmpl' + resource: 'BackendService' + imports: 'selfLink' + - name: 'description' + type: String + description: | + An optional description of this resource. Provide this property when you create + the resource. + - name: 'defaultCustomErrorResponsePolicy' + type: NestedObject + description: | + defaultCustomErrorResponsePolicy specifies how the Load Balancer returns error responses when BackendServiceor BackendBucket responds with an error. + + This policy takes effect at the PathMatcher level and applies only when no policy has been defined for the error code at lower levels like RouteRule and PathRule within this PathMatcher. If an error code does not have a policy defined in defaultCustomErrorResponsePolicy, then a policy defined for the error code in UrlMap.defaultCustomErrorResponsePolicy takes effect. + + For example, consider a UrlMap with the following configuration: + + UrlMap.defaultCustomErrorResponsePolicy is configured with policies for 5xx and 4xx errors + A RouteRule for /coming_soon/ is configured for the error code 404. + If the request is for www.myotherdomain.com and a 404 is encountered, the policy under UrlMap.defaultCustomErrorResponsePolicy takes effect. If a 404 response is encountered for the request www.example.com/current_events/, the pathMatcher's policy takes effect. If however, the request for www.example.com/coming_soon/ encounters a 404, the policy in RouteRule.customErrorResponsePolicy takes effect. If any of the requests in this example encounter a 500 error code, the policy at UrlMap.defaultCustomErrorResponsePolicy takes effect. + + When used in conjunction with pathMatcher.defaultRouteAction.retryPolicy, retries take precedence. Only once all retries are exhausted, the defaultCustomErrorResponsePolicy is applied. While attempting a retry, if load balancer is successful in reaching the service, the defaultCustomErrorResponsePolicy is ignored and the response from the service is returned to the client. + + defaultCustomErrorResponsePolicy is supported only for global external Application Load Balancers. + min_version: 'beta' + properties: + - name: 'errorResponseRule' + type: Array + description: | + Specifies rules for returning error responses. + In a given policy, if you specify rules for both a range of error codes as well as rules for specific error codes then rules with specific error codes have a higher priority. + For example, assume that you configure a rule for 401 (Un-authorized) code, and another for all 4 series error codes (4XX). + If the backend service returns a 401, then the rule for 401 will be applied. However if the backend service returns a 403, the rule for 4xx takes effect. + api_name: errorResponseRules + item_type: + type: NestedObject + properties: + - name: 'matchResponseCodes' + type: Array + description: | + Valid values include: + - A number between 400 and 599: For example 401 or 503, in which case the load balancer applies the policy if the error code exactly matches this value. + - 5xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of 500 to 599. + - 4xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of 400 to 499. + Values must be unique within matchResponseCodes and across all errorResponseRules of CustomErrorResponsePolicy. + item_type: + type: String + - name: 'path' + type: String + description: | + The full path to a file within backendBucket . For example: /errors/defaultError.html + path must start with a leading slash. path cannot have trailing slashes. + If the file is not available in backendBucket or the load balancer cannot reach the BackendBucket, a simple Not Found Error is returned to the client. + The value must be from 1 to 1024 characters + - name: 'overrideResponseCode' + type: Integer + description: | + The HTTP status code returned with the response containing the custom error content. + If overrideResponseCode is not supplied, the same response code returned by the original backend bucket or backend service is returned to the client. + - name: 'errorService' + type: ResourceRef + description: | + The full or partial URL to the BackendBucket resource that contains the custom error content. Examples are: + https://www.googleapis.com/compute/v1/projects/project/global/backendBuckets/myBackendBucket + compute/v1/projects/project/global/backendBuckets/myBackendBucket + global/backendBuckets/myBackendBucket + If errorService is not specified at lower levels like pathMatcher, pathRule and routeRule, an errorService specified at a higher level in the UrlMap will be used. If UrlMap.defaultCustomErrorResponsePolicy contains one or more errorResponseRules[], it must specify errorService. + If load balancer cannot reach the backendBucket, a simple Not Found Error will be returned, with the original response code (or overrideResponseCode if configured). + resource: 'BackendBucket' + imports: 'selfLink' + - name: 'headerAction' + type: NestedObject + description: | + Specifies changes to request and response headers that need to take effect for + the selected backendService. HeaderAction specified here are applied after the + matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap + properties: + - name: 'requestHeadersToAdd' + type: Array + description: | + Headers to add to a matching request prior to forwarding the request to the + backendService. + item_type: + type: NestedObject + properties: + - name: 'headerName' + type: String + description: | + The name of the header. + required: true + - name: 'headerValue' + type: String + description: | + The value of the header to add. + required: true + - name: 'replace' + type: Boolean + description: | + If false, headerValue is appended to any values that already exist for the + header. If true, headerValue is set for the header, discarding any values that + were set for that header. + required: true + - name: 'requestHeadersToRemove' + type: Array + description: | + A list of header names for headers that need to be removed from the request + prior to forwarding the request to the backendService. + item_type: + type: String + - name: 'responseHeadersToAdd' + type: Array + description: | + Headers to add the response prior to sending the response back to the client. + item_type: + type: NestedObject + properties: + - name: 'headerName' + type: String + description: | + The name of the header. + required: true + - name: 'headerValue' + type: String + description: | + The value of the header to add. + required: true + - name: 'replace' + type: Boolean + description: | + If false, headerValue is appended to any values that already exist for the + header. If true, headerValue is set for the header, discarding any values that + were set for that header. + required: true + - name: 'responseHeadersToRemove' + type: Array + description: | + A list of header names for headers that need to be removed from the response + prior to sending the response back to the client. + item_type: + type: String + - name: 'name' + type: String + description: | + The name to which this PathMatcher is referred by the HostRule. + required: true + - name: 'path_rule' + type: Array + description: | + The list of path rules. Use this list instead of routeRules when routing based + on simple path matching is all that's required. The order by which path rules + are specified does not matter. Matches are always done on the longest-path-first + basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* + irrespective of the order in which those paths appear in this list. Within a + given pathMatcher, only one of pathRules or routeRules must be set. + api_name: pathRules + item_type: + type: NestedObject + properties: + - name: 'service' + type: ResourceRef + description: The backend service or backend bucket to use if any of the given paths match. + custom_expand: 'templates/terraform/custom_expand/go/reference_to_backend.tmpl' + resource: 'BackendService' + imports: 'selfLink' + - name: 'paths' + type: Array + description: | + The list of path patterns to match. Each must start with / and the only place a + \* is allowed is at the end following a /. The string fed to the path matcher + does not include any text after the first ? or #, and those chars are not + allowed here. + is_set: true + required: true + item_type: + type: String + - name: 'customErrorResponsePolicy' + type: NestedObject + description: | + customErrorResponsePolicy specifies how the Load Balancer returns error responses when BackendServiceor BackendBucket responds with an error. + If a policy for an error code is not configured for the PathRule, a policy for the error code configured in pathMatcher.defaultCustomErrorResponsePolicy is applied. If one is not specified in pathMatcher.defaultCustomErrorResponsePolicy, the policy configured in UrlMap.defaultCustomErrorResponsePolicy takes effect. + For example, consider a UrlMap with the following configuration: + UrlMap.defaultCustomErrorResponsePolicy are configured with policies for 5xx and 4xx errors + A PathRule for /coming_soon/ is configured for the error code 404. + If the request is for www.myotherdomain.com and a 404 is encountered, the policy under UrlMap.defaultCustomErrorResponsePolicy takes effect. If a 404 response is encountered for the request www.example.com/current_events/, the pathMatcher's policy takes effect. If however, the request for www.example.com/coming_soon/ encounters a 404, the policy in PathRule.customErrorResponsePolicy takes effect. If any of the requests in this example encounter a 500 error code, the policy at UrlMap.defaultCustomErrorResponsePolicy takes effect. + customErrorResponsePolicy is supported only for global external Application Load Balancers. + min_version: 'beta' + properties: + - name: 'errorResponseRule' + type: Array + description: | + Specifies rules for returning error responses. + In a given policy, if you specify rules for both a range of error codes as well as rules for specific error codes then rules with specific error codes have a higher priority. + For example, assume that you configure a rule for 401 (Un-authorized) code, and another for all 4 series error codes (4XX). + If the backend service returns a 401, then the rule for 401 will be applied. However if the backend service returns a 403, the rule for 4xx takes effect. + api_name: errorResponseRules + item_type: + type: NestedObject + properties: + - name: 'matchResponseCodes' + type: Array + description: | + Valid values include: + + - A number between 400 and 599: For example 401 or 503, in which case the load balancer applies the policy if the error code exactly matches this value. + - 5xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of 500 to 599. + - 4xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of 400 to 499. + + Values must be unique within matchResponseCodes and across all errorResponseRules of CustomErrorResponsePolicy. + item_type: + type: String + - name: 'path' + type: String + description: | + The full path to a file within backendBucket . For example: /errors/defaultError.html + path must start with a leading slash. path cannot have trailing slashes. + If the file is not available in backendBucket or the load balancer cannot reach the BackendBucket, a simple Not Found Error is returned to the client. + The value must be from 1 to 1024 characters + - name: 'overrideResponseCode' + type: Integer + description: | + The HTTP status code returned with the response containing the custom error content. + If overrideResponseCode is not supplied, the same response code returned by the original backend bucket or backend service is returned to the client. + - name: 'errorService' + type: ResourceRef + description: | + The full or partial URL to the BackendBucket resource that contains the custom error content. Examples are: + + https://www.googleapis.com/compute/v1/projects/project/global/backendBuckets/myBackendBucket + compute/v1/projects/project/global/backendBuckets/myBackendBucket + global/backendBuckets/myBackendBucket + + If errorService is not specified at lower levels like pathMatcher, pathRule and routeRule, an errorService specified at a higher level in the UrlMap will be used. If UrlMap.defaultCustomErrorResponsePolicy contains one or more errorResponseRules[], it must specify errorService. + If load balancer cannot reach the backendBucket, a simple Not Found Error will be returned, with the original response code (or overrideResponseCode if configured). + resource: 'BackendBucket' + imports: 'selfLink' + - name: 'routeAction' + type: NestedObject + description: | + In response to a matching path, the load balancer performs advanced routing + actions like URL rewrites, header transformations, etc. prior to forwarding the + request to the selected backend. If routeAction specifies any + weightedBackendServices, service must not be set. Conversely if service is set, + routeAction cannot contain any weightedBackendServices. Only one of routeAction + or urlRedirect must be set. + properties: + - name: 'corsPolicy' + type: NestedObject + description: | + The specification for allowing client side cross-origin requests. Please see W3C + Recommendation for Cross Origin Resource Sharing + properties: + - name: 'allowCredentials' + type: Boolean + description: | + In response to a preflight request, setting this to true indicates that the + actual request can include user credentials. This translates to the Access- + Control-Allow-Credentials header. Defaults to false. + default_value: false + - name: 'allowHeaders' + type: Array + description: | + Specifies the content for the Access-Control-Allow-Headers header. + item_type: + type: String + - name: 'allowMethods' + type: Array + description: | + Specifies the content for the Access-Control-Allow-Methods header. + item_type: + type: String + - name: 'allowOriginRegexes' + type: Array + description: | + Specifies the regular expression patterns that match allowed origins. For + regular expression grammar please see en.cppreference.com/w/cpp/regex/ecmascript + An origin is allowed if it matches either allow_origins or allow_origin_regex. + item_type: + type: String + - name: 'allowOrigins' + type: Array + description: | + Specifies the list of origins that will be allowed to do CORS requests. An + origin is allowed if it matches either allow_origins or allow_origin_regex. + item_type: + type: String + - name: 'disabled' + type: Boolean + description: | + If true, specifies the CORS policy is disabled. + required: true + - name: 'exposeHeaders' + type: Array + description: | + Specifies the content for the Access-Control-Expose-Headers header. + item_type: + type: String + - name: 'maxAge' + type: Integer + description: | + Specifies how long the results of a preflight request can be cached. This + translates to the content for the Access-Control-Max-Age header. + - name: 'faultInjectionPolicy' + type: NestedObject + description: | + The specification for fault injection introduced into traffic to test the + resiliency of clients to backend service failure. As part of fault injection, + when clients send requests to a backend service, delays can be introduced by + Loadbalancer on a percentage of requests before sending those request to the + backend service. Similarly requests from clients can be aborted by the + Loadbalancer for a percentage of requests. timeout and retry_policy will be + ignored by clients that are configured with a fault_injection_policy. + properties: + - name: 'abort' + type: NestedObject + description: | + The specification for how client requests are aborted as part of fault + injection. + properties: + - name: 'httpStatus' + type: Integer + description: | + The HTTP status code used to abort the request. The value must be between 200 + and 599 inclusive. + required: true + - name: 'percentage' + type: Double + description: | + The percentage of traffic (connections/operations/requests) which will be + aborted as part of fault injection. The value must be between 0.0 and 100.0 + inclusive. + required: true + - name: 'delay' + type: NestedObject + description: | + The specification for how client requests are delayed as part of fault + injection, before being sent to a backend service. + properties: + - name: 'fixedDelay' + type: NestedObject + description: | + Specifies the value of the fixed delay interval. + required: true + properties: + - name: 'nanos' + type: Integer + description: | + Span of time that's a fraction of a second at nanosecond resolution. Durations + less than one second are represented with a 0 `seconds` field and a positive + `nanos` field. Must be from 0 to 999,999,999 inclusive. + - name: 'seconds' + type: String + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 + inclusive. + required: true + - name: 'percentage' + type: Double + description: | + The percentage of traffic (connections/operations/requests) on which delay will + be introduced as part of fault injection. The value must be between 0.0 and + 100.0 inclusive. + required: true + - name: 'requestMirrorPolicy' + type: NestedObject + description: | + Specifies the policy on how requests intended for the route's backends are + shadowed to a separate mirrored backend service. Loadbalancer does not wait for + responses from the shadow service. Prior to sending traffic to the shadow + service, the host / authority header is suffixed with -shadow. + properties: + - name: 'backendService' + type: ResourceRef + description: | + The BackendService resource being mirrored to. + required: true + custom_expand: 'templates/terraform/custom_expand/go/reference_to_backend.tmpl' + resource: 'BackendService' + imports: 'selfLink' + - name: 'retryPolicy' + type: NestedObject + description: | + Specifies the retry policy associated with this route. + properties: + - name: 'numRetries' + type: Integer + description: | + Specifies the allowed number retries. This number must be > 0. + - name: 'perTryTimeout' + type: NestedObject + description: | + Specifies a non-zero timeout per retry attempt. + properties: + - name: 'nanos' + type: Integer + description: | + Span of time that's a fraction of a second at nanosecond resolution. Durations + less than one second are represented with a 0 `seconds` field and a positive + `nanos` field. Must be from 0 to 999,999,999 inclusive. + - name: 'seconds' + type: String + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 + inclusive. + required: true + - name: 'retryConditions' + type: Array + description: | + Specifies one or more conditions when this retry rule applies. Valid values are: + + * 5xx: Loadbalancer will attempt a retry if the backend service responds with + any 5xx response code, or if the backend service does not respond at all, + for example: disconnects, reset, read timeout, connection failure, and refused + streams. + * gateway-error: Similar to 5xx, but only applies to response codes + 502, 503 or 504. + * connect-failure: Loadbalancer will retry on failures + connecting to backend services, for example due to connection timeouts. + * retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. + Currently the only retriable error supported is 409. + * refused-stream: Loadbalancer will retry if the backend service resets the stream with a + REFUSED_STREAM error code. This reset type indicates that it is safe to retry. + * cancelled: Loadbalancer will retry if the gRPC status code in the response + header is set to cancelled + * deadline-exceeded: Loadbalancer will retry if the + gRPC status code in the response header is set to deadline-exceeded + * resource-exhausted: Loadbalancer will retry if the gRPC status code in the response + header is set to resource-exhausted + * unavailable: Loadbalancer will retry if + the gRPC status code in the response header is set to unavailable + item_type: + type: String + - name: 'timeout' + type: NestedObject + description: | + Specifies the timeout for the selected route. Timeout is computed from the time + the request is has been fully processed (i.e. end-of-stream) up until the + response has been completely processed. Timeout includes all retries. If not + specified, the default value is 15 seconds. + properties: + - name: 'nanos' + type: Integer + description: | + Span of time that's a fraction of a second at nanosecond resolution. Durations + less than one second are represented with a 0 `seconds` field and a positive + `nanos` field. Must be from 0 to 999,999,999 inclusive. + - name: 'seconds' + type: String + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 + inclusive. + required: true + - name: 'urlRewrite' + type: NestedObject + description: | + The spec to modify the URL of the request, prior to forwarding the request to + the matched service + properties: + - name: 'hostRewrite' + type: String + description: | + Prior to forwarding the request to the selected service, the request's host + header is replaced with contents of hostRewrite. The value must be between 1 and + 255 characters. + - name: 'pathPrefixRewrite' + type: String + description: | + Prior to forwarding the request to the selected backend service, the matching + portion of the request's path is replaced by pathPrefixRewrite. The value must + be between 1 and 1024 characters. + - name: 'weightedBackendServices' + type: Array + description: | + A list of weighted backend services to send traffic to when a route match + occurs. The weights determine the fraction of traffic that flows to their + corresponding backend service. If all traffic needs to go to a single backend + service, there must be one weightedBackendService with weight set to a non 0 + number. Once a backendService is identified and before forwarding the request to + the backend service, advanced routing actions like Url rewrites and header + transformations are applied depending on additional settings specified in this + HttpRouteAction. + item_type: + type: NestedObject + properties: + - name: 'backendService' + type: ResourceRef + description: | + The default BackendService resource. Before + forwarding the request to backendService, the loadbalancer applies any relevant + headerActions specified as part of this backendServiceWeight. + required: true + custom_expand: 'templates/terraform/custom_expand/go/reference_to_backend.tmpl' + resource: 'BackendService' + imports: 'selfLink' + - name: 'headerAction' + type: NestedObject + description: | + Specifies changes to request and response headers that need to take effect for + the selected backendService. headerAction specified here take effect before + headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. + properties: + - name: 'requestHeadersToAdd' + type: Array + description: | + Headers to add to a matching request prior to forwarding the request to the + backendService. + item_type: + type: NestedObject + properties: + - name: 'headerName' + type: String + description: | + The name of the header. + required: true + - name: 'headerValue' + type: String + description: | + The value of the header to add. + required: true + - name: 'replace' + type: Boolean + description: | + If false, headerValue is appended to any values that already exist for the + header. If true, headerValue is set for the header, discarding any values that + were set for that header. + required: true + - name: 'requestHeadersToRemove' + type: Array + description: | + A list of header names for headers that need to be removed from the request + prior to forwarding the request to the backendService. + item_type: + type: String + - name: 'responseHeadersToAdd' + type: Array + description: | + Headers to add the response prior to sending the response back to the client. + item_type: + type: NestedObject + properties: + - name: 'headerName' + type: String + description: | + The name of the header. + required: true + - name: 'headerValue' + type: String + description: | + The value of the header to add. + required: true + - name: 'replace' + type: Boolean + description: | + If false, headerValue is appended to any values that already exist for the + header. If true, headerValue is set for the header, discarding any values that + were set for that header. + required: true + - name: 'responseHeadersToRemove' + type: Array + description: | + A list of header names for headers that need to be removed from the response + prior to sending the response back to the client. + item_type: + type: String + - name: 'weight' + type: Integer + description: | + Specifies the fraction of traffic sent to backendService, computed as weight / + (sum of all weightedBackendService weights in routeAction) . The selection of a + backend service is determined only for new traffic. Once a user's request has + been directed to a backendService, subsequent requests will be sent to the same + backendService as determined by the BackendService's session affinity policy. + The value must be between 0 and 1000 + required: true + - name: 'urlRedirect' + type: NestedObject + description: | + When a path pattern is matched, the request is redirected to a URL specified + by urlRedirect. If urlRedirect is specified, service or routeAction must not + be set. + properties: + - name: 'hostRedirect' + type: String + description: | + The host that will be used in the redirect response instead of the one + that was supplied in the request. The value must be between 1 and 255 + characters. + - name: 'httpsRedirect' + type: Boolean + description: | + If set to true, the URL scheme in the redirected request is set to https. + If set to false, the URL scheme of the redirected request will remain the + same as that of the request. This must only be set for UrlMaps used in + TargetHttpProxys. Setting this true for TargetHttpsProxy is not + permitted. The default is set to false. + default_value: false + - name: 'pathRedirect' + type: String + description: | + The path that will be used in the redirect response instead of the one + that was supplied in the request. pathRedirect cannot be supplied + together with prefixRedirect. Supply one alone or neither. If neither is + supplied, the path of the original request will be used for the redirect. + The value must be between 1 and 1024 characters. + - name: 'prefixRedirect' + type: String + description: | + The prefix that replaces the prefixMatch specified in the + HttpRouteRuleMatch, retaining the remaining portion of the URL before + redirecting the request. prefixRedirect cannot be supplied together with + pathRedirect. Supply one alone or neither. If neither is supplied, the + path of the original request will be used for the redirect. The value + must be between 1 and 1024 characters. + - name: 'redirectResponseCode' + type: Enum + description: | + The HTTP Status code to use for this RedirectAction. Supported values are: + + * MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. + + * FOUND, which corresponds to 302. + + * SEE_OTHER which corresponds to 303. + + * TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method + will be retained. + + * PERMANENT_REDIRECT, which corresponds to 308. In this case, + the request method will be retained. + enum_values: + - 'FOUND' + - 'MOVED_PERMANENTLY_DEFAULT' + - 'PERMANENT_REDIRECT' + - 'SEE_OTHER' + - 'TEMPORARY_REDIRECT' + exclude_docs_values: true + - name: 'stripQuery' + type: Boolean + description: | + If set to true, any accompanying query portion of the original URL is + removed prior to redirecting the request. If set to false, the query + portion of the original URL is retained. + This field is required to ensure an empty block is not set. The normal default value is false. + required: true + - name: 'routeRules' + type: Array + description: | + The list of ordered HTTP route rules. Use this list instead of pathRules when + advanced route matching and routing actions are desired. The order of specifying + routeRules matters: the first rule that matches will cause its specified routing + action to take effect. Within a given pathMatcher, only one of pathRules or + routeRules must be set. routeRules are not supported in UrlMaps intended for + External load balancers. + item_type: + type: NestedObject + properties: + - name: 'priority' + type: Integer + description: | + For routeRules within a given pathMatcher, priority determines the order + in which load balancer will interpret routeRules. RouteRules are evaluated + in order of priority, from the lowest to highest number. The priority of + a rule decreases as its number increases (1, 2, 3, N+1). The first rule + that matches the request is applied. + + You cannot configure two or more routeRules with the same priority. + Priority for each rule must be set to a number between 0 and + 2147483647 inclusive. + + Priority numbers can have gaps, which enable you to add or remove rules + in the future without affecting the rest of the rules. For example, + 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which + you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the + future without any impact on existing rules. + required: true + - name: 'service' + type: ResourceRef + description: | + The backend service resource to which traffic is + directed if this rule is matched. If routeAction is additionally specified, + advanced routing actions like URL Rewrites, etc. take effect prior to sending + the request to the backend. However, if service is specified, routeAction cannot + contain any weightedBackendService s. Conversely, if routeAction specifies any + weightedBackendServices, service must not be specified. Only one of urlRedirect, + service or routeAction.weightedBackendService must be set. + custom_expand: 'templates/terraform/custom_expand/go/reference_to_backend.tmpl' + resource: 'BackendService' + imports: 'selfLink' + - name: 'headerAction' + type: NestedObject + description: | + Specifies changes to request and response headers that need to take effect for + the selected backendService. The headerAction specified here are applied before + the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].r + outeAction.weightedBackendService.backendServiceWeightAction[].headerAction + properties: + - name: 'requestHeadersToAdd' + type: Array + description: | + Headers to add to a matching request prior to forwarding the request to the + backendService. + item_type: + type: NestedObject + properties: + - name: 'headerName' + type: String + description: | + The name of the header. + required: true + - name: 'headerValue' + type: String + description: | + The value of the header to add. + required: true + - name: 'replace' + type: Boolean + description: | + If false, headerValue is appended to any values that already exist for the + header. If true, headerValue is set for the header, discarding any values that + were set for that header. + required: true + - name: 'requestHeadersToRemove' + type: Array + description: | + A list of header names for headers that need to be removed from the request + prior to forwarding the request to the backendService. + item_type: + type: String + - name: 'responseHeadersToAdd' + type: Array + description: | + Headers to add the response prior to sending the response back to the client. + item_type: + type: NestedObject + properties: + - name: 'headerName' + type: String + description: | + The name of the header. + required: true + - name: 'headerValue' + type: String + description: | + The value of the header to add. + required: true + - name: 'replace' + type: Boolean + description: | + If false, headerValue is appended to any values that already exist for the + header. If true, headerValue is set for the header, discarding any values that + were set for that header. + required: true + - name: 'responseHeadersToRemove' + type: Array + description: | + A list of header names for headers that need to be removed from the response + prior to sending the response back to the client. + item_type: + type: String + - name: 'matchRules' + type: Array + description: | + The rules for determining a match. + item_type: + type: NestedObject + properties: + - name: 'fullPathMatch' + type: String + description: | + For satisfying the matchRule condition, the path of the request must exactly + match the value specified in fullPathMatch after removing any query parameters + and anchor that may be part of the original URL. FullPathMatch must be between 1 + and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must + be specified. + - name: 'headerMatches' + type: Array + description: | + Specifies a list of header match criteria, all of which must match corresponding + headers in the request. + item_type: + type: NestedObject + properties: + - name: 'exactMatch' + type: String + description: | + The value should exactly match contents of exactMatch. Only one of exactMatch, + prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. + - name: 'headerName' + type: String + description: | + The name of the HTTP header to match. For matching against the HTTP request's + authority, use a headerMatch with the header name ":authority". For matching a + request's method, use the headerName ":method". + required: true + - name: 'invertMatch' + type: Boolean + description: | + If set to false, the headerMatch is considered a match if the match criteria + above are met. If set to true, the headerMatch is considered a match if the + match criteria above are NOT met. Defaults to false. + default_value: false + - name: 'prefixMatch' + type: String + description: | + The value of the header must start with the contents of prefixMatch. Only one of + exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch + must be set. + - name: 'presentMatch' + type: Boolean + description: | + A header with the contents of headerName must exist. The match takes place + whether or not the request's header has a value or not. Only one of exactMatch, + prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. + - name: 'rangeMatch' + type: NestedObject + description: | + The header value must be an integer and its value must be in the range specified + in rangeMatch. If the header does not contain an integer, number or is empty, + the match fails. For example for a range [-5, 0] - -3 will match. - 0 will + not match. - 0.25 will not match. - -3someString will not match. Only one of + exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch + must be set. + properties: + - name: 'rangeEnd' + type: Integer + description: | + The end of the range (exclusive). + required: true + - name: 'rangeStart' + type: Integer + description: | + The start of the range (inclusive). + required: true + - name: 'regexMatch' + type: String + description: | + The value of the header must match the regular expression specified in + regexMatch. For regular expression grammar, please see: + en.cppreference.com/w/cpp/regex/ecmascript For matching against a port + specified in the HTTP request, use a headerMatch with headerName set to PORT and + a regular expression that satisfies the RFC2616 Host header's port specifier. + Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or + rangeMatch must be set. + - name: 'suffixMatch' + type: String + description: | + The value of the header must end with the contents of suffixMatch. Only one of + exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch + must be set. + - name: 'ignoreCase' + type: Boolean + description: | + Specifies that prefixMatch and fullPathMatch matches are case sensitive. + Defaults to false. + default_value: false + - name: 'metadataFilters' + type: Array + description: | + Opaque filter criteria used by Loadbalancer to restrict routing configuration to + a limited set xDS compliant clients. In their xDS requests to Loadbalancer, xDS + clients present node metadata. If a match takes place, the relevant routing + configuration is made available to those proxies. For each metadataFilter in + this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the + filterLabels must match the corresponding label provided in the metadata. If its + filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match + with corresponding labels in the provided metadata. metadataFilters specified + here can be overrides those specified in ForwardingRule that refers to this + UrlMap. metadataFilters only applies to Loadbalancers that have their + loadBalancingScheme set to INTERNAL_SELF_MANAGED. + item_type: + type: NestedObject + properties: + - name: 'filterLabels' + type: Array + description: | + The list of label value pairs that must match labels in the provided metadata + based on filterMatchCriteria This list must not be empty and can have at the + most 64 entries. + required: true + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + Name of metadata label. The name can have a maximum length of 1024 characters + and must be at least 1 character long. + required: true + - name: 'value' + type: String + description: | + The value of the label must match the specified value. value can have a maximum + length of 1024 characters. + required: true + min_size: 1 + max_size: 64 + - name: 'filterMatchCriteria' + type: Enum + description: | + Specifies how individual filterLabel matches within the list of filterLabels + contribute towards the overall metadataFilter match. Supported values are: + - MATCH_ANY: At least one of the filterLabels must have a matching label in the + provided metadata. + - MATCH_ALL: All filterLabels must have matching labels in + the provided metadata. + required: true + enum_values: + - 'MATCH_ALL' + - 'MATCH_ANY' + - name: 'prefixMatch' + type: String + description: | + For satisfying the matchRule condition, the request's path must begin with the + specified prefixMatch. prefixMatch must begin with a /. The value must be + between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or + regexMatch must be specified. + - name: 'queryParameterMatches' + type: Array + description: | + Specifies a list of query parameter match criteria, all of which must match + corresponding query parameters in the request. + item_type: + type: NestedObject + properties: + - name: 'exactMatch' + type: String + description: | + The queryParameterMatch matches if the value of the parameter exactly matches + the contents of exactMatch. Only one of presentMatch, exactMatch and regexMatch + must be set. + - name: 'name' + type: String + description: | + The name of the query parameter to match. The query parameter must exist in the + request, in the absence of which the request match fails. + required: true + - name: 'presentMatch' + type: Boolean + description: | + Specifies that the queryParameterMatch matches if the request contains the query + parameter, irrespective of whether the parameter has a value or not. Only one of + presentMatch, exactMatch and regexMatch must be set. + - name: 'regexMatch' + type: String + description: | + The queryParameterMatch matches if the value of the parameter matches the + regular expression specified by regexMatch. For the regular expression grammar, + please see en.cppreference.com/w/cpp/regex/ecmascript Only one of presentMatch, + exactMatch and regexMatch must be set. + - name: 'regexMatch' + type: String + description: | + For satisfying the matchRule condition, the path of the request must satisfy the + regular expression specified in regexMatch after removing any query parameters + and anchor supplied with the original URL. For regular expression grammar please + see en.cppreference.com/w/cpp/regex/ecmascript Only one of prefixMatch, + fullPathMatch or regexMatch must be specified. + - name: 'pathTemplateMatch' + type: String + description: | + For satisfying the matchRule condition, the path of the request + must match the wildcard pattern specified in pathTemplateMatch + after removing any query parameters and anchor that may be part + of the original URL. + + pathTemplateMatch must be between 1 and 255 characters + (inclusive). The pattern specified by pathTemplateMatch may + have at most 5 wildcard operators and at most 5 variable + captures in total. + - name: 'routeAction' + type: NestedObject + description: | + In response to a matching matchRule, the load balancer performs advanced routing + actions like URL rewrites, header transformations, etc. prior to forwarding the + request to the selected backend. If routeAction specifies any + weightedBackendServices, service must not be set. Conversely if service is set, + routeAction cannot contain any weightedBackendServices. Only one of routeAction + or urlRedirect must be set. + properties: + - name: 'corsPolicy' + type: NestedObject + description: | + The specification for allowing client side cross-origin requests. Please see W3C + Recommendation for Cross Origin Resource Sharing + properties: + - name: 'allowCredentials' + type: Boolean + description: | + In response to a preflight request, setting this to true indicates that the + actual request can include user credentials. This translates to the Access- + Control-Allow-Credentials header. Defaults to false. + default_value: false + - name: 'allowHeaders' + type: Array + description: | + Specifies the content for the Access-Control-Allow-Headers header. + item_type: + type: String + - name: 'allowMethods' + type: Array + description: | + Specifies the content for the Access-Control-Allow-Methods header. + item_type: + type: String + - name: 'allowOriginRegexes' + type: Array + description: | + Specifies the regular expression patterns that match allowed origins. For + regular expression grammar please see en.cppreference.com/w/cpp/regex/ecmascript + An origin is allowed if it matches either allow_origins or allow_origin_regex. + item_type: + type: String + - name: 'allowOrigins' + type: Array + description: | + Specifies the list of origins that will be allowed to do CORS requests. An + origin is allowed if it matches either allow_origins or allow_origin_regex. + item_type: + type: String + - name: 'disabled' + type: Boolean + description: | + If true, specifies the CORS policy is disabled. + which indicates that the CORS policy is in effect. Defaults to false. + default_value: false + - name: 'exposeHeaders' + type: Array + description: | + Specifies the content for the Access-Control-Expose-Headers header. + item_type: + type: String + - name: 'maxAge' + type: Integer + description: | + Specifies how long the results of a preflight request can be cached. This + translates to the content for the Access-Control-Max-Age header. + - name: 'faultInjectionPolicy' + type: NestedObject + description: | + The specification for fault injection introduced into traffic to test the + resiliency of clients to backend service failure. As part of fault injection, + when clients send requests to a backend service, delays can be introduced by + Loadbalancer on a percentage of requests before sending those request to the + backend service. Similarly requests from clients can be aborted by the + Loadbalancer for a percentage of requests. timeout and retry_policy will be + ignored by clients that are configured with a fault_injection_policy. + properties: + - name: 'abort' + type: NestedObject + description: | + The specification for how client requests are aborted as part of fault + injection. + properties: + - name: 'httpStatus' + type: Integer + description: | + The HTTP status code used to abort the request. The value must be between 200 + and 599 inclusive. + - name: 'percentage' + type: Double + description: | + The percentage of traffic (connections/operations/requests) which will be + aborted as part of fault injection. The value must be between 0.0 and 100.0 + inclusive. + - name: 'delay' + type: NestedObject + description: | + The specification for how client requests are delayed as part of fault + injection, before being sent to a backend service. + properties: + - name: 'fixedDelay' + type: NestedObject + description: | + Specifies the value of the fixed delay interval. + properties: + - name: 'nanos' + type: Integer + description: | + Span of time that's a fraction of a second at nanosecond resolution. Durations + less than one second are represented with a 0 `seconds` field and a positive + `nanos` field. Must be from 0 to 999,999,999 inclusive. + - name: 'seconds' + type: String + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 + inclusive. + required: true + - name: 'percentage' + type: Double + description: | + The percentage of traffic (connections/operations/requests) on which delay will + be introduced as part of fault injection. The value must be between 0.0 and + 100.0 inclusive. + - name: 'requestMirrorPolicy' + type: NestedObject + description: | + Specifies the policy on how requests intended for the route's backends are + shadowed to a separate mirrored backend service. Loadbalancer does not wait for + responses from the shadow service. Prior to sending traffic to the shadow + service, the host / authority header is suffixed with -shadow. + properties: + - name: 'backendService' + type: ResourceRef + description: | + The BackendService resource being mirrored to. + required: true + custom_expand: 'templates/terraform/custom_expand/go/reference_to_backend.tmpl' + resource: 'BackendService' + imports: 'selfLink' + - name: 'retryPolicy' + type: NestedObject + description: | + Specifies the retry policy associated with this route. + properties: + - name: 'numRetries' + type: Integer + description: | + Specifies the allowed number retries. This number must be > 0. + required: true + - name: 'perTryTimeout' + type: NestedObject + description: | + Specifies a non-zero timeout per retry attempt. + If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction + is not set, will use the largest timeout among all backend services associated with the route. + properties: + - name: 'nanos' + type: Integer + description: | + Span of time that's a fraction of a second at nanosecond resolution. Durations + less than one second are represented with a 0 `seconds` field and a positive + `nanos` field. Must be from 0 to 999,999,999 inclusive. + - name: 'seconds' + type: String + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 + inclusive. + required: true + - name: 'retryConditions' + type: Array + description: | + Specfies one or more conditions when this retry rule applies. Valid values are: + + * 5xx: Loadbalancer will attempt a retry if the backend service responds with + any 5xx response code, or if the backend service does not respond at all, + for example: disconnects, reset, read timeout, connection failure, and refused + streams. + * gateway-error: Similar to 5xx, but only applies to response codes + 502, 503 or 504. + * connect-failure: Loadbalancer will retry on failures + connecting to backend services, for example due to connection timeouts. + * retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. + Currently the only retriable error supported is 409. + * refused-stream: Loadbalancer will retry if the backend service resets the stream with a + REFUSED_STREAM error code. This reset type indicates that it is safe to retry. + * cancelled: Loadbalancer will retry if the gRPC status code in the response + header is set to cancelled + * deadline-exceeded: Loadbalancer will retry if the + gRPC status code in the response header is set to deadline-exceeded + * resource-exhausted: Loadbalancer will retry if the gRPC status code in the response + header is set to resource-exhausted + * unavailable: Loadbalancer will retry if the gRPC status code in + the response header is set to unavailable + item_type: + type: String + - name: 'timeout' + type: NestedObject + description: | + Specifies the timeout for the selected route. Timeout is computed from the time + the request is has been fully processed (i.e. end-of-stream) up until the + response has been completely processed. Timeout includes all retries. If not + specified, the default value is 15 seconds. + properties: + - name: 'nanos' + type: Integer + description: | + Span of time that's a fraction of a second at nanosecond resolution. Durations + less than one second are represented with a 0 `seconds` field and a positive + `nanos` field. Must be from 0 to 999,999,999 inclusive. + - name: 'seconds' + type: String + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 + inclusive. + required: true + - name: 'urlRewrite' + type: NestedObject + description: | + The spec to modify the URL of the request, prior to forwarding the request to + the matched service + properties: + - name: 'hostRewrite' + type: String + description: | + Prior to forwarding the request to the selected service, the request's host + header is replaced with contents of hostRewrite. The value must be between 1 and + 255 characters. + - name: 'pathPrefixRewrite' + type: String + description: | + Prior to forwarding the request to the selected backend service, the matching + portion of the request's path is replaced by pathPrefixRewrite. The value must + be between 1 and 1024 characters. + - name: 'pathTemplateRewrite' + type: String + description: | + Prior to forwarding the request to the selected origin, if the + request matched a pathTemplateMatch, the matching portion of the + request's path is replaced re-written using the pattern specified + by pathTemplateRewrite. + + pathTemplateRewrite must be between 1 and 255 characters + (inclusive), must start with a '/', and must only use variables + captured by the route's pathTemplate matchers. + + pathTemplateRewrite may only be used when all of a route's + MatchRules specify pathTemplate. + + Only one of pathPrefixRewrite and pathTemplateRewrite may be + specified. + - name: 'weightedBackendServices' + type: Array + description: | + A list of weighted backend services to send traffic to when a route match + occurs. The weights determine the fraction of traffic that flows to their + corresponding backend service. If all traffic needs to go to a single backend + service, there must be one weightedBackendService with weight set to a non 0 + number. Once a backendService is identified and before forwarding the request to + the backend service, advanced routing actions like Url rewrites and header + transformations are applied depending on additional settings specified in this + HttpRouteAction. + item_type: + type: NestedObject + properties: + - name: 'backendService' + type: ResourceRef + description: | + The default BackendService resource. Before + forwarding the request to backendService, the loadbalancer applies any relevant + headerActions specified as part of this backendServiceWeight. + required: true + custom_expand: 'templates/terraform/custom_expand/go/reference_to_backend.tmpl' + resource: 'BackendService' + imports: 'selfLink' + - name: 'headerAction' + type: NestedObject + description: | + Specifies changes to request and response headers that need to take effect for + the selected backendService. headerAction specified here take effect before + headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. + properties: + - name: 'requestHeadersToAdd' + type: Array + description: | + Headers to add to a matching request prior to forwarding the request to the + backendService. + item_type: + type: NestedObject + properties: + - name: 'headerName' + type: String + description: | + The name of the header. + required: true + - name: 'headerValue' + type: String + description: | + The value of the header to add. + required: true + - name: 'replace' + type: Boolean + description: | + If false, headerValue is appended to any values that already exist for the + header. If true, headerValue is set for the header, discarding any values that + were set for that header. + required: true + - name: 'requestHeadersToRemove' + type: Array + description: | + A list of header names for headers that need to be removed from the request + prior to forwarding the request to the backendService. + item_type: + type: String + - name: 'responseHeadersToAdd' + type: Array + description: | + Headers to add the response prior to sending the response back to the client. + item_type: + type: NestedObject + properties: + - name: 'headerName' + type: String + description: | + The name of the header. + required: true + - name: 'headerValue' + type: String + description: | + The value of the header to add. + required: true + - name: 'replace' + type: Boolean + description: | + If false, headerValue is appended to any values that already exist for the + header. If true, headerValue is set for the header, discarding any values that + were set for that header. + required: true + - name: 'responseHeadersToRemove' + type: Array + description: | + A list of header names for headers that need to be removed from the response + prior to sending the response back to the client. + item_type: + type: String + - name: 'weight' + type: Integer + description: | + Specifies the fraction of traffic sent to backendService, computed as weight / + (sum of all weightedBackendService weights in routeAction) . The selection of a + backend service is determined only for new traffic. Once a user's request has + been directed to a backendService, subsequent requests will be sent to the same + backendService as determined by the BackendService's session affinity policy. + The value must be between 0 and 1000 + required: true + - name: 'urlRedirect' + type: NestedObject + description: | + When this rule is matched, the request is redirected to a URL specified by + urlRedirect. If urlRedirect is specified, service or routeAction must not be + set. + properties: + - name: 'hostRedirect' + type: String + description: | + The host that will be used in the redirect response instead of the one that was + supplied in the request. The value must be between 1 and 255 characters. + - name: 'httpsRedirect' + type: Boolean + description: | + If set to true, the URL scheme in the redirected request is set to https. If set + to false, the URL scheme of the redirected request will remain the same as that + of the request. This must only be set for UrlMaps used in TargetHttpProxys. + Setting this true for TargetHttpsProxy is not permitted. Defaults to false. + default_value: false + - name: 'pathRedirect' + type: String + description: | + The path that will be used in the redirect response instead of the one that was + supplied in the request. Only one of pathRedirect or prefixRedirect must be + specified. The value must be between 1 and 1024 characters. + - name: 'prefixRedirect' + type: String + description: | + The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, + retaining the remaining portion of the URL before redirecting the request. + - name: 'redirectResponseCode' + type: Enum + description: | + The HTTP Status code to use for this RedirectAction. Supported values are: + + * MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. + + * FOUND, which corresponds to 302. + + * SEE_OTHER which corresponds to 303. + + * TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. + + * PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained. + enum_values: + - 'FOUND' + - 'MOVED_PERMANENTLY_DEFAULT' + - 'PERMANENT_REDIRECT' + - 'SEE_OTHER' + - 'TEMPORARY_REDIRECT' + exclude_docs_values: true + - name: 'stripQuery' + type: Boolean + description: | + If set to true, any accompanying query portion of the original URL is removed + prior to redirecting the request. If set to false, the query portion of the + original URL is retained. Defaults to false. + default_value: false + - name: 'defaultUrlRedirect' + type: NestedObject + # TODO: (mbang) won't work for array path matchers yet, uncomment here once they are supported. + # (github.com/hashicorp/terraform-plugin-sdk/issues/470) + # exactly_one_of: + # - path_matchers.0.default_service + # - path_matchers.0.default_url_redirect + # - path_matchers.0.default_route_action.0.weighted_backend_services + description: | + When none of the specified hostRules match, the request is redirected to a URL specified + by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or + defaultRouteAction must not be set. + properties: + - name: 'hostRedirect' + type: String + description: | + The host that will be used in the redirect response instead of the one that was + supplied in the request. The value must be between 1 and 255 characters. + - name: 'httpsRedirect' + type: Boolean + description: | + If set to true, the URL scheme in the redirected request is set to https. If set to + false, the URL scheme of the redirected request will remain the same as that of the + request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this + true for TargetHttpsProxy is not permitted. The default is set to false. + default_value: false + - name: 'pathRedirect' + type: String + description: | + The path that will be used in the redirect response instead of the one that was + supplied in the request. pathRedirect cannot be supplied together with + prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the + original request will be used for the redirect. The value must be between 1 and 1024 + characters. + - name: 'prefixRedirect' + type: String + description: | + The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, + retaining the remaining portion of the URL before redirecting the request. + prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or + neither. If neither is supplied, the path of the original request will be used for + the redirect. The value must be between 1 and 1024 characters. + - name: 'redirectResponseCode' + type: Enum + description: | + The HTTP Status code to use for this RedirectAction. Supported values are: + + * MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. + + * FOUND, which corresponds to 302. + + * SEE_OTHER which corresponds to 303. + + * TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method + will be retained. + + * PERMANENT_REDIRECT, which corresponds to 308. In this case, + the request method will be retained. + enum_values: + - 'FOUND' + - 'MOVED_PERMANENTLY_DEFAULT' + - 'PERMANENT_REDIRECT' + - 'SEE_OTHER' + - 'TEMPORARY_REDIRECT' + exclude_docs_values: true + - name: 'stripQuery' + type: Boolean + description: | + If set to true, any accompanying query portion of the original URL is removed prior + to redirecting the request. If set to false, the query portion of the original URL is + retained. + This field is required to ensure an empty block is not set. The normal default value is false. + required: true + - name: 'defaultRouteAction' + type: NestedObject + # TODO: (mbang) conflicts also won't work for array path matchers yet, uncomment here once supported. + # conflicts: + # - path_matcher.path_matcher.default_url_redirect + description: | + defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs + advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request + to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. + Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. + + Only one of defaultRouteAction or defaultUrlRedirect must be set. + properties: + - name: 'weightedBackendServices' + type: Array + # TODO: (mbang) won't work for array path matchers yet, uncomment here once they are supported. + # (github.com/hashicorp/terraform-plugin-sdk/issues/470) + # exactly_one_of: + # - path_matchers.0.default_service + # - path_matchers.0.default_url_redirect + # - path_matchers.0.default_route_action.0.weighted_backend_services + description: | + A list of weighted backend services to send traffic to when a route match occurs. + The weights determine the fraction of traffic that flows to their corresponding backend service. + If all traffic needs to go to a single backend service, there must be one weightedBackendService + with weight set to a non 0 number. + + Once a backendService is identified and before forwarding the request to the backend service, + advanced routing actions like Url rewrites and header transformations are applied depending on + additional settings specified in this HttpRouteAction. + item_type: + type: NestedObject + properties: + - name: 'backendService' + type: ResourceRef + description: | + The full or partial URL to the default BackendService resource. Before forwarding the + request to backendService, the loadbalancer applies any relevant headerActions + specified as part of this backendServiceWeight. + custom_expand: 'templates/terraform/custom_expand/go/reference_to_backend.tmpl' + resource: 'BackendService' + imports: 'selfLink' + - name: 'weight' + type: Integer + description: | + Specifies the fraction of traffic sent to backendService, computed as + weight / (sum of all weightedBackendService weights in routeAction) . + + The selection of a backend service is determined only for new traffic. Once a user's request + has been directed to a backendService, subsequent requests will be sent to the same backendService + as determined by the BackendService's session affinity policy. + + The value must be between 0 and 1000 + validation: + function: 'validation.IntBetween(0, 1000)' + - name: 'headerAction' + type: NestedObject + description: | + Specifies changes to request and response headers that need to take effect for + the selected backendService. + + headerAction specified here take effect before headerAction in the enclosing + HttpRouteRule, PathMatcher and UrlMap. + properties: + - name: 'requestHeadersToRemove' + type: Array + description: | + A list of header names for headers that need to be removed from the request prior to + forwarding the request to the backendService. + item_type: + type: String + - name: 'requestHeadersToAdd' + type: Array + description: | + Headers to add to a matching request prior to forwarding the request to the backendService. + item_type: + type: NestedObject + properties: + - name: 'headerName' + type: String + description: | + The name of the header to add. + - name: 'headerValue' + type: String + description: | + The value of the header to add. + - name: 'replace' + type: Boolean + description: | + If false, headerValue is appended to any values that already exist for the header. + If true, headerValue is set for the header, discarding any values that were set for that header. + default_value: false + - name: 'responseHeadersToRemove' + type: Array + description: | + A list of header names for headers that need to be removed from the response prior to sending the + response back to the client. + item_type: + type: String + - name: 'responseHeadersToAdd' + type: Array + description: | + Headers to add the response prior to sending the response back to the client. + item_type: + type: NestedObject + properties: + - name: 'headerName' + type: String + description: | + The name of the header to add. + - name: 'headerValue' + type: String + description: | + The value of the header to add. + - name: 'replace' + type: Boolean + description: | + If false, headerValue is appended to any values that already exist for the header. + If true, headerValue is set for the header, discarding any values that were set for that header. + default_value: false + - name: 'urlRewrite' + type: NestedObject + description: | + The spec to modify the URL of the request, prior to forwarding the request to the matched service. + properties: + - name: 'pathPrefixRewrite' + type: String + description: | + Prior to forwarding the request to the selected backend service, the matching portion of the + request's path is replaced by pathPrefixRewrite. + + The value must be between 1 and 1024 characters. + - name: 'hostRewrite' + type: String + description: | + Prior to forwarding the request to the selected service, the request's host header is replaced + with contents of hostRewrite. + + The value must be between 1 and 255 characters. + - name: 'timeout' + type: NestedObject + description: | + Specifies the timeout for the selected route. Timeout is computed from the time the request has been + fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. + + If not specified, will use the largest timeout among all backend services associated with the route. + default_from_api: true + properties: + - name: 'seconds' + type: String + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. + Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years + - name: 'nanos' + type: Integer + description: | + Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented + with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. + - name: 'retryPolicy' + type: NestedObject + description: | + Specifies the retry policy associated with this route. + properties: + - name: 'retryConditions' + type: Array + description: | + Specfies one or more conditions when this retry rule applies. Valid values are: + + * 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, + or if the backend service does not respond at all, example: disconnects, reset, read timeout, + * connection failure, and refused streams. + * gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. + * connect-failure: Loadbalancer will retry on failures connecting to backend services, + for example due to connection timeouts. + * retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. + Currently the only retriable error supported is 409. + * refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. + This reset type indicates that it is safe to retry. + * cancelled: Loadbalancer will retry if the gRPC status code in the response header is set to cancelled + * deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded + * resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted + * unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable + item_type: + type: String + - name: 'numRetries' + type: Integer + description: | + Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1. + validation: + function: 'validation.IntAtLeast(1)' + default_value: 1 + - name: 'perTryTimeout' + type: NestedObject + description: | + Specifies a non-zero timeout per retry attempt. + + If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, + will use the largest timeout among all backend services associated with the route. + properties: + - name: 'seconds' + type: String + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. + Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years + - name: 'nanos' + type: Integer + description: | + Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are + represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. + - name: 'requestMirrorPolicy' + type: NestedObject + description: | + Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. + Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, + the host / authority header is suffixed with -shadow. + properties: + - name: 'backendService' + type: ResourceRef + description: | + The full or partial URL to the BackendService resource being mirrored to. + required: true + custom_expand: 'templates/terraform/custom_expand/go/reference_to_backend.tmpl' + resource: 'BackendService' + imports: 'selfLink' + - name: 'corsPolicy' + type: NestedObject + description: | + The specification for allowing client side cross-origin requests. Please see + [W3C Recommendation for Cross Origin Resource Sharing](https://www.w3.org/TR/cors/) + properties: + - name: 'allowOrigins' + type: Array + description: | + Specifies the list of origins that will be allowed to do CORS requests. + An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. + item_type: + type: String + - name: 'allowOriginRegexes' + type: Array + description: | + Specifies the regular expression patterns that match allowed origins. For regular expression grammar + please see en.cppreference.com/w/cpp/regex/ecmascript + An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. + item_type: + type: String + - name: 'allowMethods' + type: Array + description: | + Specifies the content for the Access-Control-Allow-Methods header. + item_type: + type: String + - name: 'allowHeaders' + type: Array + description: | + Specifies the content for the Access-Control-Allow-Headers header. + item_type: + type: String + - name: 'exposeHeaders' + type: Array + description: | + Specifies the content for the Access-Control-Expose-Headers header. + item_type: + type: String + - name: 'maxAge' + type: Integer + description: | + Specifies how long results of a preflight request can be cached in seconds. + This translates to the Access-Control-Max-Age header. + - name: 'allowCredentials' + type: Boolean + description: | + In response to a preflight request, setting this to true indicates that the actual request can include user credentials. + This translates to the Access-Control-Allow-Credentials header. + default_value: false + - name: 'disabled' + type: Boolean + description: | + If true, specifies the CORS policy is disabled. The default value is false, which indicates that the CORS policy is in effect. + default_value: false + - name: 'faultInjectionPolicy' + type: NestedObject + description: | + The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. + As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a + percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted + by the Loadbalancer for a percentage of requests. + + timeout and retryPolicy will be ignored by clients that are configured with a faultInjectionPolicy. + properties: + - name: 'delay' + type: NestedObject + description: | + The specification for how client requests are delayed as part of fault injection, before being sent to a backend service. + properties: + - name: 'fixedDelay' + type: NestedObject + description: | + Specifies the value of the fixed delay interval. + properties: + - name: 'seconds' + type: String + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. + Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years + - name: 'nanos' + type: Integer + description: | + Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are + represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. + - name: 'percentage' + type: Double + description: | + The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. + The value must be between 0.0 and 100.0 inclusive. + validation: + function: 'validation.FloatBetween(0, 100)' + - name: 'abort' + type: NestedObject + description: | + The specification for how client requests are aborted as part of fault injection. + properties: + - name: 'httpStatus' + type: Integer + description: | + The HTTP status code used to abort the request. + The value must be between 200 and 599 inclusive. + validation: + function: 'validation.IntBetween(200, 599)' + - name: 'percentage' + type: Double + description: | + The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. + The value must be between 0.0 and 100.0 inclusive. + validation: + function: 'validation.FloatBetween(0, 100)' + - name: 'defaultCustomErrorResponsePolicy' + type: NestedObject + description: | + defaultCustomErrorResponsePolicy specifies how the Load Balancer returns error responses when BackendServiceor BackendBucket responds with an error. + + This policy takes effect at the PathMatcher level and applies only when no policy has been defined for the error code at lower levels like RouteRule and PathRule within this PathMatcher. If an error code does not have a policy defined in defaultCustomErrorResponsePolicy, then a policy defined for the error code in UrlMap.defaultCustomErrorResponsePolicy takes effect. + + For example, consider a UrlMap with the following configuration: + + UrlMap.defaultCustomErrorResponsePolicy is configured with policies for 5xx and 4xx errors + A RouteRule for /coming_soon/ is configured for the error code 404. + If the request is for www.myotherdomain.com and a 404 is encountered, the policy under UrlMap.defaultCustomErrorResponsePolicy takes effect. If a 404 response is encountered for the request www.example.com/current_events/, the pathMatcher's policy takes effect. If however, the request for www.example.com/coming_soon/ encounters a 404, the policy in RouteRule.customErrorResponsePolicy takes effect. If any of the requests in this example encounter a 500 error code, the policy at UrlMap.defaultCustomErrorResponsePolicy takes effect. + + When used in conjunction with pathMatcher.defaultRouteAction.retryPolicy, retries take precedence. Only once all retries are exhausted, the defaultCustomErrorResponsePolicy is applied. While attempting a retry, if load balancer is successful in reaching the service, the defaultCustomErrorResponsePolicy is ignored and the response from the service is returned to the client. + + defaultCustomErrorResponsePolicy is supported only for global external Application Load Balancers. + min_version: 'beta' + properties: + - name: 'errorResponseRule' + type: Array + description: | + Specifies rules for returning error responses. + In a given policy, if you specify rules for both a range of error codes as well as rules for specific error codes then rules with specific error codes have a higher priority. + For example, assume that you configure a rule for 401 (Un-authorized) code, and another for all 4 series error codes (4XX). + If the backend service returns a 401, then the rule for 401 will be applied. However if the backend service returns a 403, the rule for 4xx takes effect. + api_name: errorResponseRules + item_type: + type: NestedObject + properties: + - name: 'matchResponseCodes' + type: Array + description: | + Valid values include: + - A number between 400 and 599: For example 401 or 503, in which case the load balancer applies the policy if the error code exactly matches this value. + - 5xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of 500 to 599. + - 4xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of 400 to 499. + Values must be unique within matchResponseCodes and across all errorResponseRules of CustomErrorResponsePolicy. + item_type: + type: String + - name: 'path' + type: String + description: | + The full path to a file within backendBucket. For example: /errors/defaultError.html + path must start with a leading slash. path cannot have trailing slashes. + If the file is not available in backendBucket or the load balancer cannot reach the BackendBucket, a simple Not Found Error is returned to the client. + The value must be from 1 to 1024 characters. + - name: 'overrideResponseCode' + type: Integer + description: | + The HTTP status code returned with the response containing the custom error content. + If overrideResponseCode is not supplied, the same response code returned by the original backend bucket or backend service is returned to the client. + - name: 'errorService' + type: ResourceRef + description: | + The full or partial URL to the BackendBucket resource that contains the custom error content. Examples are: + + https://www.googleapis.com/compute/v1/projects/project/global/backendBuckets/myBackendBucket + compute/v1/projects/project/global/backendBuckets/myBackendBucket + global/backendBuckets/myBackendBucket + + If errorService is not specified at lower levels like pathMatcher, pathRule and routeRule, an errorService specified at a higher level in the UrlMap will be used. If UrlMap.defaultCustomErrorResponsePolicy contains one or more errorResponseRules[], it must specify errorService. + If load balancer cannot reach the backendBucket, a simple Not Found Error will be returned, with the original response code (or overrideResponseCode if configured). + resource: 'BackendBucket' + imports: 'selfLink' + - name: 'test' + type: Array + description: | + The list of expected URL mapping tests. Request to update this UrlMap will + succeed only if all of the test cases pass. You can specify a maximum of 100 + tests per UrlMap. + api_name: tests + item_type: + type: NestedObject + properties: + - name: 'description' + type: String + description: | + Description of this test case. + - name: 'host' + type: String + description: | + Host portion of the URL. + required: true + - name: 'path' + type: String + description: | + Path portion of the URL. + required: true + - name: 'service' + type: ResourceRef + description: The backend service or backend bucket link that should be matched by this test. + required: true + custom_expand: 'templates/terraform/custom_expand/go/reference_to_backend.tmpl' + resource: 'BackendService' + imports: 'selfLink' + - name: 'defaultUrlRedirect' + type: NestedObject + description: | + When none of the specified hostRules match, the request is redirected to a URL specified + by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or + defaultRouteAction must not be set. + conflicts: + - default_route_action + exactly_one_of: + - 'default_service' + - 'default_url_redirect' + - 'default_route_action.0.weighted_backend_services' + properties: + - name: 'hostRedirect' + type: String + description: | + The host that will be used in the redirect response instead of the one that was + supplied in the request. The value must be between 1 and 255 characters. + - name: 'httpsRedirect' + type: Boolean + description: | + If set to true, the URL scheme in the redirected request is set to https. If set to + false, the URL scheme of the redirected request will remain the same as that of the + request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this + true for TargetHttpsProxy is not permitted. The default is set to false. + default_value: false + - name: 'pathRedirect' + type: String + description: | + The path that will be used in the redirect response instead of the one that was + supplied in the request. pathRedirect cannot be supplied together with + prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the + original request will be used for the redirect. The value must be between 1 and 1024 + characters. + - name: 'prefixRedirect' + type: String + description: | + The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, + retaining the remaining portion of the URL before redirecting the request. + prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or + neither. If neither is supplied, the path of the original request will be used for + the redirect. The value must be between 1 and 1024 characters. + - name: 'redirectResponseCode' + type: Enum + description: | + The HTTP Status code to use for this RedirectAction. Supported values are: + + * MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. + + * FOUND, which corresponds to 302. + + * SEE_OTHER which corresponds to 303. + + * TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method + will be retained. + + * PERMANENT_REDIRECT, which corresponds to 308. In this case, + the request method will be retained. + enum_values: + - 'FOUND' + - 'MOVED_PERMANENTLY_DEFAULT' + - 'PERMANENT_REDIRECT' + - 'SEE_OTHER' + - 'TEMPORARY_REDIRECT' + exclude_docs_values: true + - name: 'stripQuery' + type: Boolean + description: | + If set to true, any accompanying query portion of the original URL is removed prior + to redirecting the request. If set to false, the query portion of the original URL is + retained. The default is set to false. + This field is required to ensure an empty block is not set. The normal default value is false. + required: true + - name: 'defaultRouteAction' + type: NestedObject + description: | + defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions + like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. + If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService + is set, defaultRouteAction cannot contain any weightedBackendServices. + + Only one of defaultRouteAction or defaultUrlRedirect must be set. + conflicts: + - default_url_redirect + properties: + - name: 'weightedBackendServices' + type: Array + description: | + A list of weighted backend services to send traffic to when a route match occurs. + The weights determine the fraction of traffic that flows to their corresponding backend service. + If all traffic needs to go to a single backend service, there must be one weightedBackendService + with weight set to a non 0 number. + + Once a backendService is identified and before forwarding the request to the backend service, + advanced routing actions like Url rewrites and header transformations are applied depending on + additional settings specified in this HttpRouteAction. + at_least_one_of: + - 'default_route_action.0.weighted_backend_services' + - 'default_route_action.0.url_rewrite' + - 'default_route_action.0.timeout' + - 'default_route_action.0.retry_policy' + - 'default_route_action.0.request_mirror_policy' + - 'default_route_action.0.cors_policy' + - 'default_route_action.0.fault_injection_policy' + exactly_one_of: + - 'default_service' + - 'default_url_redirect' + - 'default_route_action.0.weighted_backend_services' + item_type: + type: NestedObject + properties: + - name: 'backendService' + type: ResourceRef + description: | + The full or partial URL to the default BackendService resource. Before forwarding the + request to backendService, the loadbalancer applies any relevant headerActions + specified as part of this backendServiceWeight. + custom_expand: 'templates/terraform/custom_expand/go/reference_to_backend.tmpl' + resource: 'BackendService' + imports: 'selfLink' + - name: 'weight' + type: Integer + description: | + Specifies the fraction of traffic sent to backendService, computed as + weight / (sum of all weightedBackendService weights in routeAction) . + + The selection of a backend service is determined only for new traffic. Once a user's request + has been directed to a backendService, subsequent requests will be sent to the same backendService + as determined by the BackendService's session affinity policy. + + The value must be between 0 and 1000 + validation: + function: 'validation.IntBetween(0, 1000)' + - name: 'headerAction' + type: NestedObject + description: | + Specifies changes to request and response headers that need to take effect for + the selected backendService. + + headerAction specified here take effect before headerAction in the enclosing + HttpRouteRule, PathMatcher and UrlMap. + properties: + - name: 'requestHeadersToRemove' + type: Array + description: | + A list of header names for headers that need to be removed from the request prior to + forwarding the request to the backendService. + item_type: + type: String + - name: 'requestHeadersToAdd' + type: Array + description: | + Headers to add to a matching request prior to forwarding the request to the backendService. + item_type: + type: NestedObject + properties: + - name: 'headerName' + type: String + description: | + The name of the header to add. + - name: 'headerValue' + type: String + description: | + The value of the header to add. + - name: 'replace' + type: Boolean + description: | + If false, headerValue is appended to any values that already exist for the header. + If true, headerValue is set for the header, discarding any values that were set for that header. + default_value: false + - name: 'responseHeadersToRemove' + type: Array + description: | + A list of header names for headers that need to be removed from the response prior to sending the + response back to the client. + item_type: + type: String + - name: 'responseHeadersToAdd' + type: Array + description: | + Headers to add the response prior to sending the response back to the client. + item_type: + type: NestedObject + properties: + - name: 'headerName' + type: String + description: | + The name of the header to add. + - name: 'headerValue' + type: String + description: | + The value of the header to add. + - name: 'replace' + type: Boolean + description: | + If false, headerValue is appended to any values that already exist for the header. + If true, headerValue is set for the header, discarding any values that were set for that header. + default_value: false + - name: 'urlRewrite' + type: NestedObject + description: | + The spec to modify the URL of the request, prior to forwarding the request to the matched service. + at_least_one_of: + - 'default_route_action.0.weighted_backend_services' + - 'default_route_action.0.url_rewrite' + - 'default_route_action.0.timeout' + - 'default_route_action.0.retry_policy' + - 'default_route_action.0.request_mirror_policy' + - 'default_route_action.0.cors_policy' + - 'default_route_action.0.fault_injection_policy' + properties: + - name: 'pathPrefixRewrite' + type: String + description: | + Prior to forwarding the request to the selected backend service, the matching portion of the + request's path is replaced by pathPrefixRewrite. + + The value must be between 1 and 1024 characters. + at_least_one_of: + - 'default_route_action.0.url_rewrite.0.path_prefix_rewrite' + - 'default_route_action.0.url_rewrite.0.host_rewrite' + - name: 'hostRewrite' + type: String + description: | + Prior to forwarding the request to the selected service, the request's host header is replaced + with contents of hostRewrite. + + The value must be between 1 and 255 characters. + at_least_one_of: + - 'default_route_action.0.url_rewrite.0.path_prefix_rewrite' + - 'default_route_action.0.url_rewrite.0.host_rewrite' + - name: 'timeout' + type: NestedObject + description: | + Specifies the timeout for the selected route. Timeout is computed from the time the request has been + fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. + + If not specified, will use the largest timeout among all backend services associated with the route. + default_from_api: true + at_least_one_of: + - 'default_route_action.0.weighted_backend_services' + - 'default_route_action.0.url_rewrite' + - 'default_route_action.0.timeout' + - 'default_route_action.0.retry_policy' + - 'default_route_action.0.request_mirror_policy' + - 'default_route_action.0.cors_policy' + - 'default_route_action.0.fault_injection_policy' + properties: + - name: 'seconds' + type: String + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. + Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years + at_least_one_of: + - 'default_route_action.0.timeout.0.seconds' + - 'default_route_action.0.timeout.0.nanos' + - name: 'nanos' + type: Integer + description: | + Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented + with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. + at_least_one_of: + - 'default_route_action.0.timeout.0.seconds' + - 'default_route_action.0.timeout.0.nanos' + - name: 'retryPolicy' + type: NestedObject + description: | + Specifies the retry policy associated with this route. + at_least_one_of: + - 'default_route_action.0.weighted_backend_services' + - 'default_route_action.0.url_rewrite' + - 'default_route_action.0.timeout' + - 'default_route_action.0.retry_policy' + - 'default_route_action.0.request_mirror_policy' + - 'default_route_action.0.cors_policy' + - 'default_route_action.0.fault_injection_policy' + properties: + - name: 'retryConditions' + type: Array + description: | + Specfies one or more conditions when this retry rule applies. Valid values are: + + * 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, + or if the backend service does not respond at all, example: disconnects, reset, read timeout, + * connection failure, and refused streams. + * gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. + * connect-failure: Loadbalancer will retry on failures connecting to backend services, + for example due to connection timeouts. + * retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. + Currently the only retriable error supported is 409. + * refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. + This reset type indicates that it is safe to retry. + * cancelled: Loadbalancer will retry if the gRPC status code in the response header is set to cancelled + * deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded + * resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted + * unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable + at_least_one_of: + - 'default_route_action.0.retry_policy.0.retry_conditions' + - 'default_route_action.0.retry_policy.0.num_retries' + - 'default_route_action.0.retry_policy.0.per_try_timeout' + item_type: + type: String + - name: 'numRetries' + type: Integer + description: | + Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1. + at_least_one_of: + - 'default_route_action.0.retry_policy.0.retry_conditions' + - 'default_route_action.0.retry_policy.0.num_retries' + - 'default_route_action.0.retry_policy.0.per_try_timeout' + validation: + function: 'validation.IntAtLeast(1)' + default_value: 1 + - name: 'perTryTimeout' + type: NestedObject + description: | + Specifies a non-zero timeout per retry attempt. + + If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, + will use the largest timeout among all backend services associated with the route. + at_least_one_of: + - 'default_route_action.0.retry_policy.0.retry_conditions' + - 'default_route_action.0.retry_policy.0.num_retries' + - 'default_route_action.0.retry_policy.0.per_try_timeout' + properties: + - name: 'seconds' + type: String + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. + Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years + at_least_one_of: + - 'default_route_action.0.retry_policy.0.per_try_timeout.0.seconds' + - 'default_route_action.0.retry_policy.0.per_try_timeout.0.nanos' + - name: 'nanos' + type: Integer + description: | + Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are + represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. + at_least_one_of: + - 'default_route_action.0.retry_policy.0.per_try_timeout.0.seconds' + - 'default_route_action.0.retry_policy.0.per_try_timeout.0.nanos' + - name: 'requestMirrorPolicy' + type: NestedObject + description: | + Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. + Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, + the host / authority header is suffixed with -shadow. + at_least_one_of: + - 'default_route_action.0.weighted_backend_services' + - 'default_route_action.0.url_rewrite' + - 'default_route_action.0.timeout' + - 'default_route_action.0.retry_policy' + - 'default_route_action.0.request_mirror_policy' + - 'default_route_action.0.cors_policy' + - 'default_route_action.0.fault_injection_policy' + properties: + - name: 'backendService' + type: ResourceRef + description: | + The full or partial URL to the BackendService resource being mirrored to. + required: true + custom_expand: 'templates/terraform/custom_expand/go/reference_to_backend.tmpl' + resource: 'BackendService' + imports: 'selfLink' + - name: 'corsPolicy' + type: NestedObject + description: | + The specification for allowing client side cross-origin requests. Please see + [W3C Recommendation for Cross Origin Resource Sharing](https://www.w3.org/TR/cors/) + at_least_one_of: + - 'default_route_action.0.weighted_backend_services' + - 'default_route_action.0.url_rewrite' + - 'default_route_action.0.timeout' + - 'default_route_action.0.retry_policy' + - 'default_route_action.0.request_mirror_policy' + - 'default_route_action.0.cors_policy' + - 'default_route_action.0.fault_injection_policy' + properties: + - name: 'allowOrigins' + type: Array + description: | + Specifies the list of origins that will be allowed to do CORS requests. + An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. + at_least_one_of: + - 'default_route_action.0.cors_policy.0.allow_origins' + - 'default_route_action.0.cors_policy.0.allow_origin_regexes' + - 'default_route_action.0.cors_policy.0.allow_methods' + - 'default_route_action.0.cors_policy.0.allow_headers' + - 'default_route_action.0.cors_policy.0.expose_headers' + - 'default_route_action.0.cors_policy.0.max_age' + - 'default_route_action.0.cors_policy.0.allow_credentials' + - 'default_route_action.0.cors_policy.0.disabled' + item_type: + type: String + - name: 'allowOriginRegexes' + type: Array + description: | + Specifies the regular expression patterns that match allowed origins. For regular expression grammar + please see en.cppreference.com/w/cpp/regex/ecmascript + An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. + at_least_one_of: + - 'default_route_action.0.cors_policy.0.allow_origins' + - 'default_route_action.0.cors_policy.0.allow_origin_regexes' + - 'default_route_action.0.cors_policy.0.allow_methods' + - 'default_route_action.0.cors_policy.0.allow_headers' + - 'default_route_action.0.cors_policy.0.expose_headers' + - 'default_route_action.0.cors_policy.0.max_age' + - 'default_route_action.0.cors_policy.0.allow_credentials' + - 'default_route_action.0.cors_policy.0.disabled' + item_type: + type: String + - name: 'allowMethods' + type: Array + description: | + Specifies the content for the Access-Control-Allow-Methods header. + at_least_one_of: + - 'default_route_action.0.cors_policy.0.allow_origins' + - 'default_route_action.0.cors_policy.0.allow_origin_regexes' + - 'default_route_action.0.cors_policy.0.allow_methods' + - 'default_route_action.0.cors_policy.0.allow_headers' + - 'default_route_action.0.cors_policy.0.expose_headers' + - 'default_route_action.0.cors_policy.0.max_age' + - 'default_route_action.0.cors_policy.0.allow_credentials' + - 'default_route_action.0.cors_policy.0.disabled' + item_type: + type: String + - name: 'allowHeaders' + type: Array + description: | + Specifies the content for the Access-Control-Allow-Headers header. + at_least_one_of: + - 'default_route_action.0.cors_policy.0.allow_origins' + - 'default_route_action.0.cors_policy.0.allow_origin_regexes' + - 'default_route_action.0.cors_policy.0.allow_methods' + - 'default_route_action.0.cors_policy.0.allow_headers' + - 'default_route_action.0.cors_policy.0.expose_headers' + - 'default_route_action.0.cors_policy.0.max_age' + - 'default_route_action.0.cors_policy.0.allow_credentials' + - 'default_route_action.0.cors_policy.0.disabled' + item_type: + type: String + - name: 'exposeHeaders' + type: Array + description: | + Specifies the content for the Access-Control-Expose-Headers header. + at_least_one_of: + - 'default_route_action.0.cors_policy.0.allow_origins' + - 'default_route_action.0.cors_policy.0.allow_origin_regexes' + - 'default_route_action.0.cors_policy.0.allow_methods' + - 'default_route_action.0.cors_policy.0.allow_headers' + - 'default_route_action.0.cors_policy.0.expose_headers' + - 'default_route_action.0.cors_policy.0.max_age' + - 'default_route_action.0.cors_policy.0.allow_credentials' + - 'default_route_action.0.cors_policy.0.disabled' + item_type: + type: String + - name: 'maxAge' + type: Integer + description: | + Specifies how long results of a preflight request can be cached in seconds. + This translates to the Access-Control-Max-Age header. + at_least_one_of: + - 'default_route_action.0.cors_policy.0.allow_origins' + - 'default_route_action.0.cors_policy.0.allow_origin_regexes' + - 'default_route_action.0.cors_policy.0.allow_methods' + - 'default_route_action.0.cors_policy.0.allow_headers' + - 'default_route_action.0.cors_policy.0.expose_headers' + - 'default_route_action.0.cors_policy.0.max_age' + - 'default_route_action.0.cors_policy.0.allow_credentials' + - 'default_route_action.0.cors_policy.0.disabled' + - name: 'allowCredentials' + type: Boolean + description: | + In response to a preflight request, setting this to true indicates that the actual request can include user credentials. + This translates to the Access-Control-Allow-Credentials header. + at_least_one_of: + - 'default_route_action.0.cors_policy.0.allow_origins' + - 'default_route_action.0.cors_policy.0.allow_origin_regexes' + - 'default_route_action.0.cors_policy.0.allow_methods' + - 'default_route_action.0.cors_policy.0.allow_headers' + - 'default_route_action.0.cors_policy.0.expose_headers' + - 'default_route_action.0.cors_policy.0.max_age' + - 'default_route_action.0.cors_policy.0.allow_credentials' + - 'default_route_action.0.cors_policy.0.disabled' + default_value: false + - name: 'disabled' + type: Boolean + description: | + If true, specifies the CORS policy is disabled. The default value is false, which indicates that the CORS policy is in effect. + at_least_one_of: + - 'default_route_action.0.cors_policy.0.allow_origins' + - 'default_route_action.0.cors_policy.0.allow_origin_regexes' + - 'default_route_action.0.cors_policy.0.allow_methods' + - 'default_route_action.0.cors_policy.0.allow_headers' + - 'default_route_action.0.cors_policy.0.expose_headers' + - 'default_route_action.0.cors_policy.0.max_age' + - 'default_route_action.0.cors_policy.0.allow_credentials' + - 'default_route_action.0.cors_policy.0.disabled' + default_value: false + - name: 'faultInjectionPolicy' + type: NestedObject + description: | + The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. + As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a + percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted + by the Loadbalancer for a percentage of requests. + + timeout and retryPolicy will be ignored by clients that are configured with a faultInjectionPolicy. + at_least_one_of: + - 'default_route_action.0.weighted_backend_services' + - 'default_route_action.0.url_rewrite' + - 'default_route_action.0.timeout' + - 'default_route_action.0.retry_policy' + - 'default_route_action.0.request_mirror_policy' + - 'default_route_action.0.cors_policy' + - 'default_route_action.0.fault_injection_policy' + properties: + - name: 'delay' + type: NestedObject + description: | + The specification for how client requests are delayed as part of fault injection, before being sent to a backend service. + at_least_one_of: + - 'default_route_action.0.fault_injection_policy.0.delay' + - 'default_route_action.0.fault_injection_policy.0.abort' + properties: + - name: 'fixedDelay' + type: NestedObject + description: | + Specifies the value of the fixed delay interval. + at_least_one_of: + - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay' + - 'default_route_action.0.fault_injection_policy.0.delay.0.percentage' + properties: + - name: 'seconds' + type: String + description: | + Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. + Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years + at_least_one_of: + - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.seconds' + - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.nanos' + - name: 'nanos' + type: Integer + description: | + Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are + represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. + at_least_one_of: + - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.seconds' + - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.nanos' + - name: 'percentage' + type: Double + description: | + The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. + The value must be between 0.0 and 100.0 inclusive. + at_least_one_of: + - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay' + - 'default_route_action.0.fault_injection_policy.0.delay.0.percentage' + validation: + function: 'validation.FloatBetween(0, 100)' + - name: 'abort' + type: NestedObject + description: | + The specification for how client requests are aborted as part of fault injection. + at_least_one_of: + - 'default_route_action.0.fault_injection_policy.0.delay' + - 'default_route_action.0.fault_injection_policy.0.abort' + properties: + - name: 'httpStatus' + type: Integer + description: | + The HTTP status code used to abort the request. + The value must be between 200 and 599 inclusive. + at_least_one_of: + - 'default_route_action.0.fault_injection_policy.0.abort.0.http_status' + - 'default_route_action.0.fault_injection_policy.0.abort.0.percentage' + validation: + function: 'validation.IntBetween(200, 599)' + - name: 'percentage' + type: Double + description: | + The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. + The value must be between 0.0 and 100.0 inclusive. + at_least_one_of: + - 'default_route_action.0.fault_injection_policy.0.abort.0.http_status' + - 'default_route_action.0.fault_injection_policy.0.abort.0.percentage' + validation: + function: 'validation.FloatBetween(0, 100)' diff --git a/mmv1/products/compute/go_VpnGateway.yaml b/mmv1/products/compute/go_VpnGateway.yaml new file mode 100644 index 000000000000..24be342df8cc --- /dev/null +++ b/mmv1/products/compute/go_VpnGateway.yaml @@ -0,0 +1,108 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'VpnGateway' +kind: 'compute#targetVpnGateway' +description: | + Represents a VPN gateway running in GCP. This virtual device is managed + by Google, but used only by you. +references: + guides: + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/targetVpnGateways' +docs: + warning: | + Classic VPN is deprecating certain functionality on October 31, 2021. For more information, + see the [Classic VPN partial deprecation page](https://cloud.google.com/network-connectivity/docs/vpn/deprecations/classic-vpn-deprecation). +base_url: 'projects/{{project}}/regions/{{region}}/targetVpnGateways' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: +examples: + - name: 'target_vpn_gateway_basic' + primary_resource_id: 'target_gateway' + vars: + target_vpn_gateway_name: 'vpn-1' + network_name: 'network-1' + address_name: 'vpn-static-ip' + esp_forwarding_rule_name: 'fr-esp' + udp500_forwarding_rule_name: 'fr-udp500' + udp4500_forwarding_rule_name: 'fr-udp4500' + vpn_tunnel_name: 'tunnel1' + route_name: 'route1' +parameters: + - name: 'region' + type: ResourceRef + description: | + The region this gateway should sit in. + required: false + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' +properties: + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'description' + type: String + description: 'An optional description of this resource.' + immutable: true + - name: 'name' + type: String + description: | + Name of the resource. Provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and + match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means + the first character must be a lowercase letter, and all following + characters must be a dash, lowercase letter, or digit, except the last + character, which cannot be a dash. + required: true + immutable: true + - name: 'gateway_id' + type: Integer + description: 'The unique identifier for the resource.' + api_name: id + output: true + - name: 'network' + type: ResourceRef + description: | + The network this VPN gateway is accepting traffic for. + required: true + immutable: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Network' + imports: 'selfLink' diff --git a/mmv1/products/compute/go_VpnTunnel.yaml b/mmv1/products/compute/go_VpnTunnel.yaml new file mode 100644 index 000000000000..116133853a5f --- /dev/null +++ b/mmv1/products/compute/go_VpnTunnel.yaml @@ -0,0 +1,229 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'VpnTunnel' +kind: 'compute#vpnTunnel' +description: 'VPN tunnel resource.' +references: + guides: + 'Cloud VPN Overview': 'https://cloud.google.com/vpn/docs/concepts/overview' + 'Networks and Tunnel Routing': 'https://cloud.google.com/vpn/docs/concepts/choosing-networks-routing' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/vpnTunnels' +docs: +base_url: 'projects/{{project}}/regions/{{region}}/vpnTunnels' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: + constants: 'templates/terraform/constants/go/vpn_tunnel.tmpl' + encoder: 'templates/terraform/encoders/go/vpn_tunnel.go.tmpl' + post_create: 'templates/terraform/post_create/go/labels.tmpl' +examples: + - name: 'vpn_tunnel_basic' + primary_resource_id: 'tunnel1' + vars: + vpn_tunnel_name: 'tunnel-1' + target_vpn_gateway_name: 'vpn-1' + network_name: 'network-1' + address_name: 'vpn-static-ip' + esp_forwarding_rule_name: 'fr-esp' + udp500_forwarding_rule_name: 'fr-udp500' + udp4500_forwarding_rule_name: 'fr-udp4500' + route_name: 'route1' +parameters: + - name: 'region' + type: ResourceRef + description: + 'The region where the tunnel is located. If unset, is set to the region of + `target_vpn_gateway`.' + required: false + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' +properties: + - name: 'tunnel_id' + type: String + description: + 'The unique identifier for the resource. This identifier is defined by the + server.' + api_name: id + output: true + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'name' + type: String + description: | + Name of the resource. The name must be 1-63 characters long, and + comply with RFC1035. Specifically, the name must be 1-63 + characters long and match the regular expression + `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character + must be a lowercase letter, and all following characters must + be a dash, lowercase letter, or digit, + except the last character, which cannot be a dash. + required: true + - name: 'description' + type: String + description: | + An optional description of this resource. + immutable: true + - name: 'targetVpnGateway' + type: ResourceRef + description: | + URL of the Target VPN gateway with which this VPN tunnel is + associated. + immutable: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'VpnGateway' + imports: 'selfLink' + - name: 'vpnGateway' + type: ResourceRef + description: | + URL of the VPN gateway with which this VPN tunnel is associated. + This must be used if a High Availability VPN gateway resource is created. + This field must reference a `google_compute_ha_vpn_gateway` resource. + immutable: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'HaVpnGateway' + imports: 'selfLink' + - name: 'vpnGatewayInterface' + type: Integer + description: | + The interface ID of the VPN gateway with which this VPN tunnel is associated. + immutable: true + send_empty_value: true + - name: 'peerExternalGateway' + type: ResourceRef + description: | + URL of the peer side external VPN gateway to which this VPN tunnel is connected. + immutable: true + conflicts: + - peer_gcp_gateway + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'ExternalVpnGateway' + imports: 'selfLink' + - name: 'peerExternalGatewayInterface' + type: Integer + description: | + The interface ID of the external VPN gateway to which this VPN tunnel is connected. + send_empty_value: true + - name: 'peerGcpGateway' + type: ResourceRef + description: | + URL of the peer side HA GCP VPN gateway to which this VPN tunnel is connected. + If provided, the VPN tunnel will automatically use the same vpn_gateway_interface + ID in the peer GCP VPN gateway. + This field must reference a `google_compute_ha_vpn_gateway` resource. + conflicts: + - peer_external_gateway + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'HaVpnGateway' + imports: 'selfLink' + - name: 'router' + type: ResourceRef + description: | + URL of router resource to be used for dynamic routing. + immutable: true + custom_expand: 'templates/terraform/custom_expand/go/compute_full_url.tmpl' + resource: 'Router' + imports: 'selfLink' + - name: 'peerIp' + type: String + description: | + IP address of the peer VPN gateway. Only IPv4 is supported. + default_from_api: true + validation: + function: 'validatePeerAddr' + - name: 'sharedSecret' + type: String + description: | + Shared secret used to set the secure session between the Cloud VPN + gateway and the peer VPN gateway. + required: true + ignore_read: true + sensitive: true + - name: 'sharedSecretHash' + type: String + description: | + Hash of the shared secret. + output: true + - name: 'ikeVersion' + type: Integer + description: | + IKE protocol version to use when establishing the VPN tunnel with + peer VPN gateway. + Acceptable IKE versions are 1 or 2. Default version is 2. + default_value: 2 + - name: 'localTrafficSelector' + type: Array + description: | + Local traffic selector to use when establishing the VPN tunnel with + peer VPN gateway. The value should be a CIDR formatted string, + for example `192.168.0.0/16`. The ranges should be disjoint. + Only IPv4 is supported. + is_set: true + default_from_api: true + item_type: + type: String + - name: 'remoteTrafficSelector' + type: Array + description: | + Remote traffic selector to use when establishing the VPN tunnel with + peer VPN gateway. The value should be a CIDR formatted string, + for example `192.168.0.0/16`. The ranges should be disjoint. + Only IPv4 is supported. + is_set: true + default_from_api: true + item_type: + type: String + - name: 'labels' + type: KeyValueLabels + description: Labels to apply to this VpnTunnel. + update_url: 'projects/{{project}}/regions/{{region}}/vpnTunnels/{{name}}/setLabels' + update_verb: 'POST' + - name: 'labelFingerprint' + type: Fingerprint + description: | + The fingerprint used for optimistic locking of this resource. Used + internally during updates. + output: true + update_url: 'projects/{{project}}/regions/{{region}}/vpnTunnels/{{name}}/setLabels' + update_verb: 'POST' + key_expander: '' + - name: 'detailedStatus' + type: String + description: 'Detailed status message for the VPN tunnel.' + output: true diff --git a/mmv1/products/compute/go_Zone.yaml b/mmv1/products/compute/go_Zone.yaml new file mode 100644 index 000000000000..a88b4719203a --- /dev/null +++ b/mmv1/products/compute/go_Zone.yaml @@ -0,0 +1,117 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Zone' +kind: 'compute#zone' +description: 'Represents a Zone resource.' +# Used as a resource reference +exclude: true +readonly: true +docs: +base_url: 'projects/{{project}}/zones' +has_self_link: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +collection_url_key: 'items' +custom_code: +parameters: +properties: + - name: 'creationTimestamp' + type: Time + description: 'Creation timestamp in RFC3339 text format.' + output: true + - name: 'deprecated' + type: NestedObject + description: 'The deprecation status associated with this machine type.' + output: true + properties: + - name: 'deleted' + type: Time + description: | + An optional RFC3339 timestamp on or after which the state of this + resource is intended to change to DELETED. This is only + informational and the status will not change unless the client + explicitly changes it. + output: true + - name: 'deprecated' + type: Time + description: | + An optional RFC3339 timestamp on or after which the state of this + resource is intended to change to DEPRECATED. This is only + informational and the status will not change unless the client + explicitly changes it. + output: true + - name: 'obsolete' + type: Time + description: | + An optional RFC3339 timestamp on or after which the state of this + resource is intended to change to OBSOLETE. This is only + informational and the status will not change unless the client + explicitly changes it. + output: true + - name: 'replacement' + type: String + description: | + The URL of the suggested replacement for a deprecated resource. + The suggested replacement resource must be the same kind of + resource as the deprecated resource. + output: true + - name: 'state' + type: Enum + description: | + The deprecation state of this resource. This can be DEPRECATED, + OBSOLETE, or DELETED. Operations which create a new resource + using a DEPRECATED resource will return successfully, but with a + warning indicating the deprecated resource and recommending its + replacement. Operations which use OBSOLETE or DELETED resources + will be rejected and result in an error. + output: true + enum_values: + - 'DEPRECATED' + - 'OBSOLETE' + - 'DELETED' + - name: 'description' + type: String + description: 'An optional textual description of the resource.' + output: true + - name: 'id' + type: Integer + description: 'The unique identifier for the resource.' + output: true + - name: 'name' + type: String + description: 'Name of the resource.' + - name: 'region' + type: ResourceRef + description: 'The region where the zone is located.' + output: true + custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'selfLink' + - name: 'status' + type: Enum + description: 'The status of the zone.' + output: true + enum_values: + - 'UP' + - 'DOWN' + - name: 'availableCpuPlatforms' + type: Array + description: 'The available CPU platforms in this zone' + output: true + item_type: + type: String diff --git a/mmv1/products/compute/go_product.yaml b/mmv1/products/compute/go_product.yaml new file mode 100644 index 000000000000..b239add11991 --- /dev/null +++ b/mmv1/products/compute/go_product.yaml @@ -0,0 +1,24 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Compute' +display_name: 'Compute Engine' +versions: + - name: 'ga' + base_url: 'https://compute.googleapis.com/compute/v1/' + - name: 'beta' + base_url: 'https://compute.googleapis.com/compute/beta/' +scopes: + - 'https://www.googleapis.com/auth/compute' diff --git a/mmv1/products/compute/product.yaml b/mmv1/products/compute/product.yaml old mode 100644 new mode 100755 index a77b1c0718a7..7dd9a9d9422a --- a/mmv1/products/compute/product.yaml +++ b/mmv1/products/compute/product.yaml @@ -1,3 +1,13 @@ +<<<<<<< HEAD +# Copyright 2021 Google LLC. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +======= # Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -5,11 +15,48 @@ # # http://www.apache.org/licenses/LICENSE-2.0 # +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +<<<<<<<< HEAD:mmv1/products/compute/product.yaml + +--- !ruby/object:Api::Product +# TODO(nelsonjr): Make all Zone and Region resource ref +name: Compute +display_name: Compute Engine +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://compute.googleapis.com/compute/v1/ + - !ruby/object:Api::Product::Version + name: beta + base_url: https://compute.googleapis.com/compute/beta/ +scopes: + - https://www.googleapis.com/auth/compute +======== +name: basic_certificate_template +description: An example of a basic privateca certificate template +type: certificate_template +versions: +- ga +- beta +resource: samples/basic.certificate_template.json +updates: +- resource: samples/update.certificate_template.json + dependencies: [] +variables: +- name: region + type: region +- name: template + type: resource_name +- name: project + type: project +>>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856:tpgtools/api/privateca/samples/basic_certificate_template.yaml +======= --- name: 'Compute' @@ -21,3 +68,4 @@ versions: base_url: 'https://compute.googleapis.com/compute/beta/' scopes: - 'https://www.googleapis.com/auth/compute' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/containeranalysis/Note.yaml b/mmv1/products/containeranalysis/Note.yaml index 25d97c4b389d..9c7d4cfd9287 100644 --- a/mmv1/products/containeranalysis/Note.yaml +++ b/mmv1/products/containeranalysis/Note.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,16 +15,60 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Note' +base_url: projects/{{project}}/notes?noteId={{name}} +self_link: projects/{{project}}/notes/{{name}} +update_verb: :PATCH +update_mask: true +description: | + A Container Analysis note is a high-level piece of metadata that + describes a type of analysis that can be done for a resource. +references: !ruby/object:Api::Resource::ReferenceLinks +======= --- name: 'Note' description: | A Container Analysis note is a high-level piece of metadata that describes a type of analysis that can be done for a resource. references: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 guides: 'Official Documentation': 'https://cloud.google.com/container-analysis/' 'Creating Attestations (Occurrences)': 'https://cloud.google.com/binary-authorization/docs/making-attestations' api: 'https://cloud.google.com/container-analysis/api/reference/rest/' +<<<<<<< HEAD +iam_policy: !ruby/object:Api::Resource::IamPolicy + method_name_separator: ':' + fetch_iam_policy_verb: :POST + parent_resource_attribute: 'note' + import_format: ['projects/{{project}}/notes/{{name}}', '{{name}}'] + allowed_iam_role: 'roles/containeranalysis.notes.occurrences.viewer' +mutex: 'projects/{{project}}/notes/{{name}}' +id_format: 'projects/{{project}}/notes/{{name}}' +import_format: ['projects/{{project}}/notes/{{name}}'] +custom_code: !ruby/object:Provider::Terraform::CustomCode + encoder: templates/terraform/encoders/containeranalysis_attestation_field_name.go.erb + decoder: templates/terraform/decoders/containeranalysis_attestation_field_name.go.erb +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'container_analysis_note_basic' + primary_resource_id: 'note' + primary_resource_name: "fmt.Sprintf(\"tf-test-attestor-note%s\", + context[\"random_suffix\"\ + ])" + vars: + note_name: 'attestor-note' + - !ruby/object:Provider::Terraform::Examples + name: 'container_analysis_note_attestation_full' + primary_resource_id: 'note' + vars: + note_name: 'attestor-note' +properties: + - !ruby/object:Api::Type::String + name: name +======= docs: id_format: 'projects/{{project}}/notes/{{name}}' base_url: 'projects/{{project}}/notes?noteId={{name}}' @@ -60,10 +108,73 @@ parameters: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the note. required: true immutable: true +<<<<<<< HEAD + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + - !ruby/object:Api::Type::String + name: shortDescription + description: | + A one sentence description of the note. + - !ruby/object:Api::Type::String + name: longDescription + description: | + A detailed description of the note + - !ruby/object:Api::Type::Enum + name: 'kind' + description: | + The type of analysis this note describes + values: + - NOTE_KIND_UNSPECIFIED + - VULNERABILITY + - BUILD + - IMAGE + - PACKAGE + - DEPLOYMENT + - DISCOVERY + - ATTESTATION + - UPGRADE + output: true + - !ruby/object:Api::Type::Array + name: relatedUrl + description: | + URLs associated with this note and related metadata. + is_set: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: url + description: | + Specific URL associated with the resource. + required: true + - !ruby/object:Api::Type::String + name: label + description: | + Label to describe usage of the URL + - !ruby/object:Api::Type::Time + name: expirationTime + description: | + Time of expiration for this note. Leave empty if note does not expire. + - !ruby/object:Api::Type::Time + name: createTime + description: The time this note was created. + output: true + - !ruby/object:Api::Type::Time + name: updateTime + description: The time this note was last updated. + output: true + - !ruby/object:Api::Type::Array + name: relatedNoteNames + description: | + Names of other notes related to this note. + is_set: true + item_type: Api::Type::String + - !ruby/object:Api::Type::NestedObject + name: attestationAuthority +======= custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' - name: 'shortDescription' type: String @@ -126,6 +237,7 @@ properties: type: String - name: 'attestationAuthority' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Note kind that represents a logical attestation "role" or "authority". For example, an organization might have one AttestationAuthority for @@ -138,8 +250,13 @@ properties: project. required: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: hint +======= - name: 'hint' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This submessage provides human-readable hints about the purpose of the AttestationAuthority. Because the name of a Note acts as its @@ -151,8 +268,13 @@ properties: Attestations to verify. required: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: humanReadableName +======= - name: 'humanReadableName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The human readable name of this Attestation Authority, for example "qa". diff --git a/mmv1/products/containeranalysis/Occurrence.yaml b/mmv1/products/containeranalysis/Occurrence.yaml index 7ea07bd819e9..eac356f3d90b 100644 --- a/mmv1/products/containeranalysis/Occurrence.yaml +++ b/mmv1/products/containeranalysis/Occurrence.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,29 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Occurrence' +base_url: projects/{{project}}/occurrences +self_link: projects/{{project}}/occurrences/{{name}} +update_verb: :PATCH +update_mask: true +description: | + An occurrence is an instance of a Note, or type of analysis that + can be done for a resource. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/container-analysis/' + api: 'https://cloud.google.com/container-analysis/api/reference/rest/' +mutex: '{{note_name}}' +id_format: 'projects/{{project}}/occurrences/{{name}}' +import_format: ['projects/{{project}}/occurrences/{{name}}'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'container_analysis_occurrence_kms' + # Occurrence requires custom logic for signing payloads. + skip_test: true +======= --- name: 'Occurrence' description: | @@ -39,10 +66,26 @@ custom_code: decoder: 'templates/terraform/decoders/containeranalysis_occurrence.go.tmpl' examples: - name: 'container_analysis_occurrence_kms' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'occurrence' vars: note_name: 'attestation-note' attestor: 'attestor' +<<<<<<< HEAD +custom_code: !ruby/object:Provider::Terraform::CustomCode + encoder: templates/terraform/encoders/containeranalysis_occurrence.go.erb + update_encoder: templates/terraform/update_encoder/containeranalysis_occurrence.go.erb + decoder: templates/terraform/decoders/containeranalysis_occurrence.go.erb +properties: + - !ruby/object:Api::Type::String + name: name + description: | + The name of the occurrence. + output: true + custom_flatten: templates/terraform/custom_flatten/name_from_self_link.erb + - !ruby/object:Api::Type::String + name: resourceUri +======= # Occurrence requires custom logic for signing payloads. exclude_test: true parameters: @@ -55,27 +98,54 @@ properties: custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' - name: 'resourceUri' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Required. Immutable. A URI that represents the resource for which the occurrence applies. For example, https://gcr.io/project/image@sha256:123abc for a Docker image. required: true immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: noteName +======= - name: 'noteName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The analysis note associated with this occurrence, in the form of projects/[PROJECT]/notes/[NOTE_ID]. This field can be used as a filter in list requests. required: true immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: kind +======= - name: 'kind' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The note kind which explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: remediation + description: | + A description of actions that can be taken to remedy the note. + - !ruby/object:Api::Type::Time + name: createTime + description: The time when the repository was created. + output: true + - !ruby/object:Api::Type::Time + name: updateTime + description: The time when the repository was last updated. + output: true + - !ruby/object:Api::Type::NestedObject + name: attestation +======= - name: 'remediation' type: String description: | @@ -90,6 +160,7 @@ properties: output: true - name: 'attestation' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Occurrence that represents a single "attestation". The authenticity of an attestation can be verified using the attached signature. @@ -101,20 +172,38 @@ properties: which authority this attestation was intended to sign. required: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: serializedPayload +======= - name: 'serializedPayload' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The serialized payload that is verified by one or more signatures. A base64-encoded string. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: signatures +======= - name: 'signatures' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | One or more signatures over serializedPayload. Verifier implementations should consider this attestation message verified if at least one signature verifies serializedPayload. See Signature in common.proto for more details on signature structure and verification. +<<<<<<< HEAD + required: true + is_set: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: signature +======= is_set: true required: true item_type: @@ -122,6 +211,7 @@ properties: properties: - name: 'signature' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The content of the signature, an opaque bytestring. The payload that this signature verifies MUST be @@ -130,8 +220,14 @@ properties: payload explicitly. Alternatively, a message might have a canonical serialization that can always be unambiguously computed to derive the payload. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: publicKeyId + required: true +======= - name: 'publicKeyId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The identifier for the public key that verifies this signature. MUST be an RFC3986 conformant @@ -144,4 +240,7 @@ properties: * `openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA` * RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization): * "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU" +<<<<<<< HEAD +======= required: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/containeranalysis/go_Note.yaml b/mmv1/products/containeranalysis/go_Note.yaml new file mode 100644 index 000000000000..77758fa8c219 --- /dev/null +++ b/mmv1/products/containeranalysis/go_Note.yaml @@ -0,0 +1,160 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Note' +description: | + A Container Analysis note is a high-level piece of metadata that + describes a type of analysis that can be done for a resource. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/container-analysis/' + 'Creating Attestations (Occurrences)': 'https://cloud.google.com/binary-authorization/docs/making-attestations' + api: 'https://cloud.google.com/container-analysis/api/reference/rest/' +docs: +id_format: 'projects/{{project}}/notes/{{name}}' +base_url: 'projects/{{project}}/notes?noteId={{name}}' +self_link: 'projects/{{project}}/notes/{{name}}' +update_verb: 'PATCH' +update_mask: true +mutex: 'projects/{{project}}/notes/{{name}}' +import_format: + - 'projects/{{project}}/notes/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: + method_name_separator: ':' + fetch_iam_policy_verb: 'POST' + allowed_iam_role: 'roles/containeranalysis.notes.occurrences.viewer' + parent_resource_attribute: 'note' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/notes/{{name}}' + - '{{name}}' +custom_code: + encoder: 'templates/terraform/encoders/go/containeranalysis_attestation_field_name.go.tmpl' + decoder: 'templates/terraform/decoders/go/containeranalysis_attestation_field_name.go.tmpl' +examples: + - name: 'container_analysis_note_basic' + primary_resource_id: 'note' + primary_resource_name: 'fmt.Sprintf("tf-test-attestor-note%s", context["random_suffix"])' + vars: + note_name: 'attestor-note' + - name: 'container_analysis_note_attestation_full' + primary_resource_id: 'note' + vars: + note_name: 'attestor-note' +parameters: +properties: + - name: 'name' + type: String + description: | + The name of the note. + required: true + immutable: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + - name: 'shortDescription' + type: String + description: | + A one sentence description of the note. + - name: 'longDescription' + type: String + description: | + A detailed description of the note + - name: 'kind' + type: Enum + description: | + The type of analysis this note describes + output: true + enum_values: + - 'NOTE_KIND_UNSPECIFIED' + - 'VULNERABILITY' + - 'BUILD' + - 'IMAGE' + - 'PACKAGE' + - 'DEPLOYMENT' + - 'DISCOVERY' + - 'ATTESTATION' + - 'UPGRADE' + - name: 'relatedUrl' + type: Array + description: | + URLs associated with this note and related metadata. + is_set: true + item_type: + type: NestedObject + properties: + - name: 'url' + type: String + description: | + Specific URL associated with the resource. + required: true + - name: 'label' + type: String + description: | + Label to describe usage of the URL + - name: 'expirationTime' + type: Time + description: | + Time of expiration for this note. Leave empty if note does not expire. + - name: 'createTime' + type: Time + description: The time this note was created. + output: true + - name: 'updateTime' + type: Time + description: The time this note was last updated. + output: true + - name: 'relatedNoteNames' + type: Array + description: | + Names of other notes related to this note. + is_set: true + item_type: + type: String + - name: 'attestationAuthority' + type: NestedObject + description: | + Note kind that represents a logical attestation "role" or "authority". + For example, an organization might have one AttestationAuthority for + "QA" and one for "build". This Note is intended to act strictly as a + grouping mechanism for the attached Occurrences (Attestations). This + grouping mechanism also provides a security boundary, since IAM ACLs + gate the ability for a principle to attach an Occurrence to a given + Note. It also provides a single point of lookup to find all attached + Attestation Occurrences, even if they don't all live in the same + project. + required: true + properties: + - name: 'hint' + type: NestedObject + description: | + This submessage provides human-readable hints about the purpose of + the AttestationAuthority. Because the name of a Note acts as its + resource reference, it is important to disambiguate the canonical + name of the Note (which might be a UUID for security purposes) + from "readable" names more suitable for debug output. Note that + these hints should NOT be used to look up AttestationAuthorities + in security sensitive contexts, such as when looking up + Attestations to verify. + required: true + properties: + - name: 'humanReadableName' + type: String + description: | + The human readable name of this Attestation Authority, for + example "qa". + required: true diff --git a/mmv1/products/containeranalysis/go_Occurrence.yaml b/mmv1/products/containeranalysis/go_Occurrence.yaml new file mode 100644 index 000000000000..8f4a3a1a341f --- /dev/null +++ b/mmv1/products/containeranalysis/go_Occurrence.yaml @@ -0,0 +1,148 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Occurrence' +description: | + An occurrence is an instance of a Note, or type of analysis that + can be done for a resource. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/container-analysis/' + api: 'https://cloud.google.com/container-analysis/api/reference/rest/' +docs: +id_format: 'projects/{{project}}/occurrences/{{name}}' +base_url: 'projects/{{project}}/occurrences' +self_link: 'projects/{{project}}/occurrences/{{name}}' +update_verb: 'PATCH' +update_mask: true +mutex: '{{note_name}}' +import_format: + - 'projects/{{project}}/occurrences/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + encoder: 'templates/terraform/encoders/go/containeranalysis_occurrence.go.tmpl' + update_encoder: 'templates/terraform/update_encoder/go/containeranalysis_occurrence.go.tmpl' + decoder: 'templates/terraform/decoders/go/containeranalysis_occurrence.go.tmpl' +examples: + - name: 'container_analysis_occurrence_kms' + primary_resource_id: 'occurrence' + vars: + note_name: 'attestation-note' + attestor: 'attestor' + # Occurrence requires custom logic for signing payloads. + exclude_test: true +parameters: +properties: + - name: 'name' + type: String + description: | + The name of the occurrence. + output: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + - name: 'resourceUri' + type: String + description: | + Required. Immutable. A URI that represents the resource for which + the occurrence applies. For example, + https://gcr.io/project/image@sha256:123abc for a Docker image. + required: true + immutable: true + - name: 'noteName' + type: String + description: | + The analysis note associated with this occurrence, in the form of + projects/[PROJECT]/notes/[NOTE_ID]. This field can be used as a + filter in list requests. + required: true + immutable: true + - name: 'kind' + type: String + description: | + The note kind which explicitly denotes which of the occurrence + details are specified. This field can be used as a filter in list + requests. + output: true + - name: 'remediation' + type: String + description: | + A description of actions that can be taken to remedy the note. + - name: 'createTime' + type: Time + description: The time when the repository was created. + output: true + - name: 'updateTime' + type: Time + description: The time when the repository was last updated. + output: true + - name: 'attestation' + type: NestedObject + description: | + Occurrence that represents a single "attestation". The authenticity + of an attestation can be verified using the attached signature. + If the verifier trusts the public key of the signer, then verifying + the signature is sufficient to establish trust. In this circumstance, + the authority to which this attestation is attached is primarily + useful for lookup (how to find this attestation if you already + know the authority and artifact to be verified) and intent (for + which authority this attestation was intended to sign. + required: true + properties: + - name: 'serializedPayload' + type: String + description: | + The serialized payload that is verified by one or + more signatures. A base64-encoded string. + required: true + - name: 'signatures' + type: Array + description: | + One or more signatures over serializedPayload. + Verifier implementations should consider this attestation + message verified if at least one signature verifies + serializedPayload. See Signature in common.proto for more + details on signature structure and verification. + is_set: true + required: true + item_type: + type: NestedObject + properties: + - name: 'signature' + type: String + description: | + The content of the signature, an opaque bytestring. + The payload that this signature verifies MUST be + unambiguously provided with the Signature during + verification. A wrapper message might provide the + payload explicitly. Alternatively, a message might + have a canonical serialization that can always be + unambiguously computed to derive the payload. + - name: 'publicKeyId' + type: String + description: | + The identifier for the public key that verifies this + signature. MUST be an RFC3986 conformant + URI. * When possible, the key id should be an + immutable reference, such as a cryptographic digest. + Examples of valid values: + + * OpenPGP V4 public key fingerprint. See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr + for more details on this scheme. + * `openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA` + * RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization): + * "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU" + required: true diff --git a/mmv1/products/containeranalysis/go_product.yaml b/mmv1/products/containeranalysis/go_product.yaml new file mode 100644 index 000000000000..3a11f455fccd --- /dev/null +++ b/mmv1/products/containeranalysis/go_product.yaml @@ -0,0 +1,24 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'ContainerAnalysis' +display_name: 'Container Registry' +versions: + - name: 'ga' + base_url: 'https://containeranalysis.googleapis.com/v1/' + - name: 'beta' + base_url: 'https://containeranalysis.googleapis.com/v1beta1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/containeranalysis/product.yaml b/mmv1/products/containeranalysis/product.yaml index e2ac4f990167..38877e82e992 100644 --- a/mmv1/products/containeranalysis/product.yaml +++ b/mmv1/products/containeranalysis/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2018 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,20 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: ContainerAnalysis +display_name: Container Registry +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://containeranalysis.googleapis.com/v1/ + - !ruby/object:Api::Product::Version + name: beta + base_url: https://containeranalysis.googleapis.com/v1beta1/ +scopes: + - https://www.googleapis.com/auth/cloud-platform +======= --- name: 'ContainerAnalysis' display_name: 'Container Registry' @@ -21,3 +39,4 @@ versions: base_url: 'https://containeranalysis.googleapis.com/v1beta1/' scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/containerattached/Cluster.yaml b/mmv1/products/containerattached/Cluster.yaml index d5d9f173e7fb..99f4614778ee 100644 --- a/mmv1/products/containerattached/Cluster.yaml +++ b/mmv1/products/containerattached/Cluster.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,15 +15,71 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Cluster' +base_url: projects/{{project}}/locations/{{location}}/attachedClusters +create_url: projects/{{project}}/locations/{{location}}/attachedClusters?attached_cluster_id={{name}} +delete_url: projects/{{project}}/locations/{{location}}/attachedClusters/{{name}} +update_url: projects/{{project}}/locations/{{location}}/attachedClusters/{{name}} +self_link: projects/{{project}}/locations/{{location}}/attachedClusters/{{name}} +update_verb: :PATCH +update_mask: true +delete_verb: :DELETE +description: | + An Anthos cluster running on customer owned infrastructure. +references: !ruby/object:Api::Resource::ReferenceLinks +======= --- name: 'Cluster' description: | An Anthos cluster running on customer owned infrastructure. references: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 guides: 'API reference': 'https://cloud.google.com/anthos/clusters/docs/multi-cloud/reference/rest/v1/projects.locations.attachedClusters' 'Multicloud overview': 'https://cloud.google.com/anthos/clusters/docs/multi-cloud' api: 'https://cloud.google.com/anthos/clusters/docs/multi-cloud/reference/rest' +<<<<<<< HEAD +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + full_url: 'https://{{location}}-gkemulticloud.googleapis.com/v1/{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: 'true' + allowed: + - 'true' + - 'false' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +autogen_async: false +id_format: 'projects/{{project}}/locations/{{location}}/attachedClusters/{{name}}' +import_format: + ['projects/{{project}}/locations/{{location}}/attachedClusters/{{name}}'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'container_attached_cluster_basic' + primary_resource_name: 'fmt.Sprintf("basic%s", context["random_suffix"])' + primary_resource_id: 'primary' + vars: + name: 'basic' + - !ruby/object:Provider::Terraform::Examples + name: 'container_attached_cluster_full' + primary_resource_name: 'fmt.Sprintf("basic%s", context["random_suffix"])' + primary_resource_id: 'primary' + vars: + name: 'basic' + - !ruby/object:Provider::Terraform::Examples + name: 'container_attached_cluster_ignore_errors' + primary_resource_name: 'fmt.Sprintf("basic%s", context["random_suffix"])' + primary_resource_id: 'primary' +======= docs: id_format: 'projects/{{project}}/locations/{{location}}/attachedClusters/{{name}}' base_url: 'projects/{{project}}/locations/{{location}}/attachedClusters' @@ -66,10 +126,32 @@ examples: - name: 'container_attached_cluster_ignore_errors' primary_resource_id: 'primary' primary_resource_name: 'fmt.Sprintf("basic%s", context["random_suffix"])' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: name: 'basic' ignore_read_extra: - 'deletion_policy' +<<<<<<< HEAD +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: templates/terraform/constants/containerattached_cluster_diff.go.erb + pre_update: templates/terraform/pre_update/containerattached_update.go.erb + pre_delete: templates/terraform/pre_delete/container_attached_deletion_policy.go.erb +virtual_fields: + - !ruby/object:Api::Type::String + name: 'deletion_policy' + description: 'Policy to determine what flags to send on delete. Possible values: DELETE, DELETE_IGNORE_ERRORS' + default_value: DELETE +properties: + - !ruby/object:Api::Type::String + name: location + description: | + The location for the resource + immutable: true + required: true + url_param_only: true + - !ruby/object:Api::Type::String + name: name +======= virtual_fields: - name: 'deletion_policy' description: 'Policy to determine what flags to send on delete. Possible values: DELETE, DELETE_IGNORE_ERRORS' @@ -86,10 +168,21 @@ properties: immutable: true - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of this resource. required: true immutable: true +<<<<<<< HEAD + custom_flatten: templates/terraform/custom_flatten/name_from_self_link.erb + - !ruby/object:Api::Type::String + name: description + description: | + A human readable description of this attached cluster. Cannot be longer + than 255 UTF-8 encoded bytes. + - !ruby/object:Api::Type::NestedObject + name: oidcConfig +======= custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' - name: 'description' type: String @@ -98,6 +191,7 @@ properties: than 255 UTF-8 encoded bytes. - name: 'oidcConfig' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | OIDC discovery information of the target cluster. @@ -112,12 +206,31 @@ properties: `issuer_url` and `jwks`. required: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: issuerUrl +======= - name: 'issuerUrl' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A JSON Web Token (JWT) issuer URI. `issuer` must start with `https://` required: true immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: jwks + description: | + OIDC verification keys in JWKS format (RFC 7517). + immutable: true + - !ruby/object:Api::Type::String + name: platformVersion + description: | + The platform version for the cluster (e.g. `1.23.0-gke.1`). + required: true + - !ruby/object:Api::Type::String + name: distribution +======= - name: 'jwks' type: String description: | @@ -130,48 +243,105 @@ properties: required: true - name: 'distribution' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The Kubernetes distribution of the underlying attached cluster. Supported values: "eks", "aks", "generic". The generic distribution provides the ability to register or migrate any CNCF conformant cluster. required: true immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: clusterRegion +======= - name: 'clusterRegion' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Output only. The region where this cluster runs. For EKS clusters, this is an AWS region. For AKS clusters, this is an Azure region. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: fleet +======= - name: 'fleet' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Fleet configuration. required: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: membership +======= - name: 'membership' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the managed Hub Membership resource associated to this cluster. Membership names are formatted as projects//locations/global/membership/. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: project +======= - name: 'project' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The number of the Fleet host project where this cluster will be registered. required: true immutable: true +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + regex: '^projects/[0-9]+$' + - !ruby/object:Api::Type::String + name: state +======= validation: regex: '^projects/[0-9]+$' - name: 'state' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: uid + description: | + A globally unique identifier for the cluster. + output: true + - !ruby/object:Api::Type::Boolean + name: reconciling + description: | + If set, there are currently changes in flight to the cluster. + output: true + - !ruby/object:Api::Type::String + name: createTime + description: | + Output only. The time at which this cluster was created. + output: true + - !ruby/object:Api::Type::String + name: updateTime + description: | + The time at which this cluster was last updated. + output: true + - !ruby/object:Api::Type::String + name: kubernetesVersion + description: | + The Kubernetes version of the cluster. + output: true + - !ruby/object:Api::Type::KeyValueAnnotations + name: 'annotations' +======= - name: 'uid' type: String description: | @@ -199,6 +369,7 @@ properties: output: true - name: 'annotations' type: KeyValueAnnotations +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of all keys and @@ -206,12 +377,34 @@ properties: and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: workloadIdentityConfig +======= - name: 'workloadIdentityConfig' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Workload Identity settings. output: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: identityProvider + description: | + The ID of the OIDC Identity Provider (IdP) associated to + the Workload Identity Pool. + - !ruby/object:Api::Type::String + name: issuerUri + description: | + The OIDC issuer URL for this cluster. + - !ruby/object:Api::Type::String + name: workloadPool + description: | + The Workload Identity Pool associated to the cluster. + - !ruby/object:Api::Type::NestedObject + name: loggingConfig +======= - name: 'identityProvider' type: String description: | @@ -227,6 +420,7 @@ properties: The Workload Identity Pool associated to the cluster. - name: 'loggingConfig' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Logging configuration. # If the user doesn't specify a loggingConfig, the server will supply a default value. Instead of @@ -237,22 +431,67 @@ properties: # case needs to be ignored. send_empty_value: true allow_empty_object: true +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/containerattached_cluster_empty_logging.go.erb' + diff_suppress_func: 'suppressAttachedClustersLoggingConfigDiff' + properties: + - !ruby/object:Api::Type::NestedObject + name: componentConfig +======= diff_suppress_func: 'suppressAttachedClustersLoggingConfigDiff' custom_expand: 'templates/terraform/custom_expand/containerattached_cluster_empty_logging.go.tmpl' properties: - name: 'componentConfig' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The configuration of the logging components send_empty_value: true allow_empty_object: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: enableComponents +======= - name: 'enableComponents' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The components to be enabled. send_empty_value: true allow_empty_object: true +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::Enum + name: 'component' + description: | + The components of the logging configuration. + values: + - :SYSTEM_COMPONENTS + - :WORKLOADS + - !ruby/object:Api::Type::Array + name: errors + description: | + A set of errors found in the cluster. + output: true + item_type: !ruby/object:Api::Type::NestedObject + name: attachedClusterError + description: | + Describes errors found on attached clusters. + properties: + - !ruby/object:Api::Type::String + name: message + description: | + Human-friendly description of the error. + - !ruby/object:Api::Type::NestedObject + name: authorization + description: | + Configuration related to the cluster RBAC settings. + custom_expand: 'templates/terraform/custom_expand/containerattached_cluster_authorization_user.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/containerattached_cluster_authorization_user.go.erb' + properties: + - !ruby/object:Api::Type::Array + name: adminUsers +======= item_type: type: Enum description: | @@ -283,6 +522,7 @@ properties: properties: - name: 'adminUsers' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Users that can perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the `cluster-admin` ClusterRole @@ -290,10 +530,16 @@ properties: For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: adminGroups +======= item_type: type: String - name: 'adminGroups' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Groups that can perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the `cluster-admin` ClusterRole @@ -301,6 +547,18 @@ properties: For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::NestedObject + name: monitoringConfig + description: | + Monitoring configuration. + allow_empty_object: true + default_from_api: true + properties: + - !ruby/object:Api::Type::NestedObject + name: managedPrometheusConfig +======= item_type: type: String - name: 'monitoringConfig' @@ -312,10 +570,53 @@ properties: properties: - name: 'managedPrometheusConfig' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Enable Google Cloud Managed Service for Prometheus in the cluster. allow_empty_object: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: enabled + description: | + Enable Managed Collection. + - !ruby/object:Api::Type::NestedObject + name: binaryAuthorization + description: | + Binary Authorization configuration. + allow_empty_object: true + default_from_api: true + properties: + - !ruby/object:Api::Type::Enum + name: evaluationMode + description: | + Configure Binary Authorization evaluation mode. + values: + - :DISABLED + - :PROJECT_SINGLETON_POLICY_ENFORCE + - !ruby/object:Api::Type::NestedObject + name: proxyConfig + description: | + Support for proxy configuration. + properties: + - !ruby/object:Api::Type::NestedObject + name: kubernetesSecret + description: | + The Kubernetes Secret resource that contains the HTTP(S) proxy configuration. + properties: + - !ruby/object:Api::Type::String + name: name + required: true + description: | + Name of the kubernetes secret containing the proxy config. + - !ruby/object:Api::Type::String + name: namespace + required: true + description: | + Namespace of the kubernetes secret containing the proxy config. + - !ruby/object:Api::Type::NestedObject + name: securityPostureConfig +======= - name: 'enabled' type: Boolean description: | @@ -356,10 +657,21 @@ properties: required: true - name: 'securityPostureConfig' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Enable/Disable Security Posture API features for the cluster. default_from_api: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: vulnerabilityMode + required: true + description: | + Sets the mode of the Kubernetes security posture API's workload vulnerability scanning. + values: + - :VULNERABILITY_DISABLED + - :VULNERABILITY_ENTERPRISE +======= - name: 'vulnerabilityMode' type: Enum description: | @@ -368,3 +680,4 @@ properties: enum_values: - 'VULNERABILITY_DISABLED' - 'VULNERABILITY_ENTERPRISE' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/containerattached/go_Cluster.yaml b/mmv1/products/containerattached/go_Cluster.yaml new file mode 100644 index 000000000000..aeb083d656a9 --- /dev/null +++ b/mmv1/products/containerattached/go_Cluster.yaml @@ -0,0 +1,371 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Cluster' +description: | + An Anthos cluster running on customer owned infrastructure. +references: + guides: + 'API reference': 'https://cloud.google.com/anthos/clusters/docs/multi-cloud/reference/rest/v1/projects.locations.attachedClusters' + 'Multicloud overview': 'https://cloud.google.com/anthos/clusters/docs/multi-cloud' + api: 'https://cloud.google.com/anthos/clusters/docs/multi-cloud/reference/rest' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/attachedClusters/{{name}}' +base_url: 'projects/{{project}}/locations/{{location}}/attachedClusters' +self_link: 'projects/{{project}}/locations/{{location}}/attachedClusters/{{name}}' +create_url: 'projects/{{project}}/locations/{{location}}/attachedClusters?attached_cluster_id={{name}}' +update_url: 'projects/{{project}}/locations/{{location}}/attachedClusters/{{name}}' +update_verb: 'PATCH' +update_mask: true +delete_url: 'projects/{{project}}/locations/{{location}}/attachedClusters/{{name}}' +import_format: + - 'projects/{{project}}/locations/{{location}}/attachedClusters/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + full_url: 'https://{{location}}-gkemulticloud.googleapis.com/v1/{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error/errors' + message: 'message' +custom_code: + constants: 'templates/terraform/constants/go/containerattached_cluster_diff.go.tmpl' + pre_update: 'templates/terraform/pre_update/go/containerattached_update.go.tmpl' + pre_delete: 'templates/terraform/pre_delete/go/container_attached_deletion_policy.go.tmpl' +examples: + - name: 'container_attached_cluster_basic' + primary_resource_id: 'primary' + primary_resource_name: 'fmt.Sprintf("basic%s", context["random_suffix"])' + vars: + name: 'basic' + - name: 'container_attached_cluster_full' + primary_resource_id: 'primary' + primary_resource_name: 'fmt.Sprintf("basic%s", context["random_suffix"])' + vars: + name: 'basic' + - name: 'container_attached_cluster_ignore_errors' + primary_resource_id: 'primary' + primary_resource_name: 'fmt.Sprintf("basic%s", context["random_suffix"])' + vars: + name: 'basic' + ignore_read_extra: + - 'deletion_policy' +virtual_fields: + - name: 'deletion_policy' + description: 'Policy to determine what flags to send on delete. Possible values: DELETE, DELETE_IGNORE_ERRORS' + type: String + default_value: "DELETE" +parameters: +properties: + - name: 'location' + type: String + description: | + The location for the resource + url_param_only: true + required: true + immutable: true + - name: 'name' + type: String + description: | + The name of this resource. + required: true + immutable: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + - name: 'description' + type: String + description: | + A human readable description of this attached cluster. Cannot be longer + than 255 UTF-8 encoded bytes. + - name: 'oidcConfig' + type: NestedObject + description: | + OIDC discovery information of the target cluster. + + Kubernetes Service Account (KSA) tokens are JWT tokens signed by the cluster + API server. This fields indicates how GCP services + validate KSA tokens in order to allow system workloads (such as GKE Connect + and telemetry agents) to authenticate back to GCP. + + Both clusters with public and private issuer URLs are supported. + Clusters with public issuers only need to specify the `issuer_url` field + while clusters with private issuers need to provide both + `issuer_url` and `jwks`. + required: true + properties: + - name: 'issuerUrl' + type: String + description: | + A JSON Web Token (JWT) issuer URI. `issuer` must start with `https://` + required: true + immutable: true + - name: 'jwks' + type: String + description: | + OIDC verification keys in JWKS format (RFC 7517). + immutable: true + - name: 'platformVersion' + type: String + description: | + The platform version for the cluster (e.g. `1.23.0-gke.1`). + required: true + - name: 'distribution' + type: String + description: | + The Kubernetes distribution of the underlying attached cluster. Supported values: + "eks", "aks", "generic". The generic distribution provides the ability to register + or migrate any CNCF conformant cluster. + required: true + immutable: true + - name: 'clusterRegion' + type: String + description: | + Output only. The region where this cluster runs. + + For EKS clusters, this is an AWS region. For AKS clusters, + this is an Azure region. + output: true + - name: 'fleet' + type: NestedObject + description: | + Fleet configuration. + required: true + properties: + - name: 'membership' + type: String + description: | + The name of the managed Hub Membership resource associated to this + cluster. Membership names are formatted as + projects//locations/global/membership/. + output: true + - name: 'project' + type: String + description: | + The number of the Fleet host project where this cluster will be registered. + required: true + immutable: true + validation: + regex: '^projects/[0-9]+$' + - name: 'state' + type: String + description: | + The current state of the cluster. Possible values: + STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, + DEGRADED + output: true + - name: 'uid' + type: String + description: | + A globally unique identifier for the cluster. + output: true + - name: 'reconciling' + type: Boolean + description: | + If set, there are currently changes in flight to the cluster. + output: true + - name: 'createTime' + type: String + description: | + Output only. The time at which this cluster was created. + output: true + - name: 'updateTime' + type: String + description: | + The time at which this cluster was last updated. + output: true + - name: 'kubernetesVersion' + type: String + description: | + The Kubernetes version of the cluster. + output: true + - name: 'annotations' + type: KeyValueAnnotations + description: | + Optional. Annotations on the cluster. This field has the same + restrictions as Kubernetes annotations. The total size of all keys and + values combined is limited to 256k. Key can have 2 segments: prefix (optional) + and name (required), separated by a slash (/). Prefix must be a DNS subdomain. + Name must be 63 characters or less, begin and end with alphanumerics, + with dashes (-), underscores (_), dots (.), and alphanumerics between. + - name: 'workloadIdentityConfig' + type: NestedObject + description: | + Workload Identity settings. + output: true + properties: + - name: 'identityProvider' + type: String + description: | + The ID of the OIDC Identity Provider (IdP) associated to + the Workload Identity Pool. + - name: 'issuerUri' + type: String + description: | + The OIDC issuer URL for this cluster. + - name: 'workloadPool' + type: String + description: | + The Workload Identity Pool associated to the cluster. + - name: 'loggingConfig' + type: NestedObject + description: | + Logging configuration. + # If the user doesn't specify a loggingConfig, the server will supply a default value. Instead of + # letting that happen and allowing the config and state to get mismatched, just manually send an + # empty object if the user doesn't set anything and require the user to explicitly set the field if a + # value is desired. + # If the loggingConfig passed to the server is empty, an empty object is returned, so the diff in that + # case needs to be ignored. + send_empty_value: true + allow_empty_object: true + diff_suppress_func: 'suppressAttachedClustersLoggingConfigDiff' + custom_expand: 'templates/terraform/custom_expand/go/containerattached_cluster_empty_logging.go.tmpl' + properties: + - name: 'componentConfig' + type: NestedObject + description: | + The configuration of the logging components + send_empty_value: true + allow_empty_object: true + properties: + - name: 'enableComponents' + type: Array + description: | + The components to be enabled. + send_empty_value: true + allow_empty_object: true + item_type: + type: Enum + description: | + The components of the logging configuration. + enum_values: + - 'SYSTEM_COMPONENTS' + - 'WORKLOADS' + - name: 'errors' + type: Array + description: | + A set of errors found in the cluster. + output: true + item_type: + description: | + Describes errors found on attached clusters. + type: NestedObject + properties: + - name: 'message' + type: String + description: | + Human-friendly description of the error. + - name: 'authorization' + type: NestedObject + description: | + Configuration related to the cluster RBAC settings. + custom_flatten: 'templates/terraform/custom_flatten/go/containerattached_cluster_authorization_user.go.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/containerattached_cluster_authorization_user.go.tmpl' + properties: + - name: 'adminUsers' + type: Array + description: | + Users that can perform operations as a cluster admin. A managed + ClusterRoleBinding will be created to grant the `cluster-admin` ClusterRole + to the users. Up to ten admin users can be provided. + + For more info on RBAC, see + https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles + item_type: + type: String + - name: 'adminGroups' + type: Array + description: | + Groups that can perform operations as a cluster admin. A managed + ClusterRoleBinding will be created to grant the `cluster-admin` ClusterRole + to the groups. Up to ten admin groups can be provided. + + For more info on RBAC, see + https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles + item_type: + type: String + - name: 'monitoringConfig' + type: NestedObject + description: | + Monitoring configuration. + default_from_api: true + allow_empty_object: true + properties: + - name: 'managedPrometheusConfig' + type: NestedObject + description: | + Enable Google Cloud Managed Service for Prometheus in the cluster. + allow_empty_object: true + properties: + - name: 'enabled' + type: Boolean + description: | + Enable Managed Collection. + - name: 'binaryAuthorization' + type: NestedObject + description: | + Binary Authorization configuration. + default_from_api: true + allow_empty_object: true + properties: + - name: 'evaluationMode' + type: Enum + description: | + Configure Binary Authorization evaluation mode. + enum_values: + - 'DISABLED' + - 'PROJECT_SINGLETON_POLICY_ENFORCE' + - name: 'proxyConfig' + type: NestedObject + description: | + Support for proxy configuration. + properties: + - name: 'kubernetesSecret' + type: NestedObject + description: | + The Kubernetes Secret resource that contains the HTTP(S) proxy configuration. + properties: + - name: 'name' + type: String + description: | + Name of the kubernetes secret containing the proxy config. + required: true + - name: 'namespace' + type: String + description: | + Namespace of the kubernetes secret containing the proxy config. + required: true + - name: 'securityPostureConfig' + type: NestedObject + description: | + Enable/Disable Security Posture API features for the cluster. + default_from_api: true + properties: + - name: 'vulnerabilityMode' + type: Enum + description: | + Sets the mode of the Kubernetes security posture API's workload vulnerability scanning. + required: true + enum_values: + - 'VULNERABILITY_DISABLED' + - 'VULNERABILITY_ENTERPRISE' diff --git a/mmv1/products/containerattached/go_product.yaml b/mmv1/products/containerattached/go_product.yaml new file mode 100644 index 000000000000..17c5a7046f57 --- /dev/null +++ b/mmv1/products/containerattached/go_product.yaml @@ -0,0 +1,22 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'ContainerAttached' +display_name: 'ContainerAttached' +versions: + - name: 'ga' + base_url: 'https://{{location}}-gkemulticloud.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/containerattached/product.yaml b/mmv1/products/containerattached/product.yaml index ba2795bcd1e4..a74b589d8e2a 100644 --- a/mmv1/products/containerattached/product.yaml +++ b/mmv1/products/containerattached/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2022 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,17 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: ContainerAttached +display_name: ContainerAttached +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://{{location}}-gkemulticloud.googleapis.com/v1/ +scopes: + - https://www.googleapis.com/auth/cloud-platform +======= --- name: 'ContainerAttached' display_name: 'ContainerAttached' @@ -19,3 +34,4 @@ versions: base_url: 'https://{{location}}-gkemulticloud.googleapis.com/v1/' scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/databasemigrationservice/ConnectionProfile.yaml b/mmv1/products/databasemigrationservice/ConnectionProfile.yaml index 86dfe9d63612..65a8a0594029 100644 --- a/mmv1/products/databasemigrationservice/ConnectionProfile.yaml +++ b/mmv1/products/databasemigrationservice/ConnectionProfile.yaml @@ -1,16 +1,73 @@ +<<<<<<< HEAD +# Copyright 2022 Google Inc. +# Licensed under the Apache License, Version 2.0 (the 'License'); +======= # Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software +<<<<<<< HEAD +# distributed under the License is distributed on an 'AS IS' BASIS, +======= # distributed under the License is distributed on an "AS IS" BASIS, +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'ConnectionProfile' +self_link: 'projects/{{project}}/locations/{{location}}/connectionProfiles/{{connection_profile_id}}' +import_format: + [ + 'projects/{{project}}/locations/{{location}}/connectionProfiles/{{connection_profile_id}}', + ] +base_url: 'projects/{{project}}/locations/{{location}}/connectionProfiles' +create_url: 'projects/{{project}}/locations/{{location}}/connectionProfiles?connectionProfileId={{connection_profile_id}}' +update_verb: :PATCH +update_mask: true +description: 'A connection profile definition.' +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Database Migration': 'https://cloud.google.com/database-migration/docs/' + api: 'https://cloud.google.com/database-migration/docs/reference/rest/v1/projects.locations.connectionProfiles/create' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + timeouts: !ruby/object:Api::Timeouts + insert_minutes: 60 + update_minutes: 60 + delete_minutes: 60 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +autogen_async: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'database_migration_service_connection_profile_cloudsql' + primary_resource_id: 'cloudsqlprofile' + ignore_read_extra: + - 'mysql.0.password' + - 'mysql.0.ssl.0.ca_certificate' + - 'mysql.0.ssl.0.client_certificate' + - 'mysql.0.ssl.0.client_key' +======= --- name: 'ConnectionProfile' description: 'A connection profile definition.' @@ -52,6 +109,7 @@ custom_code: examples: - name: 'database_migration_service_connection_profile_cloudsql' primary_resource_id: 'cloudsqlprofile' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: sqldb: 'my-database' sqldb_cert: 'my-cert' @@ -59,6 +117,16 @@ examples: sqldb_pass: 'my-password' from_profile: 'my-fromprofileid' to_profile: 'my-toprofileid' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'database_migration_service_connection_profile_postgres' + primary_resource_id: 'postgresprofile' + ignore_read_extra: + - 'postgresql.0.password' + - 'postgresql.0.ssl.0.ca_certificate' + - 'postgresql.0.ssl.0.client_certificate' + - 'postgresql.0.ssl.0.client_key' +======= ignore_read_extra: - 'mysql.0.password' - 'mysql.0.ssl.0.ca_certificate' @@ -66,12 +134,28 @@ examples: - 'mysql.0.ssl.0.client_key' - name: 'database_migration_service_connection_profile_postgres' primary_resource_id: 'postgresprofile' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: sqldb: 'my-database' sqldb_cert: 'my-cert' sqldb_user: 'my-username' sqldb_pass: 'my-password' profile: 'my-profileid' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'database_migration_service_connection_profile_oracle' + primary_resource_id: 'oracleprofile' + ignore_read_extra: + - 'oracle.0.password' + vars: + profile: 'my-profileid' + skip_test: true + - !ruby/object:Provider::Terraform::Examples + name: 'database_migration_service_connection_profile_alloydb' + primary_resource_id: 'alloydbprofile' + ignore_read_extra: + - 'alloydb.0.settings.0.initial_user.0.password' +======= ignore_read_extra: - 'postgresql.0.password' - 'postgresql.0.ssl.0.ca_certificate' @@ -86,29 +170,91 @@ examples: exclude_test: true - name: 'database_migration_service_connection_profile_alloydb' primary_resource_id: 'alloydbprofile' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: profile: 'my-profileid' global_address_name: 'private-ip-alloc' network_name: 'vpc-network' +<<<<<<< HEAD + skip_test: true + - !ruby/object:Provider::Terraform::Examples + name: 'database_migration_service_connection_profile_existing_mysql' +======= ignore_read_extra: - 'alloydb.0.settings.0.initial_user.0.password' exclude_test: true - name: 'database_migration_service_connection_profile_existing_mysql' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'existing-mysql' vars: destination_csql: 'destination-csql' destination_cp: 'destination-cp' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'database_migration_service_connection_profile_existing_postgres' +======= - name: 'database_migration_service_connection_profile_existing_postgres' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'existing-psql' vars: destination_csql: 'destination-csql' destination_cp: 'destination-cp' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'database_migration_service_connection_profile_existing_alloydb' +======= - name: 'database_migration_service_connection_profile_existing_alloydb' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'existing-alloydb' vars: destination_alloydb: 'destination-alloydb' destination_cp: 'destination-cp' parameters: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'connectionProfileId' + required: true + immutable: true + url_param_only: true + description: | + The ID of the connection profile. + - !ruby/object:Api::Type::String + name: 'location' + immutable: true + url_param_only: true + description: | + The location where the connection profile should reside. +properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + The name of this connection profile resource in the form of projects/{project}/locations/{location}/connectionProfiles/{connectionProfile}. + - !ruby/object:Api::Type::String + name: 'displayName' + description: | + The connection profile display name. + - !ruby/object:Api::Type::Time + name: 'createTime' + output: true + description: | + Output only. The timestamp when the resource was created. A timestamp in RFC3339 UTC 'Zulu' format, accurate to nanoseconds. Example: '2014-10-02T15:01:23.045123456Z'. + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: | + The resource labels for connection profile to use to annotate any related underlying resources such as Compute Engine VMs. + - !ruby/object:Api::Type::Enum + name: 'state' + output: true + description: | + The current connection profile state. + values: + - :DRAFT + - :READY + - :FAILED + - !ruby/object:Api::Type::NestedObject + name: 'error' +======= - name: 'connectionProfileId' type: String description: | @@ -152,10 +298,156 @@ properties: - 'FAILED' - name: 'error' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Output only. The error details in case of state FAILED. output: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'code' + output: true + description: | + The status code, which should be an enum value of google.rpc.Code. + - !ruby/object:Api::Type::String + name: 'message' + output: true + description: | + Human readable message indicating details about the current status. + - !ruby/object:Api::Type::Array + name: 'details' + description: | + A list of messages that carry the error details. + item_type: Api::Type::KeyValuePairs + output: true + - !ruby/object:Api::Type::Enum + name: 'dbprovider' + output: true + description: | + The database provider. + api_name: provider + values: + - :CLOUDSQL + - :RDS + - :AURORA + - :ALLOYDB + - !ruby/object:Api::Type::NestedObject + name: 'mysql' + description: | + Specifies connection parameters required specifically for MySQL databases. + exactly_one_of: + - mysql + - postgresql + - oracle + - cloudsql + - alloydb + properties: + - !ruby/object:Api::Type::String + name: 'host' + required_with: + - 'mysql.0.port' + - 'mysql.0.username' + description: | + The IP or hostname of the source MySQL database. + - !ruby/object:Api::Type::Integer + name: 'port' + required_with: + - 'mysql.0.host' + - 'mysql.0.username' + description: | + The network port of the source MySQL database. + - !ruby/object:Api::Type::String + name: 'username' + required_with: + - 'mysql.0.host' + - 'mysql.0.port' + description: | + The username that Database Migration Service will use to connect to the database. The value is encrypted when stored in Database Migration Service. + - !ruby/object:Api::Type::String + name: 'password' + immutable: true + description: | + Input only. The password for the user that Database Migration Service will be using to connect to the database. + This field is not returned on request, and the value is encrypted when stored in Database Migration Service. + sensitive: true + custom_flatten: templates/terraform/custom_flatten/database_migration_service_connection_profile_mysql_password.go.erb + - !ruby/object:Api::Type::Boolean + name: 'passwordSet' + output: true + description: | + Output only. Indicates If this connection profile password is stored. + - !ruby/object:Api::Type::NestedObject + name: 'ssl' + description: | + SSL configuration for the destination to connect to the source database. + properties: + - !ruby/object:Api::Type::Enum + name: 'type' + output: true + description: | + The current connection profile state. + values: + - :SERVER_ONLY + - :SERVER_CLIENT + - !ruby/object:Api::Type::String + name: 'clientKey' + immutable: true + description: | + Input only. The unencrypted PKCS#1 or PKCS#8 PEM-encoded private key associated with the Client Certificate. + If this field is used then the 'clientCertificate' field is mandatory. + sensitive: true + custom_flatten: templates/terraform/custom_flatten/database_migration_service_connection_profile_mysql_ssl_client_key.go.erb + - !ruby/object:Api::Type::String + name: 'clientCertificate' + immutable: true + description: | + Input only. The x509 PEM-encoded certificate that will be used by the replica to authenticate against the source database server. + If this field is used then the 'clientKey' field is mandatory + sensitive: true + custom_flatten: templates/terraform/custom_flatten/database_migration_service_connection_profile_mysql_ssl_client_certificate.go.erb + - !ruby/object:Api::Type::String + name: 'caCertificate' + immutable: true + required: true + sensitive: true + custom_flatten: templates/terraform/custom_flatten/database_migration_service_connection_profile_mysql_ssl_ca_certificate.go.erb + description: | + Required. Input only. The x509 PEM-encoded certificate of the CA that signed the source database server's certificate. + The replica will use this certificate to verify it's connecting to the right host. + - !ruby/object:Api::Type::String + name: 'cloudSqlId' + description: | + If the source is a Cloud SQL database, use this field to provide the Cloud SQL instance ID of the source. + - !ruby/object:Api::Type::NestedObject + name: 'postgresql' + description: | + Specifies connection parameters required specifically for PostgreSQL databases. + exactly_one_of: + - mysql + - postgresql + - oracle + - cloudsql + - alloydb + properties: + - !ruby/object:Api::Type::String + name: 'host' + required_with: + - 'postgresql.0.port' + - 'postgresql.0.username' + - 'postgresql.0.password' + description: | + The IP or hostname of the source MySQL database. + - !ruby/object:Api::Type::Integer + name: 'port' + required_with: + - 'postgresql.0.host' + - 'postgresql.0.username' + - 'postgresql.0.password' + description: | + The network port of the source MySQL database. + - !ruby/object:Api::Type::String + name: 'username' +======= - name: 'code' type: Integer description: | @@ -302,10 +594,181 @@ properties: type: String description: | The username that Database Migration Service will use to connect to the database. The value is encrypted when stored in Database Migration Service. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 required_with: - 'postgresql.0.host' - 'postgresql.0.port' - 'postgresql.0.password' +<<<<<<< HEAD + description: | + The username that Database Migration Service will use to connect to the database. The value is encrypted when stored in Database Migration Service. + - !ruby/object:Api::Type::String + name: 'password' + required_with: + - 'postgresql.0.host' + - 'postgresql.0.port' + - 'postgresql.0.username' + immutable: true + description: | + Input only. The password for the user that Database Migration Service will be using to connect to the database. + This field is not returned on request, and the value is encrypted when stored in Database Migration Service. + sensitive: true + custom_flatten: templates/terraform/custom_flatten/database_migration_service_connection_profile_postgresql_password.go.erb + - !ruby/object:Api::Type::Boolean + name: 'passwordSet' + output: true + description: | + Output only. Indicates If this connection profile password is stored. + - !ruby/object:Api::Type::NestedObject + name: 'ssl' + description: | + SSL configuration for the destination to connect to the source database. + properties: + - !ruby/object:Api::Type::Enum + name: 'type' + output: true + description: | + The current connection profile state. + values: + - :SERVER_ONLY + - :SERVER_CLIENT + - !ruby/object:Api::Type::String + name: 'clientKey' + immutable: true + required_with: + - client_certificate + description: | + Input only. The unencrypted PKCS#1 or PKCS#8 PEM-encoded private key associated with the Client Certificate. + If this field is used then the 'clientCertificate' field is mandatory. + sensitive: true + custom_flatten: templates/terraform/custom_flatten/database_migration_service_connection_profile_postgresql_ssl_client_key.go.erb + - !ruby/object:Api::Type::String + name: 'clientCertificate' + immutable: true + required_with: + - client_key + description: | + Input only. The x509 PEM-encoded certificate that will be used by the replica to authenticate against the source database server. + If this field is used then the 'clientKey' field is mandatory + sensitive: true + custom_flatten: templates/terraform/custom_flatten/database_migration_service_connection_profile_postgresql_ssl_client_certificate.go.erb + - !ruby/object:Api::Type::String + name: 'caCertificate' + immutable: true + required: true + sensitive: true + custom_flatten: templates/terraform/custom_flatten/database_migration_service_connection_profile_postgresql_ssl_ca_certificate.go.erb + description: | + Required. Input only. The x509 PEM-encoded certificate of the CA that signed the source database server's certificate. + The replica will use this certificate to verify it's connecting to the right host. + - !ruby/object:Api::Type::String + name: 'cloudSqlId' + description: | + If the source is a Cloud SQL database, use this field to provide the Cloud SQL instance ID of the source. + - !ruby/object:Api::Type::String + name: 'alloydbClusterId' + description: | + If the connected database is an AlloyDB instance, use this field to provide the AlloyDB cluster ID. + - !ruby/object:Api::Type::Enum + name: 'networkArchitecture' + output: true + description: | + Output only. If the source is a Cloud SQL database, this field indicates the network architecture it's associated with. + values: + - :NETWORK_ARCHITECTURE_OLD_CSQL_PRODUCER + - :NETWORK_ARCHITECTURE_NEW_CSQL_PRODUCER + - !ruby/object:Api::Type::NestedObject + name: 'oracle' + description: | + Specifies connection parameters required specifically for Oracle databases. + exactly_one_of: + - mysql + - postgresql + - oracle + - cloudsql + - alloydb + properties: + - !ruby/object:Api::Type::String + name: 'host' + required: true + description: | + Required. The IP or hostname of the source Oracle database. + - !ruby/object:Api::Type::Integer + name: 'port' + required: true + description: | + Required. The network port of the source Oracle database. + - !ruby/object:Api::Type::String + name: 'username' + required: true + description: | + Required. The username that Database Migration Service will use to connect to the database. The value is encrypted when stored in Database Migration Service. + - !ruby/object:Api::Type::String + name: 'password' + required: true + immutable: true + description: | + Required. Input only. The password for the user that Database Migration Service will be using to connect to the database. + This field is not returned on request, and the value is encrypted when stored in Database Migration Service. + sensitive: true + custom_flatten: templates/terraform/custom_flatten/database_migration_service_connection_profile_oracle_password.go.erb + - !ruby/object:Api::Type::Boolean + name: 'passwordSet' + output: true + description: | + Output only. Indicates If this connection profile password is stored. + - !ruby/object:Api::Type::String + name: 'databaseService' + required: true + description: | + Required. Database service for the Oracle connection. + - !ruby/object:Api::Type::NestedObject + name: 'ssl' + description: | + SSL configuration for the destination to connect to the source database. + properties: + - !ruby/object:Api::Type::Enum + name: 'type' + output: true + description: | + The current connection profile state. + values: + - :SERVER_ONLY + - :SERVER_CLIENT + - !ruby/object:Api::Type::String + name: 'clientKey' + immutable: true + required_with: + - client_certificate + description: | + Input only. The unencrypted PKCS#1 or PKCS#8 PEM-encoded private key associated with the Client Certificate. + If this field is used then the 'clientCertificate' field is mandatory. + sensitive: true + custom_flatten: templates/terraform/custom_flatten/database_migration_service_connection_profile_oracle_ssl_client_key.go.erb + - !ruby/object:Api::Type::String + name: 'clientCertificate' + immutable: true + required_with: + - client_key + description: | + Input only. The x509 PEM-encoded certificate that will be used by the replica to authenticate against the source database server. + If this field is used then the 'clientKey' field is mandatory + sensitive: true + custom_flatten: templates/terraform/custom_flatten/database_migration_service_connection_profile_oracle_ssl_client_certificate.go.erb + - !ruby/object:Api::Type::String + name: 'caCertificate' + immutable: true + required: true + sensitive: true + custom_flatten: templates/terraform/custom_flatten/database_migration_service_connection_profile_oracle_ssl_ca_certificate.go.erb + description: | + Required. Input only. The x509 PEM-encoded certificate of the CA that signed the source database server's certificate. + The replica will use this certificate to verify it's connecting to the right host. + - !ruby/object:Api::Type::NestedObject + name: 'staticServiceIpConnectivity' + send_empty_value: true + allow_empty_object: true +======= - name: 'password' type: String description: | @@ -470,10 +933,325 @@ properties: custom_flatten: 'templates/terraform/custom_flatten/database_migration_service_connection_profile_oracle_ssl_ca_certificate.go.tmpl' - name: 'staticServiceIpConnectivity' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This object has no nested fields. Static IP address connectivity configured on service project. +<<<<<<< HEAD + properties: [] + exactly_one_of: + - static_service_ip_connectivity + - forward_ssh_connectivity + - private_connectivity + - !ruby/object:Api::Type::NestedObject + name: 'forwardSshConnectivity' + description: | + SSL configuration for the destination to connect to the source database. + exactly_one_of: + - static_service_ip_connectivity + - forward_ssh_connectivity + - private_connectivity + properties: + - !ruby/object:Api::Type::String + name: 'hostname' + required: true + description: | + Required. Hostname for the SSH tunnel. + - !ruby/object:Api::Type::String + name: 'username' + required: true + description: | + Required. Username for the SSH tunnel. + - !ruby/object:Api::Type::Integer + name: 'port' + required: true + description: | + Port for the SSH tunnel, default value is 22. + - !ruby/object:Api::Type::String + name: 'password' + immutable: true + sensitive: true + description: | + Input only. SSH password. Only one of `password` and `private_key` can be configured. + exactly_one_of: + - forward_ssh_connectivity.0.password + - forward_ssh_connectivity.0.private_key + custom_flatten: templates/terraform/custom_flatten/database_migration_service_connection_profile_oracle_forward_ssh_password.go.erb + - !ruby/object:Api::Type::String + name: 'privateKey' + immutable: true + sensitive: true + description: | + Input only. SSH private key. Only one of `password` and `private_key` can be configured. + exactly_one_of: + - oracle.0.forward_ssh_connectivity.0.password + - oracle.0.forward_ssh_connectivity.0.private_key + custom_flatten: templates/terraform/custom_flatten/database_migration_service_connection_profile_oracle_forward_ssh_private_key.go.erb + - !ruby/object:Api::Type::NestedObject + name: 'privateConnectivity' + description: | + Configuration for using a private network to communicate with the source database + exactly_one_of: + - oracle.0.static_service_ip_connectivity + - oracle.0.forward_ssh_connectivity + - oracle.0.private_connectivity + properties: + - !ruby/object:Api::Type::String + name: 'privateConnection' + required: true + description: | + Required. The resource name (URI) of the private connection. + - !ruby/object:Api::Type::NestedObject + name: 'cloudsql' + description: | + Specifies required connection parameters, and, optionally, the parameters required to create a Cloud SQL destination database instance. + exactly_one_of: + - mysql + - postgresql + - oracle + - cloudsql + - alloydb + properties: + - !ruby/object:Api::Type::String + name: 'cloudSqlId' + output: true + description: | + Output only. The Cloud SQL instance ID that this connection profile is associated with. + - !ruby/object:Api::Type::NestedObject + name: 'settings' + immutable: true + description: | + Immutable. Metadata used to create the destination Cloud SQL database. + properties: + - !ruby/object:Api::Type::String + name: 'databaseVersion' + description: | + The database engine type and version. + Currently supported values located at https://cloud.google.com/database-migration/docs/reference/rest/v1/projects.locations.connectionProfiles#sqldatabaseversion + - !ruby/object:Api::Type::KeyValuePairs + name: 'userLabels' + description: | + The resource labels for a Cloud SQL instance to use to annotate any related underlying resources such as Compute Engine VMs. + - !ruby/object:Api::Type::String + name: 'tier' + description: | + The tier (or machine type) for this instance, for example: db-n1-standard-1 (MySQL instances) or db-custom-1-3840 (PostgreSQL instances). + For more information, see https://cloud.google.com/sql/docs/mysql/instance-settings + - !ruby/object:Api::Type::String + name: 'storageAutoResizeLimit' + description: | + The maximum size to which storage capacity can be automatically increased. The default value is 0, which specifies that there is no limit. + - !ruby/object:Api::Type::Enum + name: 'activationPolicy' + description: | + The activation policy specifies when the instance is activated; it is applicable only when the instance state is 'RUNNABLE'. + values: + - :ALWAYS + - :NEVER + - !ruby/object:Api::Type::NestedObject + name: 'ipConfig' + description: | + The settings for IP Management. This allows to enable or disable the instance IP and manage which external networks can connect to the instance. The IPv4 address cannot be disabled. + properties: + - !ruby/object:Api::Type::Boolean + name: 'enableIpv4' + description: | + Whether the instance should be assigned an IPv4 address or not. + - !ruby/object:Api::Type::String + name: 'privateNetwork' + description: | + The resource link for the VPC network from which the Cloud SQL instance is accessible for private IP. For example, projects/myProject/global/networks/default. + This setting can be updated, but it cannot be removed after it is set. + - !ruby/object:Api::Type::Boolean + name: 'requireSsl' + description: | + Whether SSL connections over IP should be enforced or not. + - !ruby/object:Api::Type::Array + name: 'authorizedNetworks' + description: | + The list of external networks that are allowed to connect to the instance using the IP. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'value' + description: | + The allowlisted value for the access control list. + required: true + - !ruby/object:Api::Type::String + name: 'label' + description: | + A label to identify this entry. + - !ruby/object:Api::Type::Time + name: 'expireTime' + exactly_one_of: + - expire_time + - ttl + description: | + The time when this access control entry expires in RFC 3339 format. + - !ruby/object:Api::Type::Time + name: 'ttl' + immutable: true + description: | + Input only. The time-to-leave of this access control entry. + - !ruby/object:Api::Type::Boolean + name: 'autoStorageIncrease' + description: | + If you enable this setting, Cloud SQL checks your available storage every 30 seconds. If the available storage falls below a threshold size, Cloud SQL automatically adds additional storage capacity. + If the available storage repeatedly falls below the threshold size, Cloud SQL continues to add storage until it reaches the maximum of 30 TB. + - !ruby/object:Api::Type::KeyValuePairs + name: 'databaseFlags' + description: | + The database flags passed to the Cloud SQL instance at startup. + - !ruby/object:Api::Type::Enum + name: 'dataDiskType' + description: | + The type of storage. + values: + - :PD_SSD + - :PD_HDD + - !ruby/object:Api::Type::String + name: 'dataDiskSizeGb' + description: | + The storage capacity available to the database, in GB. The minimum (and default) size is 10GB. + - !ruby/object:Api::Type::String + name: 'zone' + description: | + The Google Cloud Platform zone where your Cloud SQL datdabse instance is located. + - !ruby/object:Api::Type::String + name: 'sourceId' + required: true + description: | + The Database Migration Service source connection profile ID, in the format: projects/my_project_name/locations/us-central1/connectionProfiles/connection_profile_ID + - !ruby/object:Api::Type::String + name: 'rootPassword' + immutable: true + sensitive: true + custom_flatten: templates/terraform/custom_flatten/database_migration_service_connection_profile_cloudsql_settings_root_password.go.erb + description: | + Input only. Initial root password. + - !ruby/object:Api::Type::Boolean + name: 'rootPasswordSet' + output: true + description: | + Output only. Indicates If this connection profile root password is stored. + - !ruby/object:Api::Type::String + name: 'collation' + description: | + The Cloud SQL default instance level collation. + - !ruby/object:Api::Type::String + name: 'cmekKeyName' + description: | + The KMS key name used for the csql instance. + - !ruby/object:Api::Type::Enum + name: 'edition' + description: | + The edition of the given Cloud SQL instance. + values: + - :ENTERPRISE + - :ENTERPRISE_PLUS + - !ruby/object:Api::Type::String + name: 'privateIp' + output: true + description: | + Output only. The Cloud SQL database instance's private IP. + - !ruby/object:Api::Type::String + name: 'publicIp' + output: true + description: | + Output only. The Cloud SQL database instance's public IP. + - !ruby/object:Api::Type::NestedObject + name: 'alloydb' + description: | + Specifies required connection parameters, and the parameters required to create an AlloyDB destination cluster. + exactly_one_of: + - mysql + - postgresql + - oracle + - cloudsql + - alloydb + properties: + - !ruby/object:Api::Type::String + name: 'clusterId' + required: true + description: | + Required. The AlloyDB cluster ID that this connection profile is associated with. + - !ruby/object:Api::Type::NestedObject + name: 'settings' + immutable: true + description: | + Immutable. Metadata used to create the destination AlloyDB cluster. + properties: + - !ruby/object:Api::Type::NestedObject + name: 'initialUser' + required: true + immutable: true + description: | + Required. Input only. Initial user to setup during cluster creation. + properties: + - !ruby/object:Api::Type::String + name: 'user' + required: true + description: | + The database username. + - !ruby/object:Api::Type::String + name: 'password' + required: true + sensitive: true + custom_flatten: templates/terraform/custom_flatten/database_migration_service_connection_profile_alloydb_settings_initial_user_password.go.erb + description: | + The initial password for the user. + - !ruby/object:Api::Type::Boolean + name: 'passwordSet' + output: true + description: | + Output only. Indicates if the initialUser.password field has been set. + - !ruby/object:Api::Type::String + name: 'vpcNetwork' + required: true + description: | + Required. The resource link for the VPC network in which cluster resources are created and from which they are accessible via Private IP. The network must belong to the same project as the cluster. + It is specified in the form: 'projects/{project_number}/global/networks/{network_id}'. This is required to create a cluster. + - !ruby/object:Api::Type::KeyValuePairs + name: 'labels' + description: | + Labels for the AlloyDB cluster created by DMS. + - !ruby/object:Api::Type::NestedObject + name: 'primaryInstanceSettings' + description: | + Settings for the cluster's primary instance + properties: + - !ruby/object:Api::Type::String + name: 'id' + required: true + description: | + The database username. + - !ruby/object:Api::Type::NestedObject + name: 'machineConfig' + required: true + immutable: true + description: | + Configuration for the machines that host the underlying database engine. + properties: + - !ruby/object:Api::Type::Integer + name: 'cpuCount' + required: true + description: | + The number of CPU's in the VM instance. + - !ruby/object:Api::Type::KeyValuePairs + name: 'databaseFlags' + description: | + Database flags to pass to AlloyDB when DMS is creating the AlloyDB cluster and instances. See the AlloyDB documentation for how these can be used. + - !ruby/object:Api::Type::KeyValuePairs + name: 'labels' + description: | + Labels for the AlloyDB primary instance created by DMS. + - !ruby/object:Api::Type::String + name: 'privateIp' + output: true + description: | + Output only. The private IP address for the Instance. This is the connection endpoint for an end-user application. +======= send_empty_value: true allow_empty_object: true exactly_one_of: @@ -790,3 +1568,4 @@ properties: description: | Output only. The private IP address for the Instance. This is the connection endpoint for an end-user application. output: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/databasemigrationservice/MigrationJob.yaml b/mmv1/products/databasemigrationservice/MigrationJob.yaml index 2dfadf6bd093..d6dc07f2d952 100644 --- a/mmv1/products/databasemigrationservice/MigrationJob.yaml +++ b/mmv1/products/databasemigrationservice/MigrationJob.yaml @@ -11,6 +11,48 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'MigrationJob' +self_link: 'projects/{{project}}/locations/{{location}}/migrationJobs/{{migration_job_id}}' +import_format: + [ + 'projects/{{project}}/locations/{{location}}/migrationJobs/{{migration_job_id}}', + ] +base_url: 'projects/{{project}}/locations/{{location}}/migrationJobs' +create_url: 'projects/{{project}}/locations/{{location}}/migrationJobs?migrationJobId={{migration_job_id}}' +update_verb: :PATCH +update_mask: true +description: 'A migration job definition.' +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Database Migration': 'https://cloud.google.com/database-migration/docs/' + api: 'https://cloud.google.com/database-migration/docs/reference/rest/v1/projects.locations.migrationJobs/create' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + timeouts: !ruby/object:Api::Timeouts + insert_minutes: 60 + update_minutes: 60 + delete_minutes: 60 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +autogen_async: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'database_migration_service_migration_job_mysql_to_mysql' +======= --- name: 'MigrationJob' description: 'A migration job definition.' @@ -51,6 +93,7 @@ async: custom_code: examples: - name: 'database_migration_service_migration_job_mysql_to_mysql' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'mysqltomysql' vars: migration_id: 'my-migrationid' @@ -61,7 +104,12 @@ examples: source_cp: 'source-cp' destination_csql: 'destination-csql' destination_cp: 'destination-cp' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'database_migration_service_migration_job_postgres_to_postgres' +======= - name: 'database_migration_service_migration_job_postgres_to_postgres' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'psqltopsql' vars: migration_id: 'my-migrationid' @@ -72,7 +120,12 @@ examples: source_cp: 'source-cp' destination_csql: 'destination-csql' destination_cp: 'destination-cp' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'database_migration_service_migration_job_postgres_to_alloydb' +======= - name: 'database_migration_service_migration_job_postgres_to_alloydb' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'psqltoalloydb' vars: migration_id: 'my-migrationid' @@ -84,6 +137,66 @@ examples: destination_alloydb: 'destination-alloydb' destination_cp: 'destination-cp' parameters: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'migrationJobId' + required: true + immutable: true + url_param_only: true + description: | + The ID of the migration job. + - !ruby/object:Api::Type::String + name: 'location' + immutable: true + url_param_only: true + description: | + The location where the migration job should reside. +properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + The name of this migration job resource in the form of projects/{project}/locations/{location}/migrationJobs/{migrationJob}. + - !ruby/object:Api::Type::String + name: 'displayName' + description: | + The migration job display name. + - !ruby/object:Api::Type::Time + name: 'createTime' + output: true + description: | + Output only. The timestamp when the resource was created. A timestamp in RFC3339 UTC 'Zulu' format, accurate to nanoseconds. Example: '2014-10-02T15:01:23.045123456Z'. + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: | + The resource labels for migration job to use to annotate any related underlying resources such as Compute Engine VMs. + - !ruby/object:Api::Type::Enum + name: 'state' + output: true + description: | + The current migration job state. + values: + - :DRAFT + - :NOT_STARTED + - :RUNNING + - :COMPLETED + - :STOPPED + - :FAILED + - !ruby/object:Api::Type::Enum + name: 'phase' + output: true + description: | + The current migration job phase. + values: + - :FULL_DUMP + - :CDC + - :PROMOTE_IN_PROGRESS + - :WAITING_FOR_SOURCE_WRITES_TO_STOP + - :PREPARING_THE_DUMP + - :READY_FOR_PROMOTE + - !ruby/object:Api::Type::NestedObject + name: 'error' +======= - name: 'migrationJobId' type: String description: | @@ -142,10 +255,84 @@ properties: - 'READY_FOR_PROMOTE' - name: 'error' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Output only. The error details in case of state FAILED. output: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'code' + output: true + description: | + The status code, which should be an enum value of google.rpc.Code. + - !ruby/object:Api::Type::String + name: 'message' + output: true + description: | + Human readable message indicating details about the current status. + - !ruby/object:Api::Type::Array + name: 'details' + description: | + A list of messages that carry the error details. + item_type: Api::Type::KeyValuePairs + output: true + - !ruby/object:Api::Type::Enum + name: 'type' + description: | + The type of the migration job. + immutable: true + required: true + values: + - :ONE_TIME + - :CONTINUOUS + - !ruby/object:Api::Type::String + name: 'source' + immutable: true + required: true + description: | + The name of the source connection profile resource in the form of projects/{project}/locations/{location}/connectionProfiles/{sourceConnectionProfile}. + - !ruby/object:Api::Type::String + name: 'destination' + immutable: true + required: true + description: | + The name of the destination connection profile resource in the form of projects/{project}/locations/{location}/connectionProfiles/{destinationConnectionProfile}. + - !ruby/object:Api::Type::NestedObject + name: 'dumpFlags' + description: | + The initial dump flags. + properties: + - !ruby/object:Api::Type::Array + name: 'dumpFlags' + description: | + A list of dump flags + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + description: | + The name of the flag + - !ruby/object:Api::Type::String + name: 'value' + description: | + The vale of the flag + - !ruby/object:Api::Type::NestedObject + name: 'performanceConfig' + description: | + Data dump parallelism settings used by the migration. + properties: + - !ruby/object:Api::Type::Enum + name: 'dumpParallelLevel' + description: | + Initial dump parallelism level. + values: + - :MIN + - :OPTIMAL + - :MAX + - !ruby/object:Api::Type::String + name: 'dumpPath' +======= - name: 'code' type: Integer description: | @@ -219,10 +406,23 @@ properties: - 'MAX' - name: 'dumpPath' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The path to the dump file in Google Cloud Storage, in the format: (gs://[BUCKET_NAME]/[OBJECT_NAME]). This field and the "dump_flags" field are mutually exclusive. +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'dumpType' + description: | + The type of the data dump. Supported for MySQL to CloudSQL for MySQL + migrations only. + values: + - :LOGICAL + - :PHYSICAL + - !ruby/object:Api::Type::NestedObject + name: 'staticIpConnectivity' +======= - name: 'dumpType' type: Enum description: | @@ -233,11 +433,57 @@ properties: - 'PHYSICAL' - name: 'staticIpConnectivity' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If set to an empty object (`{}`), the source database will allow incoming connections from the public IP of the destination database. You can retrieve the public IP of the Cloud SQL instance from the Cloud SQL console or using Cloud SQL APIs. +<<<<<<< HEAD + exactly_one_of: + - reverseSshConnectivity + - vpcPeeringConnectivity + allow_empty_object: true + send_empty_value: true + properties: [] + - !ruby/object:Api::Type::NestedObject + name: 'reverseSshConnectivity' + description: | + The details of the VPC network that the source database is located in. + exactly_one_of: + - staticIpConnectivity + - vpcPeeringConnectivity + properties: + - !ruby/object:Api::Type::String + name: 'vmIp' + description: | + The IP of the virtual machine (Compute Engine) used as the bastion server + for the SSH tunnel. + - !ruby/object:Api::Type::Integer + name: 'vmPort' + description: | + The forwarding port of the virtual machine (Compute Engine) used as the + bastion server for the SSH tunnel. + - !ruby/object:Api::Type::String + name: 'vm' + description: | + The name of the virtual machine (Compute Engine) used as the bastion server + for the SSH tunnel. + - !ruby/object:Api::Type::String + name: 'vpc' + description: | + The name of the VPC to peer with the Cloud SQL private network. + - !ruby/object:Api::Type::NestedObject + name: 'vpcPeeringConnectivity' + description: | + The details of the VPC network that the source database is located in. + exactly_one_of: + - staticIpConnectivity + - reverseSshConnectivity + properties: + - !ruby/object:Api::Type::String + name: 'vpc' +======= send_empty_value: true allow_empty_object: true exactly_one_of: @@ -282,5 +528,6 @@ properties: properties: - name: 'vpc' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the VPC network to peer with the Cloud SQL private network. diff --git a/mmv1/products/databasemigrationservice/PrivateConnection.yaml b/mmv1/products/databasemigrationservice/PrivateConnection.yaml index d8238cfe51fe..a17707771ac0 100644 --- a/mmv1/products/databasemigrationservice/PrivateConnection.yaml +++ b/mmv1/products/databasemigrationservice/PrivateConnection.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,37 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'PrivateConnection' +base_url: 'projects/{{project}}/locations/{{location}}/privateConnections' +create_url: 'projects/{{project}}/locations/{{location}}/privateConnections?privateConnectionId={{private_connection_id}}' +self_link: 'projects/{{project}}/locations/{{location}}/privateConnections/{{private_connection_id}}' +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/database-migration/docs/oracle-to-postgresql/create-private-connectivity-configuration' + api: 'https://cloud.google.com/database-migration/docs/reference/rest/v1/projects.locations.privateConnections' +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 +timeouts: !ruby/object:Api::Timeouts + insert_minutes: 60 + delete_minutes: 60 +autogen_async: true +description: | + The PrivateConnection resource is used to establish private connectivity between Database Migration Service and a customer's network. +immutable: true +id_format: projects/{{project}}/locations/{{location}}/privateConnections/{{private_connection_id}} +import_format: + [ + 'projects/{{project}}/locations/{{location}}/privateConnections/{{private_connection_id}}', + ] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'database_migration_service_private_connection' +======= --- name: 'PrivateConnection' description: | @@ -44,11 +79,77 @@ async: custom_code: examples: - name: 'database_migration_service_private_connection' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: private_connection_id: 'my-connection' network_name: 'my-network' parameters: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: privateConnectionId + description: | + The private connectivity identifier. + required: true + immutable: true + url_param_only: true + - !ruby/object:Api::Type::String + name: 'location' + description: | + The name of the location this private connection is located in. + required: true + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: The resource's name. + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: Labels. + - !ruby/object:Api::Type::String + name: 'displayName' + description: Display name. + default_from_api: true + - !ruby/object:Api::Type::String + name: 'state' + description: | + State of the PrivateConnection. + output: true + - !ruby/object:Api::Type::NestedObject + name: 'error' + output: true + description: | + The PrivateConnection error in case of failure. + properties: + - !ruby/object:Api::Type::String + name: 'message' + description: | + A message containing more information about the error that occurred. + - !ruby/object:Api::Type::KeyValuePairs + name: 'details' + description: | + A list of messages that carry the error details. + - !ruby/object:Api::Type::NestedObject + name: 'vpcPeeringConfig' + required: true + description: | + The VPC Peering configuration is used to create VPC peering + between databasemigrationservice and the consumer's VPC. + properties: + - !ruby/object:Api::Type::String + name: 'vpcName' + required: true + description: | + Fully qualified name of the VPC that Database Migration Service will peer to. + Format: projects/{project}/global/{networks}/{name} + - !ruby/object:Api::Type::String + name: 'subnet' + required: true + description: | + A free subnet for peering. (CIDR of /29) +======= - name: 'privateConnectionId' type: String description: | @@ -112,3 +213,4 @@ properties: description: | A free subnet for peering. (CIDR of /29) required: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/databasemigrationservice/go_ConnectionProfile.yaml b/mmv1/products/databasemigrationservice/go_ConnectionProfile.yaml new file mode 100644 index 000000000000..f23bae6bb401 --- /dev/null +++ b/mmv1/products/databasemigrationservice/go_ConnectionProfile.yaml @@ -0,0 +1,793 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'ConnectionProfile' +description: 'A connection profile definition.' +references: + guides: + 'Database Migration': 'https://cloud.google.com/database-migration/docs/' + api: 'https://cloud.google.com/database-migration/docs/reference/rest/v1/projects.locations.connectionProfiles/create' +docs: +base_url: 'projects/{{project}}/locations/{{location}}/connectionProfiles' +self_link: 'projects/{{project}}/locations/{{location}}/connectionProfiles/{{connection_profile_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/connectionProfiles?connectionProfileId={{connection_profile_id}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/connectionProfiles/{{connection_profile_id}}' +timeouts: + insert_minutes: 60 + update_minutes: 60 + delete_minutes: 60 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + timeouts: + insert_minutes: 60 + update_minutes: 60 + delete_minutes: 60 + result: + path: 'response' + resource_inside_response: false + error: + path: 'error' + message: 'message' +custom_code: +examples: + - name: 'database_migration_service_connection_profile_cloudsql' + primary_resource_id: 'cloudsqlprofile' + vars: + sqldb: 'my-database' + sqldb_cert: 'my-cert' + sqldb_user: 'my-username' + sqldb_pass: 'my-password' + from_profile: 'my-fromprofileid' + to_profile: 'my-toprofileid' + ignore_read_extra: + - 'mysql.0.password' + - 'mysql.0.ssl.0.ca_certificate' + - 'mysql.0.ssl.0.client_certificate' + - 'mysql.0.ssl.0.client_key' + - name: 'database_migration_service_connection_profile_postgres' + primary_resource_id: 'postgresprofile' + vars: + sqldb: 'my-database' + sqldb_cert: 'my-cert' + sqldb_user: 'my-username' + sqldb_pass: 'my-password' + profile: 'my-profileid' + ignore_read_extra: + - 'postgresql.0.password' + - 'postgresql.0.ssl.0.ca_certificate' + - 'postgresql.0.ssl.0.client_certificate' + - 'postgresql.0.ssl.0.client_key' + - name: 'database_migration_service_connection_profile_oracle' + primary_resource_id: 'oracleprofile' + vars: + profile: 'my-profileid' + ignore_read_extra: + - 'oracle.0.password' + exclude_test: true + - name: 'database_migration_service_connection_profile_alloydb' + primary_resource_id: 'alloydbprofile' + vars: + profile: 'my-profileid' + global_address_name: 'private-ip-alloc' + network_name: 'vpc-network' + ignore_read_extra: + - 'alloydb.0.settings.0.initial_user.0.password' + exclude_test: true + - name: 'database_migration_service_connection_profile_existing_mysql' + primary_resource_id: 'existing-mysql' + vars: + destination_csql: 'destination-csql' + destination_cp: 'destination-cp' + - name: 'database_migration_service_connection_profile_existing_postgres' + primary_resource_id: 'existing-psql' + vars: + destination_csql: 'destination-csql' + destination_cp: 'destination-cp' + - name: 'database_migration_service_connection_profile_existing_alloydb' + primary_resource_id: 'existing-alloydb' + vars: + destination_alloydb: 'destination-alloydb' + destination_cp: 'destination-cp' +parameters: + - name: 'connectionProfileId' + type: String + description: | + The ID of the connection profile. + url_param_only: true + required: true + immutable: true + - name: 'location' + type: String + description: | + The location where the connection profile should reside. + url_param_only: true + immutable: true +properties: + - name: 'name' + type: String + description: | + The name of this connection profile resource in the form of projects/{project}/locations/{location}/connectionProfiles/{connectionProfile}. + output: true + - name: 'displayName' + type: String + description: | + The connection profile display name. + - name: 'createTime' + type: Time + description: | + Output only. The timestamp when the resource was created. A timestamp in RFC3339 UTC 'Zulu' format, accurate to nanoseconds. Example: '2014-10-02T15:01:23.045123456Z'. + output: true + - name: 'labels' + type: KeyValueLabels + description: | + The resource labels for connection profile to use to annotate any related underlying resources such as Compute Engine VMs. + - name: 'state' + type: Enum + description: | + The current connection profile state. + output: true + enum_values: + - 'DRAFT' + - 'READY' + - 'FAILED' + - name: 'error' + type: NestedObject + description: | + Output only. The error details in case of state FAILED. + output: true + properties: + - name: 'code' + type: Integer + description: | + The status code, which should be an enum value of google.rpc.Code. + output: true + - name: 'message' + type: String + description: | + Human readable message indicating details about the current status. + output: true + - name: 'details' + type: Array + description: | + A list of messages that carry the error details. + output: true + item_type: + type: KeyValuePairs + - name: 'dbprovider' + type: Enum + description: | + The database provider. + api_name: provider + output: true + enum_values: + - 'CLOUDSQL' + - 'RDS' + - 'AURORA' + - 'ALLOYDB' + - name: 'mysql' + type: NestedObject + description: | + Specifies connection parameters required specifically for MySQL databases. + exactly_one_of: + - 'mysql' + - 'postgresql' + - 'oracle' + - 'cloudsql' + - 'alloydb' + properties: + - name: 'host' + type: String + description: | + The IP or hostname of the source MySQL database. + required_with: + - 'mysql.0.port' + - 'mysql.0.username' + - name: 'port' + type: Integer + description: | + The network port of the source MySQL database. + required_with: + - 'mysql.0.host' + - 'mysql.0.username' + - name: 'username' + type: String + description: | + The username that Database Migration Service will use to connect to the database. The value is encrypted when stored in Database Migration Service. + required_with: + - 'mysql.0.host' + - 'mysql.0.port' + - name: 'password' + type: String + description: | + Input only. The password for the user that Database Migration Service will be using to connect to the database. + This field is not returned on request, and the value is encrypted when stored in Database Migration Service. + immutable: true + sensitive: true + custom_flatten: 'templates/terraform/custom_flatten/go/database_migration_service_connection_profile_mysql_password.go.tmpl' + - name: 'passwordSet' + type: Boolean + description: | + Output only. Indicates If this connection profile password is stored. + output: true + - name: 'ssl' + type: NestedObject + description: | + SSL configuration for the destination to connect to the source database. + properties: + - name: 'type' + type: Enum + description: | + The current connection profile state. + output: true + enum_values: + - 'SERVER_ONLY' + - 'SERVER_CLIENT' + - name: 'clientKey' + type: String + description: | + Input only. The unencrypted PKCS#1 or PKCS#8 PEM-encoded private key associated with the Client Certificate. + If this field is used then the 'clientCertificate' field is mandatory. + immutable: true + sensitive: true + custom_flatten: 'templates/terraform/custom_flatten/go/database_migration_service_connection_profile_mysql_ssl_client_key.go.tmpl' + - name: 'clientCertificate' + type: String + description: | + Input only. The x509 PEM-encoded certificate that will be used by the replica to authenticate against the source database server. + If this field is used then the 'clientKey' field is mandatory + immutable: true + sensitive: true + custom_flatten: 'templates/terraform/custom_flatten/go/database_migration_service_connection_profile_mysql_ssl_client_certificate.go.tmpl' + - name: 'caCertificate' + type: String + description: | + Required. Input only. The x509 PEM-encoded certificate of the CA that signed the source database server's certificate. + The replica will use this certificate to verify it's connecting to the right host. + required: true + immutable: true + sensitive: true + custom_flatten: 'templates/terraform/custom_flatten/go/database_migration_service_connection_profile_mysql_ssl_ca_certificate.go.tmpl' + - name: 'cloudSqlId' + type: String + description: | + If the source is a Cloud SQL database, use this field to provide the Cloud SQL instance ID of the source. + - name: 'postgresql' + type: NestedObject + description: | + Specifies connection parameters required specifically for PostgreSQL databases. + exactly_one_of: + - 'mysql' + - 'postgresql' + - 'oracle' + - 'cloudsql' + - 'alloydb' + properties: + - name: 'host' + type: String + description: | + The IP or hostname of the source MySQL database. + required_with: + - 'postgresql.0.port' + - 'postgresql.0.username' + - 'postgresql.0.password' + - name: 'port' + type: Integer + description: | + The network port of the source MySQL database. + required_with: + - 'postgresql.0.host' + - 'postgresql.0.username' + - 'postgresql.0.password' + - name: 'username' + type: String + description: | + The username that Database Migration Service will use to connect to the database. The value is encrypted when stored in Database Migration Service. + required_with: + - 'postgresql.0.host' + - 'postgresql.0.port' + - 'postgresql.0.password' + - name: 'password' + type: String + description: | + Input only. The password for the user that Database Migration Service will be using to connect to the database. + This field is not returned on request, and the value is encrypted when stored in Database Migration Service. + immutable: true + sensitive: true + required_with: + - 'postgresql.0.host' + - 'postgresql.0.port' + - 'postgresql.0.username' + custom_flatten: 'templates/terraform/custom_flatten/go/database_migration_service_connection_profile_postgresql_password.go.tmpl' + - name: 'passwordSet' + type: Boolean + description: | + Output only. Indicates If this connection profile password is stored. + output: true + - name: 'ssl' + type: NestedObject + description: | + SSL configuration for the destination to connect to the source database. + properties: + - name: 'type' + type: Enum + description: | + The current connection profile state. + output: true + enum_values: + - 'SERVER_ONLY' + - 'SERVER_CLIENT' + - name: 'clientKey' + type: String + description: | + Input only. The unencrypted PKCS#1 or PKCS#8 PEM-encoded private key associated with the Client Certificate. + If this field is used then the 'clientCertificate' field is mandatory. + immutable: true + sensitive: true + required_with: + - 'client_certificate' + custom_flatten: 'templates/terraform/custom_flatten/go/database_migration_service_connection_profile_postgresql_ssl_client_key.go.tmpl' + - name: 'clientCertificate' + type: String + description: | + Input only. The x509 PEM-encoded certificate that will be used by the replica to authenticate against the source database server. + If this field is used then the 'clientKey' field is mandatory + immutable: true + sensitive: true + required_with: + - 'client_key' + custom_flatten: 'templates/terraform/custom_flatten/go/database_migration_service_connection_profile_postgresql_ssl_client_certificate.go.tmpl' + - name: 'caCertificate' + type: String + description: | + Required. Input only. The x509 PEM-encoded certificate of the CA that signed the source database server's certificate. + The replica will use this certificate to verify it's connecting to the right host. + required: true + immutable: true + sensitive: true + custom_flatten: 'templates/terraform/custom_flatten/go/database_migration_service_connection_profile_postgresql_ssl_ca_certificate.go.tmpl' + - name: 'cloudSqlId' + type: String + description: | + If the source is a Cloud SQL database, use this field to provide the Cloud SQL instance ID of the source. + - name: 'alloydbClusterId' + type: String + description: | + If the connected database is an AlloyDB instance, use this field to provide the AlloyDB cluster ID. + - name: 'networkArchitecture' + type: Enum + description: | + Output only. If the source is a Cloud SQL database, this field indicates the network architecture it's associated with. + output: true + enum_values: + - 'NETWORK_ARCHITECTURE_OLD_CSQL_PRODUCER' + - 'NETWORK_ARCHITECTURE_NEW_CSQL_PRODUCER' + - name: 'oracle' + type: NestedObject + description: | + Specifies connection parameters required specifically for Oracle databases. + exactly_one_of: + - 'mysql' + - 'postgresql' + - 'oracle' + - 'cloudsql' + - 'alloydb' + properties: + - name: 'host' + type: String + description: | + Required. The IP or hostname of the source Oracle database. + required: true + - name: 'port' + type: Integer + description: | + Required. The network port of the source Oracle database. + required: true + - name: 'username' + type: String + description: | + Required. The username that Database Migration Service will use to connect to the database. The value is encrypted when stored in Database Migration Service. + required: true + - name: 'password' + type: String + description: | + Required. Input only. The password for the user that Database Migration Service will be using to connect to the database. + This field is not returned on request, and the value is encrypted when stored in Database Migration Service. + required: true + immutable: true + sensitive: true + custom_flatten: 'templates/terraform/custom_flatten/go/database_migration_service_connection_profile_oracle_password.go.tmpl' + - name: 'passwordSet' + type: Boolean + description: | + Output only. Indicates If this connection profile password is stored. + output: true + - name: 'databaseService' + type: String + description: | + Required. Database service for the Oracle connection. + required: true + - name: 'ssl' + type: NestedObject + description: | + SSL configuration for the destination to connect to the source database. + properties: + - name: 'type' + type: Enum + description: | + The current connection profile state. + output: true + enum_values: + - 'SERVER_ONLY' + - 'SERVER_CLIENT' + - name: 'clientKey' + type: String + description: | + Input only. The unencrypted PKCS#1 or PKCS#8 PEM-encoded private key associated with the Client Certificate. + If this field is used then the 'clientCertificate' field is mandatory. + immutable: true + sensitive: true + required_with: + - 'client_certificate' + custom_flatten: 'templates/terraform/custom_flatten/go/database_migration_service_connection_profile_oracle_ssl_client_key.go.tmpl' + - name: 'clientCertificate' + type: String + description: | + Input only. The x509 PEM-encoded certificate that will be used by the replica to authenticate against the source database server. + If this field is used then the 'clientKey' field is mandatory + immutable: true + sensitive: true + required_with: + - 'client_key' + custom_flatten: 'templates/terraform/custom_flatten/go/database_migration_service_connection_profile_oracle_ssl_client_certificate.go.tmpl' + - name: 'caCertificate' + type: String + description: | + Required. Input only. The x509 PEM-encoded certificate of the CA that signed the source database server's certificate. + The replica will use this certificate to verify it's connecting to the right host. + required: true + immutable: true + sensitive: true + custom_flatten: 'templates/terraform/custom_flatten/go/database_migration_service_connection_profile_oracle_ssl_ca_certificate.go.tmpl' + - name: 'staticServiceIpConnectivity' + type: NestedObject + description: | + This object has no nested fields. + + Static IP address connectivity configured on service project. + send_empty_value: true + allow_empty_object: true + exactly_one_of: + - 'static_service_ip_connectivity' + - 'forward_ssh_connectivity' + - 'private_connectivity' + properties: + [] + - name: 'forwardSshConnectivity' + type: NestedObject + description: | + SSL configuration for the destination to connect to the source database. + exactly_one_of: + - 'static_service_ip_connectivity' + - 'forward_ssh_connectivity' + - 'private_connectivity' + properties: + - name: 'hostname' + type: String + description: | + Required. Hostname for the SSH tunnel. + required: true + - name: 'username' + type: String + description: | + Required. Username for the SSH tunnel. + required: true + - name: 'port' + type: Integer + description: | + Port for the SSH tunnel, default value is 22. + required: true + - name: 'password' + type: String + description: | + Input only. SSH password. Only one of `password` and `private_key` can be configured. + immutable: true + sensitive: true + exactly_one_of: + - 'forward_ssh_connectivity.0.password' + - 'forward_ssh_connectivity.0.private_key' + custom_flatten: 'templates/terraform/custom_flatten/go/database_migration_service_connection_profile_oracle_forward_ssh_password.go.tmpl' + - name: 'privateKey' + type: String + description: | + Input only. SSH private key. Only one of `password` and `private_key` can be configured. + immutable: true + sensitive: true + exactly_one_of: + - 'oracle.0.forward_ssh_connectivity.0.password' + - 'oracle.0.forward_ssh_connectivity.0.private_key' + custom_flatten: 'templates/terraform/custom_flatten/go/database_migration_service_connection_profile_oracle_forward_ssh_private_key.go.tmpl' + - name: 'privateConnectivity' + type: NestedObject + description: | + Configuration for using a private network to communicate with the source database + exactly_one_of: + - 'oracle.0.static_service_ip_connectivity' + - 'oracle.0.forward_ssh_connectivity' + - 'oracle.0.private_connectivity' + properties: + - name: 'privateConnection' + type: String + description: | + Required. The resource name (URI) of the private connection. + required: true + - name: 'cloudsql' + type: NestedObject + description: | + Specifies required connection parameters, and, optionally, the parameters required to create a Cloud SQL destination database instance. + exactly_one_of: + - 'mysql' + - 'postgresql' + - 'oracle' + - 'cloudsql' + - 'alloydb' + properties: + - name: 'cloudSqlId' + type: String + description: | + Output only. The Cloud SQL instance ID that this connection profile is associated with. + output: true + - name: 'settings' + type: NestedObject + description: | + Immutable. Metadata used to create the destination Cloud SQL database. + immutable: true + properties: + - name: 'databaseVersion' + type: String + description: | + The database engine type and version. + Currently supported values located at https://cloud.google.com/database-migration/docs/reference/rest/v1/projects.locations.connectionProfiles#sqldatabaseversion + - name: 'userLabels' + type: KeyValuePairs + description: | + The resource labels for a Cloud SQL instance to use to annotate any related underlying resources such as Compute Engine VMs. + - name: 'tier' + type: String + description: | + The tier (or machine type) for this instance, for example: db-n1-standard-1 (MySQL instances) or db-custom-1-3840 (PostgreSQL instances). + For more information, see https://cloud.google.com/sql/docs/mysql/instance-settings + - name: 'storageAutoResizeLimit' + type: String + description: | + The maximum size to which storage capacity can be automatically increased. The default value is 0, which specifies that there is no limit. + - name: 'activationPolicy' + type: Enum + description: | + The activation policy specifies when the instance is activated; it is applicable only when the instance state is 'RUNNABLE'. + enum_values: + - 'ALWAYS' + - 'NEVER' + - name: 'ipConfig' + type: NestedObject + description: | + The settings for IP Management. This allows to enable or disable the instance IP and manage which external networks can connect to the instance. The IPv4 address cannot be disabled. + properties: + - name: 'enableIpv4' + type: Boolean + description: | + Whether the instance should be assigned an IPv4 address or not. + - name: 'privateNetwork' + type: String + description: | + The resource link for the VPC network from which the Cloud SQL instance is accessible for private IP. For example, projects/myProject/global/networks/default. + This setting can be updated, but it cannot be removed after it is set. + - name: 'requireSsl' + type: Boolean + description: | + Whether SSL connections over IP should be enforced or not. + - name: 'authorizedNetworks' + type: Array + description: | + The list of external networks that are allowed to connect to the instance using the IP. + item_type: + type: NestedObject + properties: + - name: 'value' + type: String + description: | + The allowlisted value for the access control list. + required: true + - name: 'label' + type: String + description: | + A label to identify this entry. + - name: 'expireTime' + type: Time + description: | + The time when this access control entry expires in RFC 3339 format. + exactly_one_of: + - 'expire_time' + - 'ttl' + - name: 'ttl' + type: Time + description: | + Input only. The time-to-leave of this access control entry. + immutable: true + - name: 'autoStorageIncrease' + type: Boolean + description: | + If you enable this setting, Cloud SQL checks your available storage every 30 seconds. If the available storage falls below a threshold size, Cloud SQL automatically adds additional storage capacity. + If the available storage repeatedly falls below the threshold size, Cloud SQL continues to add storage until it reaches the maximum of 30 TB. + - name: 'databaseFlags' + type: KeyValuePairs + description: | + The database flags passed to the Cloud SQL instance at startup. + - name: 'dataDiskType' + type: Enum + description: | + The type of storage. + enum_values: + - 'PD_SSD' + - 'PD_HDD' + - name: 'dataDiskSizeGb' + type: String + description: | + The storage capacity available to the database, in GB. The minimum (and default) size is 10GB. + - name: 'zone' + type: String + description: | + The Google Cloud Platform zone where your Cloud SQL datdabse instance is located. + - name: 'sourceId' + type: String + description: | + The Database Migration Service source connection profile ID, in the format: projects/my_project_name/locations/us-central1/connectionProfiles/connection_profile_ID + required: true + - name: 'rootPassword' + type: String + description: | + Input only. Initial root password. + immutable: true + sensitive: true + custom_flatten: 'templates/terraform/custom_flatten/go/database_migration_service_connection_profile_cloudsql_settings_root_password.go.tmpl' + - name: 'rootPasswordSet' + type: Boolean + description: | + Output only. Indicates If this connection profile root password is stored. + output: true + - name: 'collation' + type: String + description: | + The Cloud SQL default instance level collation. + - name: 'cmekKeyName' + type: String + description: | + The KMS key name used for the csql instance. + - name: 'edition' + type: Enum + description: | + The edition of the given Cloud SQL instance. + enum_values: + - 'ENTERPRISE' + - 'ENTERPRISE_PLUS' + - name: 'privateIp' + type: String + description: | + Output only. The Cloud SQL database instance's private IP. + output: true + - name: 'publicIp' + type: String + description: | + Output only. The Cloud SQL database instance's public IP. + output: true + - name: 'alloydb' + type: NestedObject + description: | + Specifies required connection parameters, and the parameters required to create an AlloyDB destination cluster. + exactly_one_of: + - 'mysql' + - 'postgresql' + - 'oracle' + - 'cloudsql' + - 'alloydb' + properties: + - name: 'clusterId' + type: String + description: | + Required. The AlloyDB cluster ID that this connection profile is associated with. + required: true + - name: 'settings' + type: NestedObject + description: | + Immutable. Metadata used to create the destination AlloyDB cluster. + immutable: true + properties: + - name: 'initialUser' + type: NestedObject + description: | + Required. Input only. Initial user to setup during cluster creation. + required: true + immutable: true + properties: + - name: 'user' + type: String + description: | + The database username. + required: true + - name: 'password' + type: String + description: | + The initial password for the user. + required: true + sensitive: true + custom_flatten: 'templates/terraform/custom_flatten/go/database_migration_service_connection_profile_alloydb_settings_initial_user_password.go.tmpl' + - name: 'passwordSet' + type: Boolean + description: | + Output only. Indicates if the initialUser.password field has been set. + output: true + - name: 'vpcNetwork' + type: String + description: | + Required. The resource link for the VPC network in which cluster resources are created and from which they are accessible via Private IP. The network must belong to the same project as the cluster. + It is specified in the form: 'projects/{project_number}/global/networks/{network_id}'. This is required to create a cluster. + required: true + - name: 'labels' + type: KeyValuePairs + description: | + Labels for the AlloyDB cluster created by DMS. + - name: 'primaryInstanceSettings' + type: NestedObject + description: | + Settings for the cluster's primary instance + properties: + - name: 'id' + type: String + description: | + The database username. + required: true + - name: 'machineConfig' + type: NestedObject + description: | + Configuration for the machines that host the underlying database engine. + required: true + immutable: true + properties: + - name: 'cpuCount' + type: Integer + description: | + The number of CPU's in the VM instance. + required: true + - name: 'databaseFlags' + type: KeyValuePairs + description: | + Database flags to pass to AlloyDB when DMS is creating the AlloyDB cluster and instances. See the AlloyDB documentation for how these can be used. + - name: 'labels' + type: KeyValuePairs + description: | + Labels for the AlloyDB primary instance created by DMS. + - name: 'privateIp' + type: String + description: | + Output only. The private IP address for the Instance. This is the connection endpoint for an end-user application. + output: true diff --git a/mmv1/products/databasemigrationservice/go_MigrationJob.yaml b/mmv1/products/databasemigrationservice/go_MigrationJob.yaml new file mode 100644 index 000000000000..9ee36ed33961 --- /dev/null +++ b/mmv1/products/databasemigrationservice/go_MigrationJob.yaml @@ -0,0 +1,287 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'MigrationJob' +description: 'A migration job definition.' +references: + guides: + 'Database Migration': 'https://cloud.google.com/database-migration/docs/' + api: 'https://cloud.google.com/database-migration/docs/reference/rest/v1/projects.locations.migrationJobs/create' +docs: +base_url: 'projects/{{project}}/locations/{{location}}/migrationJobs' +self_link: 'projects/{{project}}/locations/{{location}}/migrationJobs/{{migration_job_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/migrationJobs?migrationJobId={{migration_job_id}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/migrationJobs/{{migration_job_id}}' +timeouts: + insert_minutes: 60 + update_minutes: 60 + delete_minutes: 60 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + timeouts: + insert_minutes: 60 + update_minutes: 60 + delete_minutes: 60 + result: + path: 'response' + resource_inside_response: false + error: + path: 'error' + message: 'message' +custom_code: +examples: + - name: 'database_migration_service_migration_job_mysql_to_mysql' + primary_resource_id: 'mysqltomysql' + vars: + migration_id: 'my-migrationid' + source_csql: 'source-csql' + source_sqldb_cert: 'cert' + source_sqldb_user: 'username' + source_sqldb_pass: 'password' + source_cp: 'source-cp' + destination_csql: 'destination-csql' + destination_cp: 'destination-cp' + - name: 'database_migration_service_migration_job_postgres_to_postgres' + primary_resource_id: 'psqltopsql' + vars: + migration_id: 'my-migrationid' + source_csql: 'source-csql' + source_sqldb_cert: 'cert' + source_sqldb_user: 'username' + source_sqldb_pass: 'password' + source_cp: 'source-cp' + destination_csql: 'destination-csql' + destination_cp: 'destination-cp' + - name: 'database_migration_service_migration_job_postgres_to_alloydb' + primary_resource_id: 'psqltoalloydb' + vars: + migration_id: 'my-migrationid' + source_csql: 'source-csql' + source_sqldb_cert: 'cert' + source_sqldb_user: 'username' + source_sqldb_pass: 'password' + source_cp: 'source-cp' + destination_alloydb: 'destination-alloydb' + destination_cp: 'destination-cp' +parameters: + - name: 'migrationJobId' + type: String + description: | + The ID of the migration job. + url_param_only: true + required: true + immutable: true + - name: 'location' + type: String + description: | + The location where the migration job should reside. + url_param_only: true + immutable: true +properties: + - name: 'name' + type: String + description: | + The name of this migration job resource in the form of projects/{project}/locations/{location}/migrationJobs/{migrationJob}. + output: true + - name: 'displayName' + type: String + description: | + The migration job display name. + - name: 'createTime' + type: Time + description: | + Output only. The timestamp when the resource was created. A timestamp in RFC3339 UTC 'Zulu' format, accurate to nanoseconds. Example: '2014-10-02T15:01:23.045123456Z'. + output: true + - name: 'labels' + type: KeyValueLabels + description: | + The resource labels for migration job to use to annotate any related underlying resources such as Compute Engine VMs. + - name: 'state' + type: Enum + description: | + The current migration job state. + output: true + enum_values: + - 'DRAFT' + - 'NOT_STARTED' + - 'RUNNING' + - 'COMPLETED' + - 'STOPPED' + - 'FAILED' + - name: 'phase' + type: Enum + description: | + The current migration job phase. + output: true + enum_values: + - 'FULL_DUMP' + - 'CDC' + - 'PROMOTE_IN_PROGRESS' + - 'WAITING_FOR_SOURCE_WRITES_TO_STOP' + - 'PREPARING_THE_DUMP' + - 'READY_FOR_PROMOTE' + - name: 'error' + type: NestedObject + description: | + Output only. The error details in case of state FAILED. + output: true + properties: + - name: 'code' + type: Integer + description: | + The status code, which should be an enum value of google.rpc.Code. + output: true + - name: 'message' + type: String + description: | + Human readable message indicating details about the current status. + output: true + - name: 'details' + type: Array + description: | + A list of messages that carry the error details. + output: true + item_type: + type: KeyValuePairs + - name: 'type' + type: Enum + description: | + The type of the migration job. + required: true + immutable: true + enum_values: + - 'ONE_TIME' + - 'CONTINUOUS' + - name: 'source' + type: String + description: | + The name of the source connection profile resource in the form of projects/{project}/locations/{location}/connectionProfiles/{sourceConnectionProfile}. + required: true + immutable: true + - name: 'destination' + type: String + description: | + The name of the destination connection profile resource in the form of projects/{project}/locations/{location}/connectionProfiles/{destinationConnectionProfile}. + required: true + immutable: true + - name: 'dumpFlags' + type: NestedObject + description: | + The initial dump flags. + properties: + - name: 'dumpFlags' + type: Array + description: | + A list of dump flags + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + The name of the flag + - name: 'value' + type: String + description: | + The vale of the flag + - name: 'performanceConfig' + type: NestedObject + description: | + Data dump parallelism settings used by the migration. + properties: + - name: 'dumpParallelLevel' + type: Enum + description: | + Initial dump parallelism level. + enum_values: + - 'MIN' + - 'OPTIMAL' + - 'MAX' + - name: 'dumpPath' + type: String + description: | + The path to the dump file in Google Cloud Storage, + in the format: (gs://[BUCKET_NAME]/[OBJECT_NAME]). + This field and the "dump_flags" field are mutually exclusive. + - name: 'dumpType' + type: Enum + description: | + The type of the data dump. Supported for MySQL to CloudSQL for MySQL + migrations only. + enum_values: + - 'LOGICAL' + - 'PHYSICAL' + - name: 'staticIpConnectivity' + type: NestedObject + description: | + If set to an empty object (`{}`), the source database will allow incoming + connections from the public IP of the destination database. + You can retrieve the public IP of the Cloud SQL instance from the + Cloud SQL console or using Cloud SQL APIs. + send_empty_value: true + allow_empty_object: true + exactly_one_of: + - 'reverseSshConnectivity' + - 'vpcPeeringConnectivity' + properties: + [] + - name: 'reverseSshConnectivity' + type: NestedObject + description: | + The details of the VPC network that the source database is located in. + exactly_one_of: + - 'staticIpConnectivity' + - 'vpcPeeringConnectivity' + properties: + - name: 'vmIp' + type: String + description: | + The IP of the virtual machine (Compute Engine) used as the bastion server + for the SSH tunnel. + - name: 'vmPort' + type: Integer + description: | + The forwarding port of the virtual machine (Compute Engine) used as the + bastion server for the SSH tunnel. + - name: 'vm' + type: String + description: | + The name of the virtual machine (Compute Engine) used as the bastion server + for the SSH tunnel. + - name: 'vpc' + type: String + description: | + The name of the VPC to peer with the Cloud SQL private network. + - name: 'vpcPeeringConnectivity' + type: NestedObject + description: | + The details of the VPC network that the source database is located in. + exactly_one_of: + - 'staticIpConnectivity' + - 'reverseSshConnectivity' + properties: + - name: 'vpc' + type: String + description: | + The name of the VPC network to peer with the Cloud SQL private network. diff --git a/mmv1/products/databasemigrationservice/go_PrivateConnection.yaml b/mmv1/products/databasemigrationservice/go_PrivateConnection.yaml new file mode 100644 index 000000000000..b14a6ca551b6 --- /dev/null +++ b/mmv1/products/databasemigrationservice/go_PrivateConnection.yaml @@ -0,0 +1,115 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'PrivateConnection' +description: | + The PrivateConnection resource is used to establish private connectivity between Database Migration Service and a customer's network. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/database-migration/docs/oracle-to-postgresql/create-private-connectivity-configuration' + api: 'https://cloud.google.com/database-migration/docs/reference/rest/v1/projects.locations.privateConnections' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/privateConnections/{{private_connection_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/privateConnections' +self_link: 'projects/{{project}}/locations/{{location}}/privateConnections/{{private_connection_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/privateConnections?privateConnectionId={{private_connection_id}}' +immutable: true +import_format: + - 'projects/{{project}}/locations/{{location}}/privateConnections/{{private_connection_id}}' +timeouts: + insert_minutes: 60 + update_minutes: 20 + delete_minutes: 60 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + resource_inside_response: false +custom_code: +examples: + - name: 'database_migration_service_private_connection' + primary_resource_id: 'default' + vars: + private_connection_id: 'my-connection' + network_name: 'my-network' +parameters: + - name: 'privateConnectionId' + type: String + description: | + The private connectivity identifier. + url_param_only: true + required: true + immutable: true + - name: 'location' + type: String + description: | + The name of the location this private connection is located in. + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: The resource's name. + output: true + - name: 'labels' + type: KeyValueLabels + description: Labels. + - name: 'displayName' + type: String + description: Display name. + default_from_api: true + - name: 'state' + type: String + description: | + State of the PrivateConnection. + output: true + - name: 'error' + type: NestedObject + description: | + The PrivateConnection error in case of failure. + output: true + properties: + - name: 'message' + type: String + description: | + A message containing more information about the error that occurred. + - name: 'details' + type: KeyValuePairs + description: | + A list of messages that carry the error details. + - name: 'vpcPeeringConfig' + type: NestedObject + description: | + The VPC Peering configuration is used to create VPC peering + between databasemigrationservice and the consumer's VPC. + required: true + properties: + - name: 'vpcName' + type: String + description: | + Fully qualified name of the VPC that Database Migration Service will peer to. + Format: projects/{project}/global/{networks}/{name} + required: true + - name: 'subnet' + type: String + description: | + A free subnet for peering. (CIDR of /29) + required: true diff --git a/mmv1/products/databasemigrationservice/go_product.yaml b/mmv1/products/databasemigrationservice/go_product.yaml new file mode 100644 index 000000000000..b76fd0b91286 --- /dev/null +++ b/mmv1/products/databasemigrationservice/go_product.yaml @@ -0,0 +1,22 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'DatabaseMigrationService' +display_name: 'DatabaseMigrationService' +versions: + - name: 'ga' + base_url: 'https://datamigration.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/databasemigrationservice/product.yaml b/mmv1/products/databasemigrationservice/product.yaml index 236e72cdc604..e9ce7a7f8661 100644 --- a/mmv1/products/databasemigrationservice/product.yaml +++ b/mmv1/products/databasemigrationservice/product.yaml @@ -1,16 +1,36 @@ +<<<<<<< HEAD +# Copyright 2022 Google Inc. +# Licensed under the Apache License, Version 2.0 (the 'License'); +======= # Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software +<<<<<<< HEAD +# distributed under the License is distributed on an 'AS IS' BASIS, +======= # distributed under the License is distributed on an "AS IS" BASIS, +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: DatabaseMigrationService +display_name: DatabaseMigrationService +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://datamigration.googleapis.com/v1/ +scopes: + - https://www.googleapis.com/auth/cloud-platform +======= --- name: 'DatabaseMigrationService' display_name: 'DatabaseMigrationService' @@ -19,3 +39,4 @@ versions: base_url: 'https://datamigration.googleapis.com/v1/' scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/datacatalog/Entry.yaml b/mmv1/products/datacatalog/Entry.yaml index 54cbd3c4563b..c5a9037c57ce 100644 --- a/mmv1/products/datacatalog/Entry.yaml +++ b/mmv1/products/datacatalog/Entry.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,8 +15,18 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: "Entry" +base_url: '{{entry_group}}/entries' +create_url: '{{entry_group}}/entries?entryId={{entry_id}}' +self_link: '{{name}}' +update_verb: :PATCH +update_mask: true +======= --- name: 'Entry' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Entry Metadata. A Data Catalog Entry resource represents another resource in Google Cloud Platform (such as a BigQuery dataset or a Pub/Sub topic) or outside of Google Cloud Platform. Clients can use @@ -20,6 +34,17 @@ description: | An Entry resource contains resource details, such as its schema. An Entry can also be used to attach flexible metadata, such as a Tag. +<<<<<<< HEAD +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': https://cloud.google.com/data-catalog/docs + api: https://cloud.google.com/data-catalog/docs/reference/rest/v1/projects.locations.entryGroups.entries +import_format: ['{{name}}'] +supports_indirect_user_project_override: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'data_catalog_entry_basic' +======= references: guides: 'Official Documentation': 'https://cloud.google.com/data-catalog/docs' @@ -41,20 +66,53 @@ custom_code: supports_indirect_user_project_override: true examples: - name: 'data_catalog_entry_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'basic_entry' vars: entry_id: 'my_entry' entry_group_id: 'my_group' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'data_catalog_entry_fileset' +======= - name: 'data_catalog_entry_fileset' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'basic_entry' vars: entry_id: 'my_entry' entry_group_id: 'my_group' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'data_catalog_entry_full' +======= - name: 'data_catalog_entry_full' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'basic_entry' vars: entry_id: 'my_entry' entry_group_id: 'my_group' +<<<<<<< HEAD +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/data_catalog_entry.go.erb +parameters: + - !ruby/object:Api::Type::String + name: entryGroup + required: true + url_param_only: true + immutable: true + description: | + The name of the entry group this entry is in. + - !ruby/object:Api::Type::String + name: entryId + required: true + url_param_only: true + immutable: true + description: | + The id of the entry to create. +properties: + - !ruby/object:Api::Type::String + name: name +======= parameters: - name: 'entryGroup' type: String @@ -73,13 +131,19 @@ parameters: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The Data Catalog resource name of the entry in URL format. Example: projects/{project_id}/locations/{location}/entryGroups/{entryGroupId}/entries/{entryId}. Note that this Entry and its child resources may not actually be stored in the location in this name. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: linkedResource +======= - name: 'linkedResource' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The resource this metadata entry refers to. For Google Cloud Platform resources, linkedResource is the full name of the resource. @@ -88,6 +152,15 @@ properties: Output only when Entry is of type in the EntryType enum. For entries with userSpecifiedType, this field is optional and defaults to an empty string. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: displayName + description: | + Display information such as title and description. A short name to identify the entry, + for example, "Analytics Data - Jan 2011". + - !ruby/object:Api::Type::String + name: description +======= - name: 'displayName' type: String description: | @@ -95,17 +168,45 @@ properties: for example, "Analytics Data - Jan 2011". - name: 'description' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Entry description, which can consist of several sentences or paragraphs that describe entry contents. # This is a string instead of a NestedObject because schemas contain ColumnSchemas, which can contain nested ColumnSchemas. # We'll have people provide the json blob for the schema instead. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: schema +======= - name: 'schema' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Schema of the entry (e.g. BigQuery, GoogleSQL, Avro schema), as a json string. An entry might not have any schema attached to it. See https://cloud.google.com/data-catalog/docs/reference/rest/v1/projects.locations.entryGroups.entries#schema for what fields this schema can contain. +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/json_schema.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::Enum + name: type + description: | + The type of the entry. Only used for Entries with types in the EntryType enum. + Currently, only FILESET enum value is allowed. All other entries created through Data Catalog must use userSpecifiedType. + values: + - :FILESET + immutable: true + exactly_one_of: + - type + - user_specified_type + - !ruby/object:Api::Type::String + name: userSpecifiedType +======= state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' custom_expand: 'templates/terraform/custom_expand/json_schema.tmpl' @@ -124,6 +225,7 @@ properties: - 'FILESET' - name: 'userSpecifiedType' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Entry type if it does not fit any of the input-allowed values listed in EntryType enum above. When creating an entry, users should check the enum values first, if nothing matches the entry @@ -131,6 +233,19 @@ properties: userSpecifiedType strings must begin with a letter or underscore and can only contain letters, numbers, and underscores; are case insensitive; must be at least 1 character and at most 64 characters long. exactly_one_of: +<<<<<<< HEAD + - type + - user_specified_type + validation: !ruby/object:Provider::Terraform::Validation + regex: '^[A-z_][A-z0-9_]{0,63}$' + - !ruby/object:Api::Type::String + name: integratedSystem + description: | + This field indicates the entry's source system that Data Catalog integrates with, such as BigQuery or Pub/Sub. + output: true + - !ruby/object:Api::Type::String + name: userSpecifiedSystem +======= - 'type' - 'user_specified_type' validation: @@ -142,10 +257,22 @@ properties: output: true - name: 'userSpecifiedSystem' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This field indicates the entry's source system that Data Catalog does not integrate with. userSpecifiedSystem strings must begin with a letter or underscore and can only contain letters, numbers, and underscores; are case insensitive; must be at least 1 character and at most 64 characters long. +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + regex: '^[A-z_][A-z0-9_]{0,63}$' + - !ruby/object:Api::Type::NestedObject + name: gcsFilesetSpec + description: | + Specification that applies to a Cloud Storage fileset. This is only valid on entries of type FILESET. + properties: + - !ruby/object:Api::Type::Array + name: filePatterns +======= validation: regex: '^[A-z_][A-z0-9_]{0,63}$' - name: 'gcsFilesetSpec' @@ -155,6 +282,7 @@ properties: properties: - name: 'filePatterns' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Patterns to identify a set of files in Google Cloud Storage. See [Cloud Storage documentation](https://cloud.google.com/storage/docs/gsutil/addlhelp/WildcardNames) @@ -169,6 +297,28 @@ properties: * gs://bucket_name/a/*/b: matches all files in bucket_name that match a/*/b pattern, such as a/c/b, a/d/b * gs://another_bucket/a.txt: matches gs://another_bucket/a.txt required: true +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: sampleGcsFileSpecs + description: | + Sample files contained in this fileset, not all files contained in this fileset are represented here. + output: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: filePath + description: | + The full file path + output: true + - !ruby/object:Api::Type::Integer + name: sizeBytes + description: | + The size of the file, in bytes. + output: true + - !ruby/object:Api::Type::NestedObject + name: bigqueryTableSpec +======= item_type: type: String - name: 'sampleGcsFileSpecs' @@ -191,10 +341,20 @@ properties: output: true - name: 'bigqueryTableSpec' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specification that applies to a BigQuery table. This is only valid on entries of type TABLE. output: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: tableSourceType + description: | + The table source type. + output: true + - !ruby/object:Api::Type::NestedObject + name: viewSpec +======= - name: 'tableSourceType' type: String description: | @@ -202,10 +362,20 @@ properties: output: true - name: 'viewSpec' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Table view specification. This field should only be populated if tableSourceType is BIGQUERY_VIEW. output: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: viewQuery + description: | + The query that defines the table view. + output: true + - !ruby/object:Api::Type::NestedObject + name: tableSpec +======= - name: 'viewQuery' type: String description: | @@ -213,39 +383,65 @@ properties: output: true - name: 'tableSpec' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Spec of a BigQuery table. This field should only be populated if tableSourceType is BIGQUERY_TABLE. output: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: groupedEntry +======= - name: 'groupedEntry' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If the table is a dated shard, i.e., with name pattern [prefix]YYYYMMDD, groupedEntry is the Data Catalog resource name of the date sharded grouped entry, for example, projects/{project_id}/locations/{location}/entrygroups/{entryGroupId}/entries/{entryId}. Otherwise, groupedEntry is empty. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: bigqueryDateShardedSpec +======= - name: 'bigqueryDateShardedSpec' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specification for a group of BigQuery tables with name pattern [prefix]YYYYMMDD. Context: https://cloud.google.com/bigquery/docs/partitioned-tables#partitioning_versus_sharding. output: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: dataset +======= - name: 'dataset' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The Data Catalog resource name of the dataset entry the current table belongs to, for example, projects/{project_id}/locations/{location}/entrygroups/{entryGroupId}/entries/{entryId} output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: tablePrefix +======= - name: 'tablePrefix' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The table name prefix of the shards. The name of any given shard is [tablePrefix]YYYYMMDD, for example, for shard MyTable20180101, the tablePrefix is MyTable. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: shardCount +======= - name: 'shardCount' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Total number of shards. output: true diff --git a/mmv1/products/datacatalog/EntryGroup.yaml b/mmv1/products/datacatalog/EntryGroup.yaml index 8bb73169a681..9ac3626b4450 100644 --- a/mmv1/products/datacatalog/EntryGroup.yaml +++ b/mmv1/products/datacatalog/EntryGroup.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,83 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: EntryGroup +base_url: projects/{{project}}/locations/{{region}}/entryGroups +create_url: projects/{{project}}/locations/{{region}}/entryGroups?entryGroupId={{entry_group_id}} +self_link: '{{name}}' +update_verb: :PATCH +update_mask: true +description: | + An EntryGroup resource represents a logical grouping of zero or more Data Catalog Entry resources. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': https://cloud.google.com/data-catalog/docs + api: https://cloud.google.com/data-catalog/docs/reference/rest/v1/projects.locations.entryGroups +iam_policy: !ruby/object:Api::Resource::IamPolicy + method_name_separator: ':' + fetch_iam_policy_verb: :POST + parent_resource_attribute: 'entry_group' + import_format: + [ + 'projects/{{project}}/locations/{{region}}/entryGroups/{{entry_group}}', + '{{entry_group}}', + ] + base_url: projects/{{project}}/locations/{{region}}/entryGroups/{{entry_group}} +import_format: ['{{name}}'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'data_catalog_entry_group_basic' + primary_resource_id: 'basic_entry_group' + primary_resource_name: "fmt.Sprintf(\"tf_test_my_group%s\", + context[\"random_suffix\"\ + ])" + vars: + entry_group_id: 'my_group' + - !ruby/object:Provider::Terraform::Examples + name: 'data_catalog_entry_group_full' + primary_resource_id: 'basic_entry_group' + primary_resource_name: "fmt.Sprintf(\"tf_test_my_group%s\", + context[\"random_suffix\"\ + ])" + vars: + entry_group_id: 'my_group' +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/data_catalog_entry_group.go.erb +parameters: + - !ruby/object:Api::Type::String + name: region + url_param_only: true + immutable: true + description: | + EntryGroup location region. + ignore_read: true + required: false + default_from_api: true + - !ruby/object:Api::Type::String + name: entryGroupId + required: true + url_param_only: true + immutable: true + description: | + The id of the entry group to create. The id must begin with a letter or underscore, + contain only English letters, numbers and underscores, and be at most 64 characters. + validation: !ruby/object:Provider::Terraform::Validation + regex: '^[A-z_][A-z0-9_]{0,63}$' +properties: + - !ruby/object:Api::Type::String + name: name + description: | + The resource name of the entry group in URL format. Example: projects/{project}/locations/{location}/entryGroups/{entryGroupId} + output: true + - !ruby/object:Api::Type::String + name: displayName + description: | + A short name to identify the entry group, for example, "analytics data - jan 2011". + - !ruby/object:Api::Type::String + name: description +======= --- name: 'EntryGroup' description: | @@ -85,5 +166,6 @@ properties: A short name to identify the entry group, for example, "analytics data - jan 2011". - name: 'description' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Entry group description, which can consist of several sentences or paragraphs that describe entry group contents. diff --git a/mmv1/products/datacatalog/PolicyTag.yaml b/mmv1/products/datacatalog/PolicyTag.yaml index 14115a01eeda..b89d214ef7ad 100644 --- a/mmv1/products/datacatalog/PolicyTag.yaml +++ b/mmv1/products/datacatalog/PolicyTag.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,58 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: PolicyTag +base_url: '{{taxonomy}}/policyTags' +self_link: '{{name}}' +update_verb: :PATCH +update_mask: true +description: | + Denotes one policy tag in a taxonomy. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': https://cloud.google.com/data-catalog/docs + api: https://cloud.google.com/data-catalog/docs/reference/rest/v1/projects.locations.taxonomies.policyTags +iam_policy: !ruby/object:Api::Resource::IamPolicy + skip_import_test: true + method_name_separator: ':' + fetch_iam_policy_verb: :POST + parent_resource_attribute: 'policy_tag' + import_format: ['{{%policy_tag}}'] + base_url: '{{%policy_tag}}' +import_format: ['{{name}}'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'data_catalog_taxonomies_policy_tag_basic' + primary_resource_id: 'basic_policy_tag' + primary_resource_name: "fmt.Sprintf(\"tf_test_my_policy_tag%s\", + context[\"random_suffix\"\ + ])" + vars: + taxonomy_display_name: 'taxonomy_display_name' + - !ruby/object:Provider::Terraform::Examples + name: 'data_catalog_taxonomies_policy_tag_child_policies' + primary_resource_id: 'child_policy' + primary_resource_name: "fmt.Sprintf(\"tf_test_my_child_tag%s\", + context[\"random_suffix\"\ + ])" + vars: + taxonomy_display_name: 'taxonomy_display_name' +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/extract_taxonomy.go.erb +parameters: + - !ruby/object:Api::Type::String + name: taxonomy + url_param_only: true + required: true + immutable: true + description: | + Taxonomy the policy tag is associated with +properties: + - !ruby/object:Api::Type::String + name: 'name' +======= --- name: 'PolicyTag' description: | @@ -63,30 +119,54 @@ parameters: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Resource name of this policy tag, whose format is: "projects/{project}/locations/{region}/taxonomies/{taxonomy}/policyTags/{policytag}" output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'displayName' +======= - name: 'displayName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | User defined name of this policy tag. It must: be unique within the parent taxonomy; contain only unicode letters, numbers, underscores, dashes and spaces; not start or end with spaces; and be at most 200 bytes long when encoded in UTF-8. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'description' +======= - name: 'description' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Description of this policy tag. It must: contain only unicode characters, tabs, newlines, carriage returns and page breaks; and be at most 2000 bytes long when encoded in UTF-8. If not set, defaults to an empty description. If not set, defaults to an empty description. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'parentPolicyTag' +======= - name: 'parentPolicyTag' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Resource name of this policy tag's parent policy tag. If empty, it means this policy tag is a top level policy tag. If not set, defaults to an empty string. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'childPolicyTags' + description: | + Resource names of child policy tags of this policy tag. + item_type: Api::Type::String + output: true +======= - name: 'childPolicyTags' type: Array description: | @@ -94,3 +174,4 @@ properties: output: true item_type: type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/datacatalog/Tag.yaml b/mmv1/products/datacatalog/Tag.yaml index b6f58bebc5e3..21e0aa418024 100644 --- a/mmv1/products/datacatalog/Tag.yaml +++ b/mmv1/products/datacatalog/Tag.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,12 +15,38 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: Tag +base_url: '{{parent}}/tags' +self_link: '{{parent}}/tags' +update_url: '{{name}}' +update_verb: :PATCH +update_mask: true +delete_url: '{{name}}' +read_query_params: '?pageSize=1000' +nested_query: !ruby/object:Api::Resource::NestedQuery + keys: + - tags +======= --- name: 'Tag' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Tags are used to attach custom metadata to Data Catalog resources. Tags conform to the specifications within their tag template. See [Data Catalog IAM](https://cloud.google.com/data-catalog/docs/concepts/iam) for information on the permissions needed to create or view tags. +<<<<<<< HEAD +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': https://cloud.google.com/data-catalog/docs + api: https://cloud.google.com/data-catalog/docs/reference/rest/v1/projects.locations.entryGroups.tags +import_format: ['{{name}}'] +id_format: '{{name}}' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'data_catalog_entry_tag_basic' +======= references: guides: 'Official Documentation': 'https://cloud.google.com/data-catalog/docs' @@ -47,6 +77,7 @@ custom_code: custom_import: 'templates/terraform/custom_import/data_catalog_tag.go.tmpl' examples: - name: 'data_catalog_entry_tag_basic' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'basic_tag' vars: entry_group_id: 'my_entry_group' @@ -54,10 +85,18 @@ examples: tag_template_id: 'my_template' force_delete: 'false' test_vars_overrides: +<<<<<<< HEAD + force_delete: 'true' + oics_vars_overrides: + force_delete: 'true' + - !ruby/object:Provider::Terraform::Examples + name: 'data_catalog_entry_group_tag' +======= 'force_delete': 'true' oics_vars_overrides: 'force_delete': 'true' - name: 'data_catalog_entry_group_tag' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'entry_group_tag' vars: entry_group_id: 'my_entry_group' @@ -66,6 +105,15 @@ examples: tag_template_id: 'my_template' force_delete: 'false' test_vars_overrides: +<<<<<<< HEAD + force_delete: 'true' + oics_vars_overrides: + force_delete: 'true' + - !ruby/object:Provider::Terraform::Examples + name: 'data_catalog_entry_tag_full' + # Multiple fine-grained resources + skip_vcr: true +======= 'force_delete': 'true' oics_vars_overrides: 'force_delete': 'true' @@ -83,6 +131,20 @@ examples: # Multiple fine-grained resources skip_vcr: true - name: 'data_catalog_entry_tag_false' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 + primary_resource_id: 'basic_tag' + vars: + entry_group_id: 'my_entry_group' + entry_id: 'my_entry' + tag_template_id: 'my_template' + force_delete: 'false' + test_vars_overrides: +<<<<<<< HEAD + force_delete: 'true' + oics_vars_overrides: + force_delete: 'true' + - !ruby/object:Provider::Terraform::Examples + name: 'data_catalog_entry_tag_false' primary_resource_id: 'basic_tag' vars: entry_group_id: 'my_entry_group' @@ -90,6 +152,25 @@ examples: tag_template_id: 'my_template' force_delete: 'false' test_vars_overrides: + force_delete: 'true' + oics_vars_overrides: + force_delete: 'true' + skip_docs: true # omitting doc as it is almost identical to the case of data_catalog_entry_tag_basic +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/data_catalog_tag.go.erb + encoder: templates/terraform/encoders/data_catalog_tag.go.erb +parameters: + - !ruby/object:Api::Type::String + name: parent + url_param_only: true + immutable: true + description: | + The name of the parent this tag is attached to. This can be the name of an entry or an entry group. If an entry group, the tag will be attached to + all entries in that group. +properties: + - !ruby/object:Api::Type::String + name: name +======= 'force_delete': 'true' oics_vars_overrides: 'force_delete': 'true' @@ -106,20 +187,36 @@ parameters: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The resource name of the tag in URL format. Example: projects/{project_id}/locations/{location}/entrygroups/{entryGroupId}/entries/{entryId}/tags/{tag_id} or projects/{project_id}/locations/{location}/entrygroups/{entryGroupId}/tags/{tag_id} where tag_id is a system-generated identifier. Note that this Tag may not actually be stored in the location in this name. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: template +======= - name: 'template' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The resource name of the tag template that this tag uses. Example: projects/{project_id}/locations/{location}/tagTemplates/{tagTemplateId} This field cannot be modified after creation. required: true immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: template_displayname + api_name: templateDisplayName + description: | + The display name of the tag template. + output: true + - !ruby/object:Api::Type::Map + name: fields +======= - name: 'template_displayname' type: String description: | @@ -128,10 +225,24 @@ properties: output: true - name: 'fields' type: Map +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | This maps the ID of a tag field to the value of and additional information about that field. Valid field IDs are defined by the tag's template. A tag must have at least 1 field and at most 500 fields. required: true +<<<<<<< HEAD + key_name: field_name + value_type: !ruby/object:Api::Type::NestedObject + name: field_value + properties: + - !ruby/object:Api::Type::String + name: display_name + description: | + The display name of this field + output: true + - !ruby/object:Api::Type::Integer + name: order +======= key_name: 'field_name' value_type: name: field_value @@ -144,11 +255,46 @@ properties: output: true - name: 'order' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The order of this field with respect to other fields in this tag. For example, a higher value can indicate a more important field. The value can be negative. Multiple fields can have the same order, and field orders within a tag do not have to be sequential. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Double + name: doubleValue + description: | + Holds the value for a tag field with double type. + - !ruby/object:Api::Type::String + name: stringValue + description: | + Holds the value for a tag field with string type. + - !ruby/object:Api::Type::Boolean + name: boolValue + send_empty_value: true + description: | + Holds the value for a tag field with boolean type. + - !ruby/object:Api::Type::String + name: timestampValue + description: | + Holds the value for a tag field with timestamp type. + - !ruby/object:Api::Type::NestedObject + name: enumValue + description: | + Holds the value for a tag field with enum type. This value must be one of the allowed values in the definition of this enum. + flatten_object: true + custom_expand: templates/terraform/custom_expand/data_catalog_tag.go.erb + custom_flatten: templates/terraform/custom_flatten/data_catalog_tag.go.erb + properties: + - !ruby/object:Api::Type::String + name: enum_value + api_name: 'displayName' + description: | + The display name of the enum value. + - !ruby/object:Api::Type::String + name: column +======= - name: 'doubleValue' type: Double description: | @@ -181,6 +327,7 @@ properties: api_name: displayName - name: 'column' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Resources like Entry can have schemas associated with them. This scope allows users to attach tags to an individual column based on that schema. diff --git a/mmv1/products/datacatalog/TagTemplate.yaml b/mmv1/products/datacatalog/TagTemplate.yaml index 822062beb9b8..d80aa0c85f76 100644 --- a/mmv1/products/datacatalog/TagTemplate.yaml +++ b/mmv1/products/datacatalog/TagTemplate.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,41 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: TagTemplate +base_url: projects/{{project}}/locations/{{region}}/tagTemplates +self_link: '{{name}}' +create_url: projects/{{project}}/locations/{{region}}/tagTemplates?tagTemplateId={{tag_template_id}} +delete_url: '{{name}}?force={{force_delete}}' +update_verb: :PATCH +description: | + A tag template defines a tag, which can have one or more typed fields. + The template is used to create and attach the tag to GCP resources. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': https://cloud.google.com/data-catalog/docs + api: https://cloud.google.com/data-catalog/docs/reference/rest/v1/projects.locations.tagTemplates +iam_policy: !ruby/object:Api::Resource::IamPolicy + method_name_separator: ':' + fetch_iam_policy_verb: :POST + parent_resource_attribute: 'tag_template' + import_format: + [ + 'projects/{{project}}/locations/{{region}}/tagTemplates/{{tag_template}}', + '{{tag_template}}', + ] + base_url: projects/{{project}}/locations/{{region}}/tagTemplates/{{tag_template}} +import_format: ['{{name}}'] +skip_sweeper: true +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'data_catalog_tag_template_basic' + primary_resource_id: 'basic_tag_template' + primary_resource_name: "fmt.Sprintf(\"tf_test_my_template%s\", + context[\"random_suffix\"\ + ])" +======= --- name: 'TagTemplate' description: | @@ -51,10 +90,82 @@ examples: - name: 'data_catalog_tag_template_basic' primary_resource_id: 'basic_tag_template' primary_resource_name: 'fmt.Sprintf("tf_test_my_template%s", context["random_suffix"])' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: tag_template_id: 'my_template' force_delete: 'false' test_vars_overrides: +<<<<<<< HEAD + force_delete: 'true' + oics_vars_overrides: + force_delete: 'true' +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: 'templates/terraform/custom_import/data_catalog_tag_template.go.erb' + pre_update: 'templates/terraform/pre_update/tagtemplate_fields.go.erb' + post_update: 'templates/terraform/post_update/tagtemplate_fields.go.erb' + constants: 'templates/terraform/constants/tagtemplate_fields.go.erb' +parameters: + - !ruby/object:Api::Type::String + name: region + url_param_only: true + immutable: true + description: | + Template location region. + ignore_read: true + required: false + default_from_api: true + - !ruby/object:Api::Type::String + name: tagTemplateId + required: true + url_param_only: true + immutable: true + description: | + The id of the tag template to create. + validation: !ruby/object:Provider::Terraform::Validation + regex: '^[a-z_][a-z0-9_]{0,63}$' + - !ruby/object:Api::Type::Boolean + name: forceDelete + default_value: false + url_param_only: true + description: | + This confirms the deletion of any possible tags using this template. Must be set to true in order to delete the tag template. +properties: + - !ruby/object:Api::Type::String + name: name + description: | + The resource name of the tag template in URL format. Example: projects/{project_id}/locations/{location}/tagTemplates/{tagTemplateId} + output: true + - !ruby/object:Api::Type::String + name: displayName + description: | + The display name for this template. + - !ruby/object:Api::Type::Map + name: fields + description: | + Set of tag template field IDs and the settings for the field. This set is an exhaustive list of the allowed fields. This set must contain at least one field and at most 500 fields. The change of field_id will be resulting in re-creating of field. The change of primitive_type will be resulting in re-creating of field, however if the field is a required, you cannot update it. + required: true + key_name: field_id + value_type: !ruby/object:Api::Type::NestedObject + name: field + properties: + - !ruby/object:Api::Type::String + name: name + description: | + The resource name of the tag template field in URL format. Example: projects/{project_id}/locations/{location}/tagTemplates/{tagTemplateId}/fields/{field} + output: true + - !ruby/object:Api::Type::String + name: displayName + description: | + The display name for this field. + default_from_api: true + - !ruby/object:Api::Type::String + name: description + description: | + A description for this field. + default_from_api: true + - !ruby/object:Api::Type::NestedObject + name: type +======= 'force_delete': 'true' oics_vars_overrides: 'force_delete': 'true' @@ -120,10 +231,26 @@ properties: default_from_api: true - name: 'type' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The type of value this tag field can contain. required: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: primitiveType + description: | + Represents primitive types - string, bool etc. + Exactly one of `primitive_type` or `enum_type` must be set + values: + - :DOUBLE + - :STRING + - :BOOL + - :TIMESTAMP + default_from_api: true + - !ruby/object:Api::Type::NestedObject + name: enumType +======= - name: 'primitiveType' type: Enum description: | @@ -137,18 +264,42 @@ properties: - 'TIMESTAMP' - name: 'enumType' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Represents an enum type. Exactly one of `primitive_type` or `enum_type` must be set properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: allowedValues +======= - name: 'allowedValues' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The set of allowed values for this enum. The display names of the values must be case-insensitively unique within this set. Currently, enum values can only be added to the list of allowed values. Deletion and renaming of enum values are not supported. Can have up to 500 allowed values. +<<<<<<< HEAD + required: true + is_set: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: displayName + description: | + The display name of the enum value. + required: true + - !ruby/object:Api::Type::Boolean + name: isRequired + description: | + Whether this is a required field. Defaults to false. + default_from_api: true + - !ruby/object:Api::Type::Integer + name: order +======= is_set: true required: true item_type: @@ -166,6 +317,7 @@ properties: default_from_api: true - name: 'order' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The order of this field with respect to other fields in this tag template. A higher value indicates a more important field. The value can be negative. diff --git a/mmv1/products/datacatalog/Taxonomy.yaml b/mmv1/products/datacatalog/Taxonomy.yaml index 7c4d2ecff7e3..20229b53d6d1 100644 --- a/mmv1/products/datacatalog/Taxonomy.yaml +++ b/mmv1/products/datacatalog/Taxonomy.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,57 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: Taxonomy +base_url: projects/{{project}}/locations/{{region}}/taxonomies +self_link: '{{name}}' +update_verb: :PATCH +update_mask: true +description: | + A collection of policy tags that classify data along a common axis. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': https://cloud.google.com/data-catalog/docs + api: https://cloud.google.com/data-catalog/docs/reference/rest/v1/projects.locations.taxonomies +sweeper: !ruby/object:Provider::Terraform::Sweeper + sweepable_identifier_field: 'displayName' +iam_policy: !ruby/object:Api::Resource::IamPolicy + skip_import_test: true + method_name_separator: ':' + fetch_iam_policy_verb: :POST + parent_resource_attribute: 'taxonomy' + import_format: + [ + 'projects/{{project}}/locations/{{region}}/taxonomies/{{taxonomy}}', + '{{taxonomy}}', + ] + base_url: 'projects/{{project}}/locations/{{region}}/taxonomies/{{taxonomy}}' +import_format: ['{{name}}'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'data_catalog_taxonomy_basic' + primary_resource_id: 'basic_taxonomy' + primary_resource_name: "fmt.Sprintf(\"tf_test_my_taxonomy%s\", + context[\"random_suffix\"\ + ])" + vars: + display_name: 'my_taxonomy' +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/data_catalog_taxonomy.go.erb +parameters: + - !ruby/object:Api::Type::String + name: region + url_param_only: true + immutable: true + description: | + Taxonomy location region. + required: false + default_from_api: true +properties: + - !ruby/object:Api::Type::String + name: 'name' +======= --- name: 'Taxonomy' description: | @@ -62,12 +117,18 @@ parameters: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Resource name of this taxonomy, whose format is: "projects/{project}/locations/{region}/taxonomies/{taxonomy}". output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'displayName' +======= - name: 'displayName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | User defined name of this taxonomy. The taxonomy display name must be unique within an organization. @@ -75,12 +136,30 @@ properties: and spaces; not start or end with spaces; and be at most 200 bytes long when encoded in UTF-8. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'description' +======= - name: 'description' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Description of this taxonomy. It must: contain only unicode characters, tabs, newlines, carriage returns and page breaks; and be at most 2000 bytes long when encoded in UTF-8. If not set, defaults to an empty description. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'activatedPolicyTypes' + description: | + A list of policy types that are activated for this taxonomy. If not set, + defaults to an empty list. + item_type: !ruby/object:Api::Type::Enum # TOOD: should this be enum or string + name: 'policyType' + description: 'Defines policy types where policy tag can be used for' + values: + - :POLICY_TYPE_UNSPECIFIED + - :FINE_GRAINED_ACCESS_CONTROL +======= - name: 'activatedPolicyTypes' type: Array description: | @@ -93,3 +172,4 @@ properties: enum_values: - 'POLICY_TYPE_UNSPECIFIED' - 'FINE_GRAINED_ACCESS_CONTROL' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/datacatalog/go_Entry.yaml b/mmv1/products/datacatalog/go_Entry.yaml new file mode 100644 index 000000000000..f9bd9a07d813 --- /dev/null +++ b/mmv1/products/datacatalog/go_Entry.yaml @@ -0,0 +1,252 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Entry' +description: | + Entry Metadata. A Data Catalog Entry resource represents another resource in Google Cloud Platform + (such as a BigQuery dataset or a Pub/Sub topic) or outside of Google Cloud Platform. Clients can use + the linkedResource field in the Entry resource to refer to the original resource ID of the source system. + + An Entry resource contains resource details, such as its schema. An Entry can also be used to attach + flexible metadata, such as a Tag. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/data-catalog/docs' + api: 'https://cloud.google.com/data-catalog/docs/reference/rest/v1/projects.locations.entryGroups.entries' +docs: +base_url: '{{entry_group}}/entries' +self_link: '{{name}}' +create_url: '{{entry_group}}/entries?entryId={{entry_id}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + custom_import: 'templates/terraform/custom_import/go/data_catalog_entry.go.tmpl' +supports_indirect_user_project_override: true +examples: + - name: 'data_catalog_entry_basic' + primary_resource_id: 'basic_entry' + vars: + entry_id: 'my_entry' + entry_group_id: 'my_group' + - name: 'data_catalog_entry_fileset' + primary_resource_id: 'basic_entry' + vars: + entry_id: 'my_entry' + entry_group_id: 'my_group' + - name: 'data_catalog_entry_full' + primary_resource_id: 'basic_entry' + vars: + entry_id: 'my_entry' + entry_group_id: 'my_group' +parameters: + - name: 'entryGroup' + type: String + description: | + The name of the entry group this entry is in. + url_param_only: true + required: true + immutable: true + - name: 'entryId' + type: String + description: | + The id of the entry to create. + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: | + The Data Catalog resource name of the entry in URL format. + Example: projects/{project_id}/locations/{location}/entryGroups/{entryGroupId}/entries/{entryId}. + Note that this Entry and its child resources may not actually be stored in the location in this name. + output: true + - name: 'linkedResource' + type: String + description: | + The resource this metadata entry refers to. + For Google Cloud Platform resources, linkedResource is the full name of the resource. + For example, the linkedResource for a table resource from BigQuery is: + //bigquery.googleapis.com/projects/projectId/datasets/datasetId/tables/tableId + Output only when Entry is of type in the EntryType enum. For entries with userSpecifiedType, + this field is optional and defaults to an empty string. + default_from_api: true + - name: 'displayName' + type: String + description: | + Display information such as title and description. A short name to identify the entry, + for example, "Analytics Data - Jan 2011". + - name: 'description' + type: String + description: | + Entry description, which can consist of several sentences or paragraphs that describe entry contents. + # This is a string instead of a NestedObject because schemas contain ColumnSchemas, which can contain nested ColumnSchemas. + # We'll have people provide the json blob for the schema instead. + - name: 'schema' + type: String + description: | + Schema of the entry (e.g. BigQuery, GoogleSQL, Avro schema), as a json string. An entry might not have any schema + attached to it. See + https://cloud.google.com/data-catalog/docs/reference/rest/v1/projects.locations.entryGroups.entries#schema + for what fields this schema can contain. + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/go/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/json_schema.tmpl' + validation: + function: 'validation.StringIsJSON' + - name: 'type' + type: Enum + description: | + The type of the entry. Only used for Entries with types in the EntryType enum. + Currently, only FILESET enum value is allowed. All other entries created through Data Catalog must use userSpecifiedType. + immutable: true + exactly_one_of: + - 'type' + - 'user_specified_type' + enum_values: + - 'FILESET' + - name: 'userSpecifiedType' + type: String + description: | + Entry type if it does not fit any of the input-allowed values listed in EntryType enum above. + When creating an entry, users should check the enum values first, if nothing matches the entry + to be created, then provide a custom value, for example "my_special_type". + userSpecifiedType strings must begin with a letter or underscore and can only contain letters, + numbers, and underscores; are case insensitive; must be at least 1 character and at most 64 characters long. + exactly_one_of: + - 'type' + - 'user_specified_type' + validation: + regex: '^[A-z_][A-z0-9_]{0,63}$' + - name: 'integratedSystem' + type: String + description: | + This field indicates the entry's source system that Data Catalog integrates with, such as BigQuery or Pub/Sub. + output: true + - name: 'userSpecifiedSystem' + type: String + description: | + This field indicates the entry's source system that Data Catalog does not integrate with. + userSpecifiedSystem strings must begin with a letter or underscore and can only contain letters, numbers, + and underscores; are case insensitive; must be at least 1 character and at most 64 characters long. + validation: + regex: '^[A-z_][A-z0-9_]{0,63}$' + - name: 'gcsFilesetSpec' + type: NestedObject + description: | + Specification that applies to a Cloud Storage fileset. This is only valid on entries of type FILESET. + properties: + - name: 'filePatterns' + type: Array + description: | + Patterns to identify a set of files in Google Cloud Storage. + See [Cloud Storage documentation](https://cloud.google.com/storage/docs/gsutil/addlhelp/WildcardNames) + for more information. Note that bucket wildcards are currently not supported. Examples of valid filePatterns: + + * gs://bucket_name/dir/*: matches all files within bucket_name/dir directory. + * gs://bucket_name/dir/**: matches all files in bucket_name/dir spanning all subdirectories. + * gs://bucket_name/file*: matches files prefixed by file in bucket_name + * gs://bucket_name/??.txt: matches files with two characters followed by .txt in bucket_name + * gs://bucket_name/[aeiou].txt: matches files that contain a single vowel character followed by .txt in bucket_name + * gs://bucket_name/[a-m].txt: matches files that contain a, b, ... or m followed by .txt in bucket_name + * gs://bucket_name/a/*/b: matches all files in bucket_name that match a/*/b pattern, such as a/c/b, a/d/b + * gs://another_bucket/a.txt: matches gs://another_bucket/a.txt + required: true + item_type: + type: String + - name: 'sampleGcsFileSpecs' + type: Array + description: | + Sample files contained in this fileset, not all files contained in this fileset are represented here. + output: true + item_type: + type: NestedObject + properties: + - name: 'filePath' + type: String + description: | + The full file path + output: true + - name: 'sizeBytes' + type: Integer + description: | + The size of the file, in bytes. + output: true + - name: 'bigqueryTableSpec' + type: NestedObject + description: | + Specification that applies to a BigQuery table. This is only valid on entries of type TABLE. + output: true + properties: + - name: 'tableSourceType' + type: String + description: | + The table source type. + output: true + - name: 'viewSpec' + type: NestedObject + description: | + Table view specification. This field should only be populated if tableSourceType is BIGQUERY_VIEW. + output: true + properties: + - name: 'viewQuery' + type: String + description: | + The query that defines the table view. + output: true + - name: 'tableSpec' + type: NestedObject + description: | + Spec of a BigQuery table. This field should only be populated if tableSourceType is BIGQUERY_TABLE. + output: true + properties: + - name: 'groupedEntry' + type: String + description: | + If the table is a dated shard, i.e., with name pattern [prefix]YYYYMMDD, groupedEntry is the + Data Catalog resource name of the date sharded grouped entry, for example, + projects/{project_id}/locations/{location}/entrygroups/{entryGroupId}/entries/{entryId}. + Otherwise, groupedEntry is empty. + output: true + - name: 'bigqueryDateShardedSpec' + type: NestedObject + description: | + Specification for a group of BigQuery tables with name pattern [prefix]YYYYMMDD. + Context: https://cloud.google.com/bigquery/docs/partitioned-tables#partitioning_versus_sharding. + output: true + properties: + - name: 'dataset' + type: String + description: | + The Data Catalog resource name of the dataset entry the current table belongs to, for example, + projects/{project_id}/locations/{location}/entrygroups/{entryGroupId}/entries/{entryId} + output: true + - name: 'tablePrefix' + type: String + description: | + The table name prefix of the shards. The name of any given shard is [tablePrefix]YYYYMMDD, + for example, for shard MyTable20180101, the tablePrefix is MyTable. + output: true + - name: 'shardCount' + type: Integer + description: | + Total number of shards. + output: true diff --git a/mmv1/products/datacatalog/go_EntryGroup.yaml b/mmv1/products/datacatalog/go_EntryGroup.yaml new file mode 100644 index 000000000000..d276ff2cb1e4 --- /dev/null +++ b/mmv1/products/datacatalog/go_EntryGroup.yaml @@ -0,0 +1,90 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'EntryGroup' +description: | + An EntryGroup resource represents a logical grouping of zero or more Data Catalog Entry resources. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/data-catalog/docs' + api: 'https://cloud.google.com/data-catalog/docs/reference/rest/v1/projects.locations.entryGroups' +docs: +base_url: 'projects/{{project}}/locations/{{region}}/entryGroups' +self_link: '{{name}}' +create_url: 'projects/{{project}}/locations/{{region}}/entryGroups?entryGroupId={{entry_group_id}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: + method_name_separator: ':' + fetch_iam_policy_verb: 'POST' + parent_resource_attribute: 'entry_group' + base_url: 'projects/{{project}}/locations/{{region}}/entryGroups/{{entry_group}}' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/{{region}}/entryGroups/{{entry_group}}' + - '{{entry_group}}' +custom_code: + custom_import: 'templates/terraform/custom_import/go/data_catalog_entry_group.go.tmpl' +examples: + - name: 'data_catalog_entry_group_basic' + primary_resource_id: 'basic_entry_group' + primary_resource_name: 'fmt.Sprintf("tf_test_my_group%s", context["random_suffix"])' + vars: + entry_group_id: 'my_group' + - name: 'data_catalog_entry_group_full' + primary_resource_id: 'basic_entry_group' + primary_resource_name: 'fmt.Sprintf("tf_test_my_group%s", context["random_suffix"])' + vars: + entry_group_id: 'my_group' +parameters: + - name: 'region' + type: String + description: | + EntryGroup location region. + url_param_only: true + required: false + immutable: true + ignore_read: true + default_from_api: true + - name: 'entryGroupId' + type: String + description: | + The id of the entry group to create. The id must begin with a letter or underscore, + contain only English letters, numbers and underscores, and be at most 64 characters. + url_param_only: true + required: true + immutable: true + validation: + regex: '^[A-z_][A-z0-9_]{0,63}$' +properties: + - name: 'name' + type: String + description: | + The resource name of the entry group in URL format. Example: projects/{project}/locations/{location}/entryGroups/{entryGroupId} + output: true + - name: 'displayName' + type: String + description: | + A short name to identify the entry group, for example, "analytics data - jan 2011". + - name: 'description' + type: String + description: | + Entry group description, which can consist of several sentences or paragraphs that describe entry group contents. diff --git a/mmv1/products/datacatalog/go_PolicyTag.yaml b/mmv1/products/datacatalog/go_PolicyTag.yaml new file mode 100644 index 000000000000..ec672f638f90 --- /dev/null +++ b/mmv1/products/datacatalog/go_PolicyTag.yaml @@ -0,0 +1,97 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'PolicyTag' +description: | + Denotes one policy tag in a taxonomy. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/data-catalog/docs' + api: 'https://cloud.google.com/data-catalog/docs/reference/rest/v1/projects.locations.taxonomies.policyTags' +docs: +base_url: '{{taxonomy}}/policyTags' +self_link: '{{name}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: + exclude_import_test: true + method_name_separator: ':' + fetch_iam_policy_verb: 'POST' + parent_resource_attribute: 'policy_tag' + base_url: '{{%policy_tag}}' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + import_format: + - '{{%policy_tag}}' +custom_code: + custom_import: 'templates/terraform/custom_import/go/extract_taxonomy.go.tmpl' +examples: + - name: 'data_catalog_taxonomies_policy_tag_basic' + primary_resource_id: 'basic_policy_tag' + primary_resource_name: 'fmt.Sprintf("tf_test_my_policy_tag%s", context["random_suffix"])' + vars: + taxonomy_display_name: 'taxonomy_display_name' + - name: 'data_catalog_taxonomies_policy_tag_child_policies' + primary_resource_id: 'child_policy' + primary_resource_name: 'fmt.Sprintf("tf_test_my_child_tag%s", context["random_suffix"])' + vars: + taxonomy_display_name: 'taxonomy_display_name' +parameters: + - name: 'taxonomy' + type: String + description: | + Taxonomy the policy tag is associated with + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: | + Resource name of this policy tag, whose format is: + "projects/{project}/locations/{region}/taxonomies/{taxonomy}/policyTags/{policytag}" + output: true + - name: 'displayName' + type: String + description: | + User defined name of this policy tag. It must: be unique within the parent + taxonomy; contain only unicode letters, numbers, underscores, dashes and spaces; + not start or end with spaces; and be at most 200 bytes long when encoded in UTF-8. + required: true + - name: 'description' + type: String + description: | + Description of this policy tag. It must: contain only unicode characters, tabs, + newlines, carriage returns and page breaks; and be at most 2000 bytes long when + encoded in UTF-8. If not set, defaults to an empty description. + If not set, defaults to an empty description. + - name: 'parentPolicyTag' + type: String + description: | + Resource name of this policy tag's parent policy tag. + If empty, it means this policy tag is a top level policy tag. + If not set, defaults to an empty string. + - name: 'childPolicyTags' + type: Array + description: | + Resource names of child policy tags of this policy tag. + output: true + item_type: + type: String diff --git a/mmv1/products/datacatalog/go_Tag.yaml b/mmv1/products/datacatalog/go_Tag.yaml new file mode 100644 index 000000000000..295ca40d530e --- /dev/null +++ b/mmv1/products/datacatalog/go_Tag.yaml @@ -0,0 +1,190 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Tag' +description: | + Tags are used to attach custom metadata to Data Catalog resources. Tags conform to the specifications within their tag template. + + See [Data Catalog IAM](https://cloud.google.com/data-catalog/docs/concepts/iam) for information on the permissions needed to create or view tags. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/data-catalog/docs' + api: 'https://cloud.google.com/data-catalog/docs/reference/rest/v1/projects.locations.entryGroups.tags' +docs: +id_format: '{{name}}' +base_url: '{{parent}}/tags' +self_link: '{{parent}}/tags' +update_url: '{{name}}' +update_verb: 'PATCH' +update_mask: true + +read_query_params: '?pageSize=1000' +delete_url: '{{name}}' +import_format: + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +nested_query: + keys: + - tags + is_list_of_ids: false + modify_by_patch: false +custom_code: + encoder: 'templates/terraform/encoders/go/data_catalog_tag.go.tmpl' + custom_import: 'templates/terraform/custom_import/go/data_catalog_tag.go.tmpl' +examples: + - name: 'data_catalog_entry_tag_basic' + primary_resource_id: 'basic_tag' + vars: + entry_group_id: 'my_entry_group' + entry_id: 'my_entry' + tag_template_id: 'my_template' + force_delete: 'false' + test_vars_overrides: + 'force_delete': 'true' + oics_vars_overrides: + 'force_delete': 'true' + - name: 'data_catalog_entry_group_tag' + primary_resource_id: 'entry_group_tag' + vars: + entry_group_id: 'my_entry_group' + first_entry: 'first_entry' + second_entry: 'second_entry' + tag_template_id: 'my_template' + force_delete: 'false' + test_vars_overrides: + 'force_delete': 'true' + oics_vars_overrides: + 'force_delete': 'true' + - name: 'data_catalog_entry_tag_full' + primary_resource_id: 'basic_tag' + vars: + entry_group_id: 'my_entry_group' + entry_id: 'my_entry' + tag_template_id: 'my_template' + force_delete: 'false' + test_vars_overrides: + 'force_delete': 'true' + oics_vars_overrides: + 'force_delete': 'true' + # Multiple fine-grained resources + skip_vcr: true + - name: 'data_catalog_entry_tag_false' + primary_resource_id: 'basic_tag' + vars: + entry_group_id: 'my_entry_group' + entry_id: 'my_entry' + tag_template_id: 'my_template' + force_delete: 'false' + test_vars_overrides: + 'force_delete': 'true' + oics_vars_overrides: + 'force_delete': 'true' + # omitting doc as it is almost identical to the case of data_catalog_entry_tag_basic + exclude_docs: true +parameters: + - name: 'parent' + type: String + description: | + The name of the parent this tag is attached to. This can be the name of an entry or an entry group. If an entry group, the tag will be attached to + all entries in that group. + url_param_only: true + immutable: true +properties: + - name: 'name' + type: String + description: | + The resource name of the tag in URL format. Example: + projects/{project_id}/locations/{location}/entrygroups/{entryGroupId}/entries/{entryId}/tags/{tag_id} or + projects/{project_id}/locations/{location}/entrygroups/{entryGroupId}/tags/{tag_id} + where tag_id is a system-generated identifier. Note that this Tag may not actually be stored in the location in this name. + output: true + - name: 'template' + type: String + description: | + The resource name of the tag template that this tag uses. Example: + projects/{project_id}/locations/{location}/tagTemplates/{tagTemplateId} + This field cannot be modified after creation. + required: true + immutable: true + - name: 'template_displayname' + type: String + description: | + The display name of the tag template. + api_name: templateDisplayName + output: true + - name: 'fields' + type: Map + description: | + This maps the ID of a tag field to the value of and additional information about that field. + Valid field IDs are defined by the tag's template. A tag must have at least 1 field and at most 500 fields. + required: true + key_name: 'field_name' + value_type: + name: field_value + type: NestedObject + properties: + - name: 'display_name' + type: String + description: | + The display name of this field + output: true + - name: 'order' + type: Integer + description: | + The order of this field with respect to other fields in this tag. For example, a higher value can indicate + a more important field. The value can be negative. Multiple fields can have the same order, and field orders + within a tag do not have to be sequential. + output: true + - name: 'doubleValue' + type: Double + description: | + Holds the value for a tag field with double type. + - name: 'stringValue' + type: String + description: | + Holds the value for a tag field with string type. + - name: 'boolValue' + type: Boolean + description: | + Holds the value for a tag field with boolean type. + send_empty_value: true + - name: 'timestampValue' + type: String + description: | + Holds the value for a tag field with timestamp type. + - name: 'enumValue' + type: NestedObject + description: | + Holds the value for a tag field with enum type. This value must be one of the allowed values in the definition of this enum. + custom_flatten: 'templates/terraform/custom_flatten/go/data_catalog_tag.go.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/data_catalog_tag.go.tmpl' + flatten_object: true + properties: + - name: 'enum_value' + type: String + description: | + The display name of the enum value. + api_name: displayName + - name: 'column' + type: String + description: | + Resources like Entry can have schemas associated with them. This scope allows users to attach tags to an + individual column based on that schema. + + For attaching a tag to a nested column, use `.` to separate the column names. Example: + `outer_column.inner_column` diff --git a/mmv1/products/datacatalog/go_TagTemplate.yaml b/mmv1/products/datacatalog/go_TagTemplate.yaml new file mode 100644 index 000000000000..1cc4b27b60ff --- /dev/null +++ b/mmv1/products/datacatalog/go_TagTemplate.yaml @@ -0,0 +1,174 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'TagTemplate' +description: | + A tag template defines a tag, which can have one or more typed fields. + The template is used to create and attach the tag to GCP resources. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/data-catalog/docs' + api: 'https://cloud.google.com/data-catalog/docs/reference/rest/v1/projects.locations.tagTemplates' +docs: +base_url: 'projects/{{project}}/locations/{{region}}/tagTemplates' +self_link: '{{name}}' +create_url: 'projects/{{project}}/locations/{{region}}/tagTemplates?tagTemplateId={{tag_template_id}}' +update_verb: 'PATCH' +delete_url: '{{name}}?force={{force_delete}}' +import_format: + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: + method_name_separator: ':' + fetch_iam_policy_verb: 'POST' + parent_resource_attribute: 'tag_template' + base_url: 'projects/{{project}}/locations/{{region}}/tagTemplates/{{tag_template}}' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/{{region}}/tagTemplates/{{tag_template}}' + - '{{tag_template}}' +custom_code: + constants: 'templates/terraform/constants/go/tagtemplate_fields.go.tmpl' + pre_update: 'templates/terraform/pre_update/go/tagtemplate_fields.go.tmpl' + post_update: 'templates/terraform/post_update/go/tagtemplate_fields.go.tmpl' + custom_import: 'templates/terraform/custom_import/go/data_catalog_tag_template.go.tmpl' +exclude_sweeper: true +examples: + - name: 'data_catalog_tag_template_basic' + primary_resource_id: 'basic_tag_template' + primary_resource_name: 'fmt.Sprintf("tf_test_my_template%s", context["random_suffix"])' + vars: + tag_template_id: 'my_template' + force_delete: 'false' + test_vars_overrides: + 'force_delete': 'true' + oics_vars_overrides: + 'force_delete': 'true' +parameters: + - name: 'region' + type: String + description: | + Template location region. + url_param_only: true + required: false + immutable: true + ignore_read: true + default_from_api: true + - name: 'tagTemplateId' + type: String + description: | + The id of the tag template to create. + url_param_only: true + required: true + immutable: true + validation: + regex: '^[a-z_][a-z0-9_]{0,63}$' + - name: 'forceDelete' + type: Boolean + description: | + This confirms the deletion of any possible tags using this template. Must be set to true in order to delete the tag template. + url_param_only: true + default_value: false +properties: + - name: 'name' + type: String + description: | + The resource name of the tag template in URL format. Example: projects/{project_id}/locations/{location}/tagTemplates/{tagTemplateId} + output: true + - name: 'displayName' + type: String + description: | + The display name for this template. + - name: 'fields' + type: Map + description: | + Set of tag template field IDs and the settings for the field. This set is an exhaustive list of the allowed fields. This set must contain at least one field and at most 500 fields. The change of field_id will be resulting in re-creating of field. The change of primitive_type will be resulting in re-creating of field, however if the field is a required, you cannot update it. + required: true + key_name: 'field_id' + value_type: + name: field + type: NestedObject + properties: + - name: 'name' + type: String + description: | + The resource name of the tag template field in URL format. Example: projects/{project_id}/locations/{location}/tagTemplates/{tagTemplateId}/fields/{field} + output: true + - name: 'displayName' + type: String + description: | + The display name for this field. + default_from_api: true + - name: 'description' + type: String + description: | + A description for this field. + default_from_api: true + - name: 'type' + type: NestedObject + description: | + The type of value this tag field can contain. + required: true + properties: + - name: 'primitiveType' + type: Enum + description: | + Represents primitive types - string, bool etc. + Exactly one of `primitive_type` or `enum_type` must be set + default_from_api: true + enum_values: + - 'DOUBLE' + - 'STRING' + - 'BOOL' + - 'TIMESTAMP' + - name: 'enumType' + type: NestedObject + description: | + Represents an enum type. + Exactly one of `primitive_type` or `enum_type` must be set + properties: + - name: 'allowedValues' + type: Array + description: | + The set of allowed values for this enum. The display names of the + values must be case-insensitively unique within this set. Currently, + enum values can only be added to the list of allowed values. Deletion + and renaming of enum values are not supported. + Can have up to 500 allowed values. + is_set: true + required: true + item_type: + type: NestedObject + properties: + - name: 'displayName' + type: String + description: | + The display name of the enum value. + required: true + - name: 'isRequired' + type: Boolean + description: | + Whether this is a required field. Defaults to false. + default_from_api: true + - name: 'order' + type: Integer + description: | + The order of this field with respect to other fields in this tag template. + A higher value indicates a more important field. The value can be negative. + Multiple fields can have the same order, and field orders within a tag do not have to be sequential. + default_from_api: true diff --git a/mmv1/products/datacatalog/go_Taxonomy.yaml b/mmv1/products/datacatalog/go_Taxonomy.yaml new file mode 100644 index 000000000000..0f374a8d913c --- /dev/null +++ b/mmv1/products/datacatalog/go_Taxonomy.yaml @@ -0,0 +1,96 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Taxonomy' +description: | + A collection of policy tags that classify data along a common axis. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/data-catalog/docs' + api: 'https://cloud.google.com/data-catalog/docs/reference/rest/v1/projects.locations.taxonomies' +docs: +base_url: 'projects/{{project}}/locations/{{region}}/taxonomies' +self_link: '{{name}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: + exclude_import_test: true + method_name_separator: ':' + fetch_iam_policy_verb: 'POST' + parent_resource_attribute: 'taxonomy' + base_url: 'projects/{{project}}/locations/{{region}}/taxonomies/{{taxonomy}}' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/{{region}}/taxonomies/{{taxonomy}}' + - '{{taxonomy}}' +custom_code: + custom_import: 'templates/terraform/custom_import/go/data_catalog_taxonomy.go.tmpl' +sweeper: + sweepable_identifier_field: displayName +examples: + - name: 'data_catalog_taxonomy_basic' + primary_resource_id: 'basic_taxonomy' + primary_resource_name: 'fmt.Sprintf("tf_test_my_taxonomy%s", context["random_suffix"])' + vars: + display_name: 'my_taxonomy' +parameters: + - name: 'region' + type: String + description: | + Taxonomy location region. + url_param_only: true + required: false + immutable: true + default_from_api: true +properties: + - name: 'name' + type: String + description: | + Resource name of this taxonomy, whose format is: + "projects/{project}/locations/{region}/taxonomies/{taxonomy}". + output: true + - name: 'displayName' + type: String + description: | + User defined name of this taxonomy. + The taxonomy display name must be unique within an organization. + It must: contain only unicode letters, numbers, underscores, dashes + and spaces; not start or end with spaces; and be at most 200 bytes + long when encoded in UTF-8. + required: true + - name: 'description' + type: String + description: | + Description of this taxonomy. It must: contain only unicode characters, + tabs, newlines, carriage returns and page breaks; and be at most 2000 bytes + long when encoded in UTF-8. If not set, defaults to an empty description. + - name: 'activatedPolicyTypes' + type: Array + description: | + A list of policy types that are activated for this taxonomy. If not set, + defaults to an empty list. + # TOOD: should this be enum or string + item_type: + type: Enum + description: 'Defines policy types where policy tag can be used for' + enum_values: + - 'POLICY_TYPE_UNSPECIFIED' + - 'FINE_GRAINED_ACCESS_CONTROL' diff --git a/mmv1/products/datacatalog/go_product.yaml b/mmv1/products/datacatalog/go_product.yaml new file mode 100644 index 000000000000..c719c19116c1 --- /dev/null +++ b/mmv1/products/datacatalog/go_product.yaml @@ -0,0 +1,24 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'DataCatalog' +display_name: 'Data catalog' +versions: + - name: 'ga' + base_url: 'https://datacatalog.googleapis.com/v1/' + - name: 'beta' + base_url: 'https://datacatalog.googleapis.com/v1beta1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/datacatalog/product.yaml b/mmv1/products/datacatalog/product.yaml index e6e305dad648..e0bf258e5b3e 100644 --- a/mmv1/products/datacatalog/product.yaml +++ b/mmv1/products/datacatalog/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2020 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,19 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: DataCatalog +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://datacatalog.googleapis.com/v1/ + - !ruby/object:Api::Product::Version + name: beta + base_url: https://datacatalog.googleapis.com/v1beta1/ +scopes: + - https://www.googleapis.com/auth/cloud-platform +======= --- name: 'DataCatalog' display_name: 'Data catalog' @@ -21,3 +38,4 @@ versions: base_url: 'https://datacatalog.googleapis.com/v1beta1/' scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/dataform/Repository.yaml b/mmv1/products/dataform/Repository.yaml index 1c7dccfb54fe..ffa4ddc21d21 100644 --- a/mmv1/products/dataform/Repository.yaml +++ b/mmv1/products/dataform/Repository.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,105 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: Repository +base_url: projects/{{project}}/locations/{{region}}/repositories +create_url: projects/{{project}}/locations/{{region}}/repositories?repositoryId={{name}} +create_verb: :POST +update_verb: :PATCH +min_version: beta +description: |- + A resource represents a Dataform Git repository +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/dataform/docs/' + api: 'https://cloud.google.com/dataform/reference/rest/v1beta1/projects.locations.repositories' +id_format: projects/{{project}}/locations/{{region}}/repositories/{{name}} +iam_policy: !ruby/object:Api::Resource::IamPolicy + method_name_separator: ':' + parent_resource_attribute: 'repository' + min_version: beta +import_format: + ['projects/{{project}}/locations/{{region}}/repositories/{{name}}'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'dataform_repository' + # This example is used in the docs to address this issue + # See : https://github.com/hashicorp/terraform-provider-google/issues/17335 + skip_test: true + primary_resource_id: dataform_repository + primary_resource_name: + 'fmt.Sprintf("tf_test_dataform_repository%s", context["random_suffix"])' + min_version: beta + vars: + dataform_repository_name: 'dataform_repository' + data: secret-data + secret_name: my-secret + key_ring_name: example-key-ring + crypto_key_name: example-crypto-key-name + - !ruby/object:Provider::Terraform::Examples + name: 'dataform_repository_with_cloudsource_repo' + # Although the Terraform config can be applied without error, the connection between Dataform and the SourceRepo aren't yet functional + # See : https://github.com/hashicorp/terraform-provider-google/issues/17335 + # See : https://issuetracker.google.com/issues/287850319 + skip_docs: true + primary_resource_id: dataform_repository + primary_resource_name: + 'fmt.Sprintf("tf_test_dataform_repository%s", context["random_suffix"])' + min_version: beta + vars: + git_repository_name: 'my/repository' + dataform_repository_name: 'dataform_repository' + data: secret-data + secret_name: my-secret + key_ring_name: example-key-ring + crypto_key_name: example-crypto-key-name + - !ruby/object:Provider::Terraform::Examples + name: 'dataform_repository_with_cloudsource_repo_and_ssh' + # Although the Terraform config can be applied without error, the connection between Dataform and the SourceRepo aren't yet functional + # See : https://github.com/hashicorp/terraform-provider-google/issues/17335 + # See : https://issuetracker.google.com/issues/287850319 + skip_docs: true + primary_resource_id: dataform_repository + min_version: beta + vars: + git_repository_name: 'my/repository' + dataform_repository_name: 'dataform_repository' + data: secret-data + secret_name: my-secret +parameters: + - !ruby/object:Api::Type::String + name: 'region' + description: 'A reference to the region' + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'name' + description: The repository's name. + immutable: true + required: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + - !ruby/object:Api::Type::NestedObject + name: 'gitRemoteSettings' + description: + Optional. If set, configures this repository to be linked to a Git remote. + properties: + - !ruby/object:Api::Type::String + name: 'url' + required: true + description: The Git remote's URL. + - !ruby/object:Api::Type::String + name: 'defaultBranch' + required: true + description: The Git remote's default branch name. + - !ruby/object:Api::Type::String + name: 'authenticationTokenSecretVersion' + exactly_one_of: + - gitRemoteSettings.0.authenticationTokenSecretVersion + - gitRemoteSettings.0.sshAuthenticationConfig +======= --- name: 'Repository' description: |- @@ -111,10 +214,65 @@ properties: required: true - name: 'authenticationTokenSecretVersion' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: The name of the Secret Manager secret version to use as an authentication token for Git operations. This secret is for assigning with HTTPS only(for SSH use `ssh_authentication_config`). Must be in the format projects/*/secrets/*/versions/*. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'sshAuthenticationConfig' + exactly_one_of: + - gitRemoteSettings.0.authenticationTokenSecretVersion + - gitRemoteSettings.0.sshAuthenticationConfig + description: Authentication fields for remote uris using SSH protocol. + properties: + - !ruby/object:Api::Type::String + name: userPrivateKeySecretVersion + required: true + description: The name of the Secret Manager secret version to use as a ssh private key for Git operations. Must be in the format projects/*/secrets/*/versions/*. + - !ruby/object:Api::Type::String + name: hostPublicKey + required: true + description: Content of a public SSH key to verify an identity of a remote Git host. + - !ruby/object:Api::Type::String + name: 'tokenStatus' + output: true + description: | + Indicates the status of the Git access token. https://cloud.google.com/dataform/reference/rest/v1beta1/projects.locations.repositories#TokenStatus + - !ruby/object:Api::Type::NestedObject + name: 'workspaceCompilationOverrides' + description: If set, fields of workspaceCompilationOverrides override the default compilation settings that are specified in dataform.json when creating workspace-scoped compilation results. + properties: + - !ruby/object:Api::Type::String + name: defaultDatabase + description: The default database (Google Cloud project ID). + - !ruby/object:Api::Type::String + name: 'schemaSuffix' + description: The suffix that should be appended to all schema (BigQuery dataset ID) names. + - !ruby/object:Api::Type::String + name: 'tablePrefix' + description: The prefix that should be prepended to all table names. + - !ruby/object:Api::Type::String + name: 'serviceAccount' + description: The service account to run workflow invocations under. + - !ruby/object:Api::Type::String + name: npmrcEnvironmentVariablesSecretVersion + description: Optional. The name of the Secret Manager secret version to be used to interpolate variables into the .npmrc file for package installation operations. Must be in the format projects/*/secrets/*/versions/*. The file itself must be in a JSON format. + - !ruby/object:Api::Type::String + name: displayName + description: Optional. The repository's user-friendly name. + - !ruby/object:Api::Type::String + name: kmsKeyName + description: | + Optional. The reference to a KMS encryption key. If provided, it will be used to encrypt user data in the repository and all child resources. + It is not possible to add or update the encryption key after the repository is created. Example projects/[kms_project_id]/locations/[region]/keyRings/[key_region]/cryptoKeys/[key] + - !ruby/object:Api::Type::KeyValueLabels + name: labels + description: | + Optional. Repository user labels. + An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. +======= min_version: 'beta' exactly_one_of: - 'gitRemoteSettings.0.authenticationTokenSecretVersion' @@ -184,3 +342,4 @@ properties: Optional. Repository user labels. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/dataform/RepositoryReleaseConfig.yaml b/mmv1/products/dataform/RepositoryReleaseConfig.yaml index 05804fb325ac..c71dc1afd005 100644 --- a/mmv1/products/dataform/RepositoryReleaseConfig.yaml +++ b/mmv1/products/dataform/RepositoryReleaseConfig.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,29 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: RepositoryReleaseConfig +base_url: projects/{{project}}/locations/{{region}}/repositories/{{repository}}/releaseConfigs +create_url: projects/{{project}}/locations/{{region}}/repositories/{{repository}}/releaseConfigs?releaseConfigId={{name}} +create_verb: :POST +update_verb: :PATCH +min_version: beta +description: |- + A resource represents a Dataform release configuration +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/dataform/docs/release-configurations' + api: 'https://cloud.google.com/dataform/reference/rest/v1beta1/projects.locations.repositories.releaseConfigs' +id_format: projects/{{project}}/locations/{{region}}/repositories/{{repository}}/releaseConfigs/{{name}} +import_format: + ['projects/{{project}}/locations/{{region}}/repositories/{{repository}}/releaseConfigs/{{name}}'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'dataform_repository_release_config' + primary_resource_id: release + min_version: beta +======= --- name: 'RepositoryReleaseConfig' description: |- @@ -36,10 +63,45 @@ examples: - name: 'dataform_repository_release_config' primary_resource_id: 'release' min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: release_name: 'my_release' git_repository_name: 'my/repository' dataform_repository_name: 'dataform_repository' +<<<<<<< HEAD + data: secret-data + secret_name: my_secret +parameters: + - !ruby/object:Api::Type::String + name: 'region' + description: 'A reference to the region' + immutable: true + url_param_only: true + - !ruby/object:Api::Type::String + name: 'repository' + description: 'A reference to the Dataform repository' + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'name' + description: The release's name. + immutable: true + required: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + - !ruby/object:Api::Type::String + name: 'gitCommitish' + required: true + description: + Git commit/tag/branch name at which the repository should be compiled. + Must exist in the remote repository. + - !ruby/object:Api::Type::String + name: 'cronSchedule' + description: + Optional. Optional schedule (in cron format) for automatic creation of compilation results. + - !ruby/object:Api::Type::String + name: 'timeZone' +======= data: 'secret-data' secret_name: 'my_secret' parameters: @@ -77,10 +139,35 @@ properties: min_version: 'beta' - name: 'timeZone' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: Optional. Specifies the time zone to be used when interpreting cronSchedule. Must be a time zone name from the time zone database (https://en.wikipedia.org/wiki/List_of_tz_database_time_zones). If left unspecified, the default is UTC. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'codeCompilationConfig' + description: + Optional. If set, fields of codeCompilationConfig override the default compilation + settings that are specified in dataform.json. + properties: + - !ruby/object:Api::Type::String + name: 'defaultDatabase' + description: Optional. The default database (Google Cloud project ID). + - !ruby/object:Api::Type::String + name: 'defaultSchema' + description: Optional. The default schema (BigQuery dataset ID). + - !ruby/object:Api::Type::String + name: 'defaultLocation' + description: |- + Optional. The default BigQuery location to use. Defaults to "US". + See the BigQuery docs for a full list of locations: https://cloud.google.com/bigquery/docs/locations. + - !ruby/object:Api::Type::String + name: 'assertionSchema' + description: Optional. The default schema (BigQuery dataset ID) for assertions. + - !ruby/object:Api::Type::KeyValuePairs + name: 'vars' +======= min_version: 'beta' - name: 'codeCompilationConfig' type: NestedObject @@ -109,10 +196,24 @@ properties: min_version: 'beta' - name: 'vars' type: KeyValuePairs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: |- Optional. User-defined variables that are made available to project code during compilation. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'databaseSuffix' + description: Optional. The suffix that should be appended to all database (Google Cloud project ID) names. + - !ruby/object:Api::Type::String + name: 'schemaSuffix' + description: Optional. The suffix that should be appended to all schema (BigQuery dataset ID) names. + - !ruby/object:Api::Type::String + name: 'tablePrefix' + description: Optional. The prefix that should be prepended to all table names. + - !ruby/object:Api::Type::Array + name: 'recentScheduledReleaseRecords' +======= min_version: 'beta' - name: 'databaseSuffix' type: String @@ -128,10 +229,40 @@ properties: min_version: 'beta' - name: 'recentScheduledReleaseRecords' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: Records of the 10 most recent scheduled release attempts, ordered in in descending order of releaseTime. Updated whenever automatic creation of a compilation result is triggered by cronSchedule. +<<<<<<< HEAD + output: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'releaseTime' + output: true + description: The timestamp of this release attempt. + - !ruby/object:Api::Type::String + name: 'compilationResult' + output: true + description: + The name of the created compilation result, if one was successfully created. + Must be in the format projects/*/locations/*/repositories/*/compilationResults/*. + - !ruby/object:Api::Type::NestedObject + name: 'errorStatus' + output: true + description: + The error status encountered upon this attempt to create the compilation + result, if the attempt was unsuccessful. + properties: + - !ruby/object:Api::Type::Integer + name: 'code' + output: true + description: The status code, which should be an enum value of google.rpc.Code. + - !ruby/object:Api::Type::String + name: 'message' + output: true +======= min_version: 'beta' output: true item_type: @@ -164,9 +295,13 @@ properties: output: true - name: 'message' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client. +<<<<<<< HEAD +======= min_version: 'beta' output: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/dataform/RepositoryWorkflowConfig.yaml b/mmv1/products/dataform/RepositoryWorkflowConfig.yaml index cab9d34108db..cb3701f50198 100644 --- a/mmv1/products/dataform/RepositoryWorkflowConfig.yaml +++ b/mmv1/products/dataform/RepositoryWorkflowConfig.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,29 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: RepositoryWorkflowConfig +base_url: projects/{{project}}/locations/{{region}}/repositories/{{repository}}/workflowConfigs +create_url: projects/{{project}}/locations/{{region}}/repositories/{{repository}}/workflowConfigs?workflowConfigId={{name}} +create_verb: :POST +update_verb: :PATCH +min_version: beta +description: |- + A resource represents a Dataform workflow configuration +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/dataform/docs/workflow-configurations' + api: 'https://cloud.google.com/dataform/reference/rest/v1beta1/projects.locations.repositories.workflowConfigs' +id_format: projects/{{project}}/locations/{{region}}/repositories/{{repository}}/workflowConfigs/{{name}} +import_format: + ['projects/{{project}}/locations/{{region}}/repositories/{{repository}}/workflowConfigs/{{name}}'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'dataform_repository_workflow_config' + primary_resource_id: workflow + min_version: beta +======= --- name: 'RepositoryWorkflowConfig' description: |- @@ -36,12 +63,84 @@ examples: - name: 'dataform_repository_workflow_config' primary_resource_id: 'workflow' min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: workflow_name: 'my_workflow' release_name: 'my_release' service_account_name: 'dataform-sa' git_repository_name: 'my/repository' dataform_repository_name: 'dataform_repository' +<<<<<<< HEAD + data: secret-data + secret_name: my_secret +parameters: + - !ruby/object:Api::Type::String + name: 'region' + description: 'A reference to the region' + immutable: true + url_param_only: true + - !ruby/object:Api::Type::String + name: 'repository' + description: 'A reference to the Dataform repository' + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'name' + description: The workflow's name. + immutable: true + required: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + - !ruby/object:Api::Type::String + name: 'releaseConfig' + required: true + description: + The name of the release config whose releaseCompilationResult should be executed. + Must be in the format projects/*/locations/*/repositories/*/releaseConfigs/*. + - !ruby/object:Api::Type::NestedObject + name: 'invocationConfig' + description: + Optional. If left unset, a default InvocationConfig will be used. + properties: + - !ruby/object:Api::Type::Array + name: 'includedTargets' + description: Optional. The set of action identifiers to include. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'database' + description: The action's database (Google Cloud project ID). + - !ruby/object:Api::Type::String + name: 'schema' + description: + The action's schema (BigQuery dataset ID), within database. + - !ruby/object:Api::Type::String + name: 'name' + description: + The action's name, within database and schema. + - !ruby/object:Api::Type::Array + name: 'includedTags' + description: Optional. The set of tags to include. + item_type: Api::Type::String + - !ruby/object:Api::Type::Boolean + name: 'transitiveDependenciesIncluded' + description: Optional. When set to true, transitive dependencies of included actions will be executed. + - !ruby/object:Api::Type::Boolean + name: 'transitiveDependentsIncluded' + description: Optional. When set to true, transitive dependents of included actions will be executed. + - !ruby/object:Api::Type::Boolean + name: 'fullyRefreshIncrementalTablesEnabled' + description: Optional. When set to true, any incremental tables will be fully refreshed. + - !ruby/object:Api::Type::String + name: 'serviceAccount' + description: Optional. The service account to run workflow invocations under. + - !ruby/object:Api::Type::String + name: 'cronSchedule' + description: + Optional. Optional schedule (in cron format) for automatic creation of compilation results. + - !ruby/object:Api::Type::String + name: 'timeZone' +======= data: 'secret-data' secret_name: 'my_secret' parameters: @@ -128,17 +227,52 @@ properties: min_version: 'beta' - name: 'timeZone' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: Optional. Specifies the time zone to be used when interpreting cronSchedule. Must be a time zone name from the time zone database (https://en.wikipedia.org/wiki/List_of_tz_database_time_zones). If left unspecified, the default is UTC. +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'recentScheduledExecutionRecords' +======= min_version: 'beta' - name: 'recentScheduledExecutionRecords' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: Records of the 10 most recent scheduled execution attempts, ordered in in descending order of executionTime. Updated whenever automatic creation of a workflow invocation is triggered by cronSchedule. +<<<<<<< HEAD + output: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'executionTime' + output: true + description: The timestamp of this workflow attempt. + - !ruby/object:Api::Type::String + name: 'workflowInvocation' + output: true + description: + The name of the created workflow invocation, if one was successfully created. + In the format projects/*/locations/*/repositories/*/workflowInvocations/*. + - !ruby/object:Api::Type::NestedObject + name: 'errorStatus' + output: true + description: + The error status encountered upon this attempt to create the workflow invocation, + if the attempt was unsuccessful. + properties: + - !ruby/object:Api::Type::Integer + name: 'code' + output: true + description: The status code, which should be an enum value of google.rpc.Code. + - !ruby/object:Api::Type::String + name: 'message' + output: true +======= min_version: 'beta' output: true item_type: @@ -171,9 +305,13 @@ properties: output: true - name: 'message' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client. +<<<<<<< HEAD +======= min_version: 'beta' output: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/dataform/go_Repository.yaml b/mmv1/products/dataform/go_Repository.yaml new file mode 100644 index 000000000000..e2d02c9c7163 --- /dev/null +++ b/mmv1/products/dataform/go_Repository.yaml @@ -0,0 +1,187 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Repository' +description: |- + A resource represents a Dataform Git repository +min_version: 'beta' +references: + guides: + 'Official Documentation': 'https://cloud.google.com/dataform/docs/' + api: 'https://cloud.google.com/dataform/reference/rest/v1beta1/projects.locations.repositories' +docs: +id_format: 'projects/{{project}}/locations/{{region}}/repositories/{{name}}' +base_url: 'projects/{{project}}/locations/{{region}}/repositories' +create_url: 'projects/{{project}}/locations/{{region}}/repositories?repositoryId={{name}}' +update_verb: 'PATCH' +import_format: + - 'projects/{{project}}/locations/{{region}}/repositories/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: + method_name_separator: ':' + parent_resource_attribute: 'repository' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + min_version: 'beta' +custom_code: +examples: + - name: 'dataform_repository' + primary_resource_id: 'dataform_repository' + primary_resource_name: 'fmt.Sprintf("tf_test_dataform_repository%s", context["random_suffix"])' + min_version: 'beta' + vars: + dataform_repository_name: 'dataform_repository' + data: 'secret-data' + secret_name: 'my-secret' + key_ring_name: 'example-key-ring' + crypto_key_name: 'example-crypto-key-name' + # This example is used in the docs to address this issue + # See : https://github.com/hashicorp/terraform-provider-google/issues/17335 + exclude_test: true + - name: 'dataform_repository_with_cloudsource_repo' + primary_resource_id: 'dataform_repository' + primary_resource_name: 'fmt.Sprintf("tf_test_dataform_repository%s", context["random_suffix"])' + min_version: 'beta' + vars: + git_repository_name: 'my/repository' + dataform_repository_name: 'dataform_repository' + data: 'secret-data' + secret_name: 'my-secret' + key_ring_name: 'example-key-ring' + crypto_key_name: 'example-crypto-key-name' + # Although the Terraform config can be applied without error, the connection between Dataform and the SourceRepo aren't yet functional + # See : https://github.com/hashicorp/terraform-provider-google/issues/17335 + # See : https://issuetracker.google.com/issues/287850319 + exclude_docs: true + - name: 'dataform_repository_with_cloudsource_repo_and_ssh' + primary_resource_id: 'dataform_repository' + min_version: 'beta' + vars: + git_repository_name: 'my/repository' + dataform_repository_name: 'dataform_repository' + data: 'secret-data' + secret_name: 'my-secret' + # Although the Terraform config can be applied without error, the connection between Dataform and the SourceRepo aren't yet functional + # See : https://github.com/hashicorp/terraform-provider-google/issues/17335 + # See : https://issuetracker.google.com/issues/287850319 + exclude_docs: true +parameters: + - name: 'region' + type: String + description: 'A reference to the region' + min_version: 'beta' + url_param_only: true + immutable: true +properties: + - name: 'name' + type: String + description: The repository's name. + min_version: 'beta' + required: true + immutable: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + - name: 'gitRemoteSettings' + type: NestedObject + description: + Optional. If set, configures this repository to be linked to a Git remote. + min_version: 'beta' + properties: + - name: 'url' + type: String + description: The Git remote's URL. + min_version: 'beta' + required: true + - name: 'defaultBranch' + type: String + description: The Git remote's default branch name. + min_version: 'beta' + required: true + - name: 'authenticationTokenSecretVersion' + type: String + description: + The name of the Secret Manager secret version to use as an + authentication token for Git operations. This secret is for assigning with HTTPS only(for SSH use `ssh_authentication_config`). Must be in the format + projects/*/secrets/*/versions/*. + min_version: 'beta' + exactly_one_of: + - 'gitRemoteSettings.0.authenticationTokenSecretVersion' + - 'gitRemoteSettings.0.sshAuthenticationConfig' + - name: 'sshAuthenticationConfig' + type: NestedObject + description: Authentication fields for remote uris using SSH protocol. + min_version: 'beta' + exactly_one_of: + - 'gitRemoteSettings.0.authenticationTokenSecretVersion' + - 'gitRemoteSettings.0.sshAuthenticationConfig' + properties: + - name: 'userPrivateKeySecretVersion' + type: String + description: The name of the Secret Manager secret version to use as a ssh private key for Git operations. Must be in the format projects/*/secrets/*/versions/*. + min_version: 'beta' + required: true + - name: 'hostPublicKey' + type: String + description: Content of a public SSH key to verify an identity of a remote Git host. + min_version: 'beta' + required: true + - name: 'tokenStatus' + type: String + description: | + Indicates the status of the Git access token. https://cloud.google.com/dataform/reference/rest/v1beta1/projects.locations.repositories#TokenStatus + min_version: 'beta' + output: true + - name: 'workspaceCompilationOverrides' + type: NestedObject + description: If set, fields of workspaceCompilationOverrides override the default compilation settings that are specified in dataform.json when creating workspace-scoped compilation results. + min_version: 'beta' + properties: + - name: 'defaultDatabase' + type: String + description: The default database (Google Cloud project ID). + min_version: 'beta' + - name: 'schemaSuffix' + type: String + description: The suffix that should be appended to all schema (BigQuery dataset ID) names. + min_version: 'beta' + - name: 'tablePrefix' + type: String + description: The prefix that should be prepended to all table names. + min_version: 'beta' + - name: 'serviceAccount' + type: String + description: The service account to run workflow invocations under. + min_version: 'beta' + - name: 'npmrcEnvironmentVariablesSecretVersion' + type: String + description: Optional. The name of the Secret Manager secret version to be used to interpolate variables into the .npmrc file for package installation operations. Must be in the format projects/*/secrets/*/versions/*. The file itself must be in a JSON format. + min_version: 'beta' + - name: 'displayName' + type: String + description: Optional. The repository's user-friendly name. + min_version: 'beta' + - name: 'kmsKeyName' + type: String + description: | + Optional. The reference to a KMS encryption key. If provided, it will be used to encrypt user data in the repository and all child resources. + It is not possible to add or update the encryption key after the repository is created. Example projects/[kms_project_id]/locations/[region]/keyRings/[key_region]/cryptoKeys/[key] + min_version: 'beta' + - name: 'labels' + type: KeyValueLabels + description: | + Optional. Repository user labels. + An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. + min_version: 'beta' diff --git a/mmv1/products/dataform/go_RepositoryReleaseConfig.yaml b/mmv1/products/dataform/go_RepositoryReleaseConfig.yaml new file mode 100644 index 000000000000..f26abafab494 --- /dev/null +++ b/mmv1/products/dataform/go_RepositoryReleaseConfig.yaml @@ -0,0 +1,173 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'RepositoryReleaseConfig' +description: |- + A resource represents a Dataform release configuration +min_version: 'beta' +references: + guides: + 'Official Documentation': 'https://cloud.google.com/dataform/docs/release-configurations' + api: 'https://cloud.google.com/dataform/reference/rest/v1beta1/projects.locations.repositories.releaseConfigs' +docs: +id_format: 'projects/{{project}}/locations/{{region}}/repositories/{{repository}}/releaseConfigs/{{name}}' +base_url: 'projects/{{project}}/locations/{{region}}/repositories/{{repository}}/releaseConfigs' +create_url: 'projects/{{project}}/locations/{{region}}/repositories/{{repository}}/releaseConfigs?releaseConfigId={{name}}' +update_verb: 'PATCH' +import_format: + - 'projects/{{project}}/locations/{{region}}/repositories/{{repository}}/releaseConfigs/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: +examples: + - name: 'dataform_repository_release_config' + primary_resource_id: 'release' + min_version: 'beta' + vars: + release_name: 'my_release' + git_repository_name: 'my/repository' + dataform_repository_name: 'dataform_repository' + data: 'secret-data' + secret_name: 'my_secret' +parameters: + - name: 'region' + type: String + description: 'A reference to the region' + min_version: 'beta' + url_param_only: true + immutable: true + - name: 'repository' + type: String + description: 'A reference to the Dataform repository' + min_version: 'beta' + url_param_only: true + immutable: true +properties: + - name: 'name' + type: String + description: The release's name. + min_version: 'beta' + required: true + immutable: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + - name: 'gitCommitish' + type: String + description: + Git commit/tag/branch name at which the repository should be compiled. + Must exist in the remote repository. + min_version: 'beta' + required: true + - name: 'cronSchedule' + type: String + description: + Optional. Optional schedule (in cron format) for automatic creation of compilation results. + min_version: 'beta' + - name: 'timeZone' + type: String + description: + Optional. Specifies the time zone to be used when interpreting cronSchedule. + Must be a time zone name from the time zone database (https://en.wikipedia.org/wiki/List_of_tz_database_time_zones). + If left unspecified, the default is UTC. + min_version: 'beta' + - name: 'codeCompilationConfig' + type: NestedObject + description: + Optional. If set, fields of codeCompilationConfig override the default compilation + settings that are specified in dataform.json. + min_version: 'beta' + properties: + - name: 'defaultDatabase' + type: String + description: Optional. The default database (Google Cloud project ID). + min_version: 'beta' + - name: 'defaultSchema' + type: String + description: Optional. The default schema (BigQuery dataset ID). + min_version: 'beta' + - name: 'defaultLocation' + type: String + description: |- + Optional. The default BigQuery location to use. Defaults to "US". + See the BigQuery docs for a full list of locations: https://cloud.google.com/bigquery/docs/locations. + min_version: 'beta' + - name: 'assertionSchema' + type: String + description: Optional. The default schema (BigQuery dataset ID) for assertions. + min_version: 'beta' + - name: 'vars' + type: KeyValuePairs + description: |- + Optional. User-defined variables that are made available to project code during compilation. + An object containing a list of "key": value pairs. + Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. + min_version: 'beta' + - name: 'databaseSuffix' + type: String + description: Optional. The suffix that should be appended to all database (Google Cloud project ID) names. + min_version: 'beta' + - name: 'schemaSuffix' + type: String + description: Optional. The suffix that should be appended to all schema (BigQuery dataset ID) names. + min_version: 'beta' + - name: 'tablePrefix' + type: String + description: Optional. The prefix that should be prepended to all table names. + min_version: 'beta' + - name: 'recentScheduledReleaseRecords' + type: Array + description: + Records of the 10 most recent scheduled release attempts, + ordered in in descending order of releaseTime. + Updated whenever automatic creation of a compilation result is triggered by cronSchedule. + min_version: 'beta' + output: true + item_type: + type: NestedObject + properties: + - name: 'releaseTime' + type: String + description: The timestamp of this release attempt. + min_version: 'beta' + output: true + - name: 'compilationResult' + type: String + description: + The name of the created compilation result, if one was successfully created. + Must be in the format projects/*/locations/*/repositories/*/compilationResults/*. + min_version: 'beta' + output: true + - name: 'errorStatus' + type: NestedObject + description: + The error status encountered upon this attempt to create the compilation + result, if the attempt was unsuccessful. + min_version: 'beta' + output: true + properties: + - name: 'code' + type: Integer + description: The status code, which should be an enum value of google.rpc.Code. + min_version: 'beta' + output: true + - name: 'message' + type: String + description: + A developer-facing error message, which should be in English. + Any user-facing error message should be localized and sent in + the google.rpc.Status.details field, or localized by the client. + min_version: 'beta' + output: true diff --git a/mmv1/products/dataform/go_RepositoryWorkflowConfig.yaml b/mmv1/products/dataform/go_RepositoryWorkflowConfig.yaml new file mode 100644 index 000000000000..25ab291d16cd --- /dev/null +++ b/mmv1/products/dataform/go_RepositoryWorkflowConfig.yaml @@ -0,0 +1,180 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'RepositoryWorkflowConfig' +description: |- + A resource represents a Dataform workflow configuration +min_version: 'beta' +references: + guides: + 'Official Documentation': 'https://cloud.google.com/dataform/docs/workflow-configurations' + api: 'https://cloud.google.com/dataform/reference/rest/v1beta1/projects.locations.repositories.workflowConfigs' +docs: +id_format: 'projects/{{project}}/locations/{{region}}/repositories/{{repository}}/workflowConfigs/{{name}}' +base_url: 'projects/{{project}}/locations/{{region}}/repositories/{{repository}}/workflowConfigs' +create_url: 'projects/{{project}}/locations/{{region}}/repositories/{{repository}}/workflowConfigs?workflowConfigId={{name}}' +update_verb: 'PATCH' +import_format: + - 'projects/{{project}}/locations/{{region}}/repositories/{{repository}}/workflowConfigs/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: +examples: + - name: 'dataform_repository_workflow_config' + primary_resource_id: 'workflow' + min_version: 'beta' + vars: + workflow_name: 'my_workflow' + release_name: 'my_release' + service_account_name: 'dataform-sa' + git_repository_name: 'my/repository' + dataform_repository_name: 'dataform_repository' + data: 'secret-data' + secret_name: 'my_secret' +parameters: + - name: 'region' + type: String + description: 'A reference to the region' + min_version: 'beta' + url_param_only: true + immutable: true + - name: 'repository' + type: String + description: 'A reference to the Dataform repository' + min_version: 'beta' + url_param_only: true + immutable: true +properties: + - name: 'name' + type: String + description: The workflow's name. + min_version: 'beta' + required: true + immutable: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + - name: 'releaseConfig' + type: String + description: + The name of the release config whose releaseCompilationResult should be executed. + Must be in the format projects/*/locations/*/repositories/*/releaseConfigs/*. + min_version: 'beta' + required: true + - name: 'invocationConfig' + type: NestedObject + description: + Optional. If left unset, a default InvocationConfig will be used. + min_version: 'beta' + properties: + - name: 'includedTargets' + type: Array + description: Optional. The set of action identifiers to include. + min_version: 'beta' + item_type: + type: NestedObject + properties: + - name: 'database' + type: String + description: The action's database (Google Cloud project ID). + min_version: 'beta' + - name: 'schema' + type: String + description: + The action's schema (BigQuery dataset ID), within database. + min_version: 'beta' + - name: 'name' + type: String + description: + The action's name, within database and schema. + min_version: 'beta' + - name: 'includedTags' + type: Array + description: Optional. The set of tags to include. + min_version: 'beta' + item_type: + type: String + - name: 'transitiveDependenciesIncluded' + type: Boolean + description: Optional. When set to true, transitive dependencies of included actions will be executed. + min_version: 'beta' + - name: 'transitiveDependentsIncluded' + type: Boolean + description: Optional. When set to true, transitive dependents of included actions will be executed. + min_version: 'beta' + - name: 'fullyRefreshIncrementalTablesEnabled' + type: Boolean + description: Optional. When set to true, any incremental tables will be fully refreshed. + min_version: 'beta' + - name: 'serviceAccount' + type: String + description: Optional. The service account to run workflow invocations under. + min_version: 'beta' + - name: 'cronSchedule' + type: String + description: + Optional. Optional schedule (in cron format) for automatic creation of compilation results. + min_version: 'beta' + - name: 'timeZone' + type: String + description: + Optional. Specifies the time zone to be used when interpreting cronSchedule. + Must be a time zone name from the time zone database (https://en.wikipedia.org/wiki/List_of_tz_database_time_zones). + If left unspecified, the default is UTC. + min_version: 'beta' + - name: 'recentScheduledExecutionRecords' + type: Array + description: + Records of the 10 most recent scheduled execution attempts, + ordered in in descending order of executionTime. + Updated whenever automatic creation of a workflow invocation is triggered by cronSchedule. + min_version: 'beta' + output: true + item_type: + type: NestedObject + properties: + - name: 'executionTime' + type: String + description: The timestamp of this workflow attempt. + min_version: 'beta' + output: true + - name: 'workflowInvocation' + type: String + description: + The name of the created workflow invocation, if one was successfully created. + In the format projects/*/locations/*/repositories/*/workflowInvocations/*. + min_version: 'beta' + output: true + - name: 'errorStatus' + type: NestedObject + description: + The error status encountered upon this attempt to create the workflow invocation, + if the attempt was unsuccessful. + min_version: 'beta' + output: true + properties: + - name: 'code' + type: Integer + description: The status code, which should be an enum value of google.rpc.Code. + min_version: 'beta' + output: true + - name: 'message' + type: String + description: + A developer-facing error message, which should be in English. + Any user-facing error message should be localized and sent in + the google.rpc.Status.details field, or localized by the client. + min_version: 'beta' + output: true diff --git a/mmv1/products/dataform/go_product.yaml b/mmv1/products/dataform/go_product.yaml new file mode 100644 index 000000000000..a7baa9abcdf3 --- /dev/null +++ b/mmv1/products/dataform/go_product.yaml @@ -0,0 +1,22 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Dataform' +display_name: 'Dataform' +versions: + - name: 'beta' + base_url: 'https://dataform.googleapis.com/v1beta1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/dataform/product.yaml b/mmv1/products/dataform/product.yaml index bada172215d7..4c1d88f184a2 100644 --- a/mmv1/products/dataform/product.yaml +++ b/mmv1/products/dataform/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2022 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,17 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: Dataform +display_name: Dataform +versions: + - !ruby/object:Api::Product::Version + name: beta + base_url: https://dataform.googleapis.com/v1beta1/ +scopes: + - https://www.googleapis.com/auth/cloud-platform +======= --- name: 'Dataform' display_name: 'Dataform' @@ -19,3 +34,4 @@ versions: base_url: 'https://dataform.googleapis.com/v1beta1/' scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/datafusion/Instance.yaml b/mmv1/products/datafusion/Instance.yaml index 61518ffd4ad7..8415bb3cda8c 100644 --- a/mmv1/products/datafusion/Instance.yaml +++ b/mmv1/products/datafusion/Instance.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,28 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Instance' +base_url: 'projects/{{project}}/locations/{{region}}/instances' +create_url: projects/{{project}}/locations/{{region}}/instances?instanceId={{name}} +update_verb: :PATCH +description: | + Represents a Data Fusion instance. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/data-fusion/docs/' + api: 'https://cloud.google.com/data-fusion/docs/reference/rest/v1beta1/projects.locations.instances' +iam_policy: !ruby/object:Api::Resource::IamPolicy + parent_resource_attribute: 'name' + method_name_separator: ':' + import_format: + [ + 'projects/{{project}}/locations/{{location}}/instances/{{name}}', + '{{name}}', + ] +timeouts: !ruby/object:Api::Timeouts +======= --- name: 'Instance' description: | @@ -24,10 +50,20 @@ base_url: 'projects/{{project}}/locations/{{region}}/instances' create_url: 'projects/{{project}}/locations/{{region}}/instances?instanceId={{name}}' update_verb: 'PATCH' timeouts: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 insert_minutes: 90 update_minutes: 25 delete_minutes: 50 autogen_async: true +<<<<<<< HEAD +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'data_fusion_instance_basic' + primary_resource_id: 'basic_instance' + primary_resource_name: "fmt.Sprintf(\"tf-test-my-instance%s\", + context[\"random_suffix\"\ + ])" +======= async: actions: ['create', 'delete', 'update'] type: 'OpAsync' @@ -55,13 +91,20 @@ examples: - name: 'data_fusion_instance_basic' primary_resource_id: 'basic_instance' primary_resource_name: 'fmt.Sprintf("tf-test-my-instance%s", context["random_suffix"])' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: instance_name: 'my-instance' prober_test_run: '' test_vars_overrides: # Mark for testing to avoid service networking connection usage that is not cleaned up +<<<<<<< HEAD + prober_test_run: '`options = { prober_test_run = "true" }`' + - !ruby/object:Provider::Terraform::Examples + name: 'data_fusion_instance_full' +======= 'prober_test_run': '`options = { prober_test_run = "true" }`' - name: 'data_fusion_instance_full' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'extended_instance' vars: instance_name: 'my-instance' @@ -70,8 +113,14 @@ examples: prober_test_run: '' test_vars_overrides: # Mark for testing to avoid service networking connection usage that is not cleaned up +<<<<<<< HEAD + prober_test_run: '`options = { prober_test_run = "true" }`' + - !ruby/object:Provider::Terraform::Examples + name: 'data_fusion_instance_psc' +======= 'prober_test_run': '`options = { prober_test_run = "true" }`' - name: 'data_fusion_instance_psc' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'psc_instance' vars: instance_name: 'psc-instance' @@ -81,18 +130,72 @@ examples: prober_test_run: '' test_vars_overrides: # Mark for testing to avoid service networking connection usage that is not cleaned up +<<<<<<< HEAD + prober_test_run: '`options = { prober_test_run = "true" }`' + - !ruby/object:Provider::Terraform::Examples + name: 'data_fusion_instance_cmek' + primary_resource_id: 'cmek' + vars: + instance_name: 'my-instance' + - !ruby/object:Provider::Terraform::Examples + name: 'data_fusion_instance_enterprise' +======= 'prober_test_run': '`options = { prober_test_run = "true" }`' - name: 'data_fusion_instance_cmek' primary_resource_id: 'cmek' vars: instance_name: 'my-instance' - name: 'data_fusion_instance_enterprise' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'enterprise_instance' vars: instance_name: 'my-instance' prober_test_run: '' test_vars_overrides: # Mark for testing to avoid service networking connection usage that is not cleaned up +<<<<<<< HEAD + prober_test_run: '`options = { prober_test_run = "true" }`' + - !ruby/object:Provider::Terraform::Examples + name: 'data_fusion_instance_event' + primary_resource_id: 'event' + vars: + instance_name: 'my-instance' + - !ruby/object:Provider::Terraform::Examples + name: 'data_fusion_instance_zone' + primary_resource_id: 'zone' + vars: + instance_name: 'my-instance' +custom_code: !ruby/object:Provider::Terraform::CustomCode + pre_update: templates/terraform/pre_update/datafusion_instance_update.go.erb + constants: templates/terraform/constants/data_fusion_instance_option.go.erb +parameters: + - !ruby/object:Api::Type::String + name: 'region' + url_param_only: true + immutable: true + description: | + The region of the Data Fusion instance. + ignore_read: true + required: false + default_from_api: true +properties: + - !ruby/object:Api::Type::String + name: 'name' + required: true + immutable: true + description: | + The ID of the instance or a fully qualified identifier for the instance. + custom_expand: 'templates/terraform/custom_expand/shortname_to_url.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + - !ruby/object:Api::Type::String + name: 'description' + description: | + An optional description of the instance. + immutable: true + - !ruby/object:Api::Type::Enum + name: 'type' + required: true +======= 'prober_test_run': '`options = { prober_test_run = "true" }`' - name: 'data_fusion_instance_event' primary_resource_id: 'event' @@ -128,6 +231,7 @@ properties: immutable: true - name: 'type' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Represents the type of Data Fusion instance. Each type is configured with the default settings for processing and memory. @@ -139,6 +243,32 @@ properties: - DEVELOPER: Developer Data Fusion instance. In Developer type, the user will have all features available but with restrictive capabilities. This is to help enterprises design and develop their data ingestion and integration pipelines at low cost. +<<<<<<< HEAD + values: + - :BASIC + - :ENTERPRISE + - :DEVELOPER + immutable: true + - !ruby/object:Api::Type::Boolean + name: 'enableStackdriverLogging' + description: | + Option to enable Stackdriver Logging. + - !ruby/object:Api::Type::Boolean + name: 'enableStackdriverMonitoring' + description: | + Option to enable Stackdriver Monitoring. + - !ruby/object:Api::Type::Boolean + name: 'enableRbac' + description: | + Option to enable granular role-based access control. + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: | + The resource labels for instance to use to annotate any related underlying resources, + such as Compute Engine VMs. + - !ruby/object:Api::Type::KeyValuePairs + name: 'options' +======= required: true immutable: true enum_values: @@ -164,11 +294,27 @@ properties: such as Compute Engine VMs. - name: 'options' type: KeyValuePairs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Map of additional options used to configure the behavior of Data Fusion instance. immutable: true default_from_api: true diff_suppress_func: 'instanceOptionsDiffSuppress' +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'createTime' + output: true + description: | + The time the instance was created in RFC3339 UTC "Zulu" format, accurate to nanoseconds. + - !ruby/object:Api::Type::String + name: 'updateTime' + output: true + description: | + The time the instance was last updated in RFC3339 UTC "Zulu" format, accurate to nanoseconds. + - !ruby/object:Api::Type::Enum + name: 'state' + output: true +======= - name: 'createTime' type: String description: | @@ -181,6 +327,7 @@ properties: output: true - name: 'state' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The current state of this Data Fusion instance. - CREATING: Instance is being created @@ -189,6 +336,40 @@ properties: - DELETING: Instance is being deleted - UPGRADING: Instance is being upgraded - RESTARTING: Instance is being restarted +<<<<<<< HEAD + values: + - :CREATING + - :RUNNING + - :FAILED + - :DELETING + - :UPGRADING + - :RESTARTING + - !ruby/object:Api::Type::String + name: 'stateMessage' + output: true + description: | + Additional information about the current state of this Data Fusion instance if available. + - !ruby/object:Api::Type::String + name: 'serviceEndpoint' + output: true + description: | + Endpoint on which the Data Fusion UI and REST APIs are accessible. + - !ruby/object:Api::Type::String + name: 'version' + description: | + Current version of the Data Fusion. + default_from_api: true + - !ruby/object:Api::Type::String + name: 'serviceAccount' + min_version: beta # This field is deprecated and needs to be absent in GA provider. + deprecation_message: >- + `service_account` is deprecated and will be removed in a future major release. Instead, use `tenant_project_id` to extract the tenant project ID. + output: true + description: | + Service account which will be used to access resources in the customer project. + - !ruby/object:Api::Type::Boolean + name: 'privateInstance' +======= output: true enum_values: - 'CREATING' @@ -222,11 +403,31 @@ properties: deprecation_message: '`service_account` is deprecated and will be removed in a future major release. Instead, use `tenant_project_id` to extract the tenant project ID.' - name: 'privateInstance' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies whether the Data Fusion instance should be private. If set to true, all Data Fusion nodes will have private IP addresses and will not be able to access the public internet. immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'dataprocServiceAccount' + description: | + User-managed service account to set on Dataproc when Cloud Data Fusion creates Dataproc to run data processing pipelines. + immutable: true + - !ruby/object:Api::Type::String + name: 'tenantProjectId' + description: | + The name of the tenant project. + output: true + - !ruby/object:Api::Type::String + name: 'gcsBucket' + description: | + Cloud Storage bucket generated by Data Fusion in the customer project. + output: true + - !ruby/object:Api::Type::NestedObject + name: 'networkConfig' +======= - name: 'dataprocServiceAccount' type: String description: | @@ -244,68 +445,134 @@ properties: output: true - name: 'networkConfig' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Network configuration options. These are required when a private Data Fusion instance is to be created. immutable: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'ipAllocation' +======= - name: 'ipAllocation' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The IP range in CIDR notation to use for the managed Data Fusion instance nodes. This range must not overlap with any other ranges used in the Data Fusion instance network. immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'network' +======= - name: 'network' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the network in the project with which the tenant project will be peered for executing pipelines. In case of shared VPC where the network resides in another host project the network should specified in the form of projects/{host-project-id}/global/networks/{network} immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'connectionType' +======= - name: 'connectionType' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Optional. Type of connection for establishing private IP connectivity between the Data Fusion customer project VPC and the corresponding tenant project from a predefined list of available connection modes. If this field is unspecified for a private instance, VPC peering is used. +<<<<<<< HEAD + values: + - :VPC_PEERING + - :PRIVATE_SERVICE_CONNECT_INTERFACES + immutable: true + - !ruby/object:Api::Type::NestedObject + name: 'privateServiceConnectConfig' +======= immutable: true enum_values: - 'VPC_PEERING' - 'PRIVATE_SERVICE_CONNECT_INTERFACES' - name: 'privateServiceConnectConfig' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Optional. Configuration for Private Service Connect. This is required only when using connection type PRIVATE_SERVICE_CONNECT_INTERFACES. immutable: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'networkAttachment' +======= - name: 'networkAttachment' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Optional. The reference to the network attachment used to establish private connectivity. It will be of the form projects/{project-id}/regions/{region}/networkAttachments/{network-attachment-id}. This is required only when using connection type PRIVATE_SERVICE_CONNECT_INTERFACES. immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'unreachableCidrBlock' +======= - name: 'unreachableCidrBlock' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Optional. Input only. The CIDR block to which the CDF instance can't route traffic to in the consumer project VPC. The size of this block should be at least /25. This range should not overlap with the primary address range of any subnetwork used by the network attachment. This range can be used for other purposes in the consumer VPC as long as there is no requirement for CDF to reach destinations using these addresses. If this value is not provided, the server chooses a non RFC 1918 address range. The format of this field is governed by RFC 4632. +<<<<<<< HEAD + ignore_read: true + immutable: true + - !ruby/object:Api::Type::String + name: 'effectiveUnreachableCidrBlock' +======= immutable: true ignore_read: true - name: 'effectiveUnreachableCidrBlock' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Output only. The CIDR block to which the CDF instance can't route traffic to in the consumer project VPC. The size of this block is /25. The format of this field is governed by RFC 4632. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'zone' +======= - name: 'zone' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Name of the zone in which the Data Fusion instance will be created. Only DEVELOPER instances use this field. immutable: true default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'displayName' + description: | + Display name for an instance. + immutable: true + - !ruby/object:Api::Type::String + name: 'apiEndpoint' + description: | + Endpoint on which the REST APIs is accessible. + output: true + - !ruby/object:Api::Type::String + name: 'p4ServiceAccount' + description: | + P4 service account for the customer project. + output: true + - !ruby/object:Api::Type::NestedObject + name: 'cryptoKeyConfig' +======= - name: 'displayName' type: String description: | @@ -323,16 +590,36 @@ properties: output: true - name: 'cryptoKeyConfig' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The crypto key configuration. This field is used by the Customer-Managed Encryption Keys (CMEK) feature. immutable: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'keyReference' +======= - name: 'keyReference' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the key which is used to encrypt/decrypt customer data. For key in Cloud KMS, the key should be in the format of projects/*/locations/*/keyRings/*/cryptoKeys/*. required: true immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'eventPublishConfig' + description: | + Option to enable and pass metadata for event publishing. + properties: + - !ruby/object:Api::Type::Boolean + name: 'enabled' + description: | + Option to enable Event Publishing. + required: true + - !ruby/object:Api::Type::String + name: 'topic' +======= - name: 'eventPublishConfig' type: NestedObject description: | @@ -345,17 +632,44 @@ properties: required: true - name: 'topic' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The resource name of the Pub/Sub topic. Format: projects/{projectId}/topics/{topic_id} required: true immutable: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'accelerators' +======= - name: 'accelerators' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | List of accelerators enabled for this CDF instance. If accelerators are enabled it is possible a permadiff will be created with the Options field. Users will need to either manually update their state file to include these diffed options, or include the field in a [lifecycle ignore changes block](https://developer.hashicorp.com/terraform/language/meta-arguments/lifecycle#ignore_changes). +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Enum + name: 'acceleratorType' + description: | + The type of an accelator for a CDF instance. + values: + - :CDC + - :HEALTHCARE + - :CCAI_INSIGHTS + required: true + - !ruby/object:Api::Type::Enum + name: 'state' + description: | + The type of an accelator for a CDF instance. + values: + - :ENABLED + - :DISABLED + required: true +======= item_type: type: NestedObject properties: @@ -376,3 +690,4 @@ properties: enum_values: - 'ENABLED' - 'DISABLED' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/datafusion/go_Instance.yaml b/mmv1/products/datafusion/go_Instance.yaml new file mode 100644 index 000000000000..75367e86383d --- /dev/null +++ b/mmv1/products/datafusion/go_Instance.yaml @@ -0,0 +1,379 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Instance' +description: | + Represents a Data Fusion instance. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/data-fusion/docs/' + api: 'https://cloud.google.com/data-fusion/docs/reference/rest/v1beta1/projects.locations.instances' +docs: +base_url: 'projects/{{project}}/locations/{{region}}/instances' +create_url: 'projects/{{project}}/locations/{{region}}/instances?instanceId={{name}}' +update_verb: 'PATCH' +timeouts: + insert_minutes: 90 + update_minutes: 25 + delete_minutes: 50 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +iam_policy: + method_name_separator: ':' + parent_resource_attribute: 'name' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/{{location}}/instances/{{name}}' + - '{{name}}' +custom_code: + constants: 'templates/terraform/constants/go/data_fusion_instance_option.go.tmpl' + pre_update: 'templates/terraform/pre_update/go/datafusion_instance_update.go.tmpl' +examples: + - name: 'data_fusion_instance_basic' + primary_resource_id: 'basic_instance' + primary_resource_name: 'fmt.Sprintf("tf-test-my-instance%s", context["random_suffix"])' + vars: + instance_name: 'my-instance' + prober_test_run: '' + test_vars_overrides: + # Mark for testing to avoid service networking connection usage that is not cleaned up + 'prober_test_run': '`options = { prober_test_run = "true" }`' + - name: 'data_fusion_instance_full' + primary_resource_id: 'extended_instance' + vars: + instance_name: 'my-instance' + ip_alloc: 'datafusion-ip-alloc' + network_name: 'datafusion-full-network' + prober_test_run: '' + test_vars_overrides: + # Mark for testing to avoid service networking connection usage that is not cleaned up + 'prober_test_run': '`options = { prober_test_run = "true" }`' + - name: 'data_fusion_instance_psc' + primary_resource_id: 'psc_instance' + vars: + instance_name: 'psc-instance' + network_name: 'datafusion-psc-network' + subnet_name: 'datafusion-psc-subnet' + attachment_name: 'datafusion-psc-attachment' + prober_test_run: '' + test_vars_overrides: + # Mark for testing to avoid service networking connection usage that is not cleaned up + 'prober_test_run': '`options = { prober_test_run = "true" }`' + - name: 'data_fusion_instance_cmek' + primary_resource_id: 'cmek' + vars: + instance_name: 'my-instance' + - name: 'data_fusion_instance_enterprise' + primary_resource_id: 'enterprise_instance' + vars: + instance_name: 'my-instance' + prober_test_run: '' + test_vars_overrides: + # Mark for testing to avoid service networking connection usage that is not cleaned up + 'prober_test_run': '`options = { prober_test_run = "true" }`' + - name: 'data_fusion_instance_event' + primary_resource_id: 'event' + vars: + instance_name: 'my-instance' + - name: 'data_fusion_instance_zone' + primary_resource_id: 'zone' + vars: + instance_name: 'my-instance' +parameters: + - name: 'region' + type: String + description: | + The region of the Data Fusion instance. + url_param_only: true + required: false + immutable: true + ignore_read: true + default_from_api: true +properties: + - name: 'name' + type: String + description: | + The ID of the instance or a fully qualified identifier for the instance. + required: true + immutable: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/shortname_to_url.go.tmpl' + - name: 'description' + type: String + description: | + An optional description of the instance. + immutable: true + - name: 'type' + type: Enum + description: | + Represents the type of Data Fusion instance. Each type is configured with + the default settings for processing and memory. + - BASIC: Basic Data Fusion instance. In Basic type, the user will be able to create data pipelines + using point and click UI. However, there are certain limitations, such as fewer number + of concurrent pipelines, no support for streaming pipelines, etc. + - ENTERPRISE: Enterprise Data Fusion instance. In Enterprise type, the user will have more features + available, such as support for streaming pipelines, higher number of concurrent pipelines, etc. + - DEVELOPER: Developer Data Fusion instance. In Developer type, the user will have all features available but + with restrictive capabilities. This is to help enterprises design and develop their data ingestion and integration + pipelines at low cost. + required: true + immutable: true + enum_values: + - 'BASIC' + - 'ENTERPRISE' + - 'DEVELOPER' + - name: 'enableStackdriverLogging' + type: Boolean + description: | + Option to enable Stackdriver Logging. + - name: 'enableStackdriverMonitoring' + type: Boolean + description: | + Option to enable Stackdriver Monitoring. + - name: 'enableRbac' + type: Boolean + description: | + Option to enable granular role-based access control. + - name: 'labels' + type: KeyValueLabels + description: | + The resource labels for instance to use to annotate any related underlying resources, + such as Compute Engine VMs. + - name: 'options' + type: KeyValuePairs + description: | + Map of additional options used to configure the behavior of Data Fusion instance. + immutable: true + default_from_api: true + diff_suppress_func: 'instanceOptionsDiffSuppress' + - name: 'createTime' + type: String + description: | + The time the instance was created in RFC3339 UTC "Zulu" format, accurate to nanoseconds. + output: true + - name: 'updateTime' + type: String + description: | + The time the instance was last updated in RFC3339 UTC "Zulu" format, accurate to nanoseconds. + output: true + - name: 'state' + type: Enum + description: | + The current state of this Data Fusion instance. + - CREATING: Instance is being created + - RUNNING: Instance is running and ready for requests + - FAILED: Instance creation failed + - DELETING: Instance is being deleted + - UPGRADING: Instance is being upgraded + - RESTARTING: Instance is being restarted + output: true + enum_values: + - 'CREATING' + - 'RUNNING' + - 'FAILED' + - 'DELETING' + - 'UPGRADING' + - 'RESTARTING' + - name: 'stateMessage' + type: String + description: | + Additional information about the current state of this Data Fusion instance if available. + output: true + - name: 'serviceEndpoint' + type: String + description: | + Endpoint on which the Data Fusion UI and REST APIs are accessible. + output: true + - name: 'version' + type: String + description: | + Current version of the Data Fusion. + default_from_api: true + - name: 'serviceAccount' + type: String + description: | + Service account which will be used to access resources in the customer project. + # This field is deprecated and needs to be absent in GA provider. + min_version: 'beta' + output: true + deprecation_message: '`service_account` is deprecated and will be removed in a future major release. Instead, use `tenant_project_id` to extract the tenant project ID.' + - name: 'privateInstance' + type: Boolean + description: | + Specifies whether the Data Fusion instance should be private. If set to + true, all Data Fusion nodes will have private IP addresses and will not be + able to access the public internet. + immutable: true + - name: 'dataprocServiceAccount' + type: String + description: | + User-managed service account to set on Dataproc when Cloud Data Fusion creates Dataproc to run data processing pipelines. + immutable: true + - name: 'tenantProjectId' + type: String + description: | + The name of the tenant project. + output: true + - name: 'gcsBucket' + type: String + description: | + Cloud Storage bucket generated by Data Fusion in the customer project. + output: true + - name: 'networkConfig' + type: NestedObject + description: | + Network configuration options. These are required when a private Data Fusion instance is to be created. + immutable: true + properties: + - name: 'ipAllocation' + type: String + description: | + The IP range in CIDR notation to use for the managed Data Fusion instance + nodes. This range must not overlap with any other ranges used in the Data Fusion instance network. + immutable: true + - name: 'network' + type: String + description: | + Name of the network in the project with which the tenant project + will be peered for executing pipelines. In case of shared VPC where the network resides in another host + project the network should specified in the form of projects/{host-project-id}/global/networks/{network} + immutable: true + - name: 'connectionType' + type: Enum + description: | + Optional. Type of connection for establishing private IP connectivity between the Data Fusion customer project VPC and + the corresponding tenant project from a predefined list of available connection modes. + If this field is unspecified for a private instance, VPC peering is used. + immutable: true + enum_values: + - 'VPC_PEERING' + - 'PRIVATE_SERVICE_CONNECT_INTERFACES' + - name: 'privateServiceConnectConfig' + type: NestedObject + description: | + Optional. Configuration for Private Service Connect. + This is required only when using connection type PRIVATE_SERVICE_CONNECT_INTERFACES. + immutable: true + properties: + - name: 'networkAttachment' + type: String + description: | + Optional. The reference to the network attachment used to establish private connectivity. + It will be of the form projects/{project-id}/regions/{region}/networkAttachments/{network-attachment-id}. + This is required only when using connection type PRIVATE_SERVICE_CONNECT_INTERFACES. + immutable: true + - name: 'unreachableCidrBlock' + type: String + description: | + Optional. Input only. The CIDR block to which the CDF instance can't route traffic to in the consumer project VPC. + The size of this block should be at least /25. This range should not overlap with the primary address range of any subnetwork used by the network attachment. + This range can be used for other purposes in the consumer VPC as long as there is no requirement for CDF to reach destinations using these addresses. + If this value is not provided, the server chooses a non RFC 1918 address range. The format of this field is governed by RFC 4632. + immutable: true + ignore_read: true + - name: 'effectiveUnreachableCidrBlock' + type: String + description: | + Output only. The CIDR block to which the CDF instance can't route traffic to in the consumer project VPC. + The size of this block is /25. The format of this field is governed by RFC 4632. + output: true + - name: 'zone' + type: String + description: | + Name of the zone in which the Data Fusion instance will be created. Only DEVELOPER instances use this field. + immutable: true + default_from_api: true + - name: 'displayName' + type: String + description: | + Display name for an instance. + immutable: true + - name: 'apiEndpoint' + type: String + description: | + Endpoint on which the REST APIs is accessible. + output: true + - name: 'p4ServiceAccount' + type: String + description: | + P4 service account for the customer project. + output: true + - name: 'cryptoKeyConfig' + type: NestedObject + description: | + The crypto key configuration. This field is used by the Customer-Managed Encryption Keys (CMEK) feature. + immutable: true + properties: + - name: 'keyReference' + type: String + description: | + The name of the key which is used to encrypt/decrypt customer data. For key in Cloud KMS, the key should be in the format of projects/*/locations/*/keyRings/*/cryptoKeys/*. + required: true + immutable: true + - name: 'eventPublishConfig' + type: NestedObject + description: | + Option to enable and pass metadata for event publishing. + properties: + - name: 'enabled' + type: Boolean + description: | + Option to enable Event Publishing. + required: true + - name: 'topic' + type: String + description: | + The resource name of the Pub/Sub topic. Format: projects/{projectId}/topics/{topic_id} + required: true + immutable: true + - name: 'accelerators' + type: Array + description: | + List of accelerators enabled for this CDF instance. + + If accelerators are enabled it is possible a permadiff will be created with the Options field. + Users will need to either manually update their state file to include these diffed options, or include the field in a [lifecycle ignore changes block](https://developer.hashicorp.com/terraform/language/meta-arguments/lifecycle#ignore_changes). + item_type: + type: NestedObject + properties: + - name: 'acceleratorType' + type: Enum + description: | + The type of an accelator for a CDF instance. + required: true + enum_values: + - 'CDC' + - 'HEALTHCARE' + - 'CCAI_INSIGHTS' + - name: 'state' + type: Enum + description: | + The type of an accelator for a CDF instance. + required: true + enum_values: + - 'ENABLED' + - 'DISABLED' diff --git a/mmv1/products/datafusion/go_product.yaml b/mmv1/products/datafusion/go_product.yaml new file mode 100644 index 000000000000..25150a0626c8 --- /dev/null +++ b/mmv1/products/datafusion/go_product.yaml @@ -0,0 +1,36 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'DataFusion' +display_name: 'Cloud Data Fusion' +versions: + - name: 'beta' + base_url: 'https://datafusion.googleapis.com/v1beta1/' + - name: 'ga' + base_url: 'https://datafusion.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' +async: + type: "OpAsync" + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' diff --git a/mmv1/products/datafusion/product.yaml b/mmv1/products/datafusion/product.yaml index a09292369f4c..96a64b70cb9f 100644 --- a/mmv1/products/datafusion/product.yaml +++ b/mmv1/products/datafusion/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2019 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,35 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: DataFusion +display_name: Cloud Data Fusion +versions: + - !ruby/object:Api::Product::Version + name: beta + base_url: https://datafusion.googleapis.com/v1beta1/ + - !ruby/object:Api::Product::Version + name: ga + base_url: https://datafusion.googleapis.com/v1/ +scopes: + - https://www.googleapis.com/auth/cloud-platform +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error +======= --- name: 'DataFusion' display_name: 'Cloud Data Fusion' @@ -31,5 +64,6 @@ async: path: 'response' resource_inside_response: true error: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 path: 'error' message: 'message' diff --git a/mmv1/products/datapipeline/Pipeline.yaml b/mmv1/products/datapipeline/Pipeline.yaml index 88bd96aaa616..5292b3342067 100644 --- a/mmv1/products/datapipeline/Pipeline.yaml +++ b/mmv1/products/datapipeline/Pipeline.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,41 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: Pipeline +base_url: projects/{{project}}/locations/{{region}}/pipelines +update_verb: :PATCH +update_mask: true +description: | + The main pipeline entity and all the necessary metadata for launching and managing linked jobs. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/dataflow' + api: 'https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines' +id_format: projects/{{project}}/locations/{{region}}/pipelines/{{name}} +import_format: + ['projects/{{project}}/locations/{{region}}/pipelines/{{name}}'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'data_pipeline_pipeline' + primary_resource_name: + 'fmt.Sprintf("tf-test-my-pipeline%s", context["random_suffix"])' + primary_resource_id: 'primary' + ignore_read_extra: + - 'schedule_info.0.next_job_time' + vars: + pipeline_name: 'my-pipeline' + account_id: 'my-account' +parameters: + - !ruby/object:Api::Type::String + name: 'region' + description: 'A reference to the region' + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'name' +======= --- name: 'Pipeline' description: | @@ -48,6 +87,7 @@ parameters: properties: - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | "The pipeline name. For example': 'projects/PROJECT_ID/locations/LOCATION_ID/pipelines/PIPELINE_ID." "- PROJECT_ID can contain letters ([A-Za-z]), numbers ([0-9]), hyphens (-), colons (:), and periods (.). For more information, see Identifying projects." @@ -55,6 +95,16 @@ properties: "PIPELINE_ID is the ID of the pipeline. Must be unique for the selected project and location." required: true immutable: true +<<<<<<< HEAD + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + custom_expand: 'templates/terraform/custom_expand/shortname_to_url.go.erb' + - !ruby/object:Api::Type::String + name: 'displayName' + description: | + The display name of the pipeline. It can contain only letters ([A-Za-z]), numbers ([0-9]), hyphens (-), and underscores (_). + - !ruby/object:Api::Type::Enum + name: 'type' +======= custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' custom_expand: 'templates/terraform/custom_expand/shortname_to_url.go.tmpl' - name: 'displayName' @@ -63,21 +113,42 @@ properties: The display name of the pipeline. It can contain only letters ([A-Za-z]), numbers ([0-9]), hyphens (-), and underscores (_). - name: 'type' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The type of the pipeline. This field affects the scheduling of the pipeline and the type of metrics to show for the pipeline. https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#pipelinetype required: true +<<<<<<< HEAD + values: + - :PIPELINE_TYPE_UNSPECIFIED + - :PIPELINE_TYPE_BATCH + - :PIPELINE_TYPE_STREAMING + - !ruby/object:Api::Type::Enum + name: 'state' +======= enum_values: - 'PIPELINE_TYPE_UNSPECIFIED' - 'PIPELINE_TYPE_BATCH' - 'PIPELINE_TYPE_STREAMING' - name: 'state' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The state of the pipeline. When the pipeline is created, the state is set to 'PIPELINE_STATE_ACTIVE' by default. State changes can be requested by setting the state to stopping, paused, or resuming. State cannot be changed through pipelines.patch requests. https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#state required: true immutable: true +<<<<<<< HEAD + values: + - :STATE_UNSPECIFIED + - :STATE_RESUMING + - :STATE_ACTIVE + - :STATE_STOPPING + - :STATE_ARCHIVED + - :STATE_PAUSED + - !ruby/object:Api::Type::String + name: 'createTime' +======= enum_values: - 'STATE_UNSPECIFIED' - 'STATE_RESUMING' @@ -87,28 +158,56 @@ properties: - 'STATE_PAUSED' - name: 'createTime' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The timestamp when the pipeline was initially created. Set by the Data Pipelines service. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'lastUpdateTime' +======= - name: 'lastUpdateTime' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The timestamp when the pipeline was last modified. Set by the Data Pipelines service. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'workload' +======= - name: 'workload' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Workload information for creating new jobs. https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#workload properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'dataflowLaunchTemplateRequest' +======= - name: 'dataflowLaunchTemplateRequest' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Template information and additional parameters needed to launch a Dataflow job using the standard launch API. https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#launchtemplaterequest properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'projectId' + description: | + The ID of the Cloud Platform project that the job belongs to. + required: true + - !ruby/object:Api::Type::Boolean + name: 'validateOnly' + description: | + - !ruby/object:Api::Type::NestedObject + name: 'launchParameters' +======= - name: 'projectId' type: String description: | @@ -119,10 +218,25 @@ properties: description: | - name: 'launchParameters' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The parameters of the template to launch. This should be part of the body of the POST request. https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#launchtemplateparameters properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'jobName' + description: | + The job name to use for the created job. + required: true + - !ruby/object:Api::Type::KeyValuePairs + name: 'parameters' + description: | + The runtime parameters to pass to the job. + 'An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' + - !ruby/object:Api::Type::NestedObject + name: 'environment' +======= - name: 'jobName' type: String description: | @@ -135,10 +249,57 @@ properties: 'An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' - name: 'environment' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The runtime environment for the job. https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#RuntimeEnvironment properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'numWorkers' + description: | + The initial number of Compute Engine instances for the job. + - !ruby/object:Api::Type::Integer + name: 'maxWorkers' + description: | + The maximum number of Compute Engine instances to be made available to your pipeline during execution, from 1 to 1000. + - !ruby/object:Api::Type::String + name: 'zone' + description: | + The Compute Engine availability zone for launching worker instances to run your pipeline. In the future, workerZone will take precedence. + - !ruby/object:Api::Type::String + name: 'serviceAccountEmail' + description: | + The email address of the service account to run the job as. + - !ruby/object:Api::Type::String + name: 'tempLocation' + description: | + The Cloud Storage path to use for temporary files. Must be a valid Cloud Storage URL, beginning with gs://. + - !ruby/object:Api::Type::Boolean + name: 'bypassTempDirValidation' + description: | + Whether to bypass the safety checks for the job's temporary directory. Use with caution. + - !ruby/object:Api::Type::String + name: 'machineType' + description: | + The machine type to use for the job. Defaults to the value from the template if not specified. + - !ruby/object:Api::Type::Array + name: 'additionalExperiments' + item_type: Api::Type::String + description: | + Additional experiment flags for the job. + - !ruby/object:Api::Type::String + name: 'network' + description: | + Network to which VMs will be assigned. If empty or unspecified, the service will use the network "default". + default_from_api: true + - !ruby/object:Api::Type::String + name: 'subnetwork' + description: | + Subnetwork to which VMs will be assigned, if desired. You can specify a subnetwork using either a complete URL or an abbreviated path. Expected to be of the form "https://www.googleapis.com/compute/v1/projects/HOST_PROJECT_ID/regions/REGION/subnetworks/SUBNETWORK" or "regions/REGION/subnetworks/SUBNETWORK". If the subnetwork is located in a Shared VPC network, you must use the complete URL. + - !ruby/object:Api::Type::KeyValuePairs + name: 'additionalUserLabels' +======= - name: 'numWorkers' type: Integer description: | @@ -184,10 +345,57 @@ properties: Subnetwork to which VMs will be assigned, if desired. You can specify a subnetwork using either a complete URL or an abbreviated path. Expected to be of the form "https://www.googleapis.com/compute/v1/projects/HOST_PROJECT_ID/regions/REGION/subnetworks/SUBNETWORK" or "regions/REGION/subnetworks/SUBNETWORK". If the subnetwork is located in a Shared VPC network, you must use the complete URL. - name: 'additionalUserLabels' type: KeyValuePairs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Additional user labels to be specified for the job. Keys and values should follow the restrictions specified in the labeling restrictions page. An object containing a list of key/value pairs. 'Example: { "name": "wrench", "mass": "1kg", "count": "3" }.' 'An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'kmsKeyName' + description: | + 'Name for the Cloud KMS key for the job. The key format is: projects//locations//keyRings//cryptoKeys/' + - !ruby/object:Api::Type::Enum + name: 'ipConfiguration' + description: | + Configuration for VM IPs. + https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#WorkerIPAddressConfiguration + values: + - :WORKER_IP_UNSPECIFIED + - :WORKER_IP_PUBLIC + - :WORKER_IP_PRIVATE + - !ruby/object:Api::Type::String + name: 'workerRegion' + description: | + The Compute Engine region (https://cloud.google.com/compute/docs/regions-zones/regions-zones) in which worker processing should occur, e.g. "us-west1". Mutually exclusive with workerZone. If neither workerRegion nor workerZone is specified, default to the control plane's region. + - !ruby/object:Api::Type::String + name: 'workerZone' + description: | + The Compute Engine zone (https://cloud.google.com/compute/docs/regions-zones/regions-zones) in which worker processing should occur, e.g. "us-west1-a". Mutually exclusive with workerRegion. If neither workerRegion nor workerZone is specified, a zone in the control plane's region is chosen based on available capacity. If both workerZone and zone are set, workerZone takes precedence. + - !ruby/object:Api::Type::Boolean + name: 'enableStreamingEngine' + description: | + Whether to enable Streaming Engine for the job. + - !ruby/object:Api::Type::Boolean + name: 'update' + description: | + If set, replace the existing pipeline with the name specified by jobName with this pipeline, preserving state. + - !ruby/object:Api::Type::KeyValuePairs + name: 'transformNameMapping' + description: | + Map of transform name prefixes of the job to be replaced to the corresponding name prefixes of the new job. Only applicable when updating a pipeline. + 'An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' + - !ruby/object:Api::Type::String + name: 'location' + description: | + The regional endpoint to which to direct the request. + - !ruby/object:Api::Type::String + name: 'gcsPath' + description: | + A Cloud Storage path to the template from which to create the job. Must be a valid Cloud Storage URL, beginning with 'gs://'. + - !ruby/object:Api::Type::NestedObject + name: 'dataflowFlexTemplateRequest' +======= - name: 'kmsKeyName' type: String description: | @@ -232,10 +440,20 @@ properties: A Cloud Storage path to the template from which to create the job. Must be a valid Cloud Storage URL, beginning with 'gs://'. - name: 'dataflowFlexTemplateRequest' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Template information and additional parameters needed to launch a Dataflow job using the flex launch API. https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#launchflextemplaterequest properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'projectId' + description: | + The ID of the Cloud Platform project that the job belongs to. + required: true + - !ruby/object:Api::Type::NestedObject + name: 'launchParameter' +======= - name: 'projectId' type: String description: | @@ -243,11 +461,31 @@ properties: required: true - name: 'launchParameter' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Parameter to launch a job from a Flex Template. https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#launchflextemplateparameter required: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'jobName' + description: | + The job name to use for the created job. For an update job request, the job name should be the same as the existing running job. + required: true + - !ruby/object:Api::Type::KeyValuePairs + name: 'parameters' + description: | + 'The parameters for the Flex Template. Example: {"numWorkers":"5"}' + 'An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' + - !ruby/object:Api::Type::KeyValuePairs + name: 'launchOptions' + description: | + Launch options for this Flex Template job. This is a common set of options across languages and templates. This should not be used to pass job parameters. + 'An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' + - !ruby/object:Api::Type::NestedObject + name: 'environment' +======= - name: 'jobName' type: String description: | @@ -265,10 +503,52 @@ properties: 'An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' - name: 'environment' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The runtime environment for the Flex Template job. https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#FlexTemplateRuntimeEnvironment properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'numWorkers' + description: | + The initial number of Compute Engine instances for the job. + - !ruby/object:Api::Type::Integer + name: 'maxWorkers' + description: | + The maximum number of Compute Engine instances to be made available to your pipeline during execution, from 1 to 1000. + - !ruby/object:Api::Type::String + name: 'zone' + description: | + The Compute Engine availability zone for launching worker instances to run your pipeline. In the future, workerZone will take precedence. + - !ruby/object:Api::Type::String + name: 'serviceAccountEmail' + description: | + The email address of the service account to run the job as. + - !ruby/object:Api::Type::String + name: 'tempLocation' + description: | + The Cloud Storage path to use for temporary files. Must be a valid Cloud Storage URL, beginning with gs://. + - !ruby/object:Api::Type::String + name: 'machineType' + description: | + The machine type to use for the job. Defaults to the value from the template if not specified. + - !ruby/object:Api::Type::Array + name: 'additionalExperiments' + item_type: Api::Type::String + description: | + Additional experiment flags for the job. + - !ruby/object:Api::Type::String + name: 'network' + description: | + Network to which VMs will be assigned. If empty or unspecified, the service will use the network "default". + - !ruby/object:Api::Type::String + name: 'subnetwork' + description: | + Subnetwork to which VMs will be assigned, if desired. You can specify a subnetwork using either a complete URL or an abbreviated path. Expected to be of the form "https://www.googleapis.com/compute/v1/projects/HOST_PROJECT_ID/regions/REGION/subnetworks/SUBNETWORK" or "regions/REGION/subnetworks/SUBNETWORK". If the subnetwork is located in a Shared VPC network, you must use the complete URL. + - !ruby/object:Api::Type::KeyValuePairs + name: 'additionalUserLabels' +======= - name: 'numWorkers' type: Integer description: | @@ -309,10 +589,71 @@ properties: Subnetwork to which VMs will be assigned, if desired. You can specify a subnetwork using either a complete URL or an abbreviated path. Expected to be of the form "https://www.googleapis.com/compute/v1/projects/HOST_PROJECT_ID/regions/REGION/subnetworks/SUBNETWORK" or "regions/REGION/subnetworks/SUBNETWORK". If the subnetwork is located in a Shared VPC network, you must use the complete URL. - name: 'additionalUserLabels' type: KeyValuePairs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Additional user labels to be specified for the job. Keys and values should follow the restrictions specified in the labeling restrictions page. An object containing a list of key/value pairs. 'Example: { "name": "wrench", "mass": "1kg", "count": "3" }.' 'An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'kmsKeyName' + description: | + 'Name for the Cloud KMS key for the job. The key format is: projects//locations//keyRings//cryptoKeys/' + - !ruby/object:Api::Type::Enum + name: 'ipConfiguration' + description: | + Configuration for VM IPs. + https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#WorkerIPAddressConfiguration + values: + - :WORKER_IP_UNSPECIFIED + - :WORKER_IP_PUBLIC + - :WORKER_IP_PRIVATE + - !ruby/object:Api::Type::String + name: 'workerRegion' + description: | + The Compute Engine region (https://cloud.google.com/compute/docs/regions-zones/regions-zones) in which worker processing should occur, e.g. "us-west1". Mutually exclusive with workerZone. If neither workerRegion nor workerZone is specified, default to the control plane's region. + - !ruby/object:Api::Type::String + name: 'workerZone' + description: | + The Compute Engine zone (https://cloud.google.com/compute/docs/regions-zones/regions-zones) in which worker processing should occur, e.g. "us-west1-a". Mutually exclusive with workerRegion. If neither workerRegion nor workerZone is specified, a zone in the control plane's region is chosen based on available capacity. If both workerZone and zone are set, workerZone takes precedence. + - !ruby/object:Api::Type::Boolean + name: 'enableStreamingEngine' + description: | + Whether to enable Streaming Engine for the job. + - !ruby/object:Api::Type::Enum + name: 'flexrsGoal' + description: | + Set FlexRS goal for the job. https://cloud.google.com/dataflow/docs/guides/flexrs + https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#FlexResourceSchedulingGoal + values: + - :FLEXRS_UNSPECIFIED + - :FLEXRS_SPEED_OPTIMIZED + - :FLEXRS_COST_OPTIMIZED + - !ruby/object:Api::Type::Boolean + name: 'update' + description: | + Set this to true if you are sending a request to update a running streaming job. When set, the job name should be the same as the running job. + - !ruby/object:Api::Type::KeyValuePairs + name: 'transformNameMappings' + description: | + 'Use this to pass transform name mappings for streaming update jobs. Example: {"oldTransformName":"newTransformName",...}' + 'An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' + - !ruby/object:Api::Type::String + name: 'containerSpecGcsPath' + description: | + Cloud Storage path to a file with a JSON-serialized ContainerSpec as content. + - !ruby/object:Api::Type::String + name: 'location' + description: | + The regional endpoint to which to direct the request. For example, us-central1, us-west1. + required: true + - !ruby/object:Api::Type::Boolean + name: 'validateOnly' + description: | + If true, the request is validated but not actually executed. Defaults to false. + - !ruby/object:Api::Type::NestedObject + name: 'scheduleInfo' +======= - name: 'kmsKeyName' type: String description: | @@ -371,10 +712,24 @@ properties: If true, the request is validated but not actually executed. Defaults to false. - name: 'scheduleInfo' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Internal scheduling information for a pipeline. If this information is provided, periodic jobs will be created per the schedule. If not, users are responsible for creating jobs externally. https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#schedulespec properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'schedule' + description: | + Unix-cron format of the schedule. This information is retrieved from the linked Cloud Scheduler. + - !ruby/object:Api::Type::String + name: 'timeZone' + description: | + Timezone ID. This matches the timezone IDs used by the Cloud Scheduler API. If empty, UTC time is assumed. + default_value: UTC + - !ruby/object:Api::Type::String + name: 'nextJobTime' +======= - name: 'schedule' type: String description: | @@ -386,10 +741,20 @@ properties: default_value: "UTC" - name: 'nextJobTime' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | When the next Scheduler job is going to run. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'jobCount' + description: | + Number of jobs. + output: true + - !ruby/object:Api::Type::String + name: 'schedulerServiceAccountEmail' +======= - name: 'jobCount' type: Integer description: | @@ -397,12 +762,18 @@ properties: output: true - name: 'schedulerServiceAccountEmail' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Optional. A service account email to be used with the Cloud Scheduler job. If not specified, the default compute engine service account will be used. immutable: true default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::KeyValuePairs + name: 'pipelineSources' +======= - name: 'pipelineSources' type: KeyValuePairs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The sources of the pipeline (for example, Dataplex). The keys and values are set by the corresponding sources during pipeline creation. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. diff --git a/mmv1/products/datapipeline/go_Pipeline.yaml b/mmv1/products/datapipeline/go_Pipeline.yaml new file mode 100644 index 000000000000..73850acb358f --- /dev/null +++ b/mmv1/products/datapipeline/go_Pipeline.yaml @@ -0,0 +1,410 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Pipeline' +description: | + The main pipeline entity and all the necessary metadata for launching and managing linked jobs. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/dataflow' + api: 'https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines' +docs: +id_format: 'projects/{{project}}/locations/{{region}}/pipelines/{{name}}' +base_url: 'projects/{{project}}/locations/{{region}}/pipelines' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{region}}/pipelines/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: +examples: + - name: 'data_pipeline_pipeline' + primary_resource_id: 'primary' + primary_resource_name: 'fmt.Sprintf("tf-test-my-pipeline%s", context["random_suffix"])' + vars: + pipeline_name: 'my-pipeline' + account_id: 'my-account' + ignore_read_extra: + - 'schedule_info.0.next_job_time' +parameters: + - name: 'region' + type: String + description: 'A reference to the region' + url_param_only: true +properties: + - name: 'name' + type: String + description: | + "The pipeline name. For example': 'projects/PROJECT_ID/locations/LOCATION_ID/pipelines/PIPELINE_ID." + "- PROJECT_ID can contain letters ([A-Za-z]), numbers ([0-9]), hyphens (-), colons (:), and periods (.). For more information, see Identifying projects." + "LOCATION_ID is the canonical ID for the pipeline's location. The list of available locations can be obtained by calling google.cloud.location.Locations.ListLocations. Note that the Data Pipelines service is not available in all regions. It depends on Cloud Scheduler, an App Engine application, so it's only available in App Engine regions." + "PIPELINE_ID is the ID of the pipeline. Must be unique for the selected project and location." + required: true + immutable: true + custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/shortname_to_url.go.tmpl' + - name: 'displayName' + type: String + description: | + The display name of the pipeline. It can contain only letters ([A-Za-z]), numbers ([0-9]), hyphens (-), and underscores (_). + - name: 'type' + type: Enum + description: | + The type of the pipeline. This field affects the scheduling of the pipeline and the type of metrics to show for the pipeline. + https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#pipelinetype + required: true + enum_values: + - 'PIPELINE_TYPE_UNSPECIFIED' + - 'PIPELINE_TYPE_BATCH' + - 'PIPELINE_TYPE_STREAMING' + - name: 'state' + type: Enum + description: | + The state of the pipeline. When the pipeline is created, the state is set to 'PIPELINE_STATE_ACTIVE' by default. State changes can be requested by setting the state to stopping, paused, or resuming. State cannot be changed through pipelines.patch requests. + https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#state + required: true + immutable: true + enum_values: + - 'STATE_UNSPECIFIED' + - 'STATE_RESUMING' + - 'STATE_ACTIVE' + - 'STATE_STOPPING' + - 'STATE_ARCHIVED' + - 'STATE_PAUSED' + - name: 'createTime' + type: String + description: | + The timestamp when the pipeline was initially created. Set by the Data Pipelines service. + A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + output: true + - name: 'lastUpdateTime' + type: String + description: | + The timestamp when the pipeline was last modified. Set by the Data Pipelines service. + A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + output: true + - name: 'workload' + type: NestedObject + description: | + Workload information for creating new jobs. + https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#workload + properties: + - name: 'dataflowLaunchTemplateRequest' + type: NestedObject + description: | + Template information and additional parameters needed to launch a Dataflow job using the standard launch API. + https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#launchtemplaterequest + properties: + - name: 'projectId' + type: String + description: | + The ID of the Cloud Platform project that the job belongs to. + required: true + - name: 'validateOnly' + type: Boolean + description: | + - name: 'launchParameters' + type: NestedObject + description: | + The parameters of the template to launch. This should be part of the body of the POST request. + https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#launchtemplateparameters + properties: + - name: 'jobName' + type: String + description: | + The job name to use for the created job. + required: true + - name: 'parameters' + type: KeyValuePairs + description: | + The runtime parameters to pass to the job. + 'An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' + - name: 'environment' + type: NestedObject + description: | + The runtime environment for the job. + https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#RuntimeEnvironment + properties: + - name: 'numWorkers' + type: Integer + description: | + The initial number of Compute Engine instances for the job. + - name: 'maxWorkers' + type: Integer + description: | + The maximum number of Compute Engine instances to be made available to your pipeline during execution, from 1 to 1000. + - name: 'zone' + type: String + description: | + The Compute Engine availability zone for launching worker instances to run your pipeline. In the future, workerZone will take precedence. + - name: 'serviceAccountEmail' + type: String + description: | + The email address of the service account to run the job as. + - name: 'tempLocation' + type: String + description: | + The Cloud Storage path to use for temporary files. Must be a valid Cloud Storage URL, beginning with gs://. + - name: 'bypassTempDirValidation' + type: Boolean + description: | + Whether to bypass the safety checks for the job's temporary directory. Use with caution. + - name: 'machineType' + type: String + description: | + The machine type to use for the job. Defaults to the value from the template if not specified. + - name: 'additionalExperiments' + type: Array + description: | + Additional experiment flags for the job. + item_type: + type: String + - name: 'network' + type: String + description: | + Network to which VMs will be assigned. If empty or unspecified, the service will use the network "default". + default_from_api: true + - name: 'subnetwork' + type: String + description: | + Subnetwork to which VMs will be assigned, if desired. You can specify a subnetwork using either a complete URL or an abbreviated path. Expected to be of the form "https://www.googleapis.com/compute/v1/projects/HOST_PROJECT_ID/regions/REGION/subnetworks/SUBNETWORK" or "regions/REGION/subnetworks/SUBNETWORK". If the subnetwork is located in a Shared VPC network, you must use the complete URL. + - name: 'additionalUserLabels' + type: KeyValuePairs + description: | + Additional user labels to be specified for the job. Keys and values should follow the restrictions specified in the labeling restrictions page. An object containing a list of key/value pairs. + 'Example: { "name": "wrench", "mass": "1kg", "count": "3" }.' + 'An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' + - name: 'kmsKeyName' + type: String + description: | + 'Name for the Cloud KMS key for the job. The key format is: projects//locations//keyRings//cryptoKeys/' + - name: 'ipConfiguration' + type: Enum + description: | + Configuration for VM IPs. + https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#WorkerIPAddressConfiguration + enum_values: + - 'WORKER_IP_UNSPECIFIED' + - 'WORKER_IP_PUBLIC' + - 'WORKER_IP_PRIVATE' + - name: 'workerRegion' + type: String + description: | + The Compute Engine region (https://cloud.google.com/compute/docs/regions-zones/regions-zones) in which worker processing should occur, e.g. "us-west1". Mutually exclusive with workerZone. If neither workerRegion nor workerZone is specified, default to the control plane's region. + - name: 'workerZone' + type: String + description: | + The Compute Engine zone (https://cloud.google.com/compute/docs/regions-zones/regions-zones) in which worker processing should occur, e.g. "us-west1-a". Mutually exclusive with workerRegion. If neither workerRegion nor workerZone is specified, a zone in the control plane's region is chosen based on available capacity. If both workerZone and zone are set, workerZone takes precedence. + - name: 'enableStreamingEngine' + type: Boolean + description: | + Whether to enable Streaming Engine for the job. + - name: 'update' + type: Boolean + description: | + If set, replace the existing pipeline with the name specified by jobName with this pipeline, preserving state. + - name: 'transformNameMapping' + type: KeyValuePairs + description: | + Map of transform name prefixes of the job to be replaced to the corresponding name prefixes of the new job. Only applicable when updating a pipeline. + 'An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' + - name: 'location' + type: String + description: | + The regional endpoint to which to direct the request. + - name: 'gcsPath' + type: String + description: | + A Cloud Storage path to the template from which to create the job. Must be a valid Cloud Storage URL, beginning with 'gs://'. + - name: 'dataflowFlexTemplateRequest' + type: NestedObject + description: | + Template information and additional parameters needed to launch a Dataflow job using the flex launch API. + https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#launchflextemplaterequest + properties: + - name: 'projectId' + type: String + description: | + The ID of the Cloud Platform project that the job belongs to. + required: true + - name: 'launchParameter' + type: NestedObject + description: | + Parameter to launch a job from a Flex Template. + https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#launchflextemplateparameter + required: true + properties: + - name: 'jobName' + type: String + description: | + The job name to use for the created job. For an update job request, the job name should be the same as the existing running job. + required: true + - name: 'parameters' + type: KeyValuePairs + description: | + 'The parameters for the Flex Template. Example: {"numWorkers":"5"}' + 'An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' + - name: 'launchOptions' + type: KeyValuePairs + description: | + Launch options for this Flex Template job. This is a common set of options across languages and templates. This should not be used to pass job parameters. + 'An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' + - name: 'environment' + type: NestedObject + description: | + The runtime environment for the Flex Template job. + https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#FlexTemplateRuntimeEnvironment + properties: + - name: 'numWorkers' + type: Integer + description: | + The initial number of Compute Engine instances for the job. + - name: 'maxWorkers' + type: Integer + description: | + The maximum number of Compute Engine instances to be made available to your pipeline during execution, from 1 to 1000. + - name: 'zone' + type: String + description: | + The Compute Engine availability zone for launching worker instances to run your pipeline. In the future, workerZone will take precedence. + - name: 'serviceAccountEmail' + type: String + description: | + The email address of the service account to run the job as. + - name: 'tempLocation' + type: String + description: | + The Cloud Storage path to use for temporary files. Must be a valid Cloud Storage URL, beginning with gs://. + - name: 'machineType' + type: String + description: | + The machine type to use for the job. Defaults to the value from the template if not specified. + - name: 'additionalExperiments' + type: Array + description: | + Additional experiment flags for the job. + item_type: + type: String + - name: 'network' + type: String + description: | + Network to which VMs will be assigned. If empty or unspecified, the service will use the network "default". + - name: 'subnetwork' + type: String + description: | + Subnetwork to which VMs will be assigned, if desired. You can specify a subnetwork using either a complete URL or an abbreviated path. Expected to be of the form "https://www.googleapis.com/compute/v1/projects/HOST_PROJECT_ID/regions/REGION/subnetworks/SUBNETWORK" or "regions/REGION/subnetworks/SUBNETWORK". If the subnetwork is located in a Shared VPC network, you must use the complete URL. + - name: 'additionalUserLabels' + type: KeyValuePairs + description: | + Additional user labels to be specified for the job. Keys and values should follow the restrictions specified in the labeling restrictions page. An object containing a list of key/value pairs. + 'Example: { "name": "wrench", "mass": "1kg", "count": "3" }.' + 'An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' + - name: 'kmsKeyName' + type: String + description: | + 'Name for the Cloud KMS key for the job. The key format is: projects//locations//keyRings//cryptoKeys/' + - name: 'ipConfiguration' + type: Enum + description: | + Configuration for VM IPs. + https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#WorkerIPAddressConfiguration + enum_values: + - 'WORKER_IP_UNSPECIFIED' + - 'WORKER_IP_PUBLIC' + - 'WORKER_IP_PRIVATE' + - name: 'workerRegion' + type: String + description: | + The Compute Engine region (https://cloud.google.com/compute/docs/regions-zones/regions-zones) in which worker processing should occur, e.g. "us-west1". Mutually exclusive with workerZone. If neither workerRegion nor workerZone is specified, default to the control plane's region. + - name: 'workerZone' + type: String + description: | + The Compute Engine zone (https://cloud.google.com/compute/docs/regions-zones/regions-zones) in which worker processing should occur, e.g. "us-west1-a". Mutually exclusive with workerRegion. If neither workerRegion nor workerZone is specified, a zone in the control plane's region is chosen based on available capacity. If both workerZone and zone are set, workerZone takes precedence. + - name: 'enableStreamingEngine' + type: Boolean + description: | + Whether to enable Streaming Engine for the job. + - name: 'flexrsGoal' + type: Enum + description: | + Set FlexRS goal for the job. https://cloud.google.com/dataflow/docs/guides/flexrs + https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#FlexResourceSchedulingGoal + enum_values: + - 'FLEXRS_UNSPECIFIED' + - 'FLEXRS_SPEED_OPTIMIZED' + - 'FLEXRS_COST_OPTIMIZED' + - name: 'update' + type: Boolean + description: | + Set this to true if you are sending a request to update a running streaming job. When set, the job name should be the same as the running job. + - name: 'transformNameMappings' + type: KeyValuePairs + description: | + 'Use this to pass transform name mappings for streaming update jobs. Example: {"oldTransformName":"newTransformName",...}' + 'An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' + - name: 'containerSpecGcsPath' + type: String + description: | + Cloud Storage path to a file with a JSON-serialized ContainerSpec as content. + - name: 'location' + type: String + description: | + The regional endpoint to which to direct the request. For example, us-central1, us-west1. + required: true + - name: 'validateOnly' + type: Boolean + description: | + If true, the request is validated but not actually executed. Defaults to false. + - name: 'scheduleInfo' + type: NestedObject + description: | + Internal scheduling information for a pipeline. If this information is provided, periodic jobs will be created per the schedule. If not, users are responsible for creating jobs externally. + https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#schedulespec + properties: + - name: 'schedule' + type: String + description: | + Unix-cron format of the schedule. This information is retrieved from the linked Cloud Scheduler. + - name: 'timeZone' + type: String + description: | + Timezone ID. This matches the timezone IDs used by the Cloud Scheduler API. If empty, UTC time is assumed. + default_value: "UTC" + - name: 'nextJobTime' + type: String + description: | + When the next Scheduler job is going to run. + A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + output: true + - name: 'jobCount' + type: Integer + description: | + Number of jobs. + output: true + - name: 'schedulerServiceAccountEmail' + type: String + description: | + Optional. A service account email to be used with the Cloud Scheduler job. If not specified, the default compute engine service account will be used. + immutable: true + default_from_api: true + - name: 'pipelineSources' + type: KeyValuePairs + description: | + The sources of the pipeline (for example, Dataplex). The keys and values are set by the corresponding sources during pipeline creation. + An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. + immutable: true diff --git a/mmv1/products/datapipeline/go_product.yaml b/mmv1/products/datapipeline/go_product.yaml new file mode 100644 index 000000000000..ef537231d988 --- /dev/null +++ b/mmv1/products/datapipeline/go_product.yaml @@ -0,0 +1,22 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'DataPipeline' +display_name: 'DataPipeline' +versions: + - name: 'ga' + base_url: 'https://datapipelines.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/datapipeline/product.yaml b/mmv1/products/datapipeline/product.yaml index 098974888a0c..c0843e91f94e 100644 --- a/mmv1/products/datapipeline/product.yaml +++ b/mmv1/products/datapipeline/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,17 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: DataPipeline +display_name: DataPipeline +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://datapipelines.googleapis.com/v1/ +scopes: + - https://www.googleapis.com/auth/cloud-platform +======= --- name: 'DataPipeline' display_name: 'DataPipeline' @@ -19,3 +34,4 @@ versions: base_url: 'https://datapipelines.googleapis.com/v1/' scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/dataplex/AspectType.yaml b/mmv1/products/dataplex/AspectType.yaml index c7480e61d786..8128d93da6d4 100644 --- a/mmv1/products/dataplex/AspectType.yaml +++ b/mmv1/products/dataplex/AspectType.yaml @@ -11,6 +11,137 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'AspectType' +base_url: 'projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}}' +self_link: 'projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/aspectTypes?aspectTypeId={{aspect_type_id}}' +update_verb: :PATCH +update_mask: true +description: | + An Aspect Type is a template for creating Aspects. +import_format: ['projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}}'] +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + timeouts: !ruby/object:Api::Timeouts + insert_minutes: 5 + update_minutes: 5 + delete_minutes: 5 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +autogen_async: true +iam_policy: !ruby/object:Api::Resource::IamPolicy + skip_import_test: true + method_name_separator: ':' + fetch_iam_policy_verb: :GET + parent_resource_attribute: 'aspect_type_id' + import_format: + [ + 'projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}}', + '{{aspect_type_id}}', + ] +parameters: + - !ruby/object:Api::Type::String + name: 'location' + url_param_only: true + immutable: true + description: | + The location where aspect type will be created in. + - !ruby/object:Api::Type::String + name: 'aspectTypeId' + url_param_only: true + immutable: true + description: | + The aspect type id of the aspect type. +properties: + - !ruby/object:Api::Type::String + name: name + description: | + The relative resource name of the AspectType, of the form: projects/{project_number}/locations/{location_id}/aspectTypes/{aspect_type_id} + output: true + - !ruby/object:Api::Type::String + name: 'uid' + output: true + description: | + System generated globally unique ID for the AspectType. This ID will be different if the AspectType is deleted and re-created with the same name. + - !ruby/object:Api::Type::Time + name: 'createTime' + output: true + description: | + The time when the AspectType was created. + - !ruby/object:Api::Type::Time + name: 'updateTime' + output: true + description: | + The time when the AspectType was last updated. + - !ruby/object:Api::Type::String + name: 'description' + description: | + Description of the AspectType. + - !ruby/object:Api::Type::String + name: 'displayName' + description: | + User friendly display name. + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: | + User-defined labels for the AspectType. + - !ruby/object:Api::Type::String + name: 'metadataTemplate' + description: | + MetadataTemplate of the Aspect. + custom_expand: 'templates/terraform/custom_expand/json_schema.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::Enum + name: 'transferStatus' + output: true + description: | + Denotes the transfer status of the Aspect Type. It is unspecified + for Aspect Type created from Dataplex API. + values: + - :TRANSFER_STATUS_UNSPECIFIED + - :TRANSFER_STATUS_MIGRATED + - :TRANSFER_STATUS_TRANSFERRED +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'dataplex_aspect_type_basic' + primary_resource_id: 'test_aspect_type_basic' + primary_resource_name: "fmt.Sprintf(\"tf-test-aspect-type%s\", + context[\"random_suffix\"\ + ])" + test_env_vars: + project_name: :PROJECT_NAME + vars: + aspect_type_name: aspect-type-basic + - !ruby/object:Provider::Terraform::Examples + name: 'dataplex_aspect_type_full' + primary_resource_id: 'test_aspect_type_full' + primary_resource_name: "fmt.Sprintf(\"tf-test-aspect-type%s\", + context[\"random_suffix\"\ + ])" + test_env_vars: + project_name: :PROJECT_NAME + vars: + aspect_type_name: aspect-type-full +======= --- name: 'AspectType' description: | @@ -134,3 +265,4 @@ properties: - 'TRANSFER_STATUS_UNSPECIFIED' - 'TRANSFER_STATUS_MIGRATED' - 'TRANSFER_STATUS_TRANSFERRED' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/dataplex/Asset.yaml b/mmv1/products/dataplex/Asset.yaml index c28f39f9a61f..d35b32490e43 100644 --- a/mmv1/products/dataplex/Asset.yaml +++ b/mmv1/products/dataplex/Asset.yaml @@ -1,5 +1,10 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +# Licensed under the Apache License, Version 2.0 (the License); +======= # Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # @@ -11,6 +16,40 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Asset' +base_url: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/zones/{{dataplex_zone}}/assets/{{name}}' +self_link: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/zones/{{dataplex_zone}}/assets/{{name}}' +exclude_resource: true +description: | + Only used to generate IAM resources +properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + Dummy property. +iam_policy: !ruby/object:Api::Resource::IamPolicy + method_name_separator: ':' + parent_resource_attribute: 'asset' + fetch_iam_policy_verb: :GET + import_format: + [ + 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/zones/{{dataplex_zone}}/assets/{{name}}', + '{{name}}', + ] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'dataplex_asset_primary' + primary_resource_id: 'example' + primary_resource_name: + 'fmt.Sprintf("tf-test-lake%s", context["random_suffix"]), + fmt.Sprintf("tf-test-zone%s", context["random_suffix"]), + fmt.Sprintf("tf-test-asset%s", context["random_suffix"])' + test_env_vars: + project_name: :PROJECT_NAME +======= --- name: 'Asset' description: | @@ -44,3 +83,4 @@ properties: description: | Dummy property. output: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/dataplex/Datascan.yaml b/mmv1/products/dataplex/Datascan.yaml index f3878e2a2839..cebd51265c85 100644 --- a/mmv1/products/dataplex/Datascan.yaml +++ b/mmv1/products/dataplex/Datascan.yaml @@ -1,5 +1,10 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +# Licensed under the Apache License, Version 2.0 (the License); +======= # Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # @@ -11,6 +16,250 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Datascan' +base_url: 'projects/{{project}}/locations/{{location}}/dataScans' +self_link: 'projects/{{project}}/locations/{{location}}/dataScans/{{data_scan_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/dataScans?dataScanId={{data_scan_id}}' +update_verb: :PATCH +update_mask: true +# User-provided label cannot start with goog- +skip_attribution_label: true +import_format: + [ + 'projects/{{project}}/locations/{{location}}/dataScans/{{data_scan_id}}', + '{{data_scan_id}}', + ] +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + timeouts: !ruby/object:Api::Timeouts + insert_minutes: 5 + update_minutes: 5 + delete_minutes: 5 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +autogen_async: true +read_query_params: '?view=FULL' +description: | + Represents a user-visible job which provides the insights for the related data source. +iam_policy: !ruby/object:Api::Resource::IamPolicy + method_name_separator: ':' + parent_resource_attribute: 'data_scan_id' + fetch_iam_policy_verb: :GET + import_format: + [ + 'projects/{{project}}/locations/{{location}}/dataScans/{{data_scan_id}}', + '{{data_scan_id}}', + ] +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/dataplex/docs' + api: 'https://cloud.google.com/dataplex/docs/reference/rest' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'dataplex_datascan_basic_profile' + primary_resource_id: 'basic_profile' + primary_resource_name: + 'fmt.Sprintf("tf-test-dataprofile-basic%s", context["random_suffix"])' + test_env_vars: + project_name: :PROJECT_NAME + vars: + datascan_name: dataprofile-basic + - !ruby/object:Provider::Terraform::Examples + name: 'dataplex_datascan_full_profile' + primary_resource_id: 'full_profile' + test_env_vars: + project_name: :PROJECT_NAME + vars: + dataset_name: dataplex_dataset + datascan_name: dataprofile-full + - !ruby/object:Provider::Terraform::Examples + name: 'dataplex_datascan_basic_quality' + primary_resource_id: 'basic_quality' + test_env_vars: + project_name: :PROJECT_NAME + vars: + datascan_name: dataquality-basic + - !ruby/object:Provider::Terraform::Examples + name: 'dataplex_datascan_full_quality' + primary_resource_id: 'full_quality' + test_env_vars: + project_name: :PROJECT_NAME + vars: + datascan_name: dataquality-full +parameters: + - !ruby/object:Api::Type::String + name: 'location' + immutable: true + required: true + url_param_only: true + description: | + The location where the data scan should reside. + - !ruby/object:Api::Type::String + name: 'dataScanId' + immutable: true + required: true + url_param_only: true + description: | + DataScan identifier. Must contain only lowercase letters, numbers and hyphens. Must start with a letter. Must end with a number or a letter. +properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + The relative resource name of the scan, of the form: projects/{project}/locations/{locationId}/dataScans/{datascan_id}, where project refers to a project_id or project_number and locationId refers to a GCP region. + - !ruby/object:Api::Type::String + name: 'uid' + output: true + description: | + System generated globally unique ID for the scan. This ID will be different if the scan is deleted and re-created with the same name. + - !ruby/object:Api::Type::String + name: 'description' + description: | + Description of the scan. + - !ruby/object:Api::Type::String + name: 'displayName' + description: | + User friendly display name. + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: | + User-defined labels for the scan. A list of key->value pairs. + - !ruby/object:Api::Type::Enum + name: 'state' + output: true + description: | + Current state of the DataScan. + values: + - :STATE_UNSPECIFIED + - :ACTIVE + - :CREATING + - :DELETING + - :ACTION_REQUIRED + - !ruby/object:Api::Type::String + name: 'createTime' + output: true + description: | + The time when the scan was created. + - !ruby/object:Api::Type::String + name: 'updateTime' + output: true + description: | + The time when the scan was last updated. + - !ruby/object:Api::Type::NestedObject + name: 'data' + required: true + immutable: true + description: | + The data source for DataScan. + properties: + - !ruby/object:Api::Type::String + name: 'entity' + immutable: true + exactly_one_of: + - data.0.entity + - data.0.resource + description: | + The Dataplex entity that represents the data source(e.g. BigQuery table) for Datascan. + - !ruby/object:Api::Type::String + name: 'resource' + immutable: true + exactly_one_of: + - data.0.entity + - data.0.resource + description: | + The service-qualified full resource name of the cloud resource for a DataScan job to scan against. The field could be: + (Cloud Storage bucket for DataDiscoveryScan)BigQuery table of type "TABLE" for DataProfileScan/DataQualityScan. + - !ruby/object:Api::Type::NestedObject + name: 'executionSpec' + required: true + description: | + DataScan execution settings. + properties: + - !ruby/object:Api::Type::NestedObject + name: 'trigger' + required: true + description: | + Spec related to how often and when a scan should be triggered. + properties: + - !ruby/object:Api::Type::NestedObject + name: 'onDemand' + allow_empty_object: true + send_empty_value: true + exactly_one_of: + - execution_spec.0.trigger.0.on_demand + - execution_spec.0.trigger.0.schedule + description: | + The scan runs once via dataScans.run API. + properties: [] + - !ruby/object:Api::Type::NestedObject + name: 'schedule' + description: | + The scan is scheduled to run periodically. + exactly_one_of: + - execution_spec.0.trigger.0.on_demand + - execution_spec.0.trigger.0.schedule + properties: + - !ruby/object:Api::Type::String + name: 'cron' + required: true + description: + Cron schedule for running scans periodically. This field is + required for Schedule scans. + - !ruby/object:Api::Type::String + name: 'field' + immutable: true + description: | + The unnested field (of type Date or Timestamp) that contains values which monotonically increase over time. If not specified, a data scan will run for all data in the table. + - !ruby/object:Api::Type::NestedObject + name: 'executionStatus' + output: true + description: | + Status of the data scan execution. + properties: + - !ruby/object:Api::Type::String + name: 'latestJobEndTime' + output: true + description: | + The time when the latest DataScanJob started. + - !ruby/object:Api::Type::String + name: 'latestJobStartTime' + output: true + description: | + The time when the latest DataScanJob ended. + - !ruby/object:Api::Type::Enum + name: 'type' + output: true + description: | + The type of DataScan. + values: + - :DATA_SCAN_TYPE_UNSPECIFIED + - :DATA_QUALITY + - :DATA_PROFILE + - !ruby/object:Api::Type::NestedObject + name: 'dataQualitySpec' + exactly_one_of: + - data_quality_spec + - data_profile_spec + description: | + DataQualityScan related setting. + properties: + - !ruby/object:Api::Type::Double + name: 'samplingPercent' +======= --- name: 'Datascan' description: | @@ -249,10 +498,58 @@ properties: properties: - name: 'samplingPercent' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The percentage of the records to be selected from the dataset for DataScan. Value can range between 0.0 and 100.0 with up to 3 significant decimal digits. Sampling is not applied if `sampling_percent` is not specified, 0 or 100. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'rowFilter' + description: | + A filter applied to all rows in a single DataScan job. The filter needs to be a valid SQL expression for a WHERE clause in BigQuery standard SQL syntax. Example: col1 >= 0 AND col2 < 10 + - !ruby/object:Api::Type::NestedObject + name: 'postScanActions' + description: | + Actions to take upon job completion. + properties: + - !ruby/object:Api::Type::NestedObject + name: 'bigqueryExport' + description: | + If set, results will be exported to the provided BigQuery table. + properties: + - !ruby/object:Api::Type::String + name: 'resultsTable' + description: | + The BigQuery table to export DataQualityScan results to. + Format://bigquery.googleapis.com/projects/PROJECT_ID/datasets/DATASET_ID/tables/TABLE_ID + - !ruby/object:Api::Type::Array + name: 'rules' + min_size: 1 + description: | + The list of rules to evaluate against a data source. At least one rule is required. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'column' + description: | + The unnested column which this rule is evaluated against. + - !ruby/object:Api::Type::Boolean + name: 'ignoreNull' + description: | + Rows with null values will automatically fail a rule, unless ignoreNull is true. In that case, such null rows are trivially considered passing. Only applicable to ColumnMap rules. + - !ruby/object:Api::Type::String + name: 'dimension' + required: true + description: | + The dimension a rule belongs to. Results are also aggregated at the dimension level. Supported dimensions are ["COMPLETENESS", "ACCURACY", "CONSISTENCY", "VALIDITY", "UNIQUENESS", "INTEGRITY"] + - !ruby/object:Api::Type::Double + name: 'threshold' + description: | + The minimum ratio of passing_rows / total_rows required to pass this rule, with a range of [0.0, 1.0]. 0 indicates default value (i.e. 1.0). + - !ruby/object:Api::Type::String + name: 'name' +======= - name: 'rowFilter' type: String description: | @@ -298,12 +595,159 @@ properties: The minimum ratio of passing_rows / total_rows required to pass this rule, with a range of [0.0, 1.0]. 0 indicates default value (i.e. 1.0). - name: 'name' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A mutable name for the rule. The name must contain only letters (a-z, A-Z), numbers (0-9), or hyphens (-). The maximum length is 63 characters. Must start with a letter. Must end with a number or a letter. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'description' + description: | + Description of the rule. + The maximum length is 1,024 characters. + - !ruby/object:Api::Type::NestedObject + name: 'rangeExpectation' + description: | + ColumnMap rule which evaluates whether each column value lies between a specified range. + properties: + - !ruby/object:Api::Type::String + name: 'minValue' + description: | + The minimum column value allowed for a row to pass this validation. At least one of minValue and maxValue need to be provided. + - !ruby/object:Api::Type::String + name: 'maxValue' + description: | + The maximum column value allowed for a row to pass this validation. At least one of minValue and maxValue need to be provided. + - !ruby/object:Api::Type::Boolean + name: 'strictMinEnabled' + default_value: false + description: | + Whether each value needs to be strictly greater than ('>') the minimum, or if equality is allowed. + Only relevant if a minValue has been defined. Default = false. + - !ruby/object:Api::Type::Boolean + name: 'strictMaxEnabled' + default_value: false + description: | + Whether each value needs to be strictly lesser than ('<') the maximum, or if equality is allowed. + Only relevant if a maxValue has been defined. Default = false. + - !ruby/object:Api::Type::NestedObject + name: 'nonNullExpectation' + allow_empty_object: true + send_empty_value: true + description: | + ColumnMap rule which evaluates whether each column value is null. + properties: [] + - !ruby/object:Api::Type::NestedObject + name: 'setExpectation' + description: | + ColumnMap rule which evaluates whether each column value is contained by a specified set. + properties: + - !ruby/object:Api::Type::Array + name: 'values' + required: true + description: | + Expected values for the column value. + item_type: Api::Type::String + - !ruby/object:Api::Type::NestedObject + name: 'regexExpectation' + description: | + ColumnMap rule which evaluates whether each column value matches a specified regex. + properties: + - !ruby/object:Api::Type::String + name: 'regex' + required: true + description: | + A regular expression the column value is expected to match. + - !ruby/object:Api::Type::NestedObject + name: 'uniquenessExpectation' + allow_empty_object: true + send_empty_value: true + description: | + Row-level rule which evaluates whether each column value is unique. + properties: [] + - !ruby/object:Api::Type::NestedObject + name: 'statisticRangeExpectation' + description: | + ColumnAggregate rule which evaluates whether the column aggregate statistic lies between a specified range. + properties: + - !ruby/object:Api::Type::Enum + name: 'statistic' + required: true + description: | + column statistics. + values: + - :STATISTIC_UNDEFINED + - :MEAN + - :MIN + - :MAX + - !ruby/object:Api::Type::String + name: 'minValue' + description: | + The minimum column statistic value allowed for a row to pass this validation. + At least one of minValue and maxValue need to be provided. + - !ruby/object:Api::Type::String + name: 'maxValue' + description: | + The maximum column statistic value allowed for a row to pass this validation. + At least one of minValue and maxValue need to be provided. + - !ruby/object:Api::Type::Boolean + name: 'strictMinEnabled' + default_value: false + description: | + Whether column statistic needs to be strictly greater than ('>') the minimum, or if equality is allowed. + Only relevant if a minValue has been defined. Default = false. + - !ruby/object:Api::Type::Boolean + name: 'strictMaxEnabled' + default_value: false + description: | + Whether column statistic needs to be strictly lesser than ('<') the maximum, or if equality is allowed. + Only relevant if a maxValue has been defined. Default = false. + - !ruby/object:Api::Type::NestedObject + name: 'rowConditionExpectation' + description: | + Table rule which evaluates whether each row passes the specified condition. + properties: + - !ruby/object:Api::Type::String + name: 'sqlExpression' + required: true + description: | + The SQL expression. + - !ruby/object:Api::Type::NestedObject + name: 'tableConditionExpectation' + description: | + Table rule which evaluates whether the provided expression is true. + properties: + - !ruby/object:Api::Type::String + name: 'sqlExpression' + required: true + description: | + The SQL expression. + - !ruby/object:Api::Type::NestedObject + name: 'sqlAssertion' + description: | + Table rule which evaluates whether any row matches invalid state. + properties: + - !ruby/object:Api::Type::String + name: 'sqlStatement' + required: true + description: | + The SQL statement. + - !ruby/object:Api::Type::NestedObject + name: 'dataProfileSpec' + allow_empty_object: true + send_empty_value: true + exactly_one_of: + - data_quality_spec + - data_profile_spec + description: | + DataProfileScan related setting. + properties: + - !ruby/object:Api::Type::Double + name: 'samplingPercent' +======= - name: 'description' type: String description: | @@ -452,10 +896,34 @@ properties: properties: - name: 'samplingPercent' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The percentage of the records to be selected from the dataset for DataScan. Value can range between 0.0 and 100.0 with up to 3 significant decimal digits. Sampling is not applied if `sampling_percent` is not specified, 0 or 100. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'rowFilter' + description: | + A filter applied to all rows in a single DataScan job. The filter needs to be a valid SQL expression for a WHERE clause in BigQuery standard SQL syntax. Example: col1 >= 0 AND col2 < 10 + - !ruby/object:Api::Type::NestedObject + name: 'postScanActions' + description: | + Actions to take upon job completion. + properties: + - !ruby/object:Api::Type::NestedObject + name: 'bigqueryExport' + description: | + If set, results will be exported to the provided BigQuery table. + properties: + - !ruby/object:Api::Type::String + name: 'resultsTable' + description: | + The BigQuery table to export DataProfileScan results to. + Format://bigquery.googleapis.com/projects/PROJECT_ID/datasets/DATASET_ID/tables/TABLE_ID + - !ruby/object:Api::Type::NestedObject + name: 'includeFields' +======= - name: 'rowFilter' type: String description: | @@ -477,29 +945,50 @@ properties: Format://bigquery.googleapis.com/projects/PROJECT_ID/datasets/DATASET_ID/tables/TABLE_ID - name: 'includeFields' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The fields to include in data profile. If not specified, all fields at the time of profile scan job execution are included, except for ones listed in `exclude_fields`. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'fieldNames' +======= - name: 'fieldNames' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Expected input is a list of fully qualified names of fields as in the schema. Only top-level field names for nested fields are supported. For instance, if 'x' is of nested field type, listing 'x' is supported but 'x.y.z' is not supported. Here 'y' and 'y.z' are nested fields of 'x'. +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::NestedObject + name: 'excludeFields' +======= item_type: type: String - name: 'excludeFields' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The fields to exclude from data profile. If specified, the fields will be excluded from data profile, regardless of `include_fields` value. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'fieldNames' +======= - name: 'fieldNames' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Expected input is a list of fully qualified names of fields as in the schema. Only top-level field names for nested fields are supported. For instance, if 'x' is of nested field type, listing 'x' is supported but 'x.y.z' is not supported. Here 'y' and 'y.z' are nested fields of 'x'. +<<<<<<< HEAD + item_type: Api::Type::String +======= item_type: type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/dataplex/EntryGroup.yaml b/mmv1/products/dataplex/EntryGroup.yaml index 239f6977392b..95345afbc259 100644 --- a/mmv1/products/dataplex/EntryGroup.yaml +++ b/mmv1/products/dataplex/EntryGroup.yaml @@ -11,6 +11,126 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'EntryGroup' +base_url: 'projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}}' +self_link: 'projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/entryGroups?entryGroupId={{entry_group_id}}' +update_verb: :PATCH +update_mask: true +description: | + An Entry Group represents a logical grouping of one or more Entries. +import_format: ['projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}}'] +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + timeouts: !ruby/object:Api::Timeouts + insert_minutes: 5 + update_minutes: 5 + delete_minutes: 5 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +autogen_async: true +iam_policy: !ruby/object:Api::Resource::IamPolicy + skip_import_test: true + method_name_separator: ':' + fetch_iam_policy_verb: :GET + parent_resource_attribute: 'entry_group_id' + import_format: + [ + 'projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}}', + '{{entry_group_id}}', + ] +parameters: + - !ruby/object:Api::Type::String + name: 'location' + url_param_only: true + immutable: true + description: | + The location where entry group will be created in. + - !ruby/object:Api::Type::String + name: 'entryGroupId' + url_param_only: true + immutable: true + description: | + The entry group id of the entry group. +properties: + - !ruby/object:Api::Type::String + name: name + description: | + The relative resource name of the EntryGroup, of the form: projects/{project_number}/locations/{location_id}/entryGroups/{entry_group_id} + output: true + - !ruby/object:Api::Type::String + name: 'uid' + output: true + description: | + System generated globally unique ID for the EntryGroup. This ID will be different if the EntryGroup is deleted and re-created with the same name. + - !ruby/object:Api::Type::Time + name: 'createTime' + output: true + description: | + The time when the EntryGroup was created. + - !ruby/object:Api::Type::Time + name: 'updateTime' + output: true + description: | + The time when the EntryGroup was last updated. + - !ruby/object:Api::Type::String + name: 'description' + description: | + Description of the EntryGroup. + - !ruby/object:Api::Type::String + name: 'displayName' + description: | + User friendly display name. + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: | + User-defined labels for the EntryGroup. + - !ruby/object:Api::Type::Enum + name: 'transferStatus' + output: true + description: | + Denotes the transfer status of the Entry Group. It is unspecified + for Entry Group created from Dataplex API. + values: + - :TRANSFER_STATUS_UNSPECIFIED + - :TRANSFER_STATUS_MIGRATED + - :TRANSFER_STATUS_TRANSFERRED +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'dataplex_entry_group_basic' + primary_resource_id: 'test_entry_group_basic' + primary_resource_name: "fmt.Sprintf(\"tf-test-entry-group%s\", + context[\"random_suffix\"\ + ])" + test_env_vars: + project_name: :PROJECT_NAME + vars: + entry_group_name: entry-group-basic + - !ruby/object:Provider::Terraform::Examples + name: 'dataplex_entry_group_full' + primary_resource_id: 'test_entry_group_full' + primary_resource_name: "fmt.Sprintf(\"tf-test-entry-group%s\", + context[\"random_suffix\"\ + ])" + test_env_vars: + project_name: :PROJECT_NAME + vars: + entry_group_name: entry-group-full +======= --- name: 'EntryGroup' description: | @@ -125,3 +245,4 @@ properties: - 'TRANSFER_STATUS_UNSPECIFIED' - 'TRANSFER_STATUS_MIGRATED' - 'TRANSFER_STATUS_TRANSFERRED' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/dataplex/EntryType.yaml b/mmv1/products/dataplex/EntryType.yaml index 98573dfae7c7..8c3aa0f65c13 100644 --- a/mmv1/products/dataplex/EntryType.yaml +++ b/mmv1/products/dataplex/EntryType.yaml @@ -11,6 +11,139 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'EntryType' +base_url: 'projects/{{project}}/locations/{{location}}/entryTypes/{{entry_type_id}}' +self_link: 'projects/{{project}}/locations/{{location}}/entryTypes/{{entry_type_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/entryTypes?entryTypeId={{entry_type_id}}' +update_verb: :PATCH +update_mask: true +description: | + An Entry Type is a template for creating Entries. +import_format: ['projects/{{project}}/locations/{{location}}/entryTypes/{{entry_type_id}}'] +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + timeouts: !ruby/object:Api::Timeouts + insert_minutes: 5 + update_minutes: 5 + delete_minutes: 5 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +autogen_async: true +iam_policy: !ruby/object:Api::Resource::IamPolicy + skip_import_test: true + method_name_separator: ':' + fetch_iam_policy_verb: :GET + parent_resource_attribute: 'entry_type_id' + import_format: + [ + 'projects/{{project}}/locations/{{location}}/entryTypes/{{entry_type_id}}', + '{{entry_type_id}}', + ] +parameters: + - !ruby/object:Api::Type::String + name: 'location' + url_param_only: true + immutable: true + description: | + The location where entry type will be created in. + - !ruby/object:Api::Type::String + name: 'entryTypeId' + url_param_only: true + immutable: true + description: | + The entry type id of the entry type. +properties: + - !ruby/object:Api::Type::String + name: name + description: | + The relative resource name of the EntryType, of the form: projects/{project_number}/locations/{location_id}/entryTypes/{entry_type_id} + output: true + - !ruby/object:Api::Type::String + name: 'uid' + output: true + description: | + System generated globally unique ID for the EntryType. This ID will be different if the EntryType is deleted and re-created with the same name. + - !ruby/object:Api::Type::Time + name: 'createTime' + output: true + description: | + The time when the EntryType was created. + - !ruby/object:Api::Type::Time + name: 'updateTime' + output: true + description: | + The time when the EntryType was last updated. + - !ruby/object:Api::Type::String + name: 'description' + description: | + Description of the EntryType. + - !ruby/object:Api::Type::String + name: 'displayName' + description: | + User friendly display name. + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: | + User-defined labels for the EntryType. + - !ruby/object:Api::Type::Array + name: 'typeAliases' + description: | + Indicates the class this Entry Type belongs to, for example, TABLE, DATABASE, MODEL. + item_type: Api::Type::String + - !ruby/object:Api::Type::String + name: 'platform' + description: | + The platform that Entries of this type belongs to. + - !ruby/object:Api::Type::String + name: 'system' + description: | + The system that Entries of this type belongs to. + - !ruby/object:Api::Type::Array + name: 'requiredAspects' + description: | + AspectInfo for the entry type. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'type' + description: | + Required aspect type for the entry type. +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'dataplex_entry_type_basic' + primary_resource_id: 'test_entry_type_basic' + primary_resource_name: "fmt.Sprintf(\"tf-test-entry-type%s\", + context[\"random_suffix\"\ + ])" + test_env_vars: + project_name: :PROJECT_NAME + vars: + entry_type_name: entry-type-basic + - !ruby/object:Provider::Terraform::Examples + name: 'dataplex_entry_type_full' + primary_resource_id: 'test_entry_type_full' + primary_resource_name: "fmt.Sprintf(\"tf-test-entry-type%s\", + context[\"random_suffix\"\ + ])" + test_env_vars: + project_name: :PROJECT_NAME + vars: + entry_type_name: entry-type-full +======= --- name: 'EntryType' description: | @@ -140,3 +273,4 @@ properties: type: String description: | Required aspect type for the entry type. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/dataplex/Lake.yaml b/mmv1/products/dataplex/Lake.yaml index 8cecb6142d73..9333c4ef9333 100644 --- a/mmv1/products/dataplex/Lake.yaml +++ b/mmv1/products/dataplex/Lake.yaml @@ -1,5 +1,10 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +# Licensed under the Apache License, Version 2.0 (the License); +======= # Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # @@ -11,6 +16,35 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Lake' +base_url: 'projects/{{project}}/locations/{{location}}/lakes/{{name}}' +self_link: 'projects/{{project}}/locations/{{location}}/lakes/{{name}}' +exclude_resource: true +description: | + Only used to generate IAM resources +properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + Dummy property. +iam_policy: !ruby/object:Api::Resource::IamPolicy + method_name_separator: ':' + parent_resource_attribute: 'lake' + fetch_iam_policy_verb: :GET + import_format: + ['projects/{{project}}/locations/{{location}}/lakes/{{name}}', '{{name}}'] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'dataplex_lake_primary' + primary_resource_id: 'example' + primary_resource_name: + 'fmt.Sprintf("tf-test-lake%s", context["random_suffix"])' + test_env_vars: + project_name: :PROJECT_NAME +======= --- name: 'Lake' description: | @@ -44,3 +78,4 @@ properties: description: | Dummy property. output: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/dataplex/Task.yaml b/mmv1/products/dataplex/Task.yaml index 85546ee8c272..efc06786040a 100644 --- a/mmv1/products/dataplex/Task.yaml +++ b/mmv1/products/dataplex/Task.yaml @@ -1,5 +1,10 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +# Licensed under the Apache License, Version 2.0 (the License); +======= # Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # @@ -10,6 +15,10 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Task' +======= --- name: 'Task' @@ -22,10 +31,500 @@ references: 'Official Documentation': 'https://cloud.google.com/dataplex/docs' api: 'https://cloud.google.com/dataplex/docs/reference/rest/v1/projects.locations.lakes.tasks' docs: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 base_url: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/tasks/{{task_id}}' self_link: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/tasks/{{task_id}}' create_url: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/tasks?task_id={{task_id}}' update_url: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/tasks/{{task_id}}' +<<<<<<< HEAD +delete_url: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/tasks/{{task_id}}' +update_verb: :PATCH +update_mask: true +# User-provided label cannot start with goog- +skip_attribution_label: true +description: | + A Dataplex task represents the work that you want Dataplex to do on a schedule. It encapsulates code, parameters, and the schedule. +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + timeouts: !ruby/object:Api::Timeouts + insert_minutes: 5 + update_minutes: 5 + delete_minutes: 5 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +autogen_async: true +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/dataplex/docs' + api: 'https://cloud.google.com/dataplex/docs/reference/rest/v1/projects.locations.lakes.tasks' +import_format: ['projects/{{project}}/locations/{{location}}/lakes/{{lake}}/tasks/{{task_id}}'] +iam_policy: !ruby/object:Api::Resource::IamPolicy + exclude: false + method_name_separator: ':' + parent_resource_attribute: 'task_id' + fetch_iam_policy_verb: :GET + import_format: + [ + 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/tasks/{{task_id}}', + '{{task_id}}', + ] +parameters: + - !ruby/object:Api::Type::String + name: 'location' + url_param_only: true + immutable: true + description: | + The location in which the task will be created in. + - !ruby/object:Api::Type::String + name: 'lake' + url_param_only: true + immutable: true + description: | + The lake in which the task will be created in. + - !ruby/object:Api::Type::String + name: 'taskId' + url_param_only: true + immutable: true + description: | + The task Id of the task. +properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + The relative resource name of the task, of the form: projects/{project_number}/locations/{locationId}/lakes/{lakeId}/ tasks/{name}. + - !ruby/object:Api::Type::String + name: 'uid' + output: true + description: | + System generated globally unique ID for the task. This ID will be different if the task is deleted and re-created with the same name. + - !ruby/object:Api::Type::Time + name: 'createTime' + output: true + description: | + The time when the task was created. + - !ruby/object:Api::Type::Time + name: 'updateTime' + output: true + description: | + The time when the task was last updated. + - !ruby/object:Api::Type::String + name: 'description' + description: | + User-provided description of the task. + - !ruby/object:Api::Type::String + name: 'displayName' + description: | + User friendly display name. + - !ruby/object:Api::Type::Enum + name: 'state' + output: true + description: | + Current state of the task. + values: + - :STATE_UNSPECIFIED + - :ACTIVE + - :CREATING + - :DELETING + - :ACTION_REQUIRED + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: | + User-defined labels for the task. + - !ruby/object:Api::Type::NestedObject + name: 'triggerSpec' + required: true + description: | + Configuration for the cluster + properties: + - !ruby/object:Api::Type::Enum + name: 'type' + required: true + immutable: true + description: | + Trigger type of the user-specified Task + values: + - :ON_DEMAND + - :RECURRING + - !ruby/object:Api::Type::Time + name: 'startTime' + description: | + The first run of the task will be after this time. If not specified, the task will run shortly after being submitted if ON_DEMAND and based on the schedule if RECURRING. + - !ruby/object:Api::Type::Boolean + name: 'disabled' + description: | + Prevent the task from executing. This does not cancel already running tasks. It is intended to temporarily disable RECURRING tasks. + - !ruby/object:Api::Type::Integer + name: 'maxRetries' + description: | + Number of retry attempts before aborting. Set to zero to never attempt to retry a failed task. + - !ruby/object:Api::Type::String + name: 'schedule' + description: | + Cron schedule (https://en.wikipedia.org/wiki/Cron) for running tasks periodically. To explicitly set a timezone to the cron tab, apply a prefix in the cron tab: 'CRON_TZ=${IANA_TIME_ZONE}' or 'TZ=${IANA_TIME_ZONE}'. The ${IANA_TIME_ZONE} may only be a valid string from IANA time zone database. For example, CRON_TZ=America/New_York 1 * * * *, or TZ=America/New_York 1 * * * *. This field is required for RECURRING tasks. + - !ruby/object:Api::Type::NestedObject + name: 'executionSpec' + required: true + description: | + Configuration for the cluster + properties: + - !ruby/object:Api::Type::KeyValuePairs + name: 'args' + description: | + The arguments to pass to the task. The args can use placeholders of the format ${placeholder} as part of key/value string. These will be interpolated before passing the args to the driver. Currently supported placeholders: - ${taskId} - ${job_time} To pass positional args, set the key as TASK_ARGS. The value should be a comma-separated string of all the positional arguments. To use a delimiter other than comma, refer to https://cloud.google.com/sdk/gcloud/reference/topic/escaping. In case of other keys being present in the args, then TASK_ARGS will be passed as the last argument. An object containing a list of 'key': value pairs. Example: { 'name': 'wrench', 'mass': '1.3kg', 'count': '3' }. + - !ruby/object:Api::Type::String + name: 'serviceAccount' + required: true + description: | + Service account to use to execute a task. If not provided, the default Compute service account for the project is used. + - !ruby/object:Api::Type::String + name: 'project' + description: | + The project in which jobs are run. By default, the project containing the Lake is used. If a project is provided, the ExecutionSpec.service_account must belong to this project. + - !ruby/object:Api::Type::String + name: 'maxJobExecutionLifetime' + description: | + The maximum duration after which the job execution is expired. A duration in seconds with up to nine fractional digits, ending with 's'. Example: '3.5s'. + - !ruby/object:Api::Type::String + name: 'kmsKey' + description: | + The Cloud KMS key to use for encryption, of the form: projects/{project_number}/locations/{locationId}/keyRings/{key-ring-name}/cryptoKeys/{key-name}. + - !ruby/object:Api::Type::NestedObject + name: 'executionStatus' + output: true + description: | + Configuration for the cluster + properties: + - !ruby/object:Api::Type::String + name: 'updateTime' + output: true + description: | + Last update time of the status. + - !ruby/object:Api::Type::NestedObject + name: 'latestJob' + output: true + description: | + latest job execution. + properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + The relative resource name of the job, of the form: projects/{project_number}/locations/{locationId}/lakes/{lakeId}/tasks/{taskId}/jobs/{jobId}. + - !ruby/object:Api::Type::String + name: 'uid' + output: true + description: | + System generated globally unique ID for the job. + - !ruby/object:Api::Type::Time + name: 'startTime' + output: true + description: | + The time when the job was started. + - !ruby/object:Api::Type::Time + name: 'endTime' + output: true + description: | + The time when the job ended. + - !ruby/object:Api::Type::Enum + name: 'state' + output: true + description: | + Execution state for the job. + values: + - :STATE_UNSPECIFIED + - :RUNNING + - :CANCELLING + - :CANCELLED + - :SUCCEEDED + - :FAILED + - :ABORTED + - !ruby/object:Api::Type::Integer + name: 'retryCount' + output: true + description: | + The number of times the job has been retried (excluding the initial attempt). + - !ruby/object:Api::Type::Enum + name: 'service' + output: true + description: | + The underlying service running a job. + values: + - :SERVICE_UNSPECIFIED + - :DATAPROC + - !ruby/object:Api::Type::String + name: 'serviceJob' + output: true + description: | + The full resource name for the job run under a particular service. + - !ruby/object:Api::Type::String + name: 'message' + output: true + description: | + Additional information about the current state. + - !ruby/object:Api::Type::NestedObject + name: 'spark' + description: | + A service with manual scaling runs continuously, allowing you to perform complex initialization and rely on the state of its memory over time. + exactly_one_of: + - spark + - notebook + properties: + - !ruby/object:Api::Type::Array + name: 'fileUris' + description: | + Cloud Storage URIs of files to be placed in the working directory of each executor. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'archiveUris' + description: | + Cloud Storage URIs of archives to be extracted into the working directory of each executor. Supported file types: .jar, .tar, .tar.gz, .tgz, and .zip. + item_type: Api::Type::String + - !ruby/object:Api::Type::NestedObject + name: 'infrastructureSpec' + description: | + Infrastructure specification for the execution. + properties: + - !ruby/object:Api::Type::NestedObject + name: 'batch' + description: | + Compute resources needed for a Task when using Dataproc Serverless. + properties: + - !ruby/object:Api::Type::Integer + name: 'executorsCount' + default_value: 2 + description: | + Total number of job executors. Executor Count should be between 2 and 100. [Default=2] + - !ruby/object:Api::Type::Integer + name: 'maxExecutorsCount' + default_value: 1000 + description: | + Max configurable executors. If maxExecutorsCount > executorsCount, then auto-scaling is enabled. Max Executor Count should be between 2 and 1000. [Default=1000] + - !ruby/object:Api::Type::NestedObject + name: 'containerImage' + description: | + Container Image Runtime Configuration. + properties: + - !ruby/object:Api::Type::String + name: 'image' + description: | + Container image to use. + - !ruby/object:Api::Type::Array + name: 'javaJars' + description: | + A list of Java JARS to add to the classpath. Valid input includes Cloud Storage URIs to Jar binaries. For example, gs://bucket-name/my/path/to/file.jar + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'pythonPackages' + description: | + A list of python packages to be installed. Valid formats include Cloud Storage URI to a PIP installable library. For example, gs://bucket-name/my/path/to/lib.tar.gz + item_type: Api::Type::String + - !ruby/object:Api::Type::KeyValuePairs + name: 'properties' + description: | + Override to common configuration of open source components installed on the Dataproc cluster. The properties to set on daemon config files. Property keys are specified in prefix:property format, for example core:hadoop.tmp.dir. For more information, see Cluster properties. + - !ruby/object:Api::Type::NestedObject + name: 'vpcNetwork' + description: | + Vpc network. + properties: + - !ruby/object:Api::Type::Array + name: 'networkTags' + description: | + List of network tags to apply to the job. + item_type: Api::Type::String + - !ruby/object:Api::Type::String + name: 'network' + description: | + The Cloud VPC network in which the job is run. By default, the Cloud VPC network named Default within the project is used. + exactly_one_of: + - network + - subNetwork + - !ruby/object:Api::Type::String + name: 'subNetwork' + description: | + The Cloud VPC sub-network in which the job is run. + exactly_one_of: + - network + - subNetwork + - !ruby/object:Api::Type::String + name: 'mainJarFileUri' + description: | + The Cloud Storage URI of the jar file that contains the main class. The execution args are passed in as a sequence of named process arguments (--key=value). + exactly_one_of: + - mainJarFileUri + - mainClass + - pythonScriptFile + - sqlScriptFile + - sqlScript + - !ruby/object:Api::Type::String + name: 'mainClass' + description: | + The name of the driver's main class. The jar file that contains the class must be in the default CLASSPATH or specified in jar_file_uris. The execution args are passed in as a sequence of named process arguments (--key=value). + exactly_one_of: + - mainJarFileUri + - mainClass + - pythonScriptFile + - sqlScriptFile + - sqlScript + - !ruby/object:Api::Type::String + name: 'pythonScriptFile' + description: | + The Gcloud Storage URI of the main Python file to use as the driver. Must be a .py file. The execution args are passed in as a sequence of named process arguments (--key=value). + exactly_one_of: + - mainJarFileUri + - mainClass + - pythonScriptFile + - sqlScriptFile + - sqlScript + - !ruby/object:Api::Type::String + name: 'sqlScriptFile' + description: | + A reference to a query file. This can be the Cloud Storage URI of the query file or it can the path to a SqlScript Content. The execution args are used to declare a set of script variables (set key='value';). + exactly_one_of: + - mainJarFileUri + - mainClass + - pythonScriptFile + - sqlScriptFile + - sqlScript + - !ruby/object:Api::Type::String + name: 'sqlScript' + description: | + The query text. The execution args are used to declare a set of script variables (set key='value';). + exactly_one_of: + - mainJarFileUri + - mainClass + - pythonScriptFile + - sqlScriptFile + - sqlScript + - !ruby/object:Api::Type::NestedObject + name: 'notebook' + description: | + A service with manual scaling runs continuously, allowing you to perform complex initialization and rely on the state of its memory over time. + exactly_one_of: + - spark + - notebook + properties: + - !ruby/object:Api::Type::String + name: 'notebook' + required: true + description: | + Path to input notebook. This can be the Cloud Storage URI of the notebook file or the path to a Notebook Content. The execution args are accessible as environment variables (TASK_key=value). + - !ruby/object:Api::Type::NestedObject + name: 'infrastructureSpec' + description: | + Infrastructure specification for the execution. + properties: + - !ruby/object:Api::Type::NestedObject + name: 'batch' + description: | + Compute resources needed for a Task when using Dataproc Serverless. + properties: + - !ruby/object:Api::Type::Integer + name: 'executorsCount' + default_value: 2 + description: | + Total number of job executors. Executor Count should be between 2 and 100. [Default=2] + - !ruby/object:Api::Type::Integer + name: 'maxExecutorsCount' + default_value: 1000 + description: | + Max configurable executors. If maxExecutorsCount > executorsCount, then auto-scaling is enabled. Max Executor Count should be between 2 and 1000. [Default=1000] + - !ruby/object:Api::Type::NestedObject + name: 'containerImage' + description: | + Container Image Runtime Configuration. + properties: + - !ruby/object:Api::Type::String + name: 'image' + description: | + Container image to use. + - !ruby/object:Api::Type::Array + name: 'javaJars' + description: | + A list of Java JARS to add to the classpath. Valid input includes Cloud Storage URIs to Jar binaries. For example, gs://bucket-name/my/path/to/file.jar + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'pythonPackages' + description: | + A list of python packages to be installed. Valid formats include Cloud Storage URI to a PIP installable library. For example, gs://bucket-name/my/path/to/lib.tar.gz + item_type: Api::Type::String + - !ruby/object:Api::Type::KeyValuePairs + name: 'properties' + description: | + Override to common configuration of open source components installed on the Dataproc cluster. The properties to set on daemon config files. Property keys are specified in prefix:property format, for example core:hadoop.tmp.dir. For more information, see Cluster properties. + - !ruby/object:Api::Type::NestedObject + name: 'vpcNetwork' + description: | + Vpc network. + properties: + - !ruby/object:Api::Type::Array + name: 'networkTags' + description: | + List of network tags to apply to the job. + item_type: Api::Type::String + - !ruby/object:Api::Type::String + name: 'network' + description: | + The Cloud VPC network in which the job is run. By default, the Cloud VPC network named Default within the project is used. + exactly_one_of: + - network + - subNetwork + - !ruby/object:Api::Type::String + name: 'subNetwork' + description: | + The Cloud VPC sub-network in which the job is run. + exactly_one_of: + - network + - subNetwork + - !ruby/object:Api::Type::Array + name: 'fileUris' + description: | + Cloud Storage URIs of files to be placed in the working directory of each executor. + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'archiveUris' + description: | + Cloud Storage URIs of archives to be extracted into the working directory of each executor. Supported file types: .jar, .tar, .tar.gz, .tgz, and .zip. + item_type: Api::Type::String +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'dataplex_task_basic' + primary_resource_id: 'example' + primary_resource_name: + 'fmt.Sprintf("tf-test-lake%s", context["random_suffix"]), + fmt.Sprintf("tf-test-task%s", context["random_suffix"])' + test_env_vars: + project_name: :PROJECT_NAME + - !ruby/object:Provider::Terraform::Examples + name: 'dataplex_task_spark' + primary_resource_id: 'example_spark' + primary_resource_name: + 'fmt.Sprintf("tf-test-lake%s", context["random_suffix"]), + fmt.Sprintf("tf-test-task%s", context["random_suffix"])' + test_env_vars: + project_name: :PROJECT_NAME + - !ruby/object:Provider::Terraform::Examples + name: 'dataplex_task_notebook' + primary_resource_id: 'example_notebook' + primary_resource_name: + 'fmt.Sprintf("tf-test-lake%s", context["random_suffix"]), + fmt.Sprintf("tf-test-task%s", context["random_suffix"])' + test_env_vars: + project_name: :PROJECT_NAME +======= update_verb: 'PATCH' update_mask: true delete_url: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/tasks/{{task_id}}' @@ -506,3 +1005,4 @@ properties: Cloud Storage URIs of archives to be extracted into the working directory of each executor. Supported file types: .jar, .tar, .tar.gz, .tgz, and .zip. item_type: type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/dataplex/Zone.yaml b/mmv1/products/dataplex/Zone.yaml index 248121603bf2..22fbefad0a29 100644 --- a/mmv1/products/dataplex/Zone.yaml +++ b/mmv1/products/dataplex/Zone.yaml @@ -1,5 +1,10 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +# Licensed under the Apache License, Version 2.0 (the License); +======= # Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # @@ -11,6 +16,40 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Zone' +base_url: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/zones/{{name}}' +self_link: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/zones/{{name}}' +exclude_resource: true +description: | + Only used to generate IAM resources +properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + Dummy property. +iam_policy: !ruby/object:Api::Resource::IamPolicy + substitute_zone_value: false + method_name_separator: ':' + parent_resource_attribute: 'dataplex_zone' + fetch_iam_policy_verb: :GET + import_format: + [ + 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/zones/{{name}}', + '{{name}}', + ] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'dataplex_zone_primary' + primary_resource_id: 'example' + primary_resource_name: + 'fmt.Sprintf("tf-test-lake%s", context["random_suffix"]), + fmt.Sprintf("tf-test-zone%s", context["random_suffix"])' + test_env_vars: + project_name: :PROJECT_NAME +======= --- name: 'Zone' description: | @@ -45,3 +84,4 @@ properties: description: | Dummy property. output: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/dataplex/go_AspectType.yaml b/mmv1/products/dataplex/go_AspectType.yaml new file mode 100644 index 000000000000..2b3c8d814cf8 --- /dev/null +++ b/mmv1/products/dataplex/go_AspectType.yaml @@ -0,0 +1,137 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'AspectType' +description: | + An Aspect Type is a template for creating Aspects. +docs: +base_url: 'projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}}' +self_link: 'projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/aspectTypes?aspectTypeId={{aspect_type_id}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}}' +timeouts: + insert_minutes: 5 + update_minutes: 5 + delete_minutes: 5 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + timeouts: + insert_minutes: 5 + update_minutes: 5 + delete_minutes: 5 + result: + path: 'response' + resource_inside_response: false + error: + path: 'error' + message: 'message' +iam_policy: + exclude_import_test: true + method_name_separator: ':' + parent_resource_attribute: 'aspect_type_id' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}}' + - '{{aspect_type_id}}' +custom_code: +examples: + - name: 'dataplex_aspect_type_basic' + primary_resource_id: 'test_aspect_type_basic' + primary_resource_name: 'fmt.Sprintf("tf-test-aspect-type%s", context["random_suffix"])' + vars: + aspect_type_name: 'aspect-type-basic' + test_env_vars: + project_name: 'PROJECT_NAME' + - name: 'dataplex_aspect_type_full' + primary_resource_id: 'test_aspect_type_full' + primary_resource_name: 'fmt.Sprintf("tf-test-aspect-type%s", context["random_suffix"])' + vars: + aspect_type_name: 'aspect-type-full' + test_env_vars: + project_name: 'PROJECT_NAME' +parameters: + - name: 'location' + type: String + description: | + The location where aspect type will be created in. + url_param_only: true + immutable: true + - name: 'aspectTypeId' + type: String + description: | + The aspect type id of the aspect type. + url_param_only: true + immutable: true +properties: + - name: 'name' + type: String + description: | + The relative resource name of the AspectType, of the form: projects/{project_number}/locations/{location_id}/aspectTypes/{aspect_type_id} + output: true + - name: 'uid' + type: String + description: | + System generated globally unique ID for the AspectType. This ID will be different if the AspectType is deleted and re-created with the same name. + output: true + - name: 'createTime' + type: Time + description: | + The time when the AspectType was created. + output: true + - name: 'updateTime' + type: Time + description: | + The time when the AspectType was last updated. + output: true + - name: 'description' + type: String + description: | + Description of the AspectType. + - name: 'displayName' + type: String + description: | + User friendly display name. + - name: 'labels' + type: KeyValueLabels + description: | + User-defined labels for the AspectType. + - name: 'metadataTemplate' + type: String + description: | + MetadataTemplate of the Aspect. + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/go/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/go/json_schema.tmpl' + validation: + function: 'validation.StringIsJSON' + - name: 'transferStatus' + type: Enum + description: | + Denotes the transfer status of the Aspect Type. It is unspecified + for Aspect Type created from Dataplex API. + output: true + enum_values: + - 'TRANSFER_STATUS_UNSPECIFIED' + - 'TRANSFER_STATUS_MIGRATED' + - 'TRANSFER_STATUS_TRANSFERRED' diff --git a/mmv1/products/dataplex/go_Asset.yaml b/mmv1/products/dataplex/go_Asset.yaml new file mode 100644 index 000000000000..cf983c3187c4 --- /dev/null +++ b/mmv1/products/dataplex/go_Asset.yaml @@ -0,0 +1,47 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Asset' +description: | + Only used to generate IAM resources +exclude_resource: true +docs: +base_url: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/zones/{{dataplex_zone}}/assets/{{name}}' +self_link: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/zones/{{dataplex_zone}}/assets/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: + method_name_separator: ':' + parent_resource_attribute: 'asset' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/zones/{{dataplex_zone}}/assets/{{name}}' + - '{{name}}' +custom_code: +examples: + - name: 'dataplex_asset_primary' + primary_resource_id: 'example' + primary_resource_name: 'fmt.Sprintf("tf-test-lake%s", context["random_suffix"]), fmt.Sprintf("tf-test-zone%s", context["random_suffix"]), fmt.Sprintf("tf-test-asset%s", context["random_suffix"])' + test_env_vars: + project_name: 'PROJECT_NAME' +parameters: +properties: + - name: 'name' + type: String + description: | + Dummy property. + output: true diff --git a/mmv1/products/dataplex/go_Datascan.yaml b/mmv1/products/dataplex/go_Datascan.yaml new file mode 100644 index 000000000000..8bb9d8f79fff --- /dev/null +++ b/mmv1/products/dataplex/go_Datascan.yaml @@ -0,0 +1,506 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Datascan' +description: | + Represents a user-visible job which provides the insights for the related data source. +# User-provided label cannot start with goog- +exclude_attribution_label: true +references: + guides: + 'Official Documentation': 'https://cloud.google.com/dataplex/docs' + api: 'https://cloud.google.com/dataplex/docs/reference/rest' +docs: +base_url: 'projects/{{project}}/locations/{{location}}/dataScans' +self_link: 'projects/{{project}}/locations/{{location}}/dataScans/{{data_scan_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/dataScans?dataScanId={{data_scan_id}}' +update_verb: 'PATCH' +update_mask: true + +read_query_params: '?view=FULL' +import_format: + - 'projects/{{project}}/locations/{{location}}/dataScans/{{data_scan_id}}' + - '{{data_scan_id}}' +timeouts: + insert_minutes: 5 + update_minutes: 5 + delete_minutes: 5 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + timeouts: + insert_minutes: 5 + update_minutes: 5 + delete_minutes: 5 + result: + path: 'response' + resource_inside_response: false + error: + path: 'error' + message: 'message' +iam_policy: + method_name_separator: ':' + parent_resource_attribute: 'data_scan_id' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/{{location}}/dataScans/{{data_scan_id}}' + - '{{data_scan_id}}' +custom_code: +examples: + - name: 'dataplex_datascan_basic_profile' + primary_resource_id: 'basic_profile' + primary_resource_name: 'fmt.Sprintf("tf-test-dataprofile-basic%s", context["random_suffix"])' + vars: + datascan_name: 'dataprofile-basic' + test_env_vars: + project_name: 'PROJECT_NAME' + - name: 'dataplex_datascan_full_profile' + primary_resource_id: 'full_profile' + vars: + dataset_name: 'dataplex_dataset' + datascan_name: 'dataprofile-full' + test_env_vars: + project_name: 'PROJECT_NAME' + - name: 'dataplex_datascan_basic_quality' + primary_resource_id: 'basic_quality' + vars: + datascan_name: 'dataquality-basic' + test_env_vars: + project_name: 'PROJECT_NAME' + - name: 'dataplex_datascan_full_quality' + primary_resource_id: 'full_quality' + vars: + datascan_name: 'dataquality-full' + test_env_vars: + project_name: 'PROJECT_NAME' +parameters: + - name: 'location' + type: String + description: | + The location where the data scan should reside. + url_param_only: true + required: true + immutable: true + - name: 'dataScanId' + type: String + description: | + DataScan identifier. Must contain only lowercase letters, numbers and hyphens. Must start with a letter. Must end with a number or a letter. + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: | + The relative resource name of the scan, of the form: projects/{project}/locations/{locationId}/dataScans/{datascan_id}, where project refers to a project_id or project_number and locationId refers to a GCP region. + output: true + - name: 'uid' + type: String + description: | + System generated globally unique ID for the scan. This ID will be different if the scan is deleted and re-created with the same name. + output: true + - name: 'description' + type: String + description: | + Description of the scan. + - name: 'displayName' + type: String + description: | + User friendly display name. + - name: 'labels' + type: KeyValueLabels + description: | + User-defined labels for the scan. A list of key->value pairs. + - name: 'state' + type: Enum + description: | + Current state of the DataScan. + output: true + enum_values: + - 'STATE_UNSPECIFIED' + - 'ACTIVE' + - 'CREATING' + - 'DELETING' + - 'ACTION_REQUIRED' + - name: 'createTime' + type: String + description: | + The time when the scan was created. + output: true + - name: 'updateTime' + type: String + description: | + The time when the scan was last updated. + output: true + - name: 'data' + type: NestedObject + description: | + The data source for DataScan. + required: true + immutable: true + properties: + - name: 'entity' + type: String + description: | + The Dataplex entity that represents the data source(e.g. BigQuery table) for Datascan. + immutable: true + exactly_one_of: + - 'data.0.entity' + - 'data.0.resource' + - name: 'resource' + type: String + description: | + The service-qualified full resource name of the cloud resource for a DataScan job to scan against. The field could be: + (Cloud Storage bucket for DataDiscoveryScan)BigQuery table of type "TABLE" for DataProfileScan/DataQualityScan. + immutable: true + exactly_one_of: + - 'data.0.entity' + - 'data.0.resource' + - name: 'executionSpec' + type: NestedObject + description: | + DataScan execution settings. + required: true + properties: + - name: 'trigger' + type: NestedObject + description: | + Spec related to how often and when a scan should be triggered. + required: true + properties: + - name: 'onDemand' + type: NestedObject + description: | + The scan runs once via dataScans.run API. + send_empty_value: true + allow_empty_object: true + exactly_one_of: + - 'execution_spec.0.trigger.0.on_demand' + - 'execution_spec.0.trigger.0.schedule' + properties: + [] + - name: 'schedule' + type: NestedObject + description: | + The scan is scheduled to run periodically. + exactly_one_of: + - 'execution_spec.0.trigger.0.on_demand' + - 'execution_spec.0.trigger.0.schedule' + properties: + - name: 'cron' + type: String + description: + Cron schedule for running scans periodically. This field is + required for Schedule scans. + required: true + - name: 'field' + type: String + description: | + The unnested field (of type Date or Timestamp) that contains values which monotonically increase over time. If not specified, a data scan will run for all data in the table. + immutable: true + - name: 'executionStatus' + type: NestedObject + description: | + Status of the data scan execution. + output: true + properties: + - name: 'latestJobEndTime' + type: String + description: | + The time when the latest DataScanJob started. + output: true + - name: 'latestJobStartTime' + type: String + description: | + The time when the latest DataScanJob ended. + output: true + - name: 'type' + type: Enum + description: | + The type of DataScan. + output: true + enum_values: + - 'DATA_SCAN_TYPE_UNSPECIFIED' + - 'DATA_QUALITY' + - 'DATA_PROFILE' + - name: 'dataQualitySpec' + type: NestedObject + description: | + DataQualityScan related setting. + exactly_one_of: + - 'data_quality_spec' + - 'data_profile_spec' + properties: + - name: 'samplingPercent' + type: Double + description: | + The percentage of the records to be selected from the dataset for DataScan. + Value can range between 0.0 and 100.0 with up to 3 significant decimal digits. + Sampling is not applied if `sampling_percent` is not specified, 0 or 100. + - name: 'rowFilter' + type: String + description: | + A filter applied to all rows in a single DataScan job. The filter needs to be a valid SQL expression for a WHERE clause in BigQuery standard SQL syntax. Example: col1 >= 0 AND col2 < 10 + - name: 'postScanActions' + type: NestedObject + description: | + Actions to take upon job completion. + properties: + - name: 'bigqueryExport' + type: NestedObject + description: | + If set, results will be exported to the provided BigQuery table. + properties: + - name: 'resultsTable' + type: String + description: | + The BigQuery table to export DataQualityScan results to. + Format://bigquery.googleapis.com/projects/PROJECT_ID/datasets/DATASET_ID/tables/TABLE_ID + - name: 'rules' + type: Array + description: | + The list of rules to evaluate against a data source. At least one rule is required. + item_type: + type: NestedObject + properties: + - name: 'column' + type: String + description: | + The unnested column which this rule is evaluated against. + - name: 'ignoreNull' + type: Boolean + description: | + Rows with null values will automatically fail a rule, unless ignoreNull is true. In that case, such null rows are trivially considered passing. Only applicable to ColumnMap rules. + - name: 'dimension' + type: String + description: | + The dimension a rule belongs to. Results are also aggregated at the dimension level. Supported dimensions are ["COMPLETENESS", "ACCURACY", "CONSISTENCY", "VALIDITY", "UNIQUENESS", "INTEGRITY"] + required: true + - name: 'threshold' + type: Double + description: | + The minimum ratio of passing_rows / total_rows required to pass this rule, with a range of [0.0, 1.0]. 0 indicates default value (i.e. 1.0). + - name: 'name' + type: String + description: | + A mutable name for the rule. + The name must contain only letters (a-z, A-Z), numbers (0-9), or hyphens (-). + The maximum length is 63 characters. + Must start with a letter. + Must end with a number or a letter. + - name: 'description' + type: String + description: | + Description of the rule. + The maximum length is 1,024 characters. + - name: 'rangeExpectation' + type: NestedObject + description: | + ColumnMap rule which evaluates whether each column value lies between a specified range. + properties: + - name: 'minValue' + type: String + description: | + The minimum column value allowed for a row to pass this validation. At least one of minValue and maxValue need to be provided. + - name: 'maxValue' + type: String + description: | + The maximum column value allowed for a row to pass this validation. At least one of minValue and maxValue need to be provided. + - name: 'strictMinEnabled' + type: Boolean + description: | + Whether each value needs to be strictly greater than ('>') the minimum, or if equality is allowed. + Only relevant if a minValue has been defined. Default = false. + default_value: false + - name: 'strictMaxEnabled' + type: Boolean + description: | + Whether each value needs to be strictly lesser than ('<') the maximum, or if equality is allowed. + Only relevant if a maxValue has been defined. Default = false. + default_value: false + - name: 'nonNullExpectation' + type: NestedObject + description: | + ColumnMap rule which evaluates whether each column value is null. + send_empty_value: true + allow_empty_object: true + properties: + [] + - name: 'setExpectation' + type: NestedObject + description: | + ColumnMap rule which evaluates whether each column value is contained by a specified set. + properties: + - name: 'values' + type: Array + description: | + Expected values for the column value. + required: true + item_type: + type: String + - name: 'regexExpectation' + type: NestedObject + description: | + ColumnMap rule which evaluates whether each column value matches a specified regex. + properties: + - name: 'regex' + type: String + description: | + A regular expression the column value is expected to match. + required: true + - name: 'uniquenessExpectation' + type: NestedObject + description: | + Row-level rule which evaluates whether each column value is unique. + send_empty_value: true + allow_empty_object: true + properties: + [] + - name: 'statisticRangeExpectation' + type: NestedObject + description: | + ColumnAggregate rule which evaluates whether the column aggregate statistic lies between a specified range. + properties: + - name: 'statistic' + type: Enum + description: | + column statistics. + required: true + enum_values: + - 'STATISTIC_UNDEFINED' + - 'MEAN' + - 'MIN' + - 'MAX' + - name: 'minValue' + type: String + description: | + The minimum column statistic value allowed for a row to pass this validation. + At least one of minValue and maxValue need to be provided. + - name: 'maxValue' + type: String + description: | + The maximum column statistic value allowed for a row to pass this validation. + At least one of minValue and maxValue need to be provided. + - name: 'strictMinEnabled' + type: Boolean + description: | + Whether column statistic needs to be strictly greater than ('>') the minimum, or if equality is allowed. + Only relevant if a minValue has been defined. Default = false. + default_value: false + - name: 'strictMaxEnabled' + type: Boolean + description: | + Whether column statistic needs to be strictly lesser than ('<') the maximum, or if equality is allowed. + Only relevant if a maxValue has been defined. Default = false. + default_value: false + - name: 'rowConditionExpectation' + type: NestedObject + description: | + Table rule which evaluates whether each row passes the specified condition. + properties: + - name: 'sqlExpression' + type: String + description: | + The SQL expression. + required: true + - name: 'tableConditionExpectation' + type: NestedObject + description: | + Table rule which evaluates whether the provided expression is true. + properties: + - name: 'sqlExpression' + type: String + description: | + The SQL expression. + required: true + - name: 'sqlAssertion' + type: NestedObject + description: | + Table rule which evaluates whether any row matches invalid state. + properties: + - name: 'sqlStatement' + type: String + description: | + The SQL statement. + required: true + min_size: 1 + - name: 'dataProfileSpec' + type: NestedObject + description: | + DataProfileScan related setting. + send_empty_value: true + allow_empty_object: true + exactly_one_of: + - 'data_quality_spec' + - 'data_profile_spec' + properties: + - name: 'samplingPercent' + type: Double + description: | + The percentage of the records to be selected from the dataset for DataScan. + Value can range between 0.0 and 100.0 with up to 3 significant decimal digits. + Sampling is not applied if `sampling_percent` is not specified, 0 or 100. + - name: 'rowFilter' + type: String + description: | + A filter applied to all rows in a single DataScan job. The filter needs to be a valid SQL expression for a WHERE clause in BigQuery standard SQL syntax. Example: col1 >= 0 AND col2 < 10 + - name: 'postScanActions' + type: NestedObject + description: | + Actions to take upon job completion. + properties: + - name: 'bigqueryExport' + type: NestedObject + description: | + If set, results will be exported to the provided BigQuery table. + properties: + - name: 'resultsTable' + type: String + description: | + The BigQuery table to export DataProfileScan results to. + Format://bigquery.googleapis.com/projects/PROJECT_ID/datasets/DATASET_ID/tables/TABLE_ID + - name: 'includeFields' + type: NestedObject + description: | + The fields to include in data profile. + If not specified, all fields at the time of profile scan job execution are included, except for ones listed in `exclude_fields`. + properties: + - name: 'fieldNames' + type: Array + description: | + Expected input is a list of fully qualified names of fields as in the schema. + Only top-level field names for nested fields are supported. + For instance, if 'x' is of nested field type, listing 'x' is supported but 'x.y.z' is not supported. Here 'y' and 'y.z' are nested fields of 'x'. + item_type: + type: String + - name: 'excludeFields' + type: NestedObject + description: | + The fields to exclude from data profile. + If specified, the fields will be excluded from data profile, regardless of `include_fields` value. + properties: + - name: 'fieldNames' + type: Array + description: | + Expected input is a list of fully qualified names of fields as in the schema. + Only top-level field names for nested fields are supported. + For instance, if 'x' is of nested field type, listing 'x' is supported but 'x.y.z' is not supported. Here 'y' and 'y.z' are nested fields of 'x'. + item_type: + type: String diff --git a/mmv1/products/dataplex/go_EntryGroup.yaml b/mmv1/products/dataplex/go_EntryGroup.yaml new file mode 100644 index 000000000000..c86c781b910a --- /dev/null +++ b/mmv1/products/dataplex/go_EntryGroup.yaml @@ -0,0 +1,128 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'EntryGroup' +description: | + An Entry Group represents a logical grouping of one or more Entries. +docs: +base_url: 'projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}}' +self_link: 'projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/entryGroups?entryGroupId={{entry_group_id}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}}' +timeouts: + insert_minutes: 5 + update_minutes: 5 + delete_minutes: 5 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + timeouts: + insert_minutes: 5 + update_minutes: 5 + delete_minutes: 5 + result: + path: 'response' + resource_inside_response: false + error: + path: 'error' + message: 'message' +iam_policy: + exclude_import_test: true + method_name_separator: ':' + parent_resource_attribute: 'entry_group_id' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}}' + - '{{entry_group_id}}' +custom_code: +examples: + - name: 'dataplex_entry_group_basic' + primary_resource_id: 'test_entry_group_basic' + primary_resource_name: 'fmt.Sprintf("tf-test-entry-group%s", context["random_suffix"])' + vars: + entry_group_name: 'entry-group-basic' + test_env_vars: + project_name: 'PROJECT_NAME' + - name: 'dataplex_entry_group_full' + primary_resource_id: 'test_entry_group_full' + primary_resource_name: 'fmt.Sprintf("tf-test-entry-group%s", context["random_suffix"])' + vars: + entry_group_name: 'entry-group-full' + test_env_vars: + project_name: 'PROJECT_NAME' +parameters: + - name: 'location' + type: String + description: | + The location where entry group will be created in. + url_param_only: true + immutable: true + - name: 'entryGroupId' + type: String + description: | + The entry group id of the entry group. + url_param_only: true + immutable: true +properties: + - name: 'name' + type: String + description: | + The relative resource name of the EntryGroup, of the form: projects/{project_number}/locations/{location_id}/entryGroups/{entry_group_id} + output: true + - name: 'uid' + type: String + description: | + System generated globally unique ID for the EntryGroup. This ID will be different if the EntryGroup is deleted and re-created with the same name. + output: true + - name: 'createTime' + type: Time + description: | + The time when the EntryGroup was created. + output: true + - name: 'updateTime' + type: Time + description: | + The time when the EntryGroup was last updated. + output: true + - name: 'description' + type: String + description: | + Description of the EntryGroup. + - name: 'displayName' + type: String + description: | + User friendly display name. + - name: 'labels' + type: KeyValueLabels + description: | + User-defined labels for the EntryGroup. + - name: 'transferStatus' + type: Enum + description: | + Denotes the transfer status of the Entry Group. It is unspecified + for Entry Group created from Dataplex API. + output: true + enum_values: + - 'TRANSFER_STATUS_UNSPECIFIED' + - 'TRANSFER_STATUS_MIGRATED' + - 'TRANSFER_STATUS_TRANSFERRED' diff --git a/mmv1/products/dataplex/go_EntryType.yaml b/mmv1/products/dataplex/go_EntryType.yaml new file mode 100644 index 000000000000..a56b6886bb23 --- /dev/null +++ b/mmv1/products/dataplex/go_EntryType.yaml @@ -0,0 +1,143 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'EntryType' +description: | + An Entry Type is a template for creating Entries. +docs: +base_url: 'projects/{{project}}/locations/{{location}}/entryTypes/{{entry_type_id}}' +self_link: 'projects/{{project}}/locations/{{location}}/entryTypes/{{entry_type_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/entryTypes?entryTypeId={{entry_type_id}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/entryTypes/{{entry_type_id}}' +timeouts: + insert_minutes: 5 + update_minutes: 5 + delete_minutes: 5 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + timeouts: + insert_minutes: 5 + update_minutes: 5 + delete_minutes: 5 + result: + path: 'response' + resource_inside_response: false + error: + path: 'error' + message: 'message' +iam_policy: + exclude_import_test: true + method_name_separator: ':' + parent_resource_attribute: 'entry_type_id' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/{{location}}/entryTypes/{{entry_type_id}}' + - '{{entry_type_id}}' +custom_code: +examples: + - name: 'dataplex_entry_type_basic' + primary_resource_id: 'test_entry_type_basic' + primary_resource_name: 'fmt.Sprintf("tf-test-entry-type%s", context["random_suffix"])' + vars: + entry_type_name: 'entry-type-basic' + test_env_vars: + project_name: 'PROJECT_NAME' + - name: 'dataplex_entry_type_full' + primary_resource_id: 'test_entry_type_full' + primary_resource_name: 'fmt.Sprintf("tf-test-entry-type%s", context["random_suffix"])' + vars: + entry_type_name: 'entry-type-full' + test_env_vars: + project_name: 'PROJECT_NAME' +parameters: + - name: 'location' + type: String + description: | + The location where entry type will be created in. + url_param_only: true + immutable: true + - name: 'entryTypeId' + type: String + description: | + The entry type id of the entry type. + url_param_only: true + immutable: true +properties: + - name: 'name' + type: String + description: | + The relative resource name of the EntryType, of the form: projects/{project_number}/locations/{location_id}/entryTypes/{entry_type_id} + output: true + - name: 'uid' + type: String + description: | + System generated globally unique ID for the EntryType. This ID will be different if the EntryType is deleted and re-created with the same name. + output: true + - name: 'createTime' + type: Time + description: | + The time when the EntryType was created. + output: true + - name: 'updateTime' + type: Time + description: | + The time when the EntryType was last updated. + output: true + - name: 'description' + type: String + description: | + Description of the EntryType. + - name: 'displayName' + type: String + description: | + User friendly display name. + - name: 'labels' + type: KeyValueLabels + description: | + User-defined labels for the EntryType. + - name: 'typeAliases' + type: Array + description: | + Indicates the class this Entry Type belongs to, for example, TABLE, DATABASE, MODEL. + item_type: + type: String + - name: 'platform' + type: String + description: | + The platform that Entries of this type belongs to. + - name: 'system' + type: String + description: | + The system that Entries of this type belongs to. + - name: 'requiredAspects' + type: Array + description: | + AspectInfo for the entry type. + item_type: + type: NestedObject + properties: + - name: 'type' + type: String + description: | + Required aspect type for the entry type. diff --git a/mmv1/products/dataplex/go_Lake.yaml b/mmv1/products/dataplex/go_Lake.yaml new file mode 100644 index 000000000000..2258093ed721 --- /dev/null +++ b/mmv1/products/dataplex/go_Lake.yaml @@ -0,0 +1,47 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Lake' +description: | + Only used to generate IAM resources +exclude_resource: true +docs: +base_url: 'projects/{{project}}/locations/{{location}}/lakes/{{name}}' +self_link: 'projects/{{project}}/locations/{{location}}/lakes/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: + method_name_separator: ':' + parent_resource_attribute: 'lake' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/{{location}}/lakes/{{name}}' + - '{{name}}' +custom_code: +examples: + - name: 'dataplex_lake_primary' + primary_resource_id: 'example' + primary_resource_name: 'fmt.Sprintf("tf-test-lake%s", context["random_suffix"])' + test_env_vars: + project_name: 'PROJECT_NAME' +parameters: +properties: + - name: 'name' + type: String + description: | + Dummy property. + output: true diff --git a/mmv1/products/dataplex/go_Task.yaml b/mmv1/products/dataplex/go_Task.yaml new file mode 100644 index 000000000000..c603754d6167 --- /dev/null +++ b/mmv1/products/dataplex/go_Task.yaml @@ -0,0 +1,509 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Task' +description: | + A Dataplex task represents the work that you want Dataplex to do on a schedule. It encapsulates code, parameters, and the schedule. +# User-provided label cannot start with goog- +exclude_attribution_label: true +references: + guides: + 'Official Documentation': 'https://cloud.google.com/dataplex/docs' + api: 'https://cloud.google.com/dataplex/docs/reference/rest/v1/projects.locations.lakes.tasks' +docs: +base_url: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/tasks/{{task_id}}' +self_link: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/tasks/{{task_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/tasks?task_id={{task_id}}' +update_url: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/tasks/{{task_id}}' +update_verb: 'PATCH' +update_mask: true +delete_url: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/tasks/{{task_id}}' +import_format: + - 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/tasks/{{task_id}}' +timeouts: + insert_minutes: 5 + update_minutes: 5 + delete_minutes: 5 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + timeouts: + insert_minutes: 5 + update_minutes: 5 + delete_minutes: 5 + result: + path: 'response' + resource_inside_response: false + error: + path: 'error' + message: 'message' +iam_policy: + method_name_separator: ':' + parent_resource_attribute: 'task_id' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/tasks/{{task_id}}' + - '{{task_id}}' +custom_code: +examples: + - name: 'dataplex_task_basic' + primary_resource_id: 'example' + primary_resource_name: 'fmt.Sprintf("tf-test-lake%s", context["random_suffix"]), fmt.Sprintf("tf-test-task%s", context["random_suffix"])' + test_env_vars: + project_name: 'PROJECT_NAME' + - name: 'dataplex_task_spark' + primary_resource_id: 'example_spark' + primary_resource_name: 'fmt.Sprintf("tf-test-lake%s", context["random_suffix"]), fmt.Sprintf("tf-test-task%s", context["random_suffix"])' + test_env_vars: + project_name: 'PROJECT_NAME' + - name: 'dataplex_task_notebook' + primary_resource_id: 'example_notebook' + primary_resource_name: 'fmt.Sprintf("tf-test-lake%s", context["random_suffix"]), fmt.Sprintf("tf-test-task%s", context["random_suffix"])' + test_env_vars: + project_name: 'PROJECT_NAME' +parameters: + - name: 'location' + type: String + description: | + The location in which the task will be created in. + url_param_only: true + immutable: true + - name: 'lake' + type: String + description: | + The lake in which the task will be created in. + url_param_only: true + immutable: true + - name: 'taskId' + type: String + description: | + The task Id of the task. + url_param_only: true + immutable: true +properties: + - name: 'name' + type: String + description: | + The relative resource name of the task, of the form: projects/{project_number}/locations/{locationId}/lakes/{lakeId}/ tasks/{name}. + output: true + - name: 'uid' + type: String + description: | + System generated globally unique ID for the task. This ID will be different if the task is deleted and re-created with the same name. + output: true + - name: 'createTime' + type: Time + description: | + The time when the task was created. + output: true + - name: 'updateTime' + type: Time + description: | + The time when the task was last updated. + output: true + - name: 'description' + type: String + description: | + User-provided description of the task. + - name: 'displayName' + type: String + description: | + User friendly display name. + - name: 'state' + type: Enum + description: | + Current state of the task. + output: true + enum_values: + - 'STATE_UNSPECIFIED' + - 'ACTIVE' + - 'CREATING' + - 'DELETING' + - 'ACTION_REQUIRED' + - name: 'labels' + type: KeyValueLabels + description: | + User-defined labels for the task. + - name: 'triggerSpec' + type: NestedObject + description: | + Configuration for the cluster + required: true + properties: + - name: 'type' + type: Enum + description: | + Trigger type of the user-specified Task + required: true + immutable: true + enum_values: + - 'ON_DEMAND' + - 'RECURRING' + - name: 'startTime' + type: Time + description: | + The first run of the task will be after this time. If not specified, the task will run shortly after being submitted if ON_DEMAND and based on the schedule if RECURRING. + - name: 'disabled' + type: Boolean + description: | + Prevent the task from executing. This does not cancel already running tasks. It is intended to temporarily disable RECURRING tasks. + - name: 'maxRetries' + type: Integer + description: | + Number of retry attempts before aborting. Set to zero to never attempt to retry a failed task. + - name: 'schedule' + type: String + description: | + Cron schedule (https://en.wikipedia.org/wiki/Cron) for running tasks periodically. To explicitly set a timezone to the cron tab, apply a prefix in the cron tab: 'CRON_TZ=${IANA_TIME_ZONE}' or 'TZ=${IANA_TIME_ZONE}'. The ${IANA_TIME_ZONE} may only be a valid string from IANA time zone database. For example, CRON_TZ=America/New_York 1 * * * *, or TZ=America/New_York 1 * * * *. This field is required for RECURRING tasks. + - name: 'executionSpec' + type: NestedObject + description: | + Configuration for the cluster + required: true + properties: + - name: 'args' + type: KeyValuePairs + description: | + The arguments to pass to the task. The args can use placeholders of the format ${placeholder} as part of key/value string. These will be interpolated before passing the args to the driver. Currently supported placeholders: - ${taskId} - ${job_time} To pass positional args, set the key as TASK_ARGS. The value should be a comma-separated string of all the positional arguments. To use a delimiter other than comma, refer to https://cloud.google.com/sdk/gcloud/reference/topic/escaping. In case of other keys being present in the args, then TASK_ARGS will be passed as the last argument. An object containing a list of 'key': value pairs. Example: { 'name': 'wrench', 'mass': '1.3kg', 'count': '3' }. + - name: 'serviceAccount' + type: String + description: | + Service account to use to execute a task. If not provided, the default Compute service account for the project is used. + required: true + - name: 'project' + type: String + description: | + The project in which jobs are run. By default, the project containing the Lake is used. If a project is provided, the ExecutionSpec.service_account must belong to this project. + - name: 'maxJobExecutionLifetime' + type: String + description: | + The maximum duration after which the job execution is expired. A duration in seconds with up to nine fractional digits, ending with 's'. Example: '3.5s'. + - name: 'kmsKey' + type: String + description: | + The Cloud KMS key to use for encryption, of the form: projects/{project_number}/locations/{locationId}/keyRings/{key-ring-name}/cryptoKeys/{key-name}. + - name: 'executionStatus' + type: NestedObject + description: | + Configuration for the cluster + output: true + properties: + - name: 'updateTime' + type: String + description: | + Last update time of the status. + output: true + - name: 'latestJob' + type: NestedObject + description: | + latest job execution. + output: true + properties: + - name: 'name' + type: String + description: | + The relative resource name of the job, of the form: projects/{project_number}/locations/{locationId}/lakes/{lakeId}/tasks/{taskId}/jobs/{jobId}. + output: true + - name: 'uid' + type: String + description: | + System generated globally unique ID for the job. + output: true + - name: 'startTime' + type: Time + description: | + The time when the job was started. + output: true + - name: 'endTime' + type: Time + description: | + The time when the job ended. + output: true + - name: 'state' + type: Enum + description: | + Execution state for the job. + output: true + enum_values: + - 'STATE_UNSPECIFIED' + - 'RUNNING' + - 'CANCELLING' + - 'CANCELLED' + - 'SUCCEEDED' + - 'FAILED' + - 'ABORTED' + - name: 'retryCount' + type: Integer + description: | + The number of times the job has been retried (excluding the initial attempt). + output: true + - name: 'service' + type: Enum + description: | + The underlying service running a job. + output: true + enum_values: + - 'SERVICE_UNSPECIFIED' + - 'DATAPROC' + - name: 'serviceJob' + type: String + description: | + The full resource name for the job run under a particular service. + output: true + - name: 'message' + type: String + description: | + Additional information about the current state. + output: true + - name: 'spark' + type: NestedObject + description: | + A service with manual scaling runs continuously, allowing you to perform complex initialization and rely on the state of its memory over time. + exactly_one_of: + - 'spark' + - 'notebook' + properties: + - name: 'fileUris' + type: Array + description: | + Cloud Storage URIs of files to be placed in the working directory of each executor. + item_type: + type: String + - name: 'archiveUris' + type: Array + description: | + Cloud Storage URIs of archives to be extracted into the working directory of each executor. Supported file types: .jar, .tar, .tar.gz, .tgz, and .zip. + item_type: + type: String + - name: 'infrastructureSpec' + type: NestedObject + description: | + Infrastructure specification for the execution. + properties: + - name: 'batch' + type: NestedObject + description: | + Compute resources needed for a Task when using Dataproc Serverless. + properties: + - name: 'executorsCount' + type: Integer + description: | + Total number of job executors. Executor Count should be between 2 and 100. [Default=2] + default_value: 2 + - name: 'maxExecutorsCount' + type: Integer + description: | + Max configurable executors. If maxExecutorsCount > executorsCount, then auto-scaling is enabled. Max Executor Count should be between 2 and 1000. [Default=1000] + default_value: 1000 + - name: 'containerImage' + type: NestedObject + description: | + Container Image Runtime Configuration. + properties: + - name: 'image' + type: String + description: | + Container image to use. + - name: 'javaJars' + type: Array + description: | + A list of Java JARS to add to the classpath. Valid input includes Cloud Storage URIs to Jar binaries. For example, gs://bucket-name/my/path/to/file.jar + item_type: + type: String + - name: 'pythonPackages' + type: Array + description: | + A list of python packages to be installed. Valid formats include Cloud Storage URI to a PIP installable library. For example, gs://bucket-name/my/path/to/lib.tar.gz + item_type: + type: String + - name: 'properties' + type: KeyValuePairs + description: | + Override to common configuration of open source components installed on the Dataproc cluster. The properties to set on daemon config files. Property keys are specified in prefix:property format, for example core:hadoop.tmp.dir. For more information, see Cluster properties. + - name: 'vpcNetwork' + type: NestedObject + description: | + Vpc network. + properties: + - name: 'networkTags' + type: Array + description: | + List of network tags to apply to the job. + item_type: + type: String + - name: 'network' + type: String + description: | + The Cloud VPC network in which the job is run. By default, the Cloud VPC network named Default within the project is used. + exactly_one_of: + - 'network' + - 'subNetwork' + - name: 'subNetwork' + type: String + description: | + The Cloud VPC sub-network in which the job is run. + exactly_one_of: + - 'network' + - 'subNetwork' + - name: 'mainJarFileUri' + type: String + description: | + The Cloud Storage URI of the jar file that contains the main class. The execution args are passed in as a sequence of named process arguments (--key=value). + exactly_one_of: + - 'mainJarFileUri' + - 'mainClass' + - 'pythonScriptFile' + - 'sqlScriptFile' + - 'sqlScript' + - name: 'mainClass' + type: String + description: | + The name of the driver's main class. The jar file that contains the class must be in the default CLASSPATH or specified in jar_file_uris. The execution args are passed in as a sequence of named process arguments (--key=value). + exactly_one_of: + - 'mainJarFileUri' + - 'mainClass' + - 'pythonScriptFile' + - 'sqlScriptFile' + - 'sqlScript' + - name: 'pythonScriptFile' + type: String + description: | + The Gcloud Storage URI of the main Python file to use as the driver. Must be a .py file. The execution args are passed in as a sequence of named process arguments (--key=value). + exactly_one_of: + - 'mainJarFileUri' + - 'mainClass' + - 'pythonScriptFile' + - 'sqlScriptFile' + - 'sqlScript' + - name: 'sqlScriptFile' + type: String + description: | + A reference to a query file. This can be the Cloud Storage URI of the query file or it can the path to a SqlScript Content. The execution args are used to declare a set of script variables (set key='value';). + exactly_one_of: + - 'mainJarFileUri' + - 'mainClass' + - 'pythonScriptFile' + - 'sqlScriptFile' + - 'sqlScript' + - name: 'sqlScript' + type: String + description: | + The query text. The execution args are used to declare a set of script variables (set key='value';). + exactly_one_of: + - 'mainJarFileUri' + - 'mainClass' + - 'pythonScriptFile' + - 'sqlScriptFile' + - 'sqlScript' + - name: 'notebook' + type: NestedObject + description: | + A service with manual scaling runs continuously, allowing you to perform complex initialization and rely on the state of its memory over time. + exactly_one_of: + - 'spark' + - 'notebook' + properties: + - name: 'notebook' + type: String + description: | + Path to input notebook. This can be the Cloud Storage URI of the notebook file or the path to a Notebook Content. The execution args are accessible as environment variables (TASK_key=value). + required: true + - name: 'infrastructureSpec' + type: NestedObject + description: | + Infrastructure specification for the execution. + properties: + - name: 'batch' + type: NestedObject + description: | + Compute resources needed for a Task when using Dataproc Serverless. + properties: + - name: 'executorsCount' + type: Integer + description: | + Total number of job executors. Executor Count should be between 2 and 100. [Default=2] + default_value: 2 + - name: 'maxExecutorsCount' + type: Integer + description: | + Max configurable executors. If maxExecutorsCount > executorsCount, then auto-scaling is enabled. Max Executor Count should be between 2 and 1000. [Default=1000] + default_value: 1000 + - name: 'containerImage' + type: NestedObject + description: | + Container Image Runtime Configuration. + properties: + - name: 'image' + type: String + description: | + Container image to use. + - name: 'javaJars' + type: Array + description: | + A list of Java JARS to add to the classpath. Valid input includes Cloud Storage URIs to Jar binaries. For example, gs://bucket-name/my/path/to/file.jar + item_type: + type: String + - name: 'pythonPackages' + type: Array + description: | + A list of python packages to be installed. Valid formats include Cloud Storage URI to a PIP installable library. For example, gs://bucket-name/my/path/to/lib.tar.gz + item_type: + type: String + - name: 'properties' + type: KeyValuePairs + description: | + Override to common configuration of open source components installed on the Dataproc cluster. The properties to set on daemon config files. Property keys are specified in prefix:property format, for example core:hadoop.tmp.dir. For more information, see Cluster properties. + - name: 'vpcNetwork' + type: NestedObject + description: | + Vpc network. + properties: + - name: 'networkTags' + type: Array + description: | + List of network tags to apply to the job. + item_type: + type: String + - name: 'network' + type: String + description: | + The Cloud VPC network in which the job is run. By default, the Cloud VPC network named Default within the project is used. + exactly_one_of: + - 'network' + - 'subNetwork' + - name: 'subNetwork' + type: String + description: | + The Cloud VPC sub-network in which the job is run. + exactly_one_of: + - 'network' + - 'subNetwork' + - name: 'fileUris' + type: Array + description: | + Cloud Storage URIs of files to be placed in the working directory of each executor. + item_type: + type: String + - name: 'archiveUris' + type: Array + description: | + Cloud Storage URIs of archives to be extracted into the working directory of each executor. Supported file types: .jar, .tar, .tar.gz, .tgz, and .zip. + item_type: + type: String diff --git a/mmv1/products/dataplex/go_Zone.yaml b/mmv1/products/dataplex/go_Zone.yaml new file mode 100644 index 000000000000..98a1024dd790 --- /dev/null +++ b/mmv1/products/dataplex/go_Zone.yaml @@ -0,0 +1,48 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Zone' +description: | + Only used to generate IAM resources +exclude_resource: true +docs: +base_url: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/zones/{{name}}' +self_link: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/zones/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: + method_name_separator: ':' + parent_resource_attribute: 'dataplex_zone' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/zones/{{name}}' + - '{{name}}' + substitute_zone_value: false +custom_code: +examples: + - name: 'dataplex_zone_primary' + primary_resource_id: 'example' + primary_resource_name: 'fmt.Sprintf("tf-test-lake%s", context["random_suffix"]), fmt.Sprintf("tf-test-zone%s", context["random_suffix"])' + test_env_vars: + project_name: 'PROJECT_NAME' +parameters: +properties: + - name: 'name' + type: String + description: | + Dummy property. + output: true diff --git a/mmv1/products/dataplex/go_product.yaml b/mmv1/products/dataplex/go_product.yaml new file mode 100644 index 000000000000..8993d5cc4eec --- /dev/null +++ b/mmv1/products/dataplex/go_product.yaml @@ -0,0 +1,22 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Dataplex' +display_name: 'Dataplex' +versions: + - name: 'ga' + base_url: 'https://dataplex.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/dataplex/product.yaml b/mmv1/products/dataplex/product.yaml index 72c5bf025eb6..23f09020772e 100644 --- a/mmv1/products/dataplex/product.yaml +++ b/mmv1/products/dataplex/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2020 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,17 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: Dataplex +display_name: Dataplex +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://dataplex.googleapis.com/v1/ +scopes: + - https://www.googleapis.com/auth/cloud-platform +======= --- name: 'Dataplex' display_name: 'Dataplex' @@ -19,3 +34,4 @@ versions: base_url: 'https://dataplex.googleapis.com/v1/' scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/dataproc/AutoscalingPolicy.yaml b/mmv1/products/dataproc/AutoscalingPolicy.yaml index a955d02efdaf..b8f7bca812fc 100644 --- a/mmv1/products/dataproc/AutoscalingPolicy.yaml +++ b/mmv1/products/dataproc/AutoscalingPolicy.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,41 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'AutoscalingPolicy' +base_url: 'projects/{{project}}/locations/{{location}}/autoscalingPolicies' +self_link: 'projects/{{project}}/locations/{{location}}/autoscalingPolicies/{{policy_id}}' +collection_url_key: 'policies' +description: | + Describes an autoscaling policy for Dataproc cluster autoscaler. +iam_policy: !ruby/object:Api::Resource::IamPolicy + method_name_separator: ':' + parent_resource_attribute: 'policy_id' + fetch_iam_policy_verb: :POST + import_format: + [ + 'projects/{{project}}/locations/{{location}}/autoscalingPolicies/{{policy_id}}', + '{{policy_id}}', + ] +id_format: 'projects/{{project}}/locations/{{location}}/autoscalingPolicies/{{policy_id}}' +import_format: + [ + 'projects/{{project}}/locations/{{location}}/autoscalingPolicies/{{policy_id}}', + ] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'dataproc_autoscaling_policy_basic' + skip_docs: true + primary_resource_id: 'basic' + primary_resource_name: "fmt.Sprintf(\"tf-test-dataproc-policy%s\", + context[\"\ + random_suffix\"])" + vars: + name: 'dataproc-policy' + - !ruby/object:Provider::Terraform::Examples + name: 'dataproc_autoscaling_policy' +======= --- name: 'AutoscalingPolicy' description: | @@ -43,10 +82,26 @@ examples: name: 'dataproc-policy' exclude_docs: true - name: 'dataproc_autoscaling_policy' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'asp' vars: name: 'dataproc-policy' parameters: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'location' + url_param_only: true + immutable: true + default_value: global + description: | + The location where the autoscaling policy should reside. + The default value is `global`. +properties: + - !ruby/object:Api::Type::String + name: 'policy_id' + api_name: 'id' + required: true +======= - name: 'location' type: String description: | @@ -58,10 +113,36 @@ parameters: properties: - name: 'policy_id' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The policy id. The id must contain only letters (a-z, A-Z), numbers (0-9), underscores (_), and hyphens (-). Cannot begin or end with underscore or hyphen. Must consist of between 3 and 50 characters. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + The "resource name" of the autoscaling policy. + - !ruby/object:Api::Type::NestedObject + name: 'workerConfig' + description: | + Describes how the autoscaler will operate for primary workers. + properties: + - !ruby/object:Api::Type::Integer + name: 'minInstances' + default_value: 2 + description: | + Minimum number of instances for this group. Bounds: [2, maxInstances]. Defaults to 2. + - !ruby/object:Api::Type::Integer + name: 'maxInstances' + required: true + description: | + Maximum number of instances for this group. + - !ruby/object:Api::Type::Integer + name: 'weight' + default_value: 1 +======= api_name: id required: true - name: 'name' @@ -86,6 +167,7 @@ properties: required: true - name: 'weight' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Weight for the instance group, which is used to determine the fraction of total workers in the cluster from this instance group. For example, if primary workers have weight 2, @@ -101,6 +183,29 @@ properties: within the configured size bounds for each group. If weight is set for one group only, the cluster will default to zero weight on the unset group. For example if weight is set only on primary workers, the cluster will use primary workers only and no secondary workers. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'secondaryWorkerConfig' + description: | + Describes how the autoscaler will operate for secondary workers. + properties: + - !ruby/object:Api::Type::Integer + name: 'minInstances' + at_least_one_of: + - secondary_worker_config.0.min_instances + - secondary_worker_config.0.max_instances + - secondary_worker_config.0.weight + default_value: 0 + description: | + Minimum number of instances for this group. Bounds: [0, maxInstances]. Defaults to 0. + - !ruby/object:Api::Type::Integer + name: 'maxInstances' + at_least_one_of: + - secondary_worker_config.0.min_instances + - secondary_worker_config.0.max_instances + - secondary_worker_config.0.weight + default_value: 0 +======= default_value: 1 - name: 'secondaryWorkerConfig' type: NestedObject @@ -118,10 +223,20 @@ properties: default_value: 0 - name: 'maxInstances' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Maximum number of instances for this group. Note that by default, clusters will not use secondary workers. Required for secondary workers if the minimum secondary instances is set. Bounds: [minInstances, ). Defaults to 0. +<<<<<<< HEAD + - !ruby/object:Api::Type::Integer + name: 'weight' + at_least_one_of: + - secondary_worker_config.0.min_instances + - secondary_worker_config.0.max_instances + - secondary_worker_config.0.weight + default_value: 1 +======= at_least_one_of: - 'secondary_worker_config.0.min_instances' - 'secondary_worker_config.0.max_instances' @@ -129,6 +244,7 @@ properties: default_value: 0 - name: 'weight' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Weight for the instance group, which is used to determine the fraction of total workers in the cluster from this instance group. For example, if primary workers have weight 2, @@ -144,6 +260,16 @@ properties: within the configured size bounds for each group. If weight is set for one group only, the cluster will default to zero weight on the unset group. For example if weight is set only on primary workers, the cluster will use primary workers only and no secondary workers. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'basicAlgorithm' + description: | + Basic algorithm for autoscaling. + properties: + - !ruby/object:Api::Type::String + name: 'cooldownPeriod' + default_value: '120s' +======= at_least_one_of: - 'secondary_worker_config.0.min_instances' - 'secondary_worker_config.0.max_instances' @@ -156,11 +282,23 @@ properties: properties: - name: 'cooldownPeriod' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Duration between scaling events. A scaling period starts after the update operation from the previous event has completed. Bounds: [2m, 1d]. Default: 2m. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'yarnConfig' + required: true + description: | + YARN autoscaling configuration. + properties: + - !ruby/object:Api::Type::String + name: 'gracefulDecommissionTimeout' + required: true +======= default_value: "120s" - name: 'yarnConfig' type: NestedObject @@ -170,15 +308,22 @@ properties: properties: - name: 'gracefulDecommissionTimeout' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Timeout for YARN graceful decommissioning of Node Managers. Specifies the duration to wait for jobs to complete before forcefully removing workers (and potentially interrupting jobs). Only applicable to downscaling operations. Bounds: [0s, 1d]. +<<<<<<< HEAD + - !ruby/object:Api::Type::Double + name: 'scaleUpFactor' + required: true +======= required: true - name: 'scaleUpFactor' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Fraction of average pending memory in the last cooldown period for which to add workers. A scale-up factor of 1.0 will result in scaling up so that there @@ -187,9 +332,15 @@ properties: (less aggressive scaling). Bounds: [0.0, 1.0]. +<<<<<<< HEAD + - !ruby/object:Api::Type::Double + name: 'scaleDownFactor' + required: true +======= required: true - name: 'scaleDownFactor' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Fraction of average pending memory in the last cooldown period for which to remove workers. A scale-down factor of 1 will result in scaling down so that there @@ -198,9 +349,15 @@ properties: autoscaling a single job. Bounds: [0.0, 1.0]. +<<<<<<< HEAD + - !ruby/object:Api::Type::Double + name: 'scaleUpMinWorkerFraction' + default_value: 0.0 +======= required: true - name: 'scaleUpMinWorkerFraction' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Minimum scale-up threshold as a fraction of total cluster size before scaling occurs. For example, in a 20-worker cluster, a threshold of 0.1 means the autoscaler @@ -208,9 +365,15 @@ properties: 0 means the autoscaler will scale up on any recommended change. Bounds: [0.0, 1.0]. Default: 0.0. +<<<<<<< HEAD + - !ruby/object:Api::Type::Double + name: 'scaleDownMinWorkerFraction' + default_value: 0.0 +======= default_value: 0.0 - name: 'scaleDownMinWorkerFraction' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Minimum scale-down threshold as a fraction of total cluster size before scaling occurs. For example, in a 20-worker cluster, a threshold of 0.1 means the autoscaler must @@ -218,4 +381,7 @@ properties: means the autoscaler will scale down on any recommended change. Bounds: [0.0, 1.0]. Default: 0.0. +<<<<<<< HEAD +======= default_value: 0.0 +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/dataproc/go_AutoscalingPolicy.yaml b/mmv1/products/dataproc/go_AutoscalingPolicy.yaml new file mode 100644 index 000000000000..2cd2cdd27053 --- /dev/null +++ b/mmv1/products/dataproc/go_AutoscalingPolicy.yaml @@ -0,0 +1,222 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'AutoscalingPolicy' +description: | + Describes an autoscaling policy for Dataproc cluster autoscaler. +docs: +id_format: 'projects/{{project}}/locations/{{location}}/autoscalingPolicies/{{policy_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/autoscalingPolicies' +self_link: 'projects/{{project}}/locations/{{location}}/autoscalingPolicies/{{policy_id}}' +import_format: + - 'projects/{{project}}/locations/{{location}}/autoscalingPolicies/{{policy_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +collection_url_key: 'policies' +iam_policy: + method_name_separator: ':' + fetch_iam_policy_verb: 'POST' + parent_resource_attribute: 'policy_id' + example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/{{location}}/autoscalingPolicies/{{policy_id}}' + - '{{policy_id}}' +custom_code: +examples: + - name: 'dataproc_autoscaling_policy_basic' + primary_resource_id: 'basic' + primary_resource_name: 'fmt.Sprintf("tf-test-dataproc-policy%s", context["random_suffix"])' + vars: + name: 'dataproc-policy' + exclude_docs: true + - name: 'dataproc_autoscaling_policy' + primary_resource_id: 'asp' + vars: + name: 'dataproc-policy' +parameters: + - name: 'location' + type: String + description: | + The location where the autoscaling policy should reside. + The default value is `global`. + url_param_only: true + immutable: true + default_value: "global" +properties: + - name: 'policy_id' + type: String + description: | + The policy id. The id must contain only letters (a-z, A-Z), numbers (0-9), underscores (_), + and hyphens (-). Cannot begin or end with underscore or hyphen. Must consist of between + 3 and 50 characters. + api_name: id + required: true + - name: 'name' + type: String + description: | + The "resource name" of the autoscaling policy. + output: true + - name: 'workerConfig' + type: NestedObject + description: | + Describes how the autoscaler will operate for primary workers. + properties: + - name: 'minInstances' + type: Integer + description: | + Minimum number of instances for this group. Bounds: [2, maxInstances]. Defaults to 2. + default_value: 2 + - name: 'maxInstances' + type: Integer + description: | + Maximum number of instances for this group. + required: true + - name: 'weight' + type: Integer + description: | + Weight for the instance group, which is used to determine the fraction of total workers + in the cluster from this instance group. For example, if primary workers have weight 2, + and secondary workers have weight 1, the cluster will have approximately 2 primary workers + for each secondary worker. + + The cluster may not reach the specified balance if constrained by min/max bounds or other + autoscaling settings. For example, if maxInstances for secondary workers is 0, then only + primary workers will be added. The cluster can also be out of balance when created. + + If weight is not set on any instance group, the cluster will default to equal weight for + all groups: the cluster will attempt to maintain an equal number of workers in each group + within the configured size bounds for each group. If weight is set for one group only, + the cluster will default to zero weight on the unset group. For example if weight is set + only on primary workers, the cluster will use primary workers only and no secondary workers. + default_value: 1 + - name: 'secondaryWorkerConfig' + type: NestedObject + description: | + Describes how the autoscaler will operate for secondary workers. + properties: + - name: 'minInstances' + type: Integer + description: | + Minimum number of instances for this group. Bounds: [0, maxInstances]. Defaults to 0. + at_least_one_of: + - 'secondary_worker_config.0.min_instances' + - 'secondary_worker_config.0.max_instances' + - 'secondary_worker_config.0.weight' + default_value: 0 + - name: 'maxInstances' + type: Integer + description: | + Maximum number of instances for this group. Note that by default, clusters will not use + secondary workers. Required for secondary workers if the minimum secondary instances is set. + Bounds: [minInstances, ). Defaults to 0. + at_least_one_of: + - 'secondary_worker_config.0.min_instances' + - 'secondary_worker_config.0.max_instances' + - 'secondary_worker_config.0.weight' + default_value: 0 + - name: 'weight' + type: Integer + description: | + Weight for the instance group, which is used to determine the fraction of total workers + in the cluster from this instance group. For example, if primary workers have weight 2, + and secondary workers have weight 1, the cluster will have approximately 2 primary workers + for each secondary worker. + + The cluster may not reach the specified balance if constrained by min/max bounds or other + autoscaling settings. For example, if maxInstances for secondary workers is 0, then only + primary workers will be added. The cluster can also be out of balance when created. + + If weight is not set on any instance group, the cluster will default to equal weight for + all groups: the cluster will attempt to maintain an equal number of workers in each group + within the configured size bounds for each group. If weight is set for one group only, + the cluster will default to zero weight on the unset group. For example if weight is set + only on primary workers, the cluster will use primary workers only and no secondary workers. + at_least_one_of: + - 'secondary_worker_config.0.min_instances' + - 'secondary_worker_config.0.max_instances' + - 'secondary_worker_config.0.weight' + default_value: 1 + - name: 'basicAlgorithm' + type: NestedObject + description: | + Basic algorithm for autoscaling. + properties: + - name: 'cooldownPeriod' + type: String + description: | + Duration between scaling events. A scaling period starts after the + update operation from the previous event has completed. + + Bounds: [2m, 1d]. Default: 2m. + default_value: "120s" + - name: 'yarnConfig' + type: NestedObject + description: | + YARN autoscaling configuration. + required: true + properties: + - name: 'gracefulDecommissionTimeout' + type: String + description: | + Timeout for YARN graceful decommissioning of Node Managers. Specifies the + duration to wait for jobs to complete before forcefully removing workers + (and potentially interrupting jobs). Only applicable to downscaling operations. + + Bounds: [0s, 1d]. + required: true + - name: 'scaleUpFactor' + type: Double + description: | + Fraction of average pending memory in the last cooldown period for which to + add workers. A scale-up factor of 1.0 will result in scaling up so that there + is no pending memory remaining after the update (more aggressive scaling). + A scale-up factor closer to 0 will result in a smaller magnitude of scaling up + (less aggressive scaling). + + Bounds: [0.0, 1.0]. + required: true + - name: 'scaleDownFactor' + type: Double + description: | + Fraction of average pending memory in the last cooldown period for which to + remove workers. A scale-down factor of 1 will result in scaling down so that there + is no available memory remaining after the update (more aggressive scaling). + A scale-down factor of 0 disables removing workers, which can be beneficial for + autoscaling a single job. + + Bounds: [0.0, 1.0]. + required: true + - name: 'scaleUpMinWorkerFraction' + type: Double + description: | + Minimum scale-up threshold as a fraction of total cluster size before scaling + occurs. For example, in a 20-worker cluster, a threshold of 0.1 means the autoscaler + must recommend at least a 2-worker scale-up for the cluster to scale. A threshold of + 0 means the autoscaler will scale up on any recommended change. + + Bounds: [0.0, 1.0]. Default: 0.0. + default_value: 0.0 + - name: 'scaleDownMinWorkerFraction' + type: Double + description: | + Minimum scale-down threshold as a fraction of total cluster size before scaling occurs. + For example, in a 20-worker cluster, a threshold of 0.1 means the autoscaler must + recommend at least a 2 worker scale-down for the cluster to scale. A threshold of 0 + means the autoscaler will scale down on any recommended change. + + Bounds: [0.0, 1.0]. Default: 0.0. + default_value: 0.0 diff --git a/mmv1/products/dataproc/go_product.yaml b/mmv1/products/dataproc/go_product.yaml new file mode 100644 index 000000000000..84783b9848aa --- /dev/null +++ b/mmv1/products/dataproc/go_product.yaml @@ -0,0 +1,24 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Dataproc' +display_name: 'Dataproc' +versions: + - name: 'ga' + base_url: 'https://dataproc.googleapis.com/v1/' + - name: 'beta' + base_url: 'https://dataproc.googleapis.com/v1beta2/' +scopes: + - 'https://www.googleapis.com/auth/cloud-identity' diff --git a/mmv1/products/dataproc/product.yaml b/mmv1/products/dataproc/product.yaml index dc18983cd0db..1c9753155c99 100644 --- a/mmv1/products/dataproc/product.yaml +++ b/mmv1/products/dataproc/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2019 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,19 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: Dataproc +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://dataproc.googleapis.com/v1/ + - !ruby/object:Api::Product::Version + name: beta + base_url: https://dataproc.googleapis.com/v1beta2/ +scopes: + - https://www.googleapis.com/auth/cloud-identity +======= --- name: 'Dataproc' display_name: 'Dataproc' @@ -21,3 +38,4 @@ versions: base_url: 'https://dataproc.googleapis.com/v1beta2/' scopes: - 'https://www.googleapis.com/auth/cloud-identity' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/datastream/ConnectionProfile.yaml b/mmv1/products/datastream/ConnectionProfile.yaml index fc1b594225a2..a572a67ff586 100644 --- a/mmv1/products/datastream/ConnectionProfile.yaml +++ b/mmv1/products/datastream/ConnectionProfile.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,38 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'ConnectionProfile' +base_url: 'projects/{{project}}/locations/{{location}}/connectionProfiles' +create_url: 'projects/{{project}}/locations/{{location}}/connectionProfiles?connectionProfileId={{connection_profile_id}}&force={{create_without_validation}}' +self_link: 'projects/{{project}}/locations/{{location}}/connectionProfiles/{{connection_profile_id}}' +update_verb: :PATCH +update_mask: true +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/datastream/docs/create-connection-profiles' + api: 'https://cloud.google.com/datastream/docs/reference/rest/v1/projects.locations.connectionProfiles' +description: | + A set of reusable connection configurations to be used as a source or destination for a stream. +id_format: projects/{{project}}/locations/{{location}}/connectionProfiles/{{connection_profile_id}} +import_format: + [ + 'projects/{{project}}/locations/{{location}}/connectionProfiles/{{connection_profile_id}}', + ] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'datastream_connection_profile_basic' + primary_resource_id: 'default' + vars: + connection_profile_id: 'my-profile' + - !ruby/object:Provider::Terraform::Examples + name: 'datastream_connection_profile_postgresql_private_connection' + external_providers: ["random", "time"] + primary_resource_id: 'default' + # Random provider + skip_vcr: true +======= --- name: 'ConnectionProfile' description: | @@ -53,6 +89,7 @@ examples: connection_profile_id: 'my-profile' - name: 'datastream_connection_profile_postgresql_private_connection' primary_resource_id: 'default' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: private_connection_id: 'my-connection' connection_profile_id: 'my-profile' @@ -60,6 +97,22 @@ examples: database_instance_name: 'my-instance' deletion_protection: 'true' test_vars_overrides: +<<<<<<< HEAD + deletion_protection: 'false' + oics_vars_overrides: + deletion_protection: 'false' + - !ruby/object:Provider::Terraform::Examples + name: 'datastream_connection_profile_full' + primary_resource_id: + 'default' + # Workaround for https://github.com/hashicorp/terraform-provider-google/issues/12410 + ignore_read_extra: + - 'forward_ssh_connectivity.0.password' + vars: + connection_profile_id: 'my-profile' + - !ruby/object:Provider::Terraform::Examples + name: 'datastream_connection_profile_postgres' +======= 'deletion_protection': 'false' oics_vars_overrides: 'deletion_protection': 'false' @@ -74,18 +127,30 @@ examples: ignore_read_extra: - 'forward_ssh_connectivity.0.password' - name: 'datastream_connection_profile_postgres' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: connection_profile_id: 'my-profile' database_instance_name: 'my-instance' deletion_protection: 'true' test_vars_overrides: +<<<<<<< HEAD + deletion_protection: 'false' + oics_vars_overrides: + deletion_protection: 'false' + skip_test: true + - !ruby/object:Provider::Terraform::Examples + name: 'datastream_connection_profile_sql_server' + primary_resource_id: 'default' + skip_test: true +======= 'deletion_protection': 'false' oics_vars_overrides: 'deletion_protection': 'false' exclude_test: true - name: 'datastream_connection_profile_sql_server' primary_resource_id: 'default' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: database_name: 'db' database_password: 'password' @@ -95,6 +160,149 @@ examples: sql_server_name: 'sql-server' sql_server_root_password: 'root-password' test_vars_overrides: +<<<<<<< HEAD + deletion_protection: 'false' +parameters: + - !ruby/object:Api::Type::String + name: connectionProfileId + description: |- + The connection profile identifier. + required: true + immutable: true + url_param_only: true + - !ruby/object:Api::Type::Boolean + name: create_without_validation + description: |- + Create the connection profile without validating it. + required: false + default_value: false + immutable: true + url_param_only: true + - !ruby/object:Api::Type::String + name: 'location' + description: | + The name of the location this connection profile is located in. + required: true + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: The resource's name. + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: Labels. + - !ruby/object:Api::Type::String + name: 'displayName' + required: true + description: Display name. + - !ruby/object:Api::Type::NestedObject + name: 'oracleProfile' + exactly_one_of: + - oracle_profile + - gcs_profile + - mysql_profile + - bigquery_profile + - postgresql_profile + - sql_server_profile + description: | + Oracle database profile. + properties: + - !ruby/object:Api::Type::String + name: 'hostname' + required: true + description: | + Hostname for the Oracle connection. + - !ruby/object:Api::Type::Integer + name: 'port' + default_value: 1521 + description: | + Port for the Oracle connection. + - !ruby/object:Api::Type::String + name: 'username' + required: true + description: | + Username for the Oracle connection. + - !ruby/object:Api::Type::String + name: 'password' + required: true + description: | + Password for the Oracle connection. + sensitive: true + custom_flatten: templates/terraform/custom_flatten/datastream_connection_profile_oracle_profile_password.go.erb + - !ruby/object:Api::Type::String + name: 'databaseService' + required: true + description: | + Database for the Oracle connection. + - !ruby/object:Api::Type::KeyValuePairs + name: 'connectionAttributes' + description: Connection string attributes + - !ruby/object:Api::Type::NestedObject + name: 'gcsProfile' + exactly_one_of: + - oracle_profile + - gcs_profile + - mysql_profile + - bigquery_profile + - postgresql_profile + - sql_server_profile + description: | + Cloud Storage bucket profile. + properties: + - !ruby/object:Api::Type::String + name: 'bucket' + required: true + description: | + The Cloud Storage bucket name. + - !ruby/object:Api::Type::String + name: 'rootPath' + description: | + The root path inside the Cloud Storage bucket. + - !ruby/object:Api::Type::NestedObject + name: 'mysqlProfile' + exactly_one_of: + - oracle_profile + - gcs_profile + - mysql_profile + - bigquery_profile + - postgresql_profile + - sql_server_profile + description: | + MySQL database profile. + properties: + - !ruby/object:Api::Type::String + name: 'hostname' + required: true + description: | + Hostname for the MySQL connection. + - !ruby/object:Api::Type::Integer + name: 'port' + default_value: 3306 + description: | + Port for the MySQL connection. + - !ruby/object:Api::Type::String + name: 'username' + required: true + description: | + Username for the MySQL connection. + - !ruby/object:Api::Type::String + name: 'password' + required: true + description: | + Password for the MySQL connection. + sensitive: true + custom_flatten: templates/terraform/custom_flatten/datastream_connection_profile_mysql_profile_password.go.erb + - !ruby/object:Api::Type::NestedObject + name: 'sslConfig' + description: | + SSL configuration for the MySQL connection. + properties: + - !ruby/object:Api::Type::String + name: 'clientKey' + immutable: true +======= 'deletion_protection': 'false' exclude_test: true parameters: @@ -236,10 +444,23 @@ properties: properties: - name: 'clientKey' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | PEM-encoded private key associated with the Client Certificate. If this field is used then the 'client_certificate' and the 'ca_certificate' fields are mandatory. +<<<<<<< HEAD + sensitive: true + custom_flatten: templates/terraform/custom_flatten/datastream_connection_profile_mysql_profile_ssl_config_client_key.go.erb + - !ruby/object:Api::Type::Boolean + name: 'clientKeySet' + output: true + description: | + Indicates whether the clientKey field is set. + - !ruby/object:Api::Type::String + name: 'clientCertificate' + immutable: true +======= immutable: true sensitive: true custom_flatten: 'templates/terraform/custom_flatten/datastream_connection_profile_mysql_profile_ssl_config_client_key.go.tmpl' @@ -250,11 +471,128 @@ properties: output: true - name: 'clientCertificate' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | PEM-encoded certificate that will be used by the replica to authenticate against the source database server. If this field is used then the 'clientKey' and the 'caCertificate' fields are mandatory. +<<<<<<< HEAD + sensitive: true + custom_flatten: templates/terraform/custom_flatten/datastream_connection_profile_mysql_profile_ssl_config_client_certificate.go.erb + - !ruby/object:Api::Type::Boolean + name: 'clientCertificateSet' + output: true + description: | + Indicates whether the clientCertificate field is set. + - !ruby/object:Api::Type::String + name: 'caCertificate' + immutable: true + description: | + PEM-encoded certificate of the CA that signed the source database + server's certificate. + sensitive: true + custom_flatten: templates/terraform/custom_flatten/datastream_connection_profile_mysql_profile_ssl_config_ca_certificate.go.erb + - !ruby/object:Api::Type::Boolean + name: 'caCertificateSet' + output: true + description: | + Indicates whether the clientKey field is set. + - !ruby/object:Api::Type::NestedObject + name: 'bigqueryProfile' + send_empty_value: true + allow_empty_object: true + exactly_one_of: + - oracle_profile + - gcs_profile + - mysql_profile + - bigquery_profile + - postgresql_profile + - sql_server_profile + description: | + BigQuery warehouse profile. + properties: [] + - !ruby/object:Api::Type::NestedObject + name: 'postgresqlProfile' + exactly_one_of: + - oracle_profile + - gcs_profile + - mysql_profile + - bigquery_profile + - postgresql_profile + - sql_server_profile + description: | + PostgreSQL database profile. + properties: + - !ruby/object:Api::Type::String + name: 'hostname' + required: true + description: | + Hostname for the PostgreSQL connection. + - !ruby/object:Api::Type::Integer + name: 'port' + default_value: 5432 + description: | + Port for the PostgreSQL connection. + - !ruby/object:Api::Type::String + name: 'username' + required: true + description: | + Username for the PostgreSQL connection. + - !ruby/object:Api::Type::String + name: 'password' + required: true + description: | + Password for the PostgreSQL connection. + sensitive: true + custom_flatten: templates/terraform/custom_flatten/datastream_connection_profile_postgresql_profile_password.go.erb + - !ruby/object:Api::Type::String + name: 'database' + required: true + description: | + Database for the PostgreSQL connection. + - !ruby/object:Api::Type::NestedObject + name: 'sqlServerProfile' + exactly_one_of: + - oracle_profile + - gcs_profile + - mysql_profile + - bigquery_profile + - postgresql_profile + - sql_server_profile + description: | + SQL Server database profile. + properties: + - !ruby/object:Api::Type::String + name: 'hostname' + required: true + description: | + Hostname for the SQL Server connection. + - !ruby/object:Api::Type::Integer + name: 'port' + default_value: 1433 + description: | + Port for the SQL Server connection. + - !ruby/object:Api::Type::String + name: 'username' + required: true + description: | + Username for the SQL Server connection. + - !ruby/object:Api::Type::String + name: 'password' + required: true + description: | + Password for the SQL Server connection. + sensitive: true + custom_flatten: templates/terraform/custom_flatten/datastream_connection_profile_sql_server_profile_password.go.erb + - !ruby/object:Api::Type::String + name: 'database' + required: true + description: | + Database for the SQL Server connection. + - !ruby/object:Api::Type::NestedObject + name: 'forwardSshConnectivity' +======= immutable: true sensitive: true custom_flatten: 'templates/terraform/custom_flatten/datastream_connection_profile_mysql_profile_ssl_config_client_certificate.go.tmpl' @@ -371,11 +709,49 @@ properties: required: true - name: 'forwardSshConnectivity' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Forward SSH tunnel connectivity. conflicts: - private_connectivity properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'hostname' + required: true + description: | + Hostname for the SSH tunnel. + - !ruby/object:Api::Type::String + name: 'username' + required: true + description: | + Username for the SSH tunnel. + - !ruby/object:Api::Type::Integer + name: 'port' + default_value: 22 + description: | + Port for the SSH tunnel. + - !ruby/object:Api::Type::String + name: 'password' + immutable: true + description: | + SSH password. + conflicts: + - forward_ssh_connectivity.0.private_key + sensitive: true + custom_flatten: templates/terraform/custom_flatten/datastream_connection_profile_forward_ssh_connectivity_password.go.erb + - !ruby/object:Api::Type::String + name: 'privateKey' + immutable: true + description: | + SSH private key. + conflicts: + - forward_ssh_connectivity.0.password + sensitive: true + custom_flatten: templates/terraform/custom_flatten/datastream_connection_profile_forward_ssh_connectivity_private_key.go.erb + - !ruby/object:Api::Type::NestedObject + name: 'privateConnectivity' +======= - name: 'hostname' type: String description: | @@ -411,13 +787,22 @@ properties: custom_flatten: 'templates/terraform/custom_flatten/datastream_connection_profile_forward_ssh_connectivity_private_key.go.tmpl' - name: 'privateConnectivity' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Private connectivity. conflicts: - forward_ssh_connectivity properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'privateConnection' + required: true + description: | + A reference to a private connection resource. Format: `projects/{project}/locations/{location}/privateConnections/{name}` +======= - name: 'privateConnection' type: String description: | A reference to a private connection resource. Format: `projects/{project}/locations/{location}/privateConnections/{name}` required: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/datastream/PrivateConnection.yaml b/mmv1/products/datastream/PrivateConnection.yaml index 5a192645fa00..90561788adca 100644 --- a/mmv1/products/datastream/PrivateConnection.yaml +++ b/mmv1/products/datastream/PrivateConnection.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,32 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'PrivateConnection' +base_url: 'projects/{{project}}/locations/{{location}}/privateConnections' +create_url: 'projects/{{project}}/locations/{{location}}/privateConnections?privateConnectionId={{private_connection_id}}&force={{create_without_validation}}' +self_link: 'projects/{{project}}/locations/{{location}}/privateConnections/{{private_connection_id}}' +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/datastream/docs/create-a-private-connectivity-configuration' + api: 'https://cloud.google.com/datastream/docs/reference/rest/v1/projects.locations.privateConnections' +description: | + The PrivateConnection resource is used to establish private connectivity between Datastream and a customer's network. +immutable: true +schema_version: 1 +state_upgraders: true +# Skipping the sweeper since the resource needs force-deletion +skip_sweeper: true +id_format: projects/{{project}}/locations/{{location}}/privateConnections/{{private_connection_id}} +import_format: + [ + 'projects/{{project}}/locations/{{location}}/privateConnections/{{private_connection_id}}', + ] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'datastream_private_connection_full' +======= --- name: 'PrivateConnection' description: | @@ -55,10 +85,96 @@ schema_version: 1 state_upgraders: true examples: - name: 'datastream_private_connection_full' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: private_connection_id: 'my-connection' network_name: 'my-network' +<<<<<<< HEAD +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: templates/terraform/constants/private_connection.go.erb + post_create: templates/terraform/post_create/private_connection.go.erb + post_import: templates/terraform/post_import/private_connection.go.erb + pre_delete: templates/terraform/pre_delete/private_connection.go.erb +parameters: + - !ruby/object:Api::Type::String + name: privateConnectionId + description: |- + The private connectivity identifier. + required: true + immutable: true + url_param_only: true + - !ruby/object:Api::Type::Boolean + name: create_without_validation + description: |- + If set to true, will skip validations. + required: false + default_value: false + immutable: true + url_param_only: true + - !ruby/object:Api::Type::String + name: 'location' + description: | + The name of the location this private connection is located in. + required: true + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: The resource's name. + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: Labels. + - !ruby/object:Api::Type::String + name: 'displayName' + required: true + description: Display name. + - !ruby/object:Api::Type::Enum + name: 'state' + description: | + State of the PrivateConnection. + output: true + values: + - :CREATING + - :CREATED + - :FAILED + - :DELETING + - :FAILED_TO_DELETE + - !ruby/object:Api::Type::NestedObject + name: 'error' + output: true + description: | + The PrivateConnection error in case of failure. + properties: + - !ruby/object:Api::Type::String + name: 'message' + description: | + A message containing more information about the error that occurred. + - !ruby/object:Api::Type::KeyValuePairs + name: 'details' + description: | + A list of messages that carry the error details. + - !ruby/object:Api::Type::NestedObject + name: 'vpcPeeringConfig' + required: true + description: | + The VPC Peering configuration is used to create VPC peering + between Datastream and the consumer's VPC. + properties: + - !ruby/object:Api::Type::String + name: 'vpc' + required: true + description: | + Fully qualified name of the VPC that Datastream will peer to. + Format: projects/{project}/global/{networks}/{name} + - !ruby/object:Api::Type::String + name: 'subnet' + required: true + description: | + A free subnet for peering. (CIDR of /29) +======= parameters: - name: 'privateConnectionId' type: String @@ -137,3 +253,4 @@ properties: description: | A free subnet for peering. (CIDR of /29) required: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/datastream/Stream.yaml b/mmv1/products/datastream/Stream.yaml index 71cb12278406..656f288b3dad 100644 --- a/mmv1/products/datastream/Stream.yaml +++ b/mmv1/products/datastream/Stream.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,52 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Stream' +base_url: 'projects/{{project}}/locations/{{location}}/streams' +create_url: 'projects/{{project}}/locations/{{location}}/streams?streamId={{stream_id}}&force={{create_without_validation}}' +self_link: 'projects/{{project}}/locations/{{location}}/streams/{{stream_id}}' +update_verb: :PATCH +update_mask: true +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/datastream/docs/create-a-stream' + api: 'https://cloud.google.com/datastream/docs/reference/rest/v1/projects.locations.streams' +description: | + A resource representing streaming data from a source to a destination. +id_format: projects/{{project}}/locations/{{location}}/streams/{{stream_id}} +import_format: + ['projects/{{project}}/locations/{{location}}/streams/{{stream_id}}'] +virtual_fields: + - !ruby/object:Api::Type::String + name: 'desired_state' + description: | + Desired state of the Stream. Set this field to `RUNNING` to start the stream, + `NOT_STARTED` to create the stream without starting and `PAUSED` to pause + the stream from a `RUNNING` state. + Possible values: NOT_STARTED, RUNNING, PAUSED. Default: NOT_STARTED + default_value: NOT_STARTED +custom_code: !ruby/object:Provider::Terraform::CustomCode + constants: 'templates/terraform/constants/datastream_stream.go.erb' + post_create: 'templates/terraform/post_create/datastream_stream.go.erb' + post_import: 'templates/terraform/post_import/datastream_stream.go.erb' + pre_update: 'templates/terraform/pre_update/datastream_stream.go.erb' + post_update: 'templates/terraform/post_update/datastream_stream.go.erb' + encoder: 'templates/terraform/encoders/datastream_stream.go.erb' +custom_diff: [ + 'resourceDatastreamStreamCustomDiff', +] +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'datastream_stream_basic' + external_providers: ["random", "time"] + primary_resource_id: 'default' + skip_docs: + true + # Random provider + skip_vcr: true +======= --- name: 'Stream' description: | @@ -57,6 +107,7 @@ custom_diff: examples: - name: 'datastream_stream_basic' primary_resource_id: 'default' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: stream_id: 'my-stream' private_connection_id: 'my-connection' @@ -67,6 +118,18 @@ examples: bucket_name: 'my-bucket' destination_connection_profile_id: 'destination-profile' test_vars_overrides: +<<<<<<< HEAD + deletion_protection: 'false' + oics_vars_overrides: + deletion_protection: 'false' + - !ruby/object:Provider::Terraform::Examples + name: 'datastream_stream_full' + external_providers: ["random", "time"] + primary_resource_id: + 'default' + # Random provider + skip_vcr: true +======= 'deletion_protection': 'false' oics_vars_overrides: 'deletion_protection': 'false' @@ -76,6 +139,7 @@ examples: skip_vcr: true - name: 'datastream_stream_full' primary_resource_id: 'default' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: stream_id: 'my-stream' private_connection_id: 'my-connection' @@ -87,6 +151,16 @@ examples: destination_connection_profile_id: 'destination-profile' stream_cmek: 'kms-name' test_vars_overrides: +<<<<<<< HEAD + deletion_protection: 'false' + stream_cmek: 'acctest.BootstrapKMSKeyInLocation(t, "us-central1").CryptoKey.Name' + oics_vars_overrides: + deletion_protection: 'false' + - !ruby/object:Provider::Terraform::Examples + name: 'datastream_stream_postgresql' + primary_resource_id: 'default' + skip_test: true +======= 'deletion_protection': 'false' 'stream_cmek': 'acctest.BootstrapKMSKeyInLocation(t, "us-central1").CryptoKey.Name' oics_vars_overrides: @@ -96,20 +170,53 @@ examples: skip_vcr: true - name: 'datastream_stream_postgresql' primary_resource_id: 'default' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: stream_id: 'my-stream' source_connection_profile_id: 'source-profile' destination_connection_profile_id: 'destination-profile' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'datastream_stream_oracle' + primary_resource_id: 'default' + skip_test: true +======= exclude_test: true - name: 'datastream_stream_oracle' primary_resource_id: 'default' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: stream_id: 'my-stream' source_connection_profile_id: 'source-profile' destination_connection_profile_id: 'destination-profile' +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'datastream_stream_sql_server' + primary_resource_id: 'default' + skip_test: true +======= exclude_test: true - name: 'datastream_stream_sql_server' primary_resource_id: 'default' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 + vars: + database_name: 'db' + database_password: 'password' + database_user: 'user' + deletion_protection: 'true' + destination_connection_profile_id: 'destination-profile' + source_connection_profile_id: 'source-profile' + sql_server_name: 'sql-server' + sql_server_root_password: 'root-password' + stream_id: 'stream' + test_vars_overrides: +<<<<<<< HEAD + deletion_protection: 'false' + - !ruby/object:Provider::Terraform::Examples + name: 'datastream_stream_sql_server_change_tables' + primary_resource_id: 'default' + # Requires SQLServer Configuration + skip_test: true vars: database_name: 'db' database_password: 'password' @@ -121,6 +228,10 @@ examples: sql_server_root_password: 'root-password' stream_id: 'stream' test_vars_overrides: + deletion_protection: 'false' + - !ruby/object:Provider::Terraform::Examples + name: 'datastream_stream_postgresql_bigquery_dataset_id' +======= 'deletion_protection': 'false' exclude_test: true - name: 'datastream_stream_sql_server_change_tables' @@ -140,6 +251,7 @@ examples: # Requires SQLServer Configuration exclude_test: true - name: 'datastream_stream_postgresql_bigquery_dataset_id' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'default' vars: dataset_id: 'postgres' @@ -151,8 +263,18 @@ examples: external_providers: ["random", "time"] # Random provider skip_vcr: true +<<<<<<< HEAD + - !ruby/object:Provider::Terraform::Examples + name: 'datastream_stream_bigquery' + external_providers: ["random", "time"] + primary_resource_id: + 'default' + # Random provider + skip_vcr: true +======= - name: 'datastream_stream_bigquery' primary_resource_id: 'default' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: stream_id: 'my-stream' private_connection_id: 'my-connection' @@ -163,6 +285,20 @@ examples: destination_connection_profile_id: 'destination-profile' bigquery_destination_table_kms_key_name: 'bigquery-kms-name' test_vars_overrides: +<<<<<<< HEAD + deletion_protection: 'false' + bigquery_destination_table_kms_key_name: + 'acctest.BootstrapKMSKeyInLocation(t, "us-central1").CryptoKey.Name' + oics_vars_overrides: + deletion_protection: 'false' + - !ruby/object:Provider::Terraform::Examples + name: 'datastream_stream_bigquery_append_only' + external_providers: ["random", "time"] + primary_resource_id: + 'default' + # Random provider + skip_vcr: true +======= 'deletion_protection': 'false' 'bigquery_destination_table_kms_key_name': 'acctest.BootstrapKMSKeyInLocation(t, "us-central1").CryptoKey.Name' oics_vars_overrides: @@ -172,6 +308,7 @@ examples: skip_vcr: true - name: 'datastream_stream_bigquery_append_only' primary_resource_id: 'default' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 vars: stream_id: 'my-stream' private_connection_id: 'my-connection' @@ -181,6 +318,220 @@ examples: deletion_protection: 'true' destination_connection_profile_id: 'destination-profile' test_vars_overrides: +<<<<<<< HEAD + deletion_protection: 'false' + oics_vars_overrides: + deletion_protection: 'false' +parameters: + - !ruby/object:Api::Type::String + name: streamId + description: |- + The stream identifier. + required: true + immutable: true + url_param_only: true + - !ruby/object:Api::Type::Boolean + name: create_without_validation + description: |- + Create the stream without validating it. + required: false + default_value: false + immutable: true + url_param_only: true + - !ruby/object:Api::Type::String + name: 'location' + description: | + The name of the location this stream is located in. + required: true + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: The stream's name. + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' + description: Labels. + - !ruby/object:Api::Type::String + name: 'displayName' + required: true + description: Display name. + - !ruby/object:Api::Type::NestedObject + name: 'sourceConfig' + required: true + description: | + Source connection profile configuration. + properties: + - !ruby/object:Api::Type::String + name: 'sourceConnectionProfile' + immutable: true + required: true + description: | + Source connection profile resource. Format: projects/{project}/locations/{location}/connectionProfiles/{name} + diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' + - !ruby/object:Api::Type::NestedObject + name: 'mysqlSourceConfig' + allow_empty_object: true + send_empty_value: true + exactly_one_of: + - source_config.0.mysql_source_config + - source_config.0.oracle_source_config + - source_config.0.postgresql_source_config + - source_config.0.sql_server_source_config + description: | + MySQL data source configuration. + properties: + - !ruby/object:Api::Type::NestedObject + name: 'includeObjects' + description: | + MySQL objects to retrieve from the source. + properties: + - !ruby/object:Api::Type::Array + name: 'mysqlDatabases' + required: true + min_size: 1 + description: | + MySQL databases on the server + item_type: !ruby/object:Api::Type::NestedObject + description: | + MySQL database. + properties: + - !ruby/object:Api::Type::String + name: 'database' + required: true + description: | + Database name. + - !ruby/object:Api::Type::Array + name: 'mysqlTables' + min_size: 1 + description: | + Tables in the database. + item_type: !ruby/object:Api::Type::NestedObject + description: | + MySQL table. + properties: + - !ruby/object:Api::Type::String + name: 'table' + required: true + description: | + Table name. + - !ruby/object:Api::Type::Array + name: 'mysqlColumns' + min_size: 1 + description: | + MySQL columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. + item_type: !ruby/object:Api::Type::NestedObject + description: | + MySQL Column. + properties: + - !ruby/object:Api::Type::String + name: 'column' + description: | + Column name. + - !ruby/object:Api::Type::String + name: 'dataType' + description: | + The MySQL data type. Full data types list can be found here: + https://dev.mysql.com/doc/refman/8.0/en/data-types.html + - !ruby/object:Api::Type::Integer + name: 'length' + output: true + description: | + Column length. + - !ruby/object:Api::Type::String + name: 'collation' + description: | + Column collation. + - !ruby/object:Api::Type::Boolean + name: 'primaryKey' + description: | + Whether or not the column represents a primary key. + - !ruby/object:Api::Type::Boolean + name: 'nullable' + description: | + Whether or not the column can accept a null value. + - !ruby/object:Api::Type::Integer + name: 'ordinalPosition' + description: | + The ordinal position of the column in the table. + - !ruby/object:Api::Type::NestedObject + name: 'excludeObjects' + description: | + MySQL objects to exclude from the stream. + properties: + - !ruby/object:Api::Type::Array + name: 'mysqlDatabases' + required: true + min_size: 1 + description: | + MySQL databases on the server + item_type: !ruby/object:Api::Type::NestedObject + description: | + MySQL database. + properties: + - !ruby/object:Api::Type::String + name: 'database' + required: true + description: | + Database name. + - !ruby/object:Api::Type::Array + name: 'mysqlTables' + min_size: 1 + description: | + Tables in the database. + item_type: !ruby/object:Api::Type::NestedObject + description: | + MySQL table. + properties: + - !ruby/object:Api::Type::String + name: 'table' + required: true + description: | + Table name. + - !ruby/object:Api::Type::Array + name: 'mysqlColumns' + min_size: 1 + description: | + MySQL columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. + item_type: !ruby/object:Api::Type::NestedObject + description: | + MySQL Column. + properties: + - !ruby/object:Api::Type::String + name: 'column' + description: | + Column name. + - !ruby/object:Api::Type::String + name: 'dataType' + description: | + The MySQL data type. Full data types list can be found here: + https://dev.mysql.com/doc/refman/8.0/en/data-types.html + - !ruby/object:Api::Type::Integer + name: 'length' + output: true + description: | + Column length. + - !ruby/object:Api::Type::String + name: 'collation' + description: | + Column collation. + - !ruby/object:Api::Type::Boolean + name: 'primaryKey' + description: | + Whether or not the column represents a primary key. + - !ruby/object:Api::Type::Boolean + name: 'nullable' + description: | + Whether or not the column can accept a null value. + - !ruby/object:Api::Type::Integer + name: 'ordinalPosition' + description: | + The ordinal position of the column in the table. + - !ruby/object:Api::Type::Integer + name: 'maxConcurrentCdcTasks' + send_empty_value: true +======= 'deletion_protection': 'false' oics_vars_overrides: 'deletion_protection': 'false' @@ -410,252 +761,228 @@ properties: min_size: 1 - name: 'maxConcurrentCdcTasks' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Maximum number of concurrent CDC tasks. The number should be non negative. If not set (or set to 0), the system's default value will be used. default_from_api: true +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.IntAtLeast(0)' + - !ruby/object:Api::Type::Integer + name: 'maxConcurrentBackfillTasks' + send_empty_value: true +======= send_empty_value: true validation: function: 'validation.IntAtLeast(0)' - name: 'maxConcurrentBackfillTasks' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Maximum number of concurrent backfill tasks. The number should be non negative. If not set (or set to 0), the system's default value will be used. default_from_api: true - send_empty_value: true - validation: +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation function: 'validation.IntAtLeast(0)' - - name: 'oracleSourceConfig' - type: NestedObject - description: | - MySQL data source configuration. - send_empty_value: true + - !ruby/object:Api::Type::NestedObject + name: 'oracleSourceConfig' allow_empty_object: true + send_empty_value: true exactly_one_of: - - 'source_config.0.mysql_source_config' - - 'source_config.0.oracle_source_config' - - 'source_config.0.postgresql_source_config' - - 'source_config.0.sql_server_source_config' + - source_config.0.mysql_source_config + - source_config.0.oracle_source_config + - source_config.0.postgresql_source_config + - source_config.0.sql_server_source_config + description: | + MySQL data source configuration. properties: - - name: 'includeObjects' - type: NestedObject + - !ruby/object:Api::Type::NestedObject + name: 'includeObjects' description: | Oracle objects to retrieve from the source. properties: - - name: 'oracleSchemas' - type: Array + - !ruby/object:Api::Type::Array + name: 'oracleSchemas' + required: true + min_size: 1 description: | Oracle schemas/databases in the database server - required: true - item_type: + item_type: !ruby/object:Api::Type::NestedObject description: | MySQL database. - type: NestedObject properties: - - name: 'schema' - type: String + - !ruby/object:Api::Type::String + name: 'schema' + required: true description: | Schema name. - required: true - - name: 'oracleTables' - type: Array + - !ruby/object:Api::Type::Array + name: 'oracleTables' + min_size: 1 description: | Tables in the database. - item_type: + item_type: !ruby/object:Api::Type::NestedObject description: | Oracle table. - type: NestedObject properties: - - name: 'table' - type: String + - !ruby/object:Api::Type::String + name: 'table' + required: true description: | Table name. - required: true - - name: 'oracleColumns' - type: Array + - !ruby/object:Api::Type::Array + name: 'oracleColumns' + min_size: 1 description: | Oracle columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. - item_type: + item_type: !ruby/object:Api::Type::NestedObject description: | Oracle Column. - type: NestedObject properties: - - name: 'column' - type: String + - !ruby/object:Api::Type::String + name: 'column' description: | Column name. - - name: 'dataType' - type: String + - !ruby/object:Api::Type::String + name: 'dataType' description: | The Oracle data type. Full data types list can be found here: https://docs.oracle.com/en/database/oracle/oracle-database/21/sqlrf/Data-Types.html - - name: 'length' - type: Integer + - !ruby/object:Api::Type::Integer + name: 'length' + output: true description: | Column length. + - !ruby/object:Api::Type::Integer + name: 'precision' output: true - - name: 'precision' - type: Integer description: | Column precision. + - !ruby/object:Api::Type::Integer + name: 'scale' output: true - - name: 'scale' - type: Integer description: | Column scale. + - !ruby/object:Api::Type::String + name: 'encoding' output: true - - name: 'encoding' - type: String description: | Column encoding. + - !ruby/object:Api::Type::Boolean + name: 'primaryKey' output: true - - name: 'primaryKey' - type: Boolean description: | Whether or not the column represents a primary key. + - !ruby/object:Api::Type::Boolean + name: 'nullable' output: true - - name: 'nullable' - type: Boolean description: | Whether or not the column can accept a null value. + - !ruby/object:Api::Type::Integer + name: 'ordinalPosition' output: true - - name: 'ordinalPosition' - type: Integer description: | The ordinal position of the column in the table. - output: true - min_size: 1 - min_size: 1 - min_size: 1 - - name: 'excludeObjects' - type: NestedObject + - !ruby/object:Api::Type::NestedObject + name: 'excludeObjects' description: | Oracle objects to exclude from the stream. properties: - - name: 'oracleSchemas' - type: Array + - !ruby/object:Api::Type::Array + name: 'oracleSchemas' + required: true + min_size: 1 description: | Oracle schemas/databases in the database server - required: true - item_type: + item_type: !ruby/object:Api::Type::NestedObject description: | MySQL database. - type: NestedObject properties: - - name: 'schema' - type: String + - !ruby/object:Api::Type::String + name: 'schema' + required: true description: | Schema name. - required: true - - name: 'oracleTables' - type: Array + - !ruby/object:Api::Type::Array + name: 'oracleTables' + min_size: 1 description: | Tables in the database. - item_type: + item_type: !ruby/object:Api::Type::NestedObject description: | Oracle table. - type: NestedObject properties: - - name: 'table' - type: String + - !ruby/object:Api::Type::String + name: 'table' + required: true description: | Table name. - required: true - - name: 'oracleColumns' - type: Array + - !ruby/object:Api::Type::Array + name: 'oracleColumns' + min_size: 1 description: | Oracle columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. - item_type: + item_type: !ruby/object:Api::Type::NestedObject description: | Oracle Column. - type: NestedObject properties: - - name: 'column' - type: String + - !ruby/object:Api::Type::String + name: 'column' description: | Column name. - - name: 'dataType' - type: String + - !ruby/object:Api::Type::String + name: 'dataType' description: | The Oracle data type. Full data types list can be found here: https://docs.oracle.com/en/database/oracle/oracle-database/21/sqlrf/Data-Types.html - - name: 'length' - type: Integer + - !ruby/object:Api::Type::Integer + name: 'length' + output: true description: | Column length. + - !ruby/object:Api::Type::Integer + name: 'precision' output: true - - name: 'precision' - type: Integer description: | Column precision. + - !ruby/object:Api::Type::Integer + name: 'scale' output: true - - name: 'scale' - type: Integer description: | Column scale. + - !ruby/object:Api::Type::String + name: 'encoding' output: true - - name: 'encoding' - type: String description: | Column encoding. + - !ruby/object:Api::Type::Boolean + name: 'primaryKey' output: true - - name: 'primaryKey' - type: Boolean description: | Whether or not the column represents a primary key. + - !ruby/object:Api::Type::Boolean + name: 'nullable' output: true - - name: 'nullable' - type: Boolean description: | Whether or not the column can accept a null value. + - !ruby/object:Api::Type::Integer + name: 'ordinalPosition' output: true - - name: 'ordinalPosition' - type: Integer description: | The ordinal position of the column in the table. - output: true - min_size: 1 - min_size: 1 - min_size: 1 - - name: 'maxConcurrentCdcTasks' - type: Integer - description: | - Maximum number of concurrent CDC tasks. The number should be non negative. - If not set (or set to 0), the system's default value will be used. - default_from_api: true + - !ruby/object:Api::Type::Integer + name: 'maxConcurrentCdcTasks' send_empty_value: true - validation: - function: 'validation.IntAtLeast(0)' - - name: 'maxConcurrentBackfillTasks' - type: Integer - description: | - Maximum number of concurrent backfill tasks. The number should be non negative. - If not set (or set to 0), the system's default value will be used. - default_from_api: true +======= send_empty_value: true validation: function: 'validation.IntAtLeast(0)' - - name: 'dropLargeObjects' - type: NestedObject - description: | - Configuration to drop large object values. - send_empty_value: true - allow_empty_object: true - properties: - [] - - name: 'streamLargeObjects' - type: NestedObject - description: | - Configuration to drop large object values. - send_empty_value: true - allow_empty_object: true - properties: - [] - - name: 'postgresqlSourceConfig' + - name: 'oracleSourceConfig' type: NestedObject description: | - PostgreSQL data source configuration. + MySQL data source configuration. send_empty_value: true allow_empty_object: true exactly_one_of: @@ -667,30 +994,30 @@ properties: - name: 'includeObjects' type: NestedObject description: | - PostgreSQL objects to retrieve from the source. + Oracle objects to retrieve from the source. properties: - - name: 'postgresqlSchemas' + - name: 'oracleSchemas' type: Array description: | - PostgreSQL schemas on the server + Oracle schemas/databases in the database server required: true item_type: description: | - PostgreSQL schema. + MySQL database. type: NestedObject properties: - name: 'schema' type: String description: | - Database name. + Schema name. required: true - - name: 'postgresqlTables' + - name: 'oracleTables' type: Array description: | - Tables in the schema. + Tables in the database. item_type: description: | - PostgreSQL table. + Oracle table. type: NestedObject properties: - name: 'table' @@ -698,13 +1025,13 @@ properties: description: | Table name. required: true - - name: 'postgresqlColumns' + - name: 'oracleColumns' type: Array description: | - PostgreSQL columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. + Oracle columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. item_type: description: | - PostgreSQL Column. + Oracle Column. type: NestedObject properties: - name: 'column' @@ -714,8 +1041,8 @@ properties: - name: 'dataType' type: String description: | - The PostgreSQL data type. Full data types list can be found here: - https://www.postgresql.org/docs/current/datatype.html + The Oracle data type. Full data types list can be found here: + https://docs.oracle.com/en/database/oracle/oracle-database/21/sqlrf/Data-Types.html - name: 'length' type: Integer description: | @@ -731,48 +1058,56 @@ properties: description: | Column scale. output: true + - name: 'encoding' + type: String + description: | + Column encoding. + output: true - name: 'primaryKey' type: Boolean description: | Whether or not the column represents a primary key. + output: true - name: 'nullable' type: Boolean description: | Whether or not the column can accept a null value. + output: true - name: 'ordinalPosition' type: Integer description: | The ordinal position of the column in the table. + output: true min_size: 1 min_size: 1 min_size: 1 - name: 'excludeObjects' type: NestedObject description: | - PostgreSQL objects to exclude from the stream. + Oracle objects to exclude from the stream. properties: - - name: 'postgresqlSchemas' + - name: 'oracleSchemas' type: Array description: | - PostgreSQL schemas on the server + Oracle schemas/databases in the database server required: true item_type: description: | - PostgreSQL schema. + MySQL database. type: NestedObject properties: - name: 'schema' type: String description: | - Database name. + Schema name. required: true - - name: 'postgresqlTables' + - name: 'oracleTables' type: Array description: | - Tables in the schema. + Tables in the database. item_type: description: | - PostgreSQL table. + Oracle table. type: NestedObject properties: - name: 'table' @@ -780,13 +1115,13 @@ properties: description: | Table name. required: true - - name: 'postgresqlColumns' + - name: 'oracleColumns' type: Array description: | - PostgreSQL columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. + Oracle columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. item_type: description: | - PostgreSQL Column. + Oracle Column. type: NestedObject properties: - name: 'column' @@ -796,8 +1131,8 @@ properties: - name: 'dataType' type: String description: | - The PostgreSQL data type. Full data types list can be found here: - https://www.postgresql.org/docs/current/datatype.html + The Oracle data type. Full data types list can be found here: + https://docs.oracle.com/en/database/oracle/oracle-database/21/sqlrf/Data-Types.html - name: 'length' type: Integer description: | @@ -813,137 +1148,810 @@ properties: description: | Column scale. output: true + - name: 'encoding' + type: String + description: | + Column encoding. + output: true - name: 'primaryKey' type: Boolean description: | Whether or not the column represents a primary key. + output: true - name: 'nullable' type: Boolean description: | Whether or not the column can accept a null value. + output: true - name: 'ordinalPosition' type: Integer description: | The ordinal position of the column in the table. + output: true min_size: 1 min_size: 1 min_size: 1 - - name: 'replicationSlot' - type: String - description: | - The name of the logical replication slot that's configured with - the pgoutput plugin. - required: true - - name: 'publication' - type: String - description: | - The name of the publication that includes the set of all tables - that are defined in the stream's include_objects. - required: true - - name: 'maxConcurrentBackfillTasks' + - name: 'maxConcurrentCdcTasks' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | - Maximum number of concurrent backfill tasks. The number should be non - negative. If not set (or set to 0), the system's default value will be used. + Maximum number of concurrent CDC tasks. The number should be non negative. + If not set (or set to 0), the system's default value will be used. default_from_api: true +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.IntAtLeast(0)' + - !ruby/object:Api::Type::Integer + name: 'maxConcurrentBackfillTasks' + send_empty_value: true +======= send_empty_value: true validation: function: 'validation.IntAtLeast(0)' - - name: 'sqlServerSourceConfig' - type: NestedObject - description: | - SQL Server data source configuration. - send_empty_value: true + - name: 'maxConcurrentBackfillTasks' + type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 + description: | + Maximum number of concurrent backfill tasks. The number should be non negative. + If not set (or set to 0), the system's default value will be used. + default_from_api: true +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.IntAtLeast(0)' + - !ruby/object:Api::Type::NestedObject + name: 'dropLargeObjects' + allow_empty_object: true + send_empty_value: true + description: | + Configuration to drop large object values. + properties: [] + - !ruby/object:Api::Type::NestedObject + name: 'streamLargeObjects' + allow_empty_object: true + send_empty_value: true + description: | + Configuration to drop large object values. + properties: [] + - !ruby/object:Api::Type::NestedObject + name: 'postgresqlSourceConfig' allow_empty_object: true + send_empty_value: true exactly_one_of: - - 'source_config.0.mysql_source_config' - - 'source_config.0.oracle_source_config' - - 'source_config.0.postgresql_source_config' - - 'source_config.0.sql_server_source_config' + - source_config.0.mysql_source_config + - source_config.0.oracle_source_config + - source_config.0.postgresql_source_config + - source_config.0.sql_server_source_config + description: | + PostgreSQL data source configuration. properties: - - name: 'includeObjects' - type: NestedObject + - !ruby/object:Api::Type::NestedObject + name: 'includeObjects' description: | - SQL Server objects to retrieve from the source. + PostgreSQL objects to retrieve from the source. properties: - - name: 'schemas' - type: Array - description: | - SQL Server schemas/databases in the database server + - !ruby/object:Api::Type::Array + name: 'postgresqlSchemas' required: true - item_type: + min_size: 1 + description: | + PostgreSQL schemas on the server + item_type: !ruby/object:Api::Type::NestedObject description: | - SQL Server database. - type: NestedObject + PostgreSQL schema. properties: - - name: 'schema' - type: String - description: | - Schema name. + - !ruby/object:Api::Type::String + name: 'schema' required: true - - name: 'tables' - type: Array description: | - Tables in the database. - item_type: + Database name. + - !ruby/object:Api::Type::Array + name: 'postgresqlTables' + min_size: 1 + description: | + Tables in the schema. + item_type: !ruby/object:Api::Type::NestedObject description: | - SQL Server table. - type: NestedObject + PostgreSQL table. properties: - - name: 'table' - type: String + - !ruby/object:Api::Type::String + name: 'table' + required: true description: | Table name. - required: true - - name: 'columns' - type: Array + - !ruby/object:Api::Type::Array + name: 'postgresqlColumns' + min_size: 1 description: | - SQL Server columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. - item_type: + PostgreSQL columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. + item_type: !ruby/object:Api::Type::NestedObject description: | - SQL Server Column. - type: NestedObject + PostgreSQL Column. properties: - - name: 'column' - type: String + - !ruby/object:Api::Type::String + name: 'column' description: | Column name. - - name: 'dataType' - type: String + - !ruby/object:Api::Type::String + name: 'dataType' description: | - The SQL Server data type. Full data types list can be found here: - https://learn.microsoft.com/en-us/sql/t-sql/data-types/data-types-transact-sql?view=sql-server-ver16 - - name: 'length' - type: Integer + The PostgreSQL data type. Full data types list can be found here: + https://www.postgresql.org/docs/current/datatype.html + - !ruby/object:Api::Type::Integer + name: 'length' + output: true description: | Column length. + - !ruby/object:Api::Type::Integer + name: 'precision' output: true - - name: 'precision' - type: Integer description: | Column precision. + - !ruby/object:Api::Type::Integer + name: 'scale' output: true - - name: 'scale' - type: Integer description: | Column scale. - output: true - - name: 'primaryKey' - type: Boolean + - !ruby/object:Api::Type::Boolean + name: 'primaryKey' description: | Whether or not the column represents a primary key. - output: true - - name: 'nullable' - type: Boolean + - !ruby/object:Api::Type::Boolean + name: 'nullable' description: | Whether or not the column can accept a null value. - output: true - - name: 'ordinalPosition' - type: Integer + - !ruby/object:Api::Type::Integer + name: 'ordinalPosition' description: | The ordinal position of the column in the table. - output: true - min_size: 1 + - !ruby/object:Api::Type::NestedObject + name: 'excludeObjects' + description: | + PostgreSQL objects to exclude from the stream. + properties: + - !ruby/object:Api::Type::Array + name: 'postgresqlSchemas' + required: true + min_size: 1 + description: | + PostgreSQL schemas on the server + item_type: !ruby/object:Api::Type::NestedObject + description: | + PostgreSQL schema. + properties: + - !ruby/object:Api::Type::String + name: 'schema' + required: true + description: | + Database name. + - !ruby/object:Api::Type::Array + name: 'postgresqlTables' + min_size: 1 + description: | + Tables in the schema. + item_type: !ruby/object:Api::Type::NestedObject + description: | + PostgreSQL table. + properties: + - !ruby/object:Api::Type::String + name: 'table' + required: true + description: | + Table name. + - !ruby/object:Api::Type::Array + name: 'postgresqlColumns' + min_size: 1 + description: | + PostgreSQL columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. + item_type: !ruby/object:Api::Type::NestedObject + description: | + PostgreSQL Column. + properties: + - !ruby/object:Api::Type::String + name: 'column' + description: | + Column name. + - !ruby/object:Api::Type::String + name: 'dataType' + description: | + The PostgreSQL data type. Full data types list can be found here: + https://www.postgresql.org/docs/current/datatype.html + - !ruby/object:Api::Type::Integer + name: 'length' + output: true + description: | + Column length. + - !ruby/object:Api::Type::Integer + name: 'precision' + output: true + description: | + Column precision. + - !ruby/object:Api::Type::Integer + name: 'scale' + output: true + description: | + Column scale. + - !ruby/object:Api::Type::Boolean + name: 'primaryKey' + description: | + Whether or not the column represents a primary key. + - !ruby/object:Api::Type::Boolean + name: 'nullable' + description: | + Whether or not the column can accept a null value. + - !ruby/object:Api::Type::Integer + name: 'ordinalPosition' + description: | + The ordinal position of the column in the table. + - !ruby/object:Api::Type::String + name: 'replicationSlot' + required: true + description: | + The name of the logical replication slot that's configured with + the pgoutput plugin. + - !ruby/object:Api::Type::String + name: 'publication' + required: true + description: | + The name of the publication that includes the set of all tables + that are defined in the stream's include_objects. + - !ruby/object:Api::Type::Integer + name: 'maxConcurrentBackfillTasks' + send_empty_value: true +======= + send_empty_value: true + validation: + function: 'validation.IntAtLeast(0)' + - name: 'dropLargeObjects' + type: NestedObject + description: | + Configuration to drop large object values. + send_empty_value: true + allow_empty_object: true + properties: + [] + - name: 'streamLargeObjects' + type: NestedObject + description: | + Configuration to drop large object values. + send_empty_value: true + allow_empty_object: true + properties: + [] + - name: 'postgresqlSourceConfig' + type: NestedObject + description: | + PostgreSQL data source configuration. + send_empty_value: true + allow_empty_object: true + exactly_one_of: + - 'source_config.0.mysql_source_config' + - 'source_config.0.oracle_source_config' + - 'source_config.0.postgresql_source_config' + - 'source_config.0.sql_server_source_config' + properties: + - name: 'includeObjects' + type: NestedObject + description: | + PostgreSQL objects to retrieve from the source. + properties: + - name: 'postgresqlSchemas' + type: Array + description: | + PostgreSQL schemas on the server + required: true + item_type: + description: | + PostgreSQL schema. + type: NestedObject + properties: + - name: 'schema' + type: String + description: | + Database name. + required: true + - name: 'postgresqlTables' + type: Array + description: | + Tables in the schema. + item_type: + description: | + PostgreSQL table. + type: NestedObject + properties: + - name: 'table' + type: String + description: | + Table name. + required: true + - name: 'postgresqlColumns' + type: Array + description: | + PostgreSQL columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. + item_type: + description: | + PostgreSQL Column. + type: NestedObject + properties: + - name: 'column' + type: String + description: | + Column name. + - name: 'dataType' + type: String + description: | + The PostgreSQL data type. Full data types list can be found here: + https://www.postgresql.org/docs/current/datatype.html + - name: 'length' + type: Integer + description: | + Column length. + output: true + - name: 'precision' + type: Integer + description: | + Column precision. + output: true + - name: 'scale' + type: Integer + description: | + Column scale. + output: true + - name: 'primaryKey' + type: Boolean + description: | + Whether or not the column represents a primary key. + - name: 'nullable' + type: Boolean + description: | + Whether or not the column can accept a null value. + - name: 'ordinalPosition' + type: Integer + description: | + The ordinal position of the column in the table. + min_size: 1 + min_size: 1 + min_size: 1 + - name: 'excludeObjects' + type: NestedObject + description: | + PostgreSQL objects to exclude from the stream. + properties: + - name: 'postgresqlSchemas' + type: Array + description: | + PostgreSQL schemas on the server + required: true + item_type: + description: | + PostgreSQL schema. + type: NestedObject + properties: + - name: 'schema' + type: String + description: | + Database name. + required: true + - name: 'postgresqlTables' + type: Array + description: | + Tables in the schema. + item_type: + description: | + PostgreSQL table. + type: NestedObject + properties: + - name: 'table' + type: String + description: | + Table name. + required: true + - name: 'postgresqlColumns' + type: Array + description: | + PostgreSQL columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. + item_type: + description: | + PostgreSQL Column. + type: NestedObject + properties: + - name: 'column' + type: String + description: | + Column name. + - name: 'dataType' + type: String + description: | + The PostgreSQL data type. Full data types list can be found here: + https://www.postgresql.org/docs/current/datatype.html + - name: 'length' + type: Integer + description: | + Column length. + output: true + - name: 'precision' + type: Integer + description: | + Column precision. + output: true + - name: 'scale' + type: Integer + description: | + Column scale. + output: true + - name: 'primaryKey' + type: Boolean + description: | + Whether or not the column represents a primary key. + - name: 'nullable' + type: Boolean + description: | + Whether or not the column can accept a null value. + - name: 'ordinalPosition' + type: Integer + description: | + The ordinal position of the column in the table. + min_size: 1 + min_size: 1 + min_size: 1 + - name: 'replicationSlot' + type: String + description: | + The name of the logical replication slot that's configured with + the pgoutput plugin. + required: true + - name: 'publication' + type: String + description: | + The name of the publication that includes the set of all tables + that are defined in the stream's include_objects. + required: true + - name: 'maxConcurrentBackfillTasks' + type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 + description: | + Maximum number of concurrent backfill tasks. The number should be non + negative. If not set (or set to 0), the system's default value will be used. + default_from_api: true +<<<<<<< HEAD + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.IntAtLeast(0)' + - !ruby/object:Api::Type::NestedObject + name: 'sqlServerSourceConfig' + allow_empty_object: true + send_empty_value: true + exactly_one_of: + - source_config.0.mysql_source_config + - source_config.0.oracle_source_config + - source_config.0.postgresql_source_config + - source_config.0.sql_server_source_config + description: | + SQL Server data source configuration. + properties: + - !ruby/object:Api::Type::NestedObject + name: 'includeObjects' + description: | + SQL Server objects to retrieve from the source. + properties: + - !ruby/object:Api::Type::Array + name: 'schemas' + required: true + min_size: 1 + description: | + SQL Server schemas/databases in the database server + item_type: !ruby/object:Api::Type::NestedObject + description: | + SQL Server database. + properties: + - !ruby/object:Api::Type::String + name: 'schema' + required: true + description: | + Schema name. + - !ruby/object:Api::Type::Array + name: 'tables' + min_size: 1 + description: | + Tables in the database. + item_type: !ruby/object:Api::Type::NestedObject + description: | + SQL Server table. + properties: + - !ruby/object:Api::Type::String + name: 'table' + required: true + description: | + Table name. + - !ruby/object:Api::Type::Array + name: 'columns' + min_size: 1 + description: | + SQL Server columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. + item_type: !ruby/object:Api::Type::NestedObject + description: | + SQL Server Column. + properties: + - !ruby/object:Api::Type::String + name: 'column' + description: | + Column name. + - !ruby/object:Api::Type::String + name: 'dataType' + description: | + The SQL Server data type. Full data types list can be found here: + https://learn.microsoft.com/en-us/sql/t-sql/data-types/data-types-transact-sql?view=sql-server-ver16 + - !ruby/object:Api::Type::Integer + name: 'length' + output: true + description: | + Column length. + - !ruby/object:Api::Type::Integer + name: 'precision' + output: true + description: | + Column precision. + - !ruby/object:Api::Type::Integer + name: 'scale' + output: true + description: | + Column scale. + - !ruby/object:Api::Type::Boolean + name: 'primaryKey' + output: true + description: | + Whether or not the column represents a primary key. + - !ruby/object:Api::Type::Boolean + name: 'nullable' + output: true + description: | + Whether or not the column can accept a null value. + - !ruby/object:Api::Type::Integer + name: 'ordinalPosition' + output: true + description: | + The ordinal position of the column in the table. + - !ruby/object:Api::Type::NestedObject + name: 'excludeObjects' + description: | + SQL Server objects to exclude from the stream. + properties: + - !ruby/object:Api::Type::Array + name: 'schemas' + required: true + min_size: 1 + description: | + SQL Server schemas/databases in the database server + item_type: !ruby/object:Api::Type::NestedObject + description: | + SQL Server database. + properties: + - !ruby/object:Api::Type::String + name: 'schema' + required: true + description: | + Schema name. + - !ruby/object:Api::Type::Array + name: 'tables' + min_size: 1 + description: | + Tables in the database. + item_type: !ruby/object:Api::Type::NestedObject + description: | + SQL Server table. + properties: + - !ruby/object:Api::Type::String + name: 'table' + required: true + description: | + Table name. + - !ruby/object:Api::Type::Array + name: 'columns' + min_size: 1 + description: | + SQL Server columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. + item_type: !ruby/object:Api::Type::NestedObject + description: | + SQL Server Column. + properties: + - !ruby/object:Api::Type::String + name: 'column' + description: | + Column name. + - !ruby/object:Api::Type::String + name: 'dataType' + description: | + The SQL Server data type. Full data types list can be found here: + https://learn.microsoft.com/en-us/sql/t-sql/data-types/data-types-transact-sql?view=sql-server-ver16 + - !ruby/object:Api::Type::Integer + name: 'length' + output: true + description: | + Column length. + - !ruby/object:Api::Type::Integer + name: 'precision' + output: true + description: | + Column precision. + - !ruby/object:Api::Type::Integer + name: 'scale' + output: true + description: | + Column scale. + - !ruby/object:Api::Type::Boolean + name: 'primaryKey' + output: true + description: | + Whether or not the column represents a primary key. + - !ruby/object:Api::Type::Boolean + name: 'nullable' + output: true + description: | + Whether or not the column can accept a null value. + - !ruby/object:Api::Type::Integer + name: 'ordinalPosition' + output: true + description: | + The ordinal position of the column in the table. + - !ruby/object:Api::Type::Integer + name: 'maxConcurrentCdcTasks' + send_empty_value: true + description: | + Max concurrent CDC tasks. + default_from_api: true + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.IntAtLeast(0)' + - !ruby/object:Api::Type::Integer + name: 'maxConcurrentBackfillTasks' + send_empty_value: true + description: | + Max concurrent backfill tasks. + default_from_api: true + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.IntAtLeast(0)' + - !ruby/object:Api::Type::NestedObject + name: 'transactionLogs' + allow_empty_object: true + send_empty_value: true + description: | + CDC reader reads from transaction logs. + properties: [] + - !ruby/object:Api::Type::NestedObject + name: 'changeTables' + allow_empty_object: true + send_empty_value: true + description: | + CDC reader reads from change tables. + properties: [] + - !ruby/object:Api::Type::NestedObject + name: 'destinationConfig' + required: true + description: | + Destination connection profile configuration. + properties: + - !ruby/object:Api::Type::String + name: 'destinationConnectionProfile' + immutable: true + required: true + description: | + Destination connection profile resource. Format: projects/{project}/locations/{location}/connectionProfiles/{name} + diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' + - !ruby/object:Api::Type::NestedObject + name: 'gcsDestinationConfig' + exactly_one_of: + - destination_config.0.gcs_destination_config + - destination_config.0.bigquery_destination_config + description: | + A configuration for how data should be loaded to Cloud Storage. + properties: + - !ruby/object:Api::Type::String + name: 'path' + description: | + Path inside the Cloud Storage bucket to write data to. + - !ruby/object:Api::Type::Integer + name: 'fileRotationMb' + description: | + The maximum file size to be saved in the bucket. + default_from_api: true + - !ruby/object:Api::Type::String + name: 'fileRotationInterval' +======= + send_empty_value: true + validation: + function: 'validation.IntAtLeast(0)' + - name: 'sqlServerSourceConfig' + type: NestedObject + description: | + SQL Server data source configuration. + send_empty_value: true + allow_empty_object: true + exactly_one_of: + - 'source_config.0.mysql_source_config' + - 'source_config.0.oracle_source_config' + - 'source_config.0.postgresql_source_config' + - 'source_config.0.sql_server_source_config' + properties: + - name: 'includeObjects' + type: NestedObject + description: | + SQL Server objects to retrieve from the source. + properties: + - name: 'schemas' + type: Array + description: | + SQL Server schemas/databases in the database server + required: true + item_type: + description: | + SQL Server database. + type: NestedObject + properties: + - name: 'schema' + type: String + description: | + Schema name. + required: true + - name: 'tables' + type: Array + description: | + Tables in the database. + item_type: + description: | + SQL Server table. + type: NestedObject + properties: + - name: 'table' + type: String + description: | + Table name. + required: true + - name: 'columns' + type: Array + description: | + SQL Server columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. + item_type: + description: | + SQL Server Column. + type: NestedObject + properties: + - name: 'column' + type: String + description: | + Column name. + - name: 'dataType' + type: String + description: | + The SQL Server data type. Full data types list can be found here: + https://learn.microsoft.com/en-us/sql/t-sql/data-types/data-types-transact-sql?view=sql-server-ver16 + - name: 'length' + type: Integer + description: | + Column length. + output: true + - name: 'precision' + type: Integer + description: | + Column precision. + output: true + - name: 'scale' + type: Integer + description: | + Column scale. + output: true + - name: 'primaryKey' + type: Boolean + description: | + Whether or not the column represents a primary key. + output: true + - name: 'nullable' + type: Boolean + description: | + Whether or not the column can accept a null value. + output: true + - name: 'ordinalPosition' + type: Integer + description: | + The ordinal position of the column in the table. + output: true + min_size: 1 min_size: 1 min_size: 1 - name: 'excludeObjects' @@ -1095,10 +2103,55 @@ properties: default_from_api: true - name: 'fileRotationInterval' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The maximum duration for which new events are added before a file is closed and a new file is created. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". Defaults to 900s. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'avroFileFormat' + exactly_one_of: + - destination_config.0.gcs_destination_config.0.avro_file_format + - destination_config.0.gcs_destination_config.0.json_file_format + allow_empty_object: true + send_empty_value: true + description: | + AVRO file format configuration. + properties: [] + - !ruby/object:Api::Type::NestedObject + name: 'jsonFileFormat' + exactly_one_of: + - destination_config.0.gcs_destination_config.0.avro_file_format + - destination_config.0.gcs_destination_config.0.json_file_format + description: | + JSON file format configuration. + properties: + - !ruby/object:Api::Type::Enum + name: 'schemaFileFormat' + description: | + The schema file format along JSON data files. + values: + - NO_SCHEMA_FILE + - AVRO_SCHEMA_FILE + - !ruby/object:Api::Type::Enum + name: 'compression' + description: | + Compression of the loaded JSON file. + values: + - NO_COMPRESSION + - GZIP + - !ruby/object:Api::Type::NestedObject + name: 'bigqueryDestinationConfig' + exactly_one_of: + - destination_config.0.gcs_destination_config + - destination_config.0.bigquery_destination_config + description: | + A configuration for how data should be loaded to Google BigQuery. + properties: + - !ruby/object:Api::Type::String + name: 'dataFreshness' +======= - name: 'avroFileFormat' type: NestedObject description: | @@ -1142,11 +2195,58 @@ properties: properties: - name: 'dataFreshness' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The guaranteed data freshness (in seconds) when querying tables created by the stream. Editing this field will only affect new tables created in the future, but existing tables will not be impacted. Lower values mean that queries will return fresher data, but may result in higher cost. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". Defaults to 900s. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'singleTargetDataset' + exactly_one_of: + - destination_config.0.bigquery_destination_config.0.single_target_dataset + - destination_config.0.bigquery_destination_config.0.source_hierarchy_datasets + description: | + A single target dataset to which all data will be streamed. + properties: + - !ruby/object:Api::Type::String + name: 'datasetId' + required: true + description: | + Dataset ID in the format projects/{project}/datasets/{dataset_id} or + {project}:{dataset_id} + custom_expand: 'templates/terraform/custom_expand/datastream_stream_dataset_id.go.erb' + diff_suppress_func: resourceDatastreamStreamDatabaseIdDiffSuppress + - !ruby/object:Api::Type::NestedObject + name: 'sourceHierarchyDatasets' + exactly_one_of: + - destination_config.0.bigquery_destination_config.0.single_target_dataset + - destination_config.0.bigquery_destination_config.0.source_hierarchy_datasets + description: | + Destination datasets are created so that hierarchy of the destination data objects matches the source hierarchy. + properties: + - !ruby/object:Api::Type::NestedObject + name: 'datasetTemplate' + required: true + description: | + Dataset template used for dynamic dataset creation. + properties: + - !ruby/object:Api::Type::String + name: 'location' + required: true + description: | + The geographic location where the dataset should reside. + See https://cloud.google.com/bigquery/docs/locations for supported locations. + - !ruby/object:Api::Type::String + name: 'datasetIdPrefix' + description: | + If supplied, every created dataset will have its name prefixed by the provided value. + The prefix and name will be separated by an underscore. i.e. _. + - !ruby/object:Api::Type::String + name: 'kmsKeyName' + immutable: true +======= - name: 'singleTargetDataset' type: NestedObject description: | @@ -1190,18 +2290,39 @@ properties: The prefix and name will be separated by an underscore. i.e. _. - name: 'kmsKeyName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Describes the Cloud KMS encryption key that will be used to protect destination BigQuery table. The BigQuery Service Account associated with your project requires access to this encryption key. i.e. projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{cryptoKey}. See https://cloud.google.com/bigquery/docs/customer-managed-encryption for more information. +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'merge' + send_empty_value: true + allow_empty_object: true + immutable: true + conflicts: + - destination_config.0.bigquery_destination_config.0.append_only +======= immutable: true - name: 'merge' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Merge mode defines that all changes to a table will be merged at the destination Google BigQuery table. This is the default write mode. When selected, BigQuery reflects the way the data is stored in the source database. With Merge mode, no historical record of the change events is kept. +<<<<<<< HEAD + properties: [] + - !ruby/object:Api::Type::NestedObject + name: 'appendOnly' + send_empty_value: true + allow_empty_object: true + immutable: true + conflicts: + - destination_config.0.bigquery_destination_config.0.merge +======= immutable: true send_empty_value: true allow_empty_object: true @@ -1211,10 +2332,365 @@ properties: [] - name: 'appendOnly' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | AppendOnly mode defines that the stream of changes (INSERT, UPDATE-INSERT, UPDATE-DELETE and DELETE events) to a source table will be written to the destination Google BigQuery table, retaining the historical state of the data. +<<<<<<< HEAD + properties: [] + - !ruby/object:Api::Type::String + name: 'state' + description: The state of the stream. + output: true + - !ruby/object:Api::Type::NestedObject + name: 'backfillAll' + exactly_one_of: + - backfill_all + - backfill_none + allow_empty_object: true + send_empty_value: true + description: | + Backfill strategy to automatically backfill the Stream's objects. Specific objects can be excluded. + properties: + - !ruby/object:Api::Type::NestedObject + name: 'mysqlExcludedObjects' + description: | + MySQL data source objects to avoid backfilling. + properties: + - !ruby/object:Api::Type::Array + name: 'mysqlDatabases' + required: true + min_size: 1 + description: | + MySQL databases on the server + item_type: !ruby/object:Api::Type::NestedObject + description: | + MySQL database. + properties: + - !ruby/object:Api::Type::String + name: 'database' + required: true + description: | + Database name. + - !ruby/object:Api::Type::Array + name: 'mysqlTables' + min_size: 1 + description: | + Tables in the database. + item_type: !ruby/object:Api::Type::NestedObject + description: | + MySQL table. + properties: + - !ruby/object:Api::Type::String + name: 'table' + required: true + description: | + Table name. + - !ruby/object:Api::Type::Array + name: 'mysqlColumns' + min_size: 1 + description: | + MySQL columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. + item_type: !ruby/object:Api::Type::NestedObject + description: | + MySQL Column. + properties: + - !ruby/object:Api::Type::String + name: 'column' + description: | + Column name. + - !ruby/object:Api::Type::String + name: 'dataType' + description: | + The MySQL data type. Full data types list can be found here: + https://dev.mysql.com/doc/refman/8.0/en/data-types.html + - !ruby/object:Api::Type::Integer + name: 'length' + output: true + description: | + Column length. + - !ruby/object:Api::Type::String + name: 'collation' + description: | + Column collation. + - !ruby/object:Api::Type::Boolean + name: 'primaryKey' + description: | + Whether or not the column represents a primary key. + - !ruby/object:Api::Type::Boolean + name: 'nullable' + description: | + Whether or not the column can accept a null value. + - !ruby/object:Api::Type::Integer + name: 'ordinalPosition' + description: | + The ordinal position of the column in the table. + - !ruby/object:Api::Type::NestedObject + name: 'postgresqlExcludedObjects' + description: | + PostgreSQL data source objects to avoid backfilling. + properties: + - !ruby/object:Api::Type::Array + name: 'postgresqlSchemas' + required: true + min_size: 1 + description: | + PostgreSQL schemas on the server + item_type: !ruby/object:Api::Type::NestedObject + description: | + PostgreSQL schema. + properties: + - !ruby/object:Api::Type::String + name: 'schema' + required: true + description: | + Database name. + - !ruby/object:Api::Type::Array + name: 'postgresqlTables' + min_size: 1 + description: | + Tables in the schema. + item_type: !ruby/object:Api::Type::NestedObject + description: | + PostgreSQL table. + properties: + - !ruby/object:Api::Type::String + name: 'table' + required: true + description: | + Table name. + - !ruby/object:Api::Type::Array + name: 'postgresqlColumns' + min_size: 1 + description: | + PostgreSQL columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. + item_type: !ruby/object:Api::Type::NestedObject + description: | + PostgreSQL Column. + properties: + - !ruby/object:Api::Type::String + name: 'column' + description: | + Column name. + - !ruby/object:Api::Type::String + name: 'dataType' + description: | + The PostgreSQL data type. Full data types list can be found here: + https://www.postgresql.org/docs/current/datatype.html + - !ruby/object:Api::Type::Integer + name: 'length' + output: true + description: | + Column length. + - !ruby/object:Api::Type::Integer + name: 'precision' + output: true + description: | + Column precision. + - !ruby/object:Api::Type::Integer + name: 'scale' + output: true + description: | + Column scale. + - !ruby/object:Api::Type::Boolean + name: 'primaryKey' + description: | + Whether or not the column represents a primary key. + - !ruby/object:Api::Type::Boolean + name: 'nullable' + description: | + Whether or not the column can accept a null value. + - !ruby/object:Api::Type::Integer + name: 'ordinalPosition' + description: | + The ordinal position of the column in the table. + - !ruby/object:Api::Type::NestedObject + name: 'oracleExcludedObjects' + description: | + PostgreSQL data source objects to avoid backfilling. + properties: + - !ruby/object:Api::Type::Array + name: 'oracleSchemas' + required: true + min_size: 1 + description: | + Oracle schemas/databases in the database server + item_type: !ruby/object:Api::Type::NestedObject + description: | + MySQL database. + properties: + - !ruby/object:Api::Type::String + name: 'schema' + required: true + description: | + Schema name. + - !ruby/object:Api::Type::Array + name: 'oracleTables' + min_size: 1 + description: | + Tables in the database. + item_type: !ruby/object:Api::Type::NestedObject + description: | + Oracle table. + properties: + - !ruby/object:Api::Type::String + name: 'table' + required: true + description: | + Table name. + - !ruby/object:Api::Type::Array + name: 'oracleColumns' + min_size: 1 + description: | + Oracle columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. + item_type: !ruby/object:Api::Type::NestedObject + description: | + Oracle Column. + properties: + - !ruby/object:Api::Type::String + name: 'column' + description: | + Column name. + - !ruby/object:Api::Type::String + name: 'dataType' + description: | + The Oracle data type. Full data types list can be found here: + https://docs.oracle.com/en/database/oracle/oracle-database/21/sqlrf/Data-Types.html + - !ruby/object:Api::Type::Integer + name: 'length' + output: true + description: | + Column length. + - !ruby/object:Api::Type::Integer + name: 'precision' + output: true + description: | + Column precision. + - !ruby/object:Api::Type::Integer + name: 'scale' + output: true + description: | + Column scale. + - !ruby/object:Api::Type::String + name: 'encoding' + output: true + description: | + Column encoding. + - !ruby/object:Api::Type::Boolean + name: 'primaryKey' + output: true + description: | + Whether or not the column represents a primary key. + - !ruby/object:Api::Type::Boolean + name: 'nullable' + output: true + description: | + Whether or not the column can accept a null value. + - !ruby/object:Api::Type::Integer + name: 'ordinalPosition' + output: true + description: | + The ordinal position of the column in the table. + - !ruby/object:Api::Type::NestedObject + name: 'sqlServerExcludedObjects' + description: | + SQL Server data source objects to avoid backfilling. + properties: + - !ruby/object:Api::Type::Array + name: 'schemas' + required: true + min_size: 1 + description: | + SQL Server schemas/databases in the database server + item_type: !ruby/object:Api::Type::NestedObject + description: | + SQL Server database. + properties: + - !ruby/object:Api::Type::String + name: 'schema' + required: true + description: | + Schema name. + - !ruby/object:Api::Type::Array + name: 'tables' + min_size: 1 + description: | + Tables in the database. + item_type: !ruby/object:Api::Type::NestedObject + description: | + SQL Server table. + properties: + - !ruby/object:Api::Type::String + name: 'table' + required: true + description: | + Table name. + - !ruby/object:Api::Type::Array + name: 'columns' + min_size: 1 + description: | + SQL Server columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. + item_type: !ruby/object:Api::Type::NestedObject + description: | + SQL Server Column. + properties: + - !ruby/object:Api::Type::String + name: 'column' + description: | + Column name. + - !ruby/object:Api::Type::String + name: 'dataType' + description: | + The SQL Server data type. Full data types list can be found here: + https://learn.microsoft.com/en-us/sql/t-sql/data-types/data-types-transact-sql?view=sql-server-ver16 + - !ruby/object:Api::Type::Integer + name: 'length' + output: true + description: | + Column length. + - !ruby/object:Api::Type::Integer + name: 'precision' + output: true + description: | + Column precision. + - !ruby/object:Api::Type::Integer + name: 'scale' + output: true + description: | + Column scale. + - !ruby/object:Api::Type::Boolean + name: 'primaryKey' + output: true + description: | + Whether or not the column represents a primary key. + - !ruby/object:Api::Type::Boolean + name: 'nullable' + output: true + description: | + Whether or not the column can accept a null value. + - !ruby/object:Api::Type::Integer + name: 'ordinalPosition' + output: true + description: | + The ordinal position of the column in the table. + - !ruby/object:Api::Type::NestedObject + name: 'backfillNone' + exactly_one_of: + - backfill_all + - backfill_none + allow_empty_object: true + send_empty_value: true + description: | + Backfill strategy to disable automatic backfill for the Stream's objects. + properties: [] + - !ruby/object:Api::Type::String + name: 'customerManagedEncryptionKey' + immutable: true + description: | + A reference to a KMS encryption key. If provided, it will be used to encrypt the data. If left blank, data + will be encrypted using an internal Stream-specific encryption key provisioned through KMS. +======= immutable: true send_empty_value: true allow_empty_object: true @@ -1586,3 +3062,4 @@ properties: A reference to a KMS encryption key. If provided, it will be used to encrypt the data. If left blank, data will be encrypted using an internal Stream-specific encryption key provisioned through KMS. immutable: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/datastream/go_ConnectionProfile.yaml b/mmv1/products/datastream/go_ConnectionProfile.yaml new file mode 100644 index 000000000000..10eabd5e2522 --- /dev/null +++ b/mmv1/products/datastream/go_ConnectionProfile.yaml @@ -0,0 +1,424 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'ConnectionProfile' +description: | + A set of reusable connection configurations to be used as a source or destination for a stream. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/datastream/docs/create-connection-profiles' + api: 'https://cloud.google.com/datastream/docs/reference/rest/v1/projects.locations.connectionProfiles' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/connectionProfiles/{{connection_profile_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/connectionProfiles' +self_link: 'projects/{{project}}/locations/{{location}}/connectionProfiles/{{connection_profile_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/connectionProfiles?connectionProfileId={{connection_profile_id}}&force={{create_without_validation}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/connectionProfiles/{{connection_profile_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: +examples: + - name: 'datastream_connection_profile_basic' + primary_resource_id: 'default' + vars: + connection_profile_id: 'my-profile' + - name: 'datastream_connection_profile_postgresql_private_connection' + primary_resource_id: 'default' + vars: + private_connection_id: 'my-connection' + connection_profile_id: 'my-profile' + network_name: 'my-network' + database_instance_name: 'my-instance' + deletion_protection: 'true' + test_vars_overrides: + 'deletion_protection': 'false' + oics_vars_overrides: + 'deletion_protection': 'false' + external_providers: ["random", "time"] + # Random provider + skip_vcr: true + - name: 'datastream_connection_profile_full' + primary_resource_id: 'default' + vars: + connection_profile_id: 'my-profile' + # Workaround for https://github.com/hashicorp/terraform-provider-google/issues/12410 + ignore_read_extra: + - 'forward_ssh_connectivity.0.password' + - name: 'datastream_connection_profile_postgres' + primary_resource_id: 'default' + vars: + connection_profile_id: 'my-profile' + database_instance_name: 'my-instance' + deletion_protection: 'true' + test_vars_overrides: + 'deletion_protection': 'false' + oics_vars_overrides: + 'deletion_protection': 'false' + exclude_test: true + - name: 'datastream_connection_profile_sql_server' + primary_resource_id: 'default' + vars: + database_name: 'db' + database_password: 'password' + database_user: 'user' + deletion_protection: 'true' + source_connection_profile_id: 'source-profile' + sql_server_name: 'sql-server' + sql_server_root_password: 'root-password' + test_vars_overrides: + 'deletion_protection': 'false' + exclude_test: true +parameters: + - name: 'connectionProfileId' + type: String + description: |- + The connection profile identifier. + url_param_only: true + required: true + immutable: true + - name: 'create_without_validation' + type: Boolean + description: |- + Create the connection profile without validating it. + url_param_only: true + required: false + immutable: true + default_value: false + - name: 'location' + type: String + description: | + The name of the location this connection profile is located in. + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: The resource's name. + output: true + - name: 'labels' + type: KeyValueLabels + description: Labels. + - name: 'displayName' + type: String + description: Display name. + required: true + - name: 'oracleProfile' + type: NestedObject + description: | + Oracle database profile. + exactly_one_of: + - 'oracle_profile' + - 'gcs_profile' + - 'mysql_profile' + - 'bigquery_profile' + - 'postgresql_profile' + - 'sql_server_profile' + properties: + - name: 'hostname' + type: String + description: | + Hostname for the Oracle connection. + required: true + - name: 'port' + type: Integer + description: | + Port for the Oracle connection. + default_value: 1521 + - name: 'username' + type: String + description: | + Username for the Oracle connection. + required: true + - name: 'password' + type: String + description: | + Password for the Oracle connection. + required: true + sensitive: true + custom_flatten: 'templates/terraform/custom_flatten/go/datastream_connection_profile_oracle_profile_password.go.tmpl' + - name: 'databaseService' + type: String + description: | + Database for the Oracle connection. + required: true + - name: 'connectionAttributes' + type: KeyValuePairs + description: Connection string attributes + - name: 'gcsProfile' + type: NestedObject + description: | + Cloud Storage bucket profile. + exactly_one_of: + - 'oracle_profile' + - 'gcs_profile' + - 'mysql_profile' + - 'bigquery_profile' + - 'postgresql_profile' + - 'sql_server_profile' + properties: + - name: 'bucket' + type: String + description: | + The Cloud Storage bucket name. + required: true + - name: 'rootPath' + type: String + description: | + The root path inside the Cloud Storage bucket. + - name: 'mysqlProfile' + type: NestedObject + description: | + MySQL database profile. + exactly_one_of: + - 'oracle_profile' + - 'gcs_profile' + - 'mysql_profile' + - 'bigquery_profile' + - 'postgresql_profile' + - 'sql_server_profile' + properties: + - name: 'hostname' + type: String + description: | + Hostname for the MySQL connection. + required: true + - name: 'port' + type: Integer + description: | + Port for the MySQL connection. + default_value: 3306 + - name: 'username' + type: String + description: | + Username for the MySQL connection. + required: true + - name: 'password' + type: String + description: | + Password for the MySQL connection. + required: true + sensitive: true + custom_flatten: 'templates/terraform/custom_flatten/go/datastream_connection_profile_mysql_profile_password.go.tmpl' + - name: 'sslConfig' + type: NestedObject + description: | + SSL configuration for the MySQL connection. + properties: + - name: 'clientKey' + type: String + description: | + PEM-encoded private key associated with the Client Certificate. + If this field is used then the 'client_certificate' and the + 'ca_certificate' fields are mandatory. + immutable: true + sensitive: true + custom_flatten: 'templates/terraform/custom_flatten/go/datastream_connection_profile_mysql_profile_ssl_config_client_key.go.tmpl' + - name: 'clientKeySet' + type: Boolean + description: | + Indicates whether the clientKey field is set. + output: true + - name: 'clientCertificate' + type: String + description: | + PEM-encoded certificate that will be used by the replica to + authenticate against the source database server. If this field + is used then the 'clientKey' and the 'caCertificate' fields are + mandatory. + immutable: true + sensitive: true + custom_flatten: 'templates/terraform/custom_flatten/go/datastream_connection_profile_mysql_profile_ssl_config_client_certificate.go.tmpl' + - name: 'clientCertificateSet' + type: Boolean + description: | + Indicates whether the clientCertificate field is set. + output: true + - name: 'caCertificate' + type: String + description: | + PEM-encoded certificate of the CA that signed the source database + server's certificate. + immutable: true + sensitive: true + custom_flatten: 'templates/terraform/custom_flatten/go/datastream_connection_profile_mysql_profile_ssl_config_ca_certificate.go.tmpl' + - name: 'caCertificateSet' + type: Boolean + description: | + Indicates whether the clientKey field is set. + output: true + - name: 'bigqueryProfile' + type: NestedObject + description: | + BigQuery warehouse profile. + send_empty_value: true + allow_empty_object: true + exactly_one_of: + - 'oracle_profile' + - 'gcs_profile' + - 'mysql_profile' + - 'bigquery_profile' + - 'postgresql_profile' + - 'sql_server_profile' + properties: + [] + - name: 'postgresqlProfile' + type: NestedObject + description: | + PostgreSQL database profile. + exactly_one_of: + - 'oracle_profile' + - 'gcs_profile' + - 'mysql_profile' + - 'bigquery_profile' + - 'postgresql_profile' + - 'sql_server_profile' + properties: + - name: 'hostname' + type: String + description: | + Hostname for the PostgreSQL connection. + required: true + - name: 'port' + type: Integer + description: | + Port for the PostgreSQL connection. + default_value: 5432 + - name: 'username' + type: String + description: | + Username for the PostgreSQL connection. + required: true + - name: 'password' + type: String + description: | + Password for the PostgreSQL connection. + required: true + sensitive: true + custom_flatten: 'templates/terraform/custom_flatten/go/datastream_connection_profile_postgresql_profile_password.go.tmpl' + - name: 'database' + type: String + description: | + Database for the PostgreSQL connection. + required: true + - name: 'sqlServerProfile' + type: NestedObject + description: | + SQL Server database profile. + exactly_one_of: + - 'oracle_profile' + - 'gcs_profile' + - 'mysql_profile' + - 'bigquery_profile' + - 'postgresql_profile' + - 'sql_server_profile' + properties: + - name: 'hostname' + type: String + description: | + Hostname for the SQL Server connection. + required: true + - name: 'port' + type: Integer + description: | + Port for the SQL Server connection. + default_value: 1433 + - name: 'username' + type: String + description: | + Username for the SQL Server connection. + required: true + - name: 'password' + type: String + description: | + Password for the SQL Server connection. + required: true + sensitive: true + custom_flatten: 'templates/terraform/custom_flatten/go/datastream_connection_profile_sql_server_profile_password.go.tmpl' + - name: 'database' + type: String + description: | + Database for the SQL Server connection. + required: true + - name: 'forwardSshConnectivity' + type: NestedObject + description: | + Forward SSH tunnel connectivity. + conflicts: + - private_connectivity + properties: + - name: 'hostname' + type: String + description: | + Hostname for the SSH tunnel. + required: true + - name: 'username' + type: String + description: | + Username for the SSH tunnel. + required: true + - name: 'port' + type: Integer + description: | + Port for the SSH tunnel. + default_value: 22 + - name: 'password' + type: String + description: | + SSH password. + immutable: true + sensitive: true + conflicts: + - forward_ssh_connectivity.0.private_key + custom_flatten: 'templates/terraform/custom_flatten/go/datastream_connection_profile_forward_ssh_connectivity_password.go.tmpl' + - name: 'privateKey' + type: String + description: | + SSH private key. + immutable: true + sensitive: true + conflicts: + - forward_ssh_connectivity.0.password + custom_flatten: 'templates/terraform/custom_flatten/go/datastream_connection_profile_forward_ssh_connectivity_private_key.go.tmpl' + - name: 'privateConnectivity' + type: NestedObject + description: | + Private connectivity. + conflicts: + - forward_ssh_connectivity + properties: + - name: 'privateConnection' + type: String + description: | + A reference to a private connection resource. Format: `projects/{project}/locations/{location}/privateConnections/{name}` + required: true diff --git a/mmv1/products/datastream/go_PrivateConnection.yaml b/mmv1/products/datastream/go_PrivateConnection.yaml new file mode 100644 index 000000000000..542696ef361d --- /dev/null +++ b/mmv1/products/datastream/go_PrivateConnection.yaml @@ -0,0 +1,140 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'PrivateConnection' +description: | + The PrivateConnection resource is used to establish private connectivity between Datastream and a customer's network. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/datastream/docs/create-a-private-connectivity-configuration' + api: 'https://cloud.google.com/datastream/docs/reference/rest/v1/projects.locations.privateConnections' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/privateConnections/{{private_connection_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/privateConnections' +self_link: 'projects/{{project}}/locations/{{location}}/privateConnections/{{private_connection_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/privateConnections?privateConnectionId={{private_connection_id}}&force={{create_without_validation}}' +immutable: true +import_format: + - 'projects/{{project}}/locations/{{location}}/privateConnections/{{private_connection_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: + constants: 'templates/terraform/constants/go/private_connection.go.tmpl' + post_create: 'templates/terraform/post_create/go/private_connection.go.tmpl' + pre_delete: 'templates/terraform/pre_delete/go/private_connection.go.tmpl' + post_import: 'templates/terraform/post_import/go/private_connection.go.tmpl' +# Skipping the sweeper since the resource needs force-deletion +exclude_sweeper: true +schema_version: 1 +state_upgraders: true +examples: + - name: 'datastream_private_connection_full' + primary_resource_id: 'default' + vars: + private_connection_id: 'my-connection' + network_name: 'my-network' +parameters: + - name: 'privateConnectionId' + type: String + description: |- + The private connectivity identifier. + url_param_only: true + required: true + immutable: true + - name: 'create_without_validation' + type: Boolean + description: |- + If set to true, will skip validations. + url_param_only: true + required: false + immutable: true + default_value: false + - name: 'location' + type: String + description: | + The name of the location this private connection is located in. + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: The resource's name. + output: true + - name: 'labels' + type: KeyValueLabels + description: Labels. + - name: 'displayName' + type: String + description: Display name. + required: true + - name: 'state' + type: Enum + description: | + State of the PrivateConnection. + output: true + enum_values: + - 'CREATING' + - 'CREATED' + - 'FAILED' + - 'DELETING' + - 'FAILED_TO_DELETE' + - name: 'error' + type: NestedObject + description: | + The PrivateConnection error in case of failure. + output: true + properties: + - name: 'message' + type: String + description: | + A message containing more information about the error that occurred. + - name: 'details' + type: KeyValuePairs + description: | + A list of messages that carry the error details. + - name: 'vpcPeeringConfig' + type: NestedObject + description: | + The VPC Peering configuration is used to create VPC peering + between Datastream and the consumer's VPC. + required: true + properties: + - name: 'vpc' + type: String + description: | + Fully qualified name of the VPC that Datastream will peer to. + Format: projects/{project}/global/{networks}/{name} + required: true + - name: 'subnet' + type: String + description: | + A free subnet for peering. (CIDR of /29) + required: true diff --git a/mmv1/products/datastream/go_Stream.yaml b/mmv1/products/datastream/go_Stream.yaml new file mode 100644 index 000000000000..f1283c725b67 --- /dev/null +++ b/mmv1/products/datastream/go_Stream.yaml @@ -0,0 +1,1589 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Stream' +description: | + A resource representing streaming data from a source to a destination. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/datastream/docs/create-a-stream' + api: 'https://cloud.google.com/datastream/docs/reference/rest/v1/projects.locations.streams' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/streams/{{stream_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/streams' +self_link: 'projects/{{project}}/locations/{{location}}/streams/{{stream_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/streams?streamId={{stream_id}}&force={{create_without_validation}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/streams/{{stream_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: + constants: 'templates/terraform/constants/go/datastream_stream.go.tmpl' + encoder: 'templates/terraform/encoders/go/datastream_stream.go.tmpl' + post_create: 'templates/terraform/post_create/go/datastream_stream.go.tmpl' + pre_update: 'templates/terraform/pre_update/go/datastream_stream.go.tmpl' + post_update: 'templates/terraform/post_update/go/datastream_stream.go.tmpl' + post_import: 'templates/terraform/post_import/go/datastream_stream.go.tmpl' +custom_diff: + - 'resourceDatastreamStreamCustomDiff' +examples: + - name: 'datastream_stream_basic' + primary_resource_id: 'default' + vars: + stream_id: 'my-stream' + private_connection_id: 'my-connection' + network_name: 'my-network' + source_connection_profile_id: 'source-profile' + database_instance_name: 'my-instance' + deletion_protection: 'true' + bucket_name: 'my-bucket' + destination_connection_profile_id: 'destination-profile' + test_vars_overrides: + 'deletion_protection': 'false' + oics_vars_overrides: + 'deletion_protection': 'false' + external_providers: ["random", "time"] + exclude_docs: true + # Random provider + skip_vcr: true + - name: 'datastream_stream_full' + primary_resource_id: 'default' + vars: + stream_id: 'my-stream' + private_connection_id: 'my-connection' + network_name: 'my-network' + source_connection_profile_id: 'source-profile' + database_instance_name: 'my-instance' + deletion_protection: 'true' + bucket_name: 'my-bucket' + destination_connection_profile_id: 'destination-profile' + stream_cmek: 'kms-name' + test_vars_overrides: + 'deletion_protection': 'false' + 'stream_cmek': 'acctest.BootstrapKMSKeyInLocation(t, "us-central1").CryptoKey.Name' + oics_vars_overrides: + 'deletion_protection': 'false' + external_providers: ["random", "time"] + # Random provider + skip_vcr: true + - name: 'datastream_stream_postgresql' + primary_resource_id: 'default' + vars: + stream_id: 'my-stream' + source_connection_profile_id: 'source-profile' + destination_connection_profile_id: 'destination-profile' + exclude_test: true + - name: 'datastream_stream_oracle' + primary_resource_id: 'default' + vars: + stream_id: 'my-stream' + source_connection_profile_id: 'source-profile' + destination_connection_profile_id: 'destination-profile' + exclude_test: true + - name: 'datastream_stream_sql_server' + primary_resource_id: 'default' + vars: + database_name: 'db' + database_password: 'password' + database_user: 'user' + deletion_protection: 'true' + destination_connection_profile_id: 'destination-profile' + source_connection_profile_id: 'source-profile' + sql_server_name: 'sql-server' + sql_server_root_password: 'root-password' + stream_id: 'stream' + test_vars_overrides: + 'deletion_protection': 'false' + exclude_test: true + - name: 'datastream_stream_sql_server_change_tables' + primary_resource_id: 'default' + vars: + database_name: 'db' + database_password: 'password' + database_user: 'user' + deletion_protection: 'true' + destination_connection_profile_id: 'destination-profile' + source_connection_profile_id: 'source-profile' + sql_server_name: 'sql-server' + sql_server_root_password: 'root-password' + stream_id: 'stream' + test_vars_overrides: + 'deletion_protection': 'false' + # Requires SQLServer Configuration + exclude_test: true + - name: 'datastream_stream_postgresql_bigquery_dataset_id' + primary_resource_id: 'default' + vars: + dataset_id: 'postgres' + stream_id: 'postgres-bigquery' + dest_connection_profile_id: 'dest-profile' + instance_name: 'instance-name' + sql_user_name: 'my-user' + source_connection_profile_id: 'source-profile' + external_providers: ["random", "time"] + # Random provider + skip_vcr: true + - name: 'datastream_stream_bigquery' + primary_resource_id: 'default' + vars: + stream_id: 'my-stream' + private_connection_id: 'my-connection' + network_name: 'my-network' + source_connection_profile_id: 'source-profile' + database_instance_name: 'my-instance' + deletion_protection: 'true' + destination_connection_profile_id: 'destination-profile' + bigquery_destination_table_kms_key_name: 'bigquery-kms-name' + test_vars_overrides: + 'deletion_protection': 'false' + 'bigquery_destination_table_kms_key_name': 'acctest.BootstrapKMSKeyInLocation(t, "us-central1").CryptoKey.Name' + oics_vars_overrides: + 'deletion_protection': 'false' + external_providers: ["random", "time"] + # Random provider + skip_vcr: true + - name: 'datastream_stream_bigquery_append_only' + primary_resource_id: 'default' + vars: + stream_id: 'my-stream' + private_connection_id: 'my-connection' + network_name: 'my-network' + source_connection_profile_id: 'source-profile' + database_instance_name: 'my-instance' + deletion_protection: 'true' + destination_connection_profile_id: 'destination-profile' + test_vars_overrides: + 'deletion_protection': 'false' + oics_vars_overrides: + 'deletion_protection': 'false' + external_providers: ["random", "time"] + # Random provider + skip_vcr: true +virtual_fields: + - name: 'desired_state' + description: | + Desired state of the Stream. Set this field to `RUNNING` to start the stream, + `NOT_STARTED` to create the stream without starting and `PAUSED` to pause + the stream from a `RUNNING` state. + Possible values: NOT_STARTED, RUNNING, PAUSED. Default: NOT_STARTED + type: String + default_value: "NOT_STARTED" +parameters: + - name: 'streamId' + type: String + description: |- + The stream identifier. + url_param_only: true + required: true + immutable: true + - name: 'create_without_validation' + type: Boolean + description: |- + Create the stream without validating it. + url_param_only: true + required: false + immutable: true + default_value: false + - name: 'location' + type: String + description: | + The name of the location this stream is located in. + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: The stream's name. + output: true + - name: 'labels' + type: KeyValueLabels + description: Labels. + - name: 'displayName' + type: String + description: Display name. + required: true + - name: 'sourceConfig' + type: NestedObject + description: | + Source connection profile configuration. + required: true + properties: + - name: 'sourceConnectionProfile' + type: String + description: | + Source connection profile resource. Format: projects/{project}/locations/{location}/connectionProfiles/{name} + required: true + immutable: true + diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' + - name: 'mysqlSourceConfig' + type: NestedObject + description: | + MySQL data source configuration. + send_empty_value: true + allow_empty_object: true + exactly_one_of: + - 'source_config.0.mysql_source_config' + - 'source_config.0.oracle_source_config' + - 'source_config.0.postgresql_source_config' + - 'source_config.0.sql_server_source_config' + properties: + - name: 'includeObjects' + type: NestedObject + description: | + MySQL objects to retrieve from the source. + properties: + - name: 'mysqlDatabases' + type: Array + description: | + MySQL databases on the server + required: true + item_type: + description: | + MySQL database. + type: NestedObject + properties: + - name: 'database' + type: String + description: | + Database name. + required: true + - name: 'mysqlTables' + type: Array + description: | + Tables in the database. + item_type: + description: | + MySQL table. + type: NestedObject + properties: + - name: 'table' + type: String + description: | + Table name. + required: true + - name: 'mysqlColumns' + type: Array + description: | + MySQL columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. + item_type: + description: | + MySQL Column. + type: NestedObject + properties: + - name: 'column' + type: String + description: | + Column name. + - name: 'dataType' + type: String + description: | + The MySQL data type. Full data types list can be found here: + https://dev.mysql.com/doc/refman/8.0/en/data-types.html + - name: 'length' + type: Integer + description: | + Column length. + output: true + - name: 'collation' + type: String + description: | + Column collation. + - name: 'primaryKey' + type: Boolean + description: | + Whether or not the column represents a primary key. + - name: 'nullable' + type: Boolean + description: | + Whether or not the column can accept a null value. + - name: 'ordinalPosition' + type: Integer + description: | + The ordinal position of the column in the table. + min_size: 1 + min_size: 1 + min_size: 1 + - name: 'excludeObjects' + type: NestedObject + description: | + MySQL objects to exclude from the stream. + properties: + - name: 'mysqlDatabases' + type: Array + description: | + MySQL databases on the server + required: true + item_type: + description: | + MySQL database. + type: NestedObject + properties: + - name: 'database' + type: String + description: | + Database name. + required: true + - name: 'mysqlTables' + type: Array + description: | + Tables in the database. + item_type: + description: | + MySQL table. + type: NestedObject + properties: + - name: 'table' + type: String + description: | + Table name. + required: true + - name: 'mysqlColumns' + type: Array + description: | + MySQL columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. + item_type: + description: | + MySQL Column. + type: NestedObject + properties: + - name: 'column' + type: String + description: | + Column name. + - name: 'dataType' + type: String + description: | + The MySQL data type. Full data types list can be found here: + https://dev.mysql.com/doc/refman/8.0/en/data-types.html + - name: 'length' + type: Integer + description: | + Column length. + output: true + - name: 'collation' + type: String + description: | + Column collation. + - name: 'primaryKey' + type: Boolean + description: | + Whether or not the column represents a primary key. + - name: 'nullable' + type: Boolean + description: | + Whether or not the column can accept a null value. + - name: 'ordinalPosition' + type: Integer + description: | + The ordinal position of the column in the table. + min_size: 1 + min_size: 1 + min_size: 1 + - name: 'maxConcurrentCdcTasks' + type: Integer + description: | + Maximum number of concurrent CDC tasks. The number should be non negative. + If not set (or set to 0), the system's default value will be used. + default_from_api: true + send_empty_value: true + validation: + function: 'validation.IntAtLeast(0)' + - name: 'maxConcurrentBackfillTasks' + type: Integer + description: | + Maximum number of concurrent backfill tasks. The number should be non negative. + If not set (or set to 0), the system's default value will be used. + default_from_api: true + send_empty_value: true + validation: + function: 'validation.IntAtLeast(0)' + - name: 'oracleSourceConfig' + type: NestedObject + description: | + MySQL data source configuration. + send_empty_value: true + allow_empty_object: true + exactly_one_of: + - 'source_config.0.mysql_source_config' + - 'source_config.0.oracle_source_config' + - 'source_config.0.postgresql_source_config' + - 'source_config.0.sql_server_source_config' + properties: + - name: 'includeObjects' + type: NestedObject + description: | + Oracle objects to retrieve from the source. + properties: + - name: 'oracleSchemas' + type: Array + description: | + Oracle schemas/databases in the database server + required: true + item_type: + description: | + MySQL database. + type: NestedObject + properties: + - name: 'schema' + type: String + description: | + Schema name. + required: true + - name: 'oracleTables' + type: Array + description: | + Tables in the database. + item_type: + description: | + Oracle table. + type: NestedObject + properties: + - name: 'table' + type: String + description: | + Table name. + required: true + - name: 'oracleColumns' + type: Array + description: | + Oracle columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. + item_type: + description: | + Oracle Column. + type: NestedObject + properties: + - name: 'column' + type: String + description: | + Column name. + - name: 'dataType' + type: String + description: | + The Oracle data type. Full data types list can be found here: + https://docs.oracle.com/en/database/oracle/oracle-database/21/sqlrf/Data-Types.html + - name: 'length' + type: Integer + description: | + Column length. + output: true + - name: 'precision' + type: Integer + description: | + Column precision. + output: true + - name: 'scale' + type: Integer + description: | + Column scale. + output: true + - name: 'encoding' + type: String + description: | + Column encoding. + output: true + - name: 'primaryKey' + type: Boolean + description: | + Whether or not the column represents a primary key. + output: true + - name: 'nullable' + type: Boolean + description: | + Whether or not the column can accept a null value. + output: true + - name: 'ordinalPosition' + type: Integer + description: | + The ordinal position of the column in the table. + output: true + min_size: 1 + min_size: 1 + min_size: 1 + - name: 'excludeObjects' + type: NestedObject + description: | + Oracle objects to exclude from the stream. + properties: + - name: 'oracleSchemas' + type: Array + description: | + Oracle schemas/databases in the database server + required: true + item_type: + description: | + MySQL database. + type: NestedObject + properties: + - name: 'schema' + type: String + description: | + Schema name. + required: true + - name: 'oracleTables' + type: Array + description: | + Tables in the database. + item_type: + description: | + Oracle table. + type: NestedObject + properties: + - name: 'table' + type: String + description: | + Table name. + required: true + - name: 'oracleColumns' + type: Array + description: | + Oracle columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. + item_type: + description: | + Oracle Column. + type: NestedObject + properties: + - name: 'column' + type: String + description: | + Column name. + - name: 'dataType' + type: String + description: | + The Oracle data type. Full data types list can be found here: + https://docs.oracle.com/en/database/oracle/oracle-database/21/sqlrf/Data-Types.html + - name: 'length' + type: Integer + description: | + Column length. + output: true + - name: 'precision' + type: Integer + description: | + Column precision. + output: true + - name: 'scale' + type: Integer + description: | + Column scale. + output: true + - name: 'encoding' + type: String + description: | + Column encoding. + output: true + - name: 'primaryKey' + type: Boolean + description: | + Whether or not the column represents a primary key. + output: true + - name: 'nullable' + type: Boolean + description: | + Whether or not the column can accept a null value. + output: true + - name: 'ordinalPosition' + type: Integer + description: | + The ordinal position of the column in the table. + output: true + min_size: 1 + min_size: 1 + min_size: 1 + - name: 'maxConcurrentCdcTasks' + type: Integer + description: | + Maximum number of concurrent CDC tasks. The number should be non negative. + If not set (or set to 0), the system's default value will be used. + default_from_api: true + send_empty_value: true + validation: + function: 'validation.IntAtLeast(0)' + - name: 'maxConcurrentBackfillTasks' + type: Integer + description: | + Maximum number of concurrent backfill tasks. The number should be non negative. + If not set (or set to 0), the system's default value will be used. + default_from_api: true + send_empty_value: true + validation: + function: 'validation.IntAtLeast(0)' + - name: 'dropLargeObjects' + type: NestedObject + description: | + Configuration to drop large object values. + send_empty_value: true + allow_empty_object: true + properties: + [] + - name: 'streamLargeObjects' + type: NestedObject + description: | + Configuration to drop large object values. + send_empty_value: true + allow_empty_object: true + properties: + [] + - name: 'postgresqlSourceConfig' + type: NestedObject + description: | + PostgreSQL data source configuration. + send_empty_value: true + allow_empty_object: true + exactly_one_of: + - 'source_config.0.mysql_source_config' + - 'source_config.0.oracle_source_config' + - 'source_config.0.postgresql_source_config' + - 'source_config.0.sql_server_source_config' + properties: + - name: 'includeObjects' + type: NestedObject + description: | + PostgreSQL objects to retrieve from the source. + properties: + - name: 'postgresqlSchemas' + type: Array + description: | + PostgreSQL schemas on the server + required: true + item_type: + description: | + PostgreSQL schema. + type: NestedObject + properties: + - name: 'schema' + type: String + description: | + Database name. + required: true + - name: 'postgresqlTables' + type: Array + description: | + Tables in the schema. + item_type: + description: | + PostgreSQL table. + type: NestedObject + properties: + - name: 'table' + type: String + description: | + Table name. + required: true + - name: 'postgresqlColumns' + type: Array + description: | + PostgreSQL columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. + item_type: + description: | + PostgreSQL Column. + type: NestedObject + properties: + - name: 'column' + type: String + description: | + Column name. + - name: 'dataType' + type: String + description: | + The PostgreSQL data type. Full data types list can be found here: + https://www.postgresql.org/docs/current/datatype.html + - name: 'length' + type: Integer + description: | + Column length. + output: true + - name: 'precision' + type: Integer + description: | + Column precision. + output: true + - name: 'scale' + type: Integer + description: | + Column scale. + output: true + - name: 'primaryKey' + type: Boolean + description: | + Whether or not the column represents a primary key. + - name: 'nullable' + type: Boolean + description: | + Whether or not the column can accept a null value. + - name: 'ordinalPosition' + type: Integer + description: | + The ordinal position of the column in the table. + min_size: 1 + min_size: 1 + min_size: 1 + - name: 'excludeObjects' + type: NestedObject + description: | + PostgreSQL objects to exclude from the stream. + properties: + - name: 'postgresqlSchemas' + type: Array + description: | + PostgreSQL schemas on the server + required: true + item_type: + description: | + PostgreSQL schema. + type: NestedObject + properties: + - name: 'schema' + type: String + description: | + Database name. + required: true + - name: 'postgresqlTables' + type: Array + description: | + Tables in the schema. + item_type: + description: | + PostgreSQL table. + type: NestedObject + properties: + - name: 'table' + type: String + description: | + Table name. + required: true + - name: 'postgresqlColumns' + type: Array + description: | + PostgreSQL columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. + item_type: + description: | + PostgreSQL Column. + type: NestedObject + properties: + - name: 'column' + type: String + description: | + Column name. + - name: 'dataType' + type: String + description: | + The PostgreSQL data type. Full data types list can be found here: + https://www.postgresql.org/docs/current/datatype.html + - name: 'length' + type: Integer + description: | + Column length. + output: true + - name: 'precision' + type: Integer + description: | + Column precision. + output: true + - name: 'scale' + type: Integer + description: | + Column scale. + output: true + - name: 'primaryKey' + type: Boolean + description: | + Whether or not the column represents a primary key. + - name: 'nullable' + type: Boolean + description: | + Whether or not the column can accept a null value. + - name: 'ordinalPosition' + type: Integer + description: | + The ordinal position of the column in the table. + min_size: 1 + min_size: 1 + min_size: 1 + - name: 'replicationSlot' + type: String + description: | + The name of the logical replication slot that's configured with + the pgoutput plugin. + required: true + - name: 'publication' + type: String + description: | + The name of the publication that includes the set of all tables + that are defined in the stream's include_objects. + required: true + - name: 'maxConcurrentBackfillTasks' + type: Integer + description: | + Maximum number of concurrent backfill tasks. The number should be non + negative. If not set (or set to 0), the system's default value will be used. + default_from_api: true + send_empty_value: true + validation: + function: 'validation.IntAtLeast(0)' + - name: 'sqlServerSourceConfig' + type: NestedObject + description: | + SQL Server data source configuration. + send_empty_value: true + allow_empty_object: true + exactly_one_of: + - 'source_config.0.mysql_source_config' + - 'source_config.0.oracle_source_config' + - 'source_config.0.postgresql_source_config' + - 'source_config.0.sql_server_source_config' + properties: + - name: 'includeObjects' + type: NestedObject + description: | + SQL Server objects to retrieve from the source. + properties: + - name: 'schemas' + type: Array + description: | + SQL Server schemas/databases in the database server + required: true + item_type: + description: | + SQL Server database. + type: NestedObject + properties: + - name: 'schema' + type: String + description: | + Schema name. + required: true + - name: 'tables' + type: Array + description: | + Tables in the database. + item_type: + description: | + SQL Server table. + type: NestedObject + properties: + - name: 'table' + type: String + description: | + Table name. + required: true + - name: 'columns' + type: Array + description: | + SQL Server columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. + item_type: + description: | + SQL Server Column. + type: NestedObject + properties: + - name: 'column' + type: String + description: | + Column name. + - name: 'dataType' + type: String + description: | + The SQL Server data type. Full data types list can be found here: + https://learn.microsoft.com/en-us/sql/t-sql/data-types/data-types-transact-sql?view=sql-server-ver16 + - name: 'length' + type: Integer + description: | + Column length. + output: true + - name: 'precision' + type: Integer + description: | + Column precision. + output: true + - name: 'scale' + type: Integer + description: | + Column scale. + output: true + - name: 'primaryKey' + type: Boolean + description: | + Whether or not the column represents a primary key. + output: true + - name: 'nullable' + type: Boolean + description: | + Whether or not the column can accept a null value. + output: true + - name: 'ordinalPosition' + type: Integer + description: | + The ordinal position of the column in the table. + output: true + min_size: 1 + min_size: 1 + min_size: 1 + - name: 'excludeObjects' + type: NestedObject + description: | + SQL Server objects to exclude from the stream. + properties: + - name: 'schemas' + type: Array + description: | + SQL Server schemas/databases in the database server + required: true + item_type: + description: | + SQL Server database. + type: NestedObject + properties: + - name: 'schema' + type: String + description: | + Schema name. + required: true + - name: 'tables' + type: Array + description: | + Tables in the database. + item_type: + description: | + SQL Server table. + type: NestedObject + properties: + - name: 'table' + type: String + description: | + Table name. + required: true + - name: 'columns' + type: Array + description: | + SQL Server columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. + item_type: + description: | + SQL Server Column. + type: NestedObject + properties: + - name: 'column' + type: String + description: | + Column name. + - name: 'dataType' + type: String + description: | + The SQL Server data type. Full data types list can be found here: + https://learn.microsoft.com/en-us/sql/t-sql/data-types/data-types-transact-sql?view=sql-server-ver16 + - name: 'length' + type: Integer + description: | + Column length. + output: true + - name: 'precision' + type: Integer + description: | + Column precision. + output: true + - name: 'scale' + type: Integer + description: | + Column scale. + output: true + - name: 'primaryKey' + type: Boolean + description: | + Whether or not the column represents a primary key. + output: true + - name: 'nullable' + type: Boolean + description: | + Whether or not the column can accept a null value. + output: true + - name: 'ordinalPosition' + type: Integer + description: | + The ordinal position of the column in the table. + output: true + min_size: 1 + min_size: 1 + min_size: 1 + - name: 'maxConcurrentCdcTasks' + type: Integer + description: | + Max concurrent CDC tasks. + default_from_api: true + send_empty_value: true + validation: + function: 'validation.IntAtLeast(0)' + - name: 'maxConcurrentBackfillTasks' + type: Integer + description: | + Max concurrent backfill tasks. + default_from_api: true + send_empty_value: true + validation: + function: 'validation.IntAtLeast(0)' + - name: 'transactionLogs' + type: NestedObject + description: | + CDC reader reads from transaction logs. + send_empty_value: true + allow_empty_object: true + properties: + [] + - name: 'changeTables' + type: NestedObject + description: | + CDC reader reads from change tables. + send_empty_value: true + allow_empty_object: true + properties: + [] + - name: 'destinationConfig' + type: NestedObject + description: | + Destination connection profile configuration. + required: true + properties: + - name: 'destinationConnectionProfile' + type: String + description: | + Destination connection profile resource. Format: projects/{project}/locations/{location}/connectionProfiles/{name} + required: true + immutable: true + diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' + - name: 'gcsDestinationConfig' + type: NestedObject + description: | + A configuration for how data should be loaded to Cloud Storage. + exactly_one_of: + - 'destination_config.0.gcs_destination_config' + - 'destination_config.0.bigquery_destination_config' + properties: + - name: 'path' + type: String + description: | + Path inside the Cloud Storage bucket to write data to. + - name: 'fileRotationMb' + type: Integer + description: | + The maximum file size to be saved in the bucket. + default_from_api: true + - name: 'fileRotationInterval' + type: String + description: | + The maximum duration for which new events are added before a file is closed and a new file is created. + A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". Defaults to 900s. + default_from_api: true + - name: 'avroFileFormat' + type: NestedObject + description: | + AVRO file format configuration. + send_empty_value: true + allow_empty_object: true + exactly_one_of: + - 'destination_config.0.gcs_destination_config.0.avro_file_format' + - 'destination_config.0.gcs_destination_config.0.json_file_format' + properties: + [] + - name: 'jsonFileFormat' + type: NestedObject + description: | + JSON file format configuration. + exactly_one_of: + - 'destination_config.0.gcs_destination_config.0.avro_file_format' + - 'destination_config.0.gcs_destination_config.0.json_file_format' + properties: + - name: 'schemaFileFormat' + type: Enum + description: | + The schema file format along JSON data files. + enum_values: + - 'NO_SCHEMA_FILE' + - 'AVRO_SCHEMA_FILE' + - name: 'compression' + type: Enum + description: | + Compression of the loaded JSON file. + enum_values: + - 'NO_COMPRESSION' + - 'GZIP' + - name: 'bigqueryDestinationConfig' + type: NestedObject + description: | + A configuration for how data should be loaded to Google BigQuery. + exactly_one_of: + - 'destination_config.0.gcs_destination_config' + - 'destination_config.0.bigquery_destination_config' + properties: + - name: 'dataFreshness' + type: String + description: | + The guaranteed data freshness (in seconds) when querying tables created by the stream. + Editing this field will only affect new tables created in the future, but existing tables + will not be impacted. Lower values mean that queries will return fresher data, but may result in higher cost. + A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". Defaults to 900s. + - name: 'singleTargetDataset' + type: NestedObject + description: | + A single target dataset to which all data will be streamed. + exactly_one_of: + - 'destination_config.0.bigquery_destination_config.0.single_target_dataset' + - 'destination_config.0.bigquery_destination_config.0.source_hierarchy_datasets' + properties: + - name: 'datasetId' + type: String + description: | + Dataset ID in the format projects/{project}/datasets/{dataset_id} or + {project}:{dataset_id} + required: true + diff_suppress_func: 'resourceDatastreamStreamDatabaseIdDiffSuppress' + custom_expand: 'templates/terraform/custom_expand/go/datastream_stream_dataset_id.go.tmpl' + - name: 'sourceHierarchyDatasets' + type: NestedObject + description: | + Destination datasets are created so that hierarchy of the destination data objects matches the source hierarchy. + exactly_one_of: + - 'destination_config.0.bigquery_destination_config.0.single_target_dataset' + - 'destination_config.0.bigquery_destination_config.0.source_hierarchy_datasets' + properties: + - name: 'datasetTemplate' + type: NestedObject + description: | + Dataset template used for dynamic dataset creation. + required: true + properties: + - name: 'location' + type: String + description: | + The geographic location where the dataset should reside. + See https://cloud.google.com/bigquery/docs/locations for supported locations. + required: true + - name: 'datasetIdPrefix' + type: String + description: | + If supplied, every created dataset will have its name prefixed by the provided value. + The prefix and name will be separated by an underscore. i.e. _. + - name: 'kmsKeyName' + type: String + description: | + Describes the Cloud KMS encryption key that will be used to protect destination BigQuery + table. The BigQuery Service Account associated with your project requires access to this + encryption key. i.e. projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{cryptoKey}. + See https://cloud.google.com/bigquery/docs/customer-managed-encryption for more information. + immutable: true + - name: 'merge' + type: NestedObject + description: | + Merge mode defines that all changes to a table will be merged at the destination Google BigQuery + table. This is the default write mode. When selected, BigQuery reflects the way the data is stored + in the source database. With Merge mode, no historical record of the change events is kept. + immutable: true + send_empty_value: true + allow_empty_object: true + conflicts: + - destination_config.0.bigquery_destination_config.0.append_only + properties: + [] + - name: 'appendOnly' + type: NestedObject + description: | + AppendOnly mode defines that the stream of changes (INSERT, UPDATE-INSERT, UPDATE-DELETE and DELETE + events) to a source table will be written to the destination Google BigQuery table, retaining the + historical state of the data. + immutable: true + send_empty_value: true + allow_empty_object: true + conflicts: + - destination_config.0.bigquery_destination_config.0.merge + properties: + [] + - name: 'state' + type: String + description: The state of the stream. + output: true + - name: 'backfillAll' + type: NestedObject + description: | + Backfill strategy to automatically backfill the Stream's objects. Specific objects can be excluded. + send_empty_value: true + allow_empty_object: true + exactly_one_of: + - 'backfill_all' + - 'backfill_none' + properties: + - name: 'mysqlExcludedObjects' + type: NestedObject + description: | + MySQL data source objects to avoid backfilling. + properties: + - name: 'mysqlDatabases' + type: Array + description: | + MySQL databases on the server + required: true + item_type: + description: | + MySQL database. + type: NestedObject + properties: + - name: 'database' + type: String + description: | + Database name. + required: true + - name: 'mysqlTables' + type: Array + description: | + Tables in the database. + item_type: + description: | + MySQL table. + type: NestedObject + properties: + - name: 'table' + type: String + description: | + Table name. + required: true + - name: 'mysqlColumns' + type: Array + description: | + MySQL columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. + item_type: + description: | + MySQL Column. + type: NestedObject + properties: + - name: 'column' + type: String + description: | + Column name. + - name: 'dataType' + type: String + description: | + The MySQL data type. Full data types list can be found here: + https://dev.mysql.com/doc/refman/8.0/en/data-types.html + - name: 'length' + type: Integer + description: | + Column length. + output: true + - name: 'collation' + type: String + description: | + Column collation. + - name: 'primaryKey' + type: Boolean + description: | + Whether or not the column represents a primary key. + - name: 'nullable' + type: Boolean + description: | + Whether or not the column can accept a null value. + - name: 'ordinalPosition' + type: Integer + description: | + The ordinal position of the column in the table. + min_size: 1 + min_size: 1 + min_size: 1 + - name: 'postgresqlExcludedObjects' + type: NestedObject + description: | + PostgreSQL data source objects to avoid backfilling. + properties: + - name: 'postgresqlSchemas' + type: Array + description: | + PostgreSQL schemas on the server + required: true + item_type: + description: | + PostgreSQL schema. + type: NestedObject + properties: + - name: 'schema' + type: String + description: | + Database name. + required: true + - name: 'postgresqlTables' + type: Array + description: | + Tables in the schema. + item_type: + description: | + PostgreSQL table. + type: NestedObject + properties: + - name: 'table' + type: String + description: | + Table name. + required: true + - name: 'postgresqlColumns' + type: Array + description: | + PostgreSQL columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. + item_type: + description: | + PostgreSQL Column. + type: NestedObject + properties: + - name: 'column' + type: String + description: | + Column name. + - name: 'dataType' + type: String + description: | + The PostgreSQL data type. Full data types list can be found here: + https://www.postgresql.org/docs/current/datatype.html + - name: 'length' + type: Integer + description: | + Column length. + output: true + - name: 'precision' + type: Integer + description: | + Column precision. + output: true + - name: 'scale' + type: Integer + description: | + Column scale. + output: true + - name: 'primaryKey' + type: Boolean + description: | + Whether or not the column represents a primary key. + - name: 'nullable' + type: Boolean + description: | + Whether or not the column can accept a null value. + - name: 'ordinalPosition' + type: Integer + description: | + The ordinal position of the column in the table. + min_size: 1 + min_size: 1 + min_size: 1 + - name: 'oracleExcludedObjects' + type: NestedObject + description: | + PostgreSQL data source objects to avoid backfilling. + properties: + - name: 'oracleSchemas' + type: Array + description: | + Oracle schemas/databases in the database server + required: true + item_type: + description: | + MySQL database. + type: NestedObject + properties: + - name: 'schema' + type: String + description: | + Schema name. + required: true + - name: 'oracleTables' + type: Array + description: | + Tables in the database. + item_type: + description: | + Oracle table. + type: NestedObject + properties: + - name: 'table' + type: String + description: | + Table name. + required: true + - name: 'oracleColumns' + type: Array + description: | + Oracle columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. + item_type: + description: | + Oracle Column. + type: NestedObject + properties: + - name: 'column' + type: String + description: | + Column name. + - name: 'dataType' + type: String + description: | + The Oracle data type. Full data types list can be found here: + https://docs.oracle.com/en/database/oracle/oracle-database/21/sqlrf/Data-Types.html + - name: 'length' + type: Integer + description: | + Column length. + output: true + - name: 'precision' + type: Integer + description: | + Column precision. + output: true + - name: 'scale' + type: Integer + description: | + Column scale. + output: true + - name: 'encoding' + type: String + description: | + Column encoding. + output: true + - name: 'primaryKey' + type: Boolean + description: | + Whether or not the column represents a primary key. + output: true + - name: 'nullable' + type: Boolean + description: | + Whether or not the column can accept a null value. + output: true + - name: 'ordinalPosition' + type: Integer + description: | + The ordinal position of the column in the table. + output: true + min_size: 1 + min_size: 1 + min_size: 1 + - name: 'sqlServerExcludedObjects' + type: NestedObject + description: | + SQL Server data source objects to avoid backfilling. + properties: + - name: 'schemas' + type: Array + description: | + SQL Server schemas/databases in the database server + required: true + item_type: + description: | + SQL Server database. + type: NestedObject + properties: + - name: 'schema' + type: String + description: | + Schema name. + required: true + - name: 'tables' + type: Array + description: | + Tables in the database. + item_type: + description: | + SQL Server table. + type: NestedObject + properties: + - name: 'table' + type: String + description: | + Table name. + required: true + - name: 'columns' + type: Array + description: | + SQL Server columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. + item_type: + description: | + SQL Server Column. + type: NestedObject + properties: + - name: 'column' + type: String + description: | + Column name. + - name: 'dataType' + type: String + description: | + The SQL Server data type. Full data types list can be found here: + https://learn.microsoft.com/en-us/sql/t-sql/data-types/data-types-transact-sql?view=sql-server-ver16 + - name: 'length' + type: Integer + description: | + Column length. + output: true + - name: 'precision' + type: Integer + description: | + Column precision. + output: true + - name: 'scale' + type: Integer + description: | + Column scale. + output: true + - name: 'primaryKey' + type: Boolean + description: | + Whether or not the column represents a primary key. + output: true + - name: 'nullable' + type: Boolean + description: | + Whether or not the column can accept a null value. + output: true + - name: 'ordinalPosition' + type: Integer + description: | + The ordinal position of the column in the table. + output: true + min_size: 1 + min_size: 1 + min_size: 1 + - name: 'backfillNone' + type: NestedObject + description: | + Backfill strategy to disable automatic backfill for the Stream's objects. + send_empty_value: true + allow_empty_object: true + exactly_one_of: + - 'backfill_all' + - 'backfill_none' + properties: + [] + - name: 'customerManagedEncryptionKey' + type: String + description: | + A reference to a KMS encryption key. If provided, it will be used to encrypt the data. If left blank, data + will be encrypted using an internal Stream-specific encryption key provisioned through KMS. + immutable: true diff --git a/mmv1/products/datastream/go_product.yaml b/mmv1/products/datastream/go_product.yaml new file mode 100644 index 000000000000..faba08aae9b5 --- /dev/null +++ b/mmv1/products/datastream/go_product.yaml @@ -0,0 +1,36 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Datastream' +display_name: 'Datastream' +versions: + - name: 'ga' + base_url: 'https://datastream.googleapis.com/v1/' + - name: 'beta' + base_url: 'https://datastream.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' +async: + type: "OpAsync" + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' diff --git a/mmv1/products/datastream/product.yaml b/mmv1/products/datastream/product.yaml index 593efcc3368e..6aa490d0249b 100644 --- a/mmv1/products/datastream/product.yaml +++ b/mmv1/products/datastream/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2022 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,34 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: Datastream +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://datastream.googleapis.com/v1/ + - !ruby/object:Api::Product::Version + name: beta + base_url: https://datastream.googleapis.com/v1/ +scopes: + - https://www.googleapis.com/auth/cloud-platform +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{{op_id}}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error +======= --- name: 'Datastream' display_name: 'Datastream' @@ -31,5 +63,6 @@ async: path: 'response' resource_inside_response: true error: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 path: 'error' message: 'message' diff --git a/mmv1/products/deploymentmanager/Deployment.yaml b/mmv1/products/deploymentmanager/Deployment.yaml index 3964e1cf0d27..cb7c4da18f7a 100644 --- a/mmv1/products/deploymentmanager/Deployment.yaml +++ b/mmv1/products/deploymentmanager/Deployment.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,47 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Deployment' +kind: 'deploymentmanager#deployment' +base_url: projects/{{project}}/global/deployments +self_link: projects/{{project}}/global/deployments/{{name}} +create_url: projects/{{project}}/global/deployments?preview={{preview}}&createPolicy={{create_policy}} +delete_url: projects/{{project}}/global/deployments/{{name}}?deletePolicy={{delete_policy}} +# A deployment is updatable, but we need to have custom update behavior. +immutable: true +update_verb: :PATCH +update_url: projects/{{project}}/global/deployments/{{name}}?preview={{preview}}&createPolicy={{create_policy}}&deletePolicy={{delete_policy}} +description: | + A collection of resources that are deployed and managed together using + a configuration file +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + kind: 'deploymentmanager#operation' + path: 'name' + full_url: 'selfLink' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'targetLink' + status: !ruby/object:Api::OpAsync::Status + path: 'status' + complete: 'DONE' + allowed: + - 'PENDING' + - 'RUNNING' + - 'DONE' + error: !ruby/object:Api::OpAsync::Error + path: 'error/errors' + message: 'message' +id_format: 'projects/{{project}}/deployments/{{name}}' +import_format: ['projects/{{project}}/deployments/{{name}}'] +timeouts: !ruby/object:Api::Timeouts # Very long to support very long deployments + insert_minutes: 60 + update_minutes: 60 + delete_minutes: 60 +docs: !ruby/object:Provider::Terraform::Docs +======= --- name: 'Deployment' kind: 'deploymentmanager#deployment' @@ -18,6 +63,7 @@ description: | A collection of resources that are deployed and managed together using a configuration file docs: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 warning: | Deployment Manager shares similar behavior with Terraform as both products manage GCP resource lifecycle and state. This Terraform @@ -31,6 +77,40 @@ docs: deployments in preview as recreate-only for any update operation other than actually deploying an in-preview deployment (i.e. `preview=true` to `preview=false`). +<<<<<<< HEAD +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'deployment_manager_deployment_basic' + primary_resource_id: 'deployment' + primary_resource_name: "fmt.Sprintf(\"tf-test-my-deployment-%s\", + context[\"random_suffix\"\ + ])" + vars: + deployment_name: 'my-deployment' + skip_test: true + - !ruby/object:Provider::Terraform::Examples + name: 'deployment_manager_deployment_imports' + primary_resource_id: 'deployment' + primary_resource_name: "fmt.Sprintf(\"tf-test-my-deployment-%s\", + context[\"random_suffix\"\ + ])" + vars: + deployment_name: 'my-deployment' + skip_test: true +custom_code: !ruby/object:Provider::Terraform::CustomCode + # post-create failure: Delete deployment if an invalid deployment was created + post_create_failure: 'templates/terraform/post_create_failure/delete_on_failure.go.erb' + # Custom diff to force new if 'preview' is true + constants: 'templates/terraform/constants/deployment_manager_deployment.go.erb' +custom_diff: [ + 'customDiffDeploymentManagerDeployment', +] +parameters: + # These properties are query parameters given on create/update/delete. + # They should be tracked and updatable. + - !ruby/object:Api::Type::Enum + name: 'createPolicy' +======= id_format: 'projects/{{project}}/deployments/{{name}}' base_url: 'projects/{{project}}/global/deployments' self_link: 'projects/{{project}}/global/deployments/{{name}}' @@ -86,6 +166,7 @@ parameters: # They should be tracked and updatable. - name: 'createPolicy' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Set the policy to use for creating new resources. Only used on create and update. Valid values are `CREATE_OR_ACQUIRE` (default) or @@ -93,12 +174,21 @@ parameters: the deployment will fail. Note that updating this field does not actually affect the deployment, just how it is updated. url_param_only: true +<<<<<<< HEAD + default_value: :CREATE_OR_ACQUIRE + values: + - :ACQUIRE + - :CREATE_OR_ACQUIRE + - !ruby/object:Api::Type::Enum + name: 'deletePolicy' +======= default_value: "CREATE_OR_ACQUIRE" enum_values: - 'ACQUIRE' - 'CREATE_OR_ACQUIRE' - name: 'deletePolicy' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Set the policy to use for deleting new resources on update/delete. Valid values are `DELETE` (default) or `ABANDON`. If `DELETE`, @@ -107,6 +197,15 @@ parameters: and is not actually deleted. Note that updating this field does not actually change the deployment, just how it is updated. url_param_only: true +<<<<<<< HEAD + default_value: :DELETE + values: + - :ABANDON + - :DELETE + - !ruby/object:Api::Type::Boolean + # Custom Update + name: 'preview' +======= default_value: "DELETE" enum_values: - 'ABANDON' @@ -114,6 +213,7 @@ parameters: # Custom Update - name: 'preview' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If set to true, a deployment is created with "shell" resources that are not actually instantiated. This allows you to preview a @@ -123,6 +223,76 @@ parameters: of a deployment in preview (unless updating to preview=false). Thus, Terraform will force-recreate deployments if either preview is updated to true or if other fields are updated while preview is true. +<<<<<<< HEAD + default_value: false + url_param_only: true + update_id: '0_preview' + fingerprint_name: 'fingerprint' + update_verb: :PATCH + update_url: projects/{{project}}/global/deployments/{{name}}?preview={{preview}}&createPolicy={{create_policy}}&deletePolicy={{delete_policy}} +properties: + - !ruby/object:Api::Type::String + name: 'name' + description: | + Unique name for the deployment + required: true + - !ruby/object:Api::Type::String + # Custom Update + name: 'description' + description: | + Optional user-provided description of deployment. + fingerprint_name: 'fingerprint' + update_id: '1_non-preview' + update_verb: :PATCH + update_url: projects/{{project}}/global/deployments/{{name}}?preview={{preview}}&createPolicy={{create_policy}}&deletePolicy={{delete_policy}} + - !ruby/object:Api::Type::Array + # Custom Update + name: 'labels' + description: | + Key-value pairs to apply to this labels. + send_empty_value: true + fingerprint_name: 'fingerprint' + update_id: '1_non-preview' + update_verb: :PATCH + update_url: projects/{{project}}/global/deployments/{{name}}?preview={{preview}}&createPolicy={{create_policy}}&deletePolicy={{delete_policy}} + is_set: true + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'key' + description: | + Key for label. + - !ruby/object:Api::Type::String + name: 'value' + description: | + Value of label. + - !ruby/object:Api::Type::NestedObject + # Custom Update + name: 'target' + required: true + description: | + Parameters that define your deployment, including the deployment + configuration and relevant templates. + fingerprint_name: 'fingerprint' + update_id: '1_non-preview' + update_verb: :PATCH + update_url: projects/{{project}}/global/deployments/{{name}}?preview={{preview}}&createPolicy={{create_policy}}&deletePolicy={{delete_policy}} + ignore_read: true + properties: + - !ruby/object:Api::Type::NestedObject + name: 'config' + required: true + description: | + The root configuration file to use for this deployment. + properties: + - !ruby/object:Api::Type::String + name: 'content' + required: true + description: | + The full YAML contents of your configuration file. + - !ruby/object:Api::Type::Array + name: 'imports' +======= url_param_only: true update_url: 'projects/{{project}}/global/deployments/{{name}}?preview={{preview}}&createPolicy={{create_policy}}&deletePolicy={{delete_policy}}' update_id: '0_preview' @@ -188,10 +358,41 @@ properties: required: true - name: 'imports' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Specifies import files for this configuration. This can be used to import templates or other files. For example, you might import a text file in order to use the file in a template. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'content' + description: | + The full contents of the template that you want to import. + - !ruby/object:Api::Type::String + name: 'name' + description: | + The name of the template to import, as declared in the YAML + configuration. + - !ruby/object:Api::Type::String + name: 'deployment_id' + api_name: id + output: true + description: | + Unique identifier for deployment. Output only. + - !ruby/object:Api::Type::String + name: 'manifest' + output: true + description: | + Output only. URL of the manifest representing the last manifest that + was successfully deployed. + - !ruby/object:Api::Type::String + name: 'selfLink' + output: true + description: | + Output only. Server defined URL for the resource. +======= item_type: type: NestedObject properties: @@ -221,3 +422,4 @@ properties: description: | Output only. Server defined URL for the resource. output: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/deploymentmanager/go_Deployment.yaml b/mmv1/products/deploymentmanager/go_Deployment.yaml new file mode 100644 index 000000000000..b138c01b60e1 --- /dev/null +++ b/mmv1/products/deploymentmanager/go_Deployment.yaml @@ -0,0 +1,224 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Deployment' +kind: 'deploymentmanager#deployment' +description: | + A collection of resources that are deployed and managed together using + a configuration file +docs: + warning: | + Deployment Manager shares similar behavior with Terraform as both + products manage GCP resource lifecycle and state. This Terraform + resource is intended only to manage a Deployment resource, + and attempts to manage the Deployment's resources in Terraform as well + will likely result in errors or unexpected behavior as the two tools + fight over ownership. We strongly discourage doing so unless you are an + experienced user of both tools. + + In addition, due to limitations of the API, Terraform will treat + deployments in preview as recreate-only for any update operation other + than actually deploying an in-preview deployment (i.e. `preview=true` to + `preview=false`). +id_format: 'projects/{{project}}/deployments/{{name}}' +base_url: 'projects/{{project}}/global/deployments' +self_link: 'projects/{{project}}/global/deployments/{{name}}' +create_url: 'projects/{{project}}/global/deployments?preview={{preview}}&createPolicy={{create_policy}}' +update_url: 'projects/{{project}}/global/deployments/{{name}}?preview={{preview}}&createPolicy={{create_policy}}&deletePolicy={{delete_policy}}' +update_verb: 'PATCH' +delete_url: 'projects/{{project}}/global/deployments/{{name}}?deletePolicy={{delete_policy}}' +# A deployment is updatable, but we need to have custom update behavior. +immutable: true +import_format: + - 'projects/{{project}}/deployments/{{name}}' + # Very long to support very long deployments +timeouts: + insert_minutes: 60 + update_minutes: 60 + delete_minutes: 60 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + full_url: 'selfLink' + kind: 'deploymentmanager#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +custom_code: + # Custom diff to force new if 'preview' is true + constants: 'templates/terraform/constants/go/deployment_manager_deployment.go.tmpl' + # post-create failure: Delete deployment if an invalid deployment was created + post_create_failure: 'templates/terraform/post_create_failure/go/delete_on_failure.go.tmpl' +custom_diff: + - 'customDiffDeploymentManagerDeployment' +examples: + - name: 'deployment_manager_deployment_basic' + primary_resource_id: 'deployment' + primary_resource_name: 'fmt.Sprintf("tf-test-my-deployment-%s", context["random_suffix"])' + vars: + deployment_name: 'my-deployment' + exclude_test: true + - name: 'deployment_manager_deployment_imports' + primary_resource_id: 'deployment' + primary_resource_name: 'fmt.Sprintf("tf-test-my-deployment-%s", context["random_suffix"])' + vars: + deployment_name: 'my-deployment' + exclude_test: true +parameters: + # These properties are query parameters given on create/update/delete. + # They should be tracked and updatable. + - name: 'createPolicy' + type: Enum + description: | + Set the policy to use for creating new resources. Only used on + create and update. Valid values are `CREATE_OR_ACQUIRE` (default) or + `ACQUIRE`. If set to `ACQUIRE` and resources do not already exist, + the deployment will fail. Note that updating this field does not + actually affect the deployment, just how it is updated. + url_param_only: true + default_value: "CREATE_OR_ACQUIRE" + enum_values: + - 'ACQUIRE' + - 'CREATE_OR_ACQUIRE' + - name: 'deletePolicy' + type: Enum + description: | + Set the policy to use for deleting new resources on update/delete. + Valid values are `DELETE` (default) or `ABANDON`. If `DELETE`, + resource is deleted after removal from Deployment Manager. If + `ABANDON`, the resource is only removed from Deployment Manager + and is not actually deleted. Note that updating this field does not + actually change the deployment, just how it is updated. + url_param_only: true + default_value: "DELETE" + enum_values: + - 'ABANDON' + - 'DELETE' + # Custom Update + - name: 'preview' + type: Boolean + description: | + If set to true, a deployment is created with "shell" resources + that are not actually instantiated. This allows you to preview a + deployment. It can be updated to false to actually deploy + with real resources. + ~>**NOTE:** Deployment Manager does not allow update + of a deployment in preview (unless updating to preview=false). Thus, + Terraform will force-recreate deployments if either preview is updated + to true or if other fields are updated while preview is true. + url_param_only: true + update_url: 'projects/{{project}}/global/deployments/{{name}}?preview={{preview}}&createPolicy={{create_policy}}&deletePolicy={{delete_policy}}' + update_id: '0_preview' + fingerprint_name: 'fingerprint' + default_value: false +properties: + - name: 'name' + type: String + description: | + Unique name for the deployment + required: true + # Custom Update + - name: 'description' + type: String + description: | + Optional user-provided description of deployment. + update_url: 'projects/{{project}}/global/deployments/{{name}}?preview={{preview}}&createPolicy={{create_policy}}&deletePolicy={{delete_policy}}' + update_id: '1_non-preview' + fingerprint_name: 'fingerprint' + # Custom Update + - name: 'labels' + type: Array + description: | + Key-value pairs to apply to this labels. + is_set: true + send_empty_value: true + update_url: 'projects/{{project}}/global/deployments/{{name}}?preview={{preview}}&createPolicy={{create_policy}}&deletePolicy={{delete_policy}}' + update_id: '1_non-preview' + fingerprint_name: 'fingerprint' + item_type: + type: NestedObject + properties: + - name: 'key' + type: String + description: | + Key for label. + - name: 'value' + type: String + description: | + Value of label. + # Custom Update + - name: 'target' + type: NestedObject + description: | + Parameters that define your deployment, including the deployment + configuration and relevant templates. + required: true + ignore_read: true + update_url: 'projects/{{project}}/global/deployments/{{name}}?preview={{preview}}&createPolicy={{create_policy}}&deletePolicy={{delete_policy}}' + update_id: '1_non-preview' + fingerprint_name: 'fingerprint' + properties: + - name: 'config' + type: NestedObject + description: | + The root configuration file to use for this deployment. + required: true + properties: + - name: 'content' + type: String + description: | + The full YAML contents of your configuration file. + required: true + - name: 'imports' + type: Array + description: | + Specifies import files for this configuration. This can be + used to import templates or other files. For example, you might + import a text file in order to use the file in a template. + item_type: + type: NestedObject + properties: + - name: 'content' + type: String + description: | + The full contents of the template that you want to import. + - name: 'name' + type: String + description: | + The name of the template to import, as declared in the YAML + configuration. + - name: 'deployment_id' + type: String + description: | + Unique identifier for deployment. Output only. + api_name: id + output: true + - name: 'manifest' + type: String + description: | + Output only. URL of the manifest representing the last manifest that + was successfully deployed. + output: true + - name: 'selfLink' + type: String + description: | + Output only. Server defined URL for the resource. + output: true diff --git a/mmv1/products/deploymentmanager/go_product.yaml b/mmv1/products/deploymentmanager/go_product.yaml new file mode 100644 index 000000000000..1fe4f3ba24e4 --- /dev/null +++ b/mmv1/products/deploymentmanager/go_product.yaml @@ -0,0 +1,22 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'DeploymentManager' +display_name: 'Cloud Deployment Manager' +versions: + - name: 'ga' + base_url: 'https://www.googleapis.com/deploymentmanager/v2/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/deploymentmanager/product.yaml b/mmv1/products/deploymentmanager/product.yaml index f9b701f5ef94..778d556ccb51 100644 --- a/mmv1/products/deploymentmanager/product.yaml +++ b/mmv1/products/deploymentmanager/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2019 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,29 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: DeploymentManager +display_name: Cloud Deployment Manager +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://www.googleapis.com/deploymentmanager/v2/ +scopes: + - https://www.googleapis.com/auth/cloud-platform +======= +<<<<<<<< HEAD:mmv1/products/apphub/product.yaml + +--- !ruby/object:Api::Product +name: Apphub +display_name: App Hub +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://apphub.googleapis.com/v1/ +scopes: + - https://www.googleapis.com/auth/cloud-platform +======== --- name: 'DeploymentManager' display_name: 'Cloud Deployment Manager' @@ -19,3 +46,5 @@ versions: base_url: 'https://www.googleapis.com/deploymentmanager/v2/' scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856:mmv1/products/deploymentmanager/product.yaml +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/developerconnect/Connection.yaml b/mmv1/products/developerconnect/Connection.yaml index 1366e08e794d..3f85f25191c8 100644 --- a/mmv1/products/developerconnect/Connection.yaml +++ b/mmv1/products/developerconnect/Connection.yaml @@ -11,6 +11,39 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +base_url: projects/{{project}}/locations/{{location}}/connections +create_url: projects/{{project}}/locations/{{location}}/connections?connectionId={{connection_id}} +self_link: projects/{{project}}/locations/{{location}}/connections/{{connection_id}} +id_format: projects/{{project}}/locations/{{location}}/connections/{{connection_id}} +import_format: + - projects/{{project}}/locations/{{location}}/connections/{{connection_id}} +examples: + - !ruby/object:Provider::Terraform::Examples + min_version: beta + name: "developer_connect_connection_basic" + primary_resource_id: "my-connection" + primary_resource_name: "fmt.Sprintf(\"tf-test-connection%s\", + context[\"random_suffix\"\ + ])" + vars: + connection_name: "tf-test-connection" + - !ruby/object:Provider::Terraform::Examples + min_version: beta + name: "developer_connect_connection_github_doc" + skip_test: true +name: Connection +description: | + A connection to a GitHub App installation. +min_version: "beta" +update_verb: :PATCH +update_mask: true +autogen_async: true +parameters: + - !ruby/object:Api::Type::String + name: location +======= --- name: 'Connection' description: | @@ -57,10 +90,50 @@ examples: parameters: - name: 'location' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation for resource type `developerconnect.googleapis.com/GitRepositoryLink`. +<<<<<<< HEAD + url_param_only: true + required: true + immutable: true + - !ruby/object:Api::Type::String + name: connectionId + description: | + Required. Id of the requesting object. If auto-generating Id server-side, + remove this field and connection_id from the method_signature of Create RPC. + url_param_only: true + required: true + immutable: true +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: name + base_url: "{{op_id}}" + wait_ms: 1000 + timeouts: + result: !ruby/object:Api::OpAsync::Result + path: response + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: done + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: error + message: message +properties: + - !ruby/object:Api::Type::NestedObject + name: githubConfig + description: | + Configuration for connections to github.com. + properties: + - !ruby/object:Api::Type::String + name: githubApp +======= min_version: 'beta' url_param_only: true required: true @@ -83,6 +156,7 @@ properties: properties: - name: 'githubApp' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Required. Immutable. The GitHub Application that was installed to the GitHub user or organization. @@ -90,6 +164,18 @@ properties: GIT_HUB_APP_UNSPECIFIED DEVELOPER_CONNECT FIREBASE" +<<<<<<< HEAD + required: true + immutable: true + - !ruby/object:Api::Type::NestedObject + name: authorizerCredential + description: | + Represents an OAuth token of the account that authorized the Connection,and + associated metadata. + properties: + - !ruby/object:Api::Type::String + name: oauthTokenSecretVersion +======= min_version: 'beta' required: true immutable: true @@ -102,10 +188,63 @@ properties: properties: - name: 'oauthTokenSecretVersion' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Required. A SecretManager resource containing the OAuth token that authorizes the connection. Format: `projects/*/secrets/*/versions/*`. +<<<<<<< HEAD + required: true + - !ruby/object:Api::Type::String + name: username + description: | + Output only. The username associated with this token. + output: true + - !ruby/object:Api::Type::String + name: appInstallationId + description: | + Optional. GitHub App installation id. + - !ruby/object:Api::Type::String + name: installationUri + description: | + Output only. The URI to navigate to in order to manage the installation + associated with this GitHubConfig. + output: true + - !ruby/object:Api::Type::String + name: name + description: | + Identifier. The resource name of the connection, in the format + `projects/{project}/locations/{location}/connections/{connection_id}`. + output: true + - !ruby/object:Api::Type::String + name: createTime + description: | + Output only. [Output only] Create timestamp + output: true + - !ruby/object:Api::Type::String + name: updateTime + description: | + Output only. [Output only] Update timestamp + output: true + - !ruby/object:Api::Type::String + name: deleteTime + description: | + Output only. [Output only] Delete timestamp + output: true + - !ruby/object:Api::Type::KeyValueLabels + name: labels + description: | + Optional. Labels as key value pairs + - !ruby/object:Api::Type::NestedObject + name: installationState + description: | + Describes stage and necessary actions to be taken by the user to complete the installation. + Used for GitHub and GitHub Enterprise based connections. + output: true + properties: + - !ruby/object:Api::Type::String + name: stage +======= min_version: 'beta' required: true - name: 'username' @@ -166,6 +305,7 @@ properties: properties: - name: 'stage' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Output only. Current step of the installation process. Possible values: @@ -174,6 +314,21 @@ properties: PENDING_USER_OAUTH PENDING_INSTALL_APP COMPLETE +<<<<<<< HEAD + output: true + - !ruby/object:Api::Type::String + name: message + description: | + Output only. Message of what the user should do next to continue + the installation.Empty string if the installation is already complete. + - !ruby/object:Api::Type::String + name: actionUri + description: | + Output only. Link to follow for next action. Empty string if the + installation is already complete. + - !ruby/object:Api::Type::Boolean + name: disabled +======= min_version: 'beta' output: true - name: 'message' @@ -190,10 +345,25 @@ properties: min_version: 'beta' - name: 'disabled' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: Optional. If disabled is set to true, functionality is disabled for this connection. Repository based API methods and webhooks processing for repositories in this connection will be disabled. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: reconciling + description: | + Output only. Set to true when the connection is being set up or updated + in the background. + output: true + - !ruby/object:Api::Type::KeyValueAnnotations + name: annotations + description: | + Optional. Allows clients to store small amounts of arbitrary data. + - !ruby/object:Api::Type::String + name: etag +======= min_version: 'beta' - name: 'reconciling' type: Boolean @@ -209,14 +379,22 @@ properties: min_version: 'beta' - name: 'etag' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Optional. This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: uid + description: | + Output only. A system-assigned unique identifier for a the GitRepositoryLink. +======= min_version: 'beta' - name: 'uid' type: String description: | Output only. A system-assigned unique identifier for a the GitRepositoryLink. min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 output: true diff --git a/mmv1/products/developerconnect/GitRepositoryLink.yaml b/mmv1/products/developerconnect/GitRepositoryLink.yaml index 54ea3c39287d..0ac9f0b06187 100644 --- a/mmv1/products/developerconnect/GitRepositoryLink.yaml +++ b/mmv1/products/developerconnect/GitRepositoryLink.yaml @@ -11,6 +11,37 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +base_url: projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/gitRepositoryLinks +create_url: projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/gitRepositoryLinks?gitRepositoryLinkId={{git_repository_link_id}} +self_link: projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/gitRepositoryLinks/{{git_repository_link_id}} +id_format: projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/gitRepositoryLinks/{{git_repository_link_id}} +import_format: + - projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/gitRepositoryLinks/{{git_repository_link_id}} +examples: + # These tests depend on secrets stored in a separate project, so we prefer not + # to show them in the docs. + - !ruby/object:Provider::Terraform::Examples + name: "developer_connect_git_repository_link_github" + primary_resource_id: "primary" + skip_docs: true + min_version: beta + vars: + connection_name: "my-connection" + git_repository_link_name: "my-repository" + - !ruby/object:Provider::Terraform::Examples + name: "developer_connect_git_repository_link_github_doc" + min_version: beta + skip_test: true +name: GitRepositoryLink +description: "A git repository link to a parent connection." +min_version: "beta" +autogen_async: true +parameters: + - !ruby/object:Api::Type::String + name: location +======= --- name: 'GitRepositoryLink' description: "A git repository link to a parent connection." @@ -58,30 +89,97 @@ examples: parameters: - name: 'location' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: "Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation for resource type `developerconnect.googleapis.com/GitRepositoryLink`. " +<<<<<<< HEAD + url_param_only: true + required: true + immutable: true + - !ruby/object:Api::Type::String + name: parent_connection +======= min_version: 'beta' url_param_only: true required: true immutable: true - name: 'parent_connection' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: "Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation for resource type `developerconnect.googleapis.com/GitRepositoryLink`. " +<<<<<<< HEAD + url_param_only: true + required: true + immutable: true + - !ruby/object:Api::Type::String + name: gitRepositoryLinkId +======= min_version: 'beta' url_param_only: true required: true immutable: true - name: 'gitRepositoryLinkId' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: "Required. The ID to use for the repository, which will become the final component of\nthe repository's resource name. This ID should be unique in the connection.\nAllows alphanumeric characters and any of -._~%!$&'()*+,;=@. " +<<<<<<< HEAD + url_param_only: true + required: true + immutable: true +async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: name + base_url: "{{op_id}}" + wait_ms: 1000 + timeouts: + result: !ruby/object:Api::OpAsync::Result + path: response + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: done + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: error + message: message +immutable: true +properties: + - !ruby/object:Api::Type::String + name: name + description: "Identifier. Resource name of the repository, in the format\n`projects/*/locations/*/connections/*/gitRepositoryLinks/*`. " + output: true + - !ruby/object:Api::Type::String + name: cloneUri + description: "Required. Git Clone URI. " + required: true + - !ruby/object:Api::Type::String + name: createTime + description: "Output only. [Output only] Create timestamp " + output: true + - !ruby/object:Api::Type::String + name: updateTime + description: "Output only. [Output only] Update timestamp " + output: true + - !ruby/object:Api::Type::String + name: deleteTime + description: "Output only. [Output only] Delete timestamp " + output: true + - !ruby/object:Api::Type::KeyValueLabels + name: labels + description: "Optional. Labels as key value pairs " + - !ruby/object:Api::Type::String + name: etag +======= min_version: 'beta' url_param_only: true required: true @@ -118,10 +216,25 @@ properties: min_version: 'beta' - name: 'etag' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: "Optional. This checksum is computed by the server based on the value of other\nfields, and may be sent on update and delete requests to ensure the\nclient has an up-to-date value before proceeding. " +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: reconciling + description: + "Output only. Set to true when the connection is being set up or updated + in the\nbackground. " + output: true + - !ruby/object:Api::Type::KeyValueAnnotations + name: annotations + description: "Optional. Allows clients to store small amounts of arbitrary data. " + - !ruby/object:Api::Type::String + name: uid + description: "Output only. A system-assigned unique identifier for a the GitRepositoryLink. " +======= min_version: 'beta' - name: 'reconciling' type: Boolean @@ -138,4 +251,5 @@ properties: type: String description: "Output only. A system-assigned unique identifier for a the GitRepositoryLink. " min_version: 'beta' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 output: true diff --git a/mmv1/products/developerconnect/go_Connection.yaml b/mmv1/products/developerconnect/go_Connection.yaml new file mode 100644 index 000000000000..f60cd4718e51 --- /dev/null +++ b/mmv1/products/developerconnect/go_Connection.yaml @@ -0,0 +1,223 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Connection' +description: | + A connection to a GitHub App installation. +min_version: 'beta' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/connections/{{connection_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/connections' +self_link: 'projects/{{project}}/locations/{{location}}/connections/{{connection_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/connections?connectionId={{connection_id}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/connections/{{connection_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: +examples: + - name: 'developer_connect_connection_basic' + primary_resource_id: 'my-connection' + primary_resource_name: 'fmt.Sprintf("tf-test-connection%s", context["random_suffix"])' + min_version: 'beta' + vars: + connection_name: 'tf-test-connection' + - name: 'developer_connect_connection_github_doc' + min_version: 'beta' + exclude_test: true +parameters: + - name: 'location' + type: String + description: | + Resource ID segment making up resource `name`. It identifies the resource + within its parent collection as described in https://google.aip.dev/122. See documentation + for resource type `developerconnect.googleapis.com/GitRepositoryLink`. + min_version: 'beta' + url_param_only: true + required: true + immutable: true + - name: 'connectionId' + type: String + description: | + Required. Id of the requesting object. If auto-generating Id server-side, + remove this field and connection_id from the method_signature of Create RPC. + min_version: 'beta' + url_param_only: true + required: true + immutable: true +properties: + - name: 'githubConfig' + type: NestedObject + description: | + Configuration for connections to github.com. + min_version: 'beta' + properties: + - name: 'githubApp' + type: String + description: | + Required. Immutable. The GitHub Application that was installed to + the GitHub user or organization. + Possible values: + GIT_HUB_APP_UNSPECIFIED + DEVELOPER_CONNECT + FIREBASE" + min_version: 'beta' + required: true + immutable: true + - name: 'authorizerCredential' + type: NestedObject + description: | + Represents an OAuth token of the account that authorized the Connection,and + associated metadata. + min_version: 'beta' + properties: + - name: 'oauthTokenSecretVersion' + type: String + description: | + Required. A SecretManager resource containing the OAuth token + that authorizes the connection. + Format: `projects/*/secrets/*/versions/*`. + min_version: 'beta' + required: true + - name: 'username' + type: String + description: | + Output only. The username associated with this token. + min_version: 'beta' + output: true + - name: 'appInstallationId' + type: String + description: | + Optional. GitHub App installation id. + min_version: 'beta' + - name: 'installationUri' + type: String + description: | + Output only. The URI to navigate to in order to manage the installation + associated with this GitHubConfig. + min_version: 'beta' + output: true + - name: 'name' + type: String + description: | + Identifier. The resource name of the connection, in the format + `projects/{project}/locations/{location}/connections/{connection_id}`. + min_version: 'beta' + output: true + - name: 'createTime' + type: String + description: | + Output only. [Output only] Create timestamp + min_version: 'beta' + output: true + - name: 'updateTime' + type: String + description: | + Output only. [Output only] Update timestamp + min_version: 'beta' + output: true + - name: 'deleteTime' + type: String + description: | + Output only. [Output only] Delete timestamp + min_version: 'beta' + output: true + - name: 'labels' + type: KeyValueLabels + description: | + Optional. Labels as key value pairs + min_version: 'beta' + - name: 'installationState' + type: NestedObject + description: | + Describes stage and necessary actions to be taken by the user to complete the installation. + Used for GitHub and GitHub Enterprise based connections. + min_version: 'beta' + output: true + properties: + - name: 'stage' + type: String + description: | + Output only. Current step of the installation process. + Possible values: + STAGE_UNSPECIFIED + PENDING_CREATE_APP + PENDING_USER_OAUTH + PENDING_INSTALL_APP + COMPLETE + min_version: 'beta' + output: true + - name: 'message' + type: String + description: | + Output only. Message of what the user should do next to continue + the installation.Empty string if the installation is already complete. + min_version: 'beta' + - name: 'actionUri' + type: String + description: | + Output only. Link to follow for next action. Empty string if the + installation is already complete. + min_version: 'beta' + - name: 'disabled' + type: Boolean + description: + Optional. If disabled is set to true, functionality is disabled for + this connection. Repository based API methods and webhooks processing + for repositories in this connection will be disabled. + min_version: 'beta' + - name: 'reconciling' + type: Boolean + description: | + Output only. Set to true when the connection is being set up or updated + in the background. + min_version: 'beta' + output: true + - name: 'annotations' + type: KeyValueAnnotations + description: | + Optional. Allows clients to store small amounts of arbitrary data. + min_version: 'beta' + - name: 'etag' + type: String + description: | + Optional. This checksum is computed by the server based on the value + of other fields, and may be sent on update and delete requests to ensure the + client has an up-to-date value before proceeding. + min_version: 'beta' + - name: 'uid' + type: String + description: | + Output only. A system-assigned unique identifier for a the GitRepositoryLink. + min_version: 'beta' + output: true diff --git a/mmv1/products/developerconnect/go_GitRepositoryLink.yaml b/mmv1/products/developerconnect/go_GitRepositoryLink.yaml new file mode 100644 index 000000000000..a870379945bf --- /dev/null +++ b/mmv1/products/developerconnect/go_GitRepositoryLink.yaml @@ -0,0 +1,142 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'GitRepositoryLink' +description: "A git repository link to a parent connection." +min_version: 'beta' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/gitRepositoryLinks/{{git_repository_link_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/gitRepositoryLinks' +self_link: 'projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/gitRepositoryLinks/{{git_repository_link_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/gitRepositoryLinks?gitRepositoryLinkId={{git_repository_link_id}}' +immutable: true +import_format: + - 'projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/gitRepositoryLinks/{{git_repository_link_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: +examples: + # These tests depend on secrets stored in a separate project, so we prefer not + # to show them in the docs. + - name: 'developer_connect_git_repository_link_github' + primary_resource_id: 'primary' + min_version: 'beta' + vars: + connection_name: 'my-connection' + git_repository_link_name: 'my-repository' + exclude_docs: true + - name: 'developer_connect_git_repository_link_github_doc' + min_version: 'beta' + exclude_test: true +parameters: + - name: 'location' + type: String + description: + "Resource ID segment making up resource `name`. It identifies the resource + within its parent collection as described in https://google.aip.dev/122. See documentation + for resource type `developerconnect.googleapis.com/GitRepositoryLink`. " + min_version: 'beta' + url_param_only: true + required: true + immutable: true + - name: 'parent_connection' + type: String + description: + "Resource ID segment making up resource `name`. It identifies the resource + within its parent collection as described in https://google.aip.dev/122. See documentation + for resource type `developerconnect.googleapis.com/GitRepositoryLink`. " + min_version: 'beta' + url_param_only: true + required: true + immutable: true + - name: 'gitRepositoryLinkId' + type: String + description: + "Required. The ID to use for the repository, which will become the + final component of\nthe repository's resource name. This ID should be unique in + the connection.\nAllows alphanumeric characters and any of -._~%!$&'()*+,;=@. " + min_version: 'beta' + url_param_only: true + required: true + immutable: true +properties: + - name: 'name' + type: String + description: "Identifier. Resource name of the repository, in the format\n`projects/*/locations/*/connections/*/gitRepositoryLinks/*`. " + min_version: 'beta' + output: true + - name: 'cloneUri' + type: String + description: "Required. Git Clone URI. " + min_version: 'beta' + required: true + - name: 'createTime' + type: String + description: "Output only. [Output only] Create timestamp " + min_version: 'beta' + output: true + - name: 'updateTime' + type: String + description: "Output only. [Output only] Update timestamp " + min_version: 'beta' + output: true + - name: 'deleteTime' + type: String + description: "Output only. [Output only] Delete timestamp " + min_version: 'beta' + output: true + - name: 'labels' + type: KeyValueLabels + description: "Optional. Labels as key value pairs " + min_version: 'beta' + - name: 'etag' + type: String + description: + "Optional. This checksum is computed by the server based on the value + of other\nfields, and may be sent on update and delete requests to ensure the\nclient + has an up-to-date value before proceeding. " + min_version: 'beta' + - name: 'reconciling' + type: Boolean + description: + "Output only. Set to true when the connection is being set up or updated + in the\nbackground. " + min_version: 'beta' + output: true + - name: 'annotations' + type: KeyValueAnnotations + description: "Optional. Allows clients to store small amounts of arbitrary data. " + min_version: 'beta' + - name: 'uid' + type: String + description: "Output only. A system-assigned unique identifier for a the GitRepositoryLink. " + min_version: 'beta' + output: true diff --git a/mmv1/products/developerconnect/go_product.yaml b/mmv1/products/developerconnect/go_product.yaml new file mode 100644 index 000000000000..3e06ead0a808 --- /dev/null +++ b/mmv1/products/developerconnect/go_product.yaml @@ -0,0 +1,34 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +<<<<<<<< HEAD:mmv1/products/developerconnect/go_product.yaml +name: 'DeveloperConnect' +display_name: 'Developer Connect' +versions: + - name: 'beta' + base_url: 'https://developerconnect.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' +======== +name: 'NetworkServices' +display_name: 'Network services' +versions: + - name: 'beta' + base_url: 'https://networkservices.googleapis.com/v1/' + - name: 'ga' + base_url: 'https://networkservices.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-identity' +>>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856:mmv1/products/networkservices/product.yaml diff --git a/mmv1/products/developerconnect/product.yaml b/mmv1/products/developerconnect/product.yaml index 5a32e127e0af..f1de4f0088f9 100644 --- a/mmv1/products/developerconnect/product.yaml +++ b/mmv1/products/developerconnect/product.yaml @@ -11,6 +11,17 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +versions: + - !ruby/object:Api::Product::Version + base_url: https://developerconnect.googleapis.com/v1/ + name: beta +name: DeveloperConnect +display_name: Developer Connect +scopes: + - https://www.googleapis.com/auth/cloud-platform +======= --- name: 'DeveloperConnect' display_name: 'Developer Connect' @@ -19,3 +30,4 @@ versions: base_url: 'https://developerconnect.googleapis.com/v1/' scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/dialogflow/Agent.yaml b/mmv1/products/dialogflow/Agent.yaml index c651a30ec446..44723a8975fa 100644 --- a/mmv1/products/dialogflow/Agent.yaml +++ b/mmv1/products/dialogflow/Agent.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,13 +15,60 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Agent' +base_url: 'projects/{{project}}/agent' +self_link: 'projects/{{project}}/agent' +update_verb: :POST +======= --- name: 'Agent' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A Dialogflow agent is a virtual agent that handles conversations with your end-users. It is a natural language understanding module that understands the nuances of human language. Dialogflow translates end-user text or audio during a conversation to structured data that your apps and services can understand. You design and build a Dialogflow agent to handle the types of conversations required for your system. +<<<<<<< HEAD +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/dialogflow/docs/' + api: 'https://cloud.google.com/dialogflow/docs/reference/rest/v2/projects/agent' +timeouts: !ruby/object:Api::Timeouts + insert_minutes: 40 + update_minutes: 40 +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'dialogflow_agent_full' + primary_resource_id: 'full_agent' + vars: + agent_name: 'dialogflow-agent' +# Only one agent per project, API does not have an agent ID +id_format: '{{project}}' +import_format: ['{{project}}'] +skip_sweeper: true +properties: + - !ruby/object:Api::Type::String + name: 'displayName' + required: true + description: | + The name of this agent. + - !ruby/object:Api::Type::String + name: 'defaultLanguageCode' + description: | + The default language of the agent as a language tag. [See Language Support](https://cloud.google.com/dialogflow/docs/reference/language) + for a list of the currently supported language codes. This field cannot be updated after creation. + immutable: true + required: true + - !ruby/object:Api::Type::Array + name: 'supportedLanguageCodes' + item_type: Api::Type::String + description: | + The list of all languages supported by this agent (except for the defaultLanguageCode). + - !ruby/object:Api::Type::String + name: 'timeZone' +======= references: guides: 'Official Documentation': 'https://cloud.google.com/dialogflow/docs/' @@ -63,10 +114,21 @@ properties: type: String - name: 'timeZone' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The time zone of this agent from the [time zone database](https://www.iana.org/time-zones), e.g., America/New_York, Europe/Paris. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'description' + description: | + The description of this agent. The maximum length is 500 characters. If exceeded, the request is rejected. + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringLenBetween(0, 500)' + - !ruby/object:Api::Type::String + name: 'avatarUri' +======= - name: 'description' type: String description: | @@ -75,11 +137,27 @@ properties: function: 'validation.StringLenBetween(0, 500)' - name: 'avatarUri' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The URI of the agent's avatar, which are used throughout the Dialogflow console. When an image URL is entered into this field, the Dialogflow will save the image in the backend. The address of the backend image returned from the API will be shown in the [avatarUriBackend] field. ignore_read: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'avatarUriBackend' + description: | + The URI of the agent's avatar as returned from the API. Output only. To provide an image URL for the agent avatar, + the [avatarUri] field can be used. + output: true + api_name: avatarUri + - !ruby/object:Api::Type::Boolean + name: 'enableLogging' + description: | + Determines whether this agent should log conversation queries. + - !ruby/object:Api::Type::Enum + name: 'matchMode' +======= - name: 'avatarUriBackend' type: String description: | @@ -93,26 +171,41 @@ properties: Determines whether this agent should log conversation queries. - name: 'matchMode' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Determines how intents are detected from user queries. * MATCH_MODE_HYBRID: Best for agents with a small number of examples in intents and/or wide use of templates syntax and composite entities. * MATCH_MODE_ML_ONLY: Can be used for agents with a large number of examples in intents, especially the ones using @sys.any or very large developer entities. +<<<<<<< HEAD + values: + - :MATCH_MODE_HYBRID + - :MATCH_MODE_ML_ONLY + default_from_api: true + - !ruby/object:Api::Type::Double + name: 'classificationThreshold' +======= default_from_api: true enum_values: - 'MATCH_MODE_HYBRID' - 'MATCH_MODE_ML_ONLY' - name: 'classificationThreshold' type: Double +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | To filter out false positive results and still get variety in matched natural language inputs for your agent, you can tune the machine learning classification threshold. If the returned score value is less than the threshold value, then a fallback intent will be triggered or, if there are no fallback intents defined, no intent will be triggered. The score values range from 0.0 (completely uncertain) to 1.0 (completely certain). If set to 0.0, the default of 0.3 is used. +<<<<<<< HEAD + - !ruby/object:Api::Type::Enum + name: 'apiVersion' +======= - name: 'apiVersion' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | API version displayed in Dialogflow console. If not specified, V2 API is assumed. Clients are free to query different service endpoints for different API versions. However, bots connectors and webhook calls will follow @@ -120,6 +213,15 @@ properties: * API_VERSION_V1: Legacy V1 API. * API_VERSION_V2: V2 API. * API_VERSION_V2_BETA_1: V2beta1 API. +<<<<<<< HEAD + values: + - :API_VERSION_V1 + - :API_VERSION_V2 + - :API_VERSION_V2_BETA_1 + default_from_api: true + - !ruby/object:Api::Type::Enum + name: 'tier' +======= default_from_api: true enum_values: - 'API_VERSION_V1' @@ -127,6 +229,7 @@ properties: - 'API_VERSION_V2_BETA_1' - name: 'tier' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The agent tier. If not specified, TIER_STANDARD is assumed. * TIER_STANDARD: Standard tier. @@ -134,8 +237,16 @@ properties: * TIER_ENTERPRISE_PLUS: Enterprise tier (Plus). NOTE: Due to consistency issues, the provider will not read this field from the API. Drift is possible between the Terraform state and Dialogflow if the agent tier is changed outside of Terraform. +<<<<<<< HEAD + values: + - :TIER_STANDARD + - :TIER_ENTERPRISE + - :TIER_ENTERPRISE_PLUS + ignore_read: true +======= ignore_read: true enum_values: - 'TIER_STANDARD' - 'TIER_ENTERPRISE' - 'TIER_ENTERPRISE_PLUS' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/dialogflow/EntityType.yaml b/mmv1/products/dialogflow/EntityType.yaml index 57a185b89f58..454aad0447f8 100644 --- a/mmv1/products/dialogflow/EntityType.yaml +++ b/mmv1/products/dialogflow/EntityType.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,48 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'EntityType' +base_url: 'projects/{{project}}/agent/entityTypes/' +self_link: '{{name}}' +update_verb: :PATCH +description: | + Represents an entity type. Entity types serve as a tool for extracting parameter values from natural language queries. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/dialogflow/docs/' + api: 'https://cloud.google.com/dialogflow/docs/reference/rest/v2/projects.agent.entityTypes' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'dialogflow_entity_type_basic' + primary_resource_id: 'basic_entity_type' + skip_test: true + vars: + intent_name: 'basic-entity-type' +# Skip sweeper gen since this is a child resource. +skip_sweeper: true +id_format: '{{name}}' +import_format: ['{{name}}'] +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/self_link_as_name_set_project.go.erb + post_create: 'templates/terraform/post_create/set_computed_name.erb' +properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + The unique identifier of the entity type. + Format: projects//agent/entityTypes/. + - !ruby/object:Api::Type::String + name: 'displayName' + required: true + description: | + The name of this entity type to be displayed on the console. + - !ruby/object:Api::Type::Enum + name: 'kind' + required: true +======= --- name: 'EntityType' description: | @@ -56,12 +102,32 @@ properties: required: true - name: 'kind' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates the kind of entity type. * KIND_MAP: Map entity types allow mapping of a group of synonyms to a reference value. * KIND_LIST: List entity types contain a set of entries that do not map to reference values. However, list entity types can contain references to other entity types (with or without aliases). * KIND_REGEXP: Regexp entity types allow to specify regular expressions in entries values. +<<<<<<< HEAD + values: + - :KIND_MAP + - :KIND_LIST + - :KIND_REGEXP + - !ruby/object:Api::Type::Boolean + name: 'enableFuzzyExtraction' + description: | + Enables fuzzy entity extraction during classification. + - !ruby/object:Api::Type::Array + name: 'entities' + description: | + The collection of entity entries associated with the entity type. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'value' + required: true +======= required: true enum_values: - 'KIND_MAP' @@ -80,6 +146,7 @@ properties: properties: - name: 'value' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The primary value associated with this entity entry. For example, if the entity type is vegetable, the value could be scallions. @@ -87,14 +154,24 @@ properties: * A reference value to be used in place of synonyms. For KIND_LIST entity types: * A string that can contain references to other entity types (with or without aliases). +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'synonyms' + required: true + item_type: Api::Type::String +======= required: true - name: 'synonyms' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A collection of value synonyms. For example, if the entity type is vegetable, and value is scallions, a synonym could be green onions. For KIND_LIST entity types: * This collection must contain exactly one synonym equal to value. +<<<<<<< HEAD +======= required: true item_type: type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/dialogflow/Fulfillment.yaml b/mmv1/products/dialogflow/Fulfillment.yaml index dfe06ae2c1fa..33b5b45e88c1 100644 --- a/mmv1/products/dialogflow/Fulfillment.yaml +++ b/mmv1/products/dialogflow/Fulfillment.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,89 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Fulfillment' +base_url: 'projects/{{project}}/agent/fulfillment/' +self_link: '{{name}}' +update_verb: :PATCH +delete_verb: :PATCH +create_verb: :PATCH +create_url: projects/{{project}}/agent/fulfillment/?updateMask=name,displayName,enabled,genericWebService,features +update_url: projects/{{project}}/agent/fulfillment/ +delete_url: projects/{{project}}/agent/fulfillment/?updateMask=name,displayName,enabled,genericWebService,features +update_mask: true +description: | + By default, your agent responds to a matched intent with a static response. If you're using one of the integration options, you can provide a more dynamic response by using fulfillment. When you enable fulfillment for an intent, Dialogflow responds to that intent by calling a service that you define. For example, if an end-user wants to schedule a haircut on Friday, your service can check your database and respond to the end-user with availability information for Friday. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/dialogflow/es/docs/fulfillment-overview' + api: 'https://cloud.google.com/dialogflow/es/docs/reference/rest/v2/projects.agent/getFulfillment' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'dialogflow_fulfillment_basic' + primary_resource_id: 'basic_fulfillment' + skip_test: true + vars: + fulfillment_name: 'basic-fulfillment' +# Skip sweeper gen since this is a child resource. +skip_sweeper: true +id_format: '{{name}}' +import_format: ['{{name}}'] +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/self_link_as_name_set_project.go.erb + post_create: 'templates/terraform/post_create/set_computed_name.erb' +properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + The unique identifier of the fulfillment. + Format: projects//agent/fulfillment - projects//locations//agent/fulfillment + - !ruby/object:Api::Type::String + name: 'displayName' + required: true + description: | + The human-readable name of the fulfillment, unique within the agent. + - !ruby/object:Api::Type::Boolean + name: 'enabled' + description: | + Whether fulfillment is enabled. + - !ruby/object:Api::Type::Array + name: 'features' + description: | + The field defines whether the fulfillment is enabled for certain features. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::Enum + name: 'type' + required: true + description: | + The type of the feature that enabled for fulfillment. + * SMALLTALK: Fulfillment is enabled for SmallTalk. + values: + - :SMALLTALK + - !ruby/object:Api::Type::NestedObject + name: 'genericWebService' + description: | + Represents configuration for a generic web service. Dialogflow supports two mechanisms for authentications: - Basic authentication with username and password. - Authentication with additional authentication headers. + properties: + - !ruby/object:Api::Type::String + name: 'uri' + required: true + description: | + The fulfillment URI for receiving POST requests. It must use https protocol. + - !ruby/object:Api::Type::String + name: 'username' + description: | + The user name for HTTP Basic authentication. + - !ruby/object:Api::Type::String + name: 'password' + description: | + The password for HTTP Basic authentication. + - !ruby/object:Api::Type::KeyValuePairs + name: 'requestHeaders' +======= --- name: 'Fulfillment' description: | @@ -99,5 +186,6 @@ properties: The password for HTTP Basic authentication. - name: 'requestHeaders' type: KeyValuePairs +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The HTTP request headers to send together with fulfillment requests. diff --git a/mmv1/products/dialogflow/Intent.yaml b/mmv1/products/dialogflow/Intent.yaml index bf6ea9a9e373..f67ad5a2d998 100644 --- a/mmv1/products/dialogflow/Intent.yaml +++ b/mmv1/products/dialogflow/Intent.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,29 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Intent' +base_url: 'projects/{{project}}/agent/intents/' +self_link: '{{name}}' +update_verb: :PATCH +description: | + Represents a Dialogflow intent. Intents convert a number of user expressions or patterns into an action. An action + is an extraction of a user command or sentence semantics. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/dialogflow/docs/' + api: 'https://cloud.google.com/dialogflow/docs/reference/rest/v2/projects.agent.intents' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'dialogflow_intent_basic' + primary_resource_id: 'basic_intent' + skip_test: true + vars: + intent_name: 'basic-intent' + - !ruby/object:Provider::Terraform::Examples + name: 'dialogflow_intent_full' +======= --- name: 'Intent' description: | @@ -43,12 +70,37 @@ examples: intent_name: 'basic-intent' exclude_test: true - name: 'dialogflow_intent_full' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'full_intent' vars: project_id: 'my-project' account_id: 'my-account' intent_name: 'full-intent' test_env_vars: +<<<<<<< HEAD + org_id: :ORG_ID +# Skip sweeper gen since this is a child resource. +skip_sweeper: true +id_format: '{{name}}' +import_format: ['{{name}}'] +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/self_link_as_name_set_project.go.erb + post_create: 'templates/terraform/post_create/set_computed_name.erb' +properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + The unique identifier of this intent. + Format: projects//agent/intents/. + - !ruby/object:Api::Type::String + name: 'displayName' + required: true + description: | + The name of this intent to be displayed on the console. + - !ruby/object:Api::Type::Enum + name: 'webhookState' +======= org_id: 'ORG_ID' parameters: properties: @@ -65,23 +117,42 @@ properties: required: true - name: 'webhookState' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates whether webhooks are enabled for the intent. * WEBHOOK_STATE_ENABLED: Webhook is enabled in the agent and in the intent. * WEBHOOK_STATE_ENABLED_FOR_SLOT_FILLING: Webhook is enabled in the agent and in the intent. Also, each slot filling prompt is forwarded to the webhook. +<<<<<<< HEAD + values: + - :WEBHOOK_STATE_ENABLED + - :WEBHOOK_STATE_ENABLED_FOR_SLOT_FILLING + default_from_api: true + - !ruby/object:Api::Type::Integer + name: 'priority' +======= default_from_api: true enum_values: - 'WEBHOOK_STATE_ENABLED' - 'WEBHOOK_STATE_ENABLED_FOR_SLOT_FILLING' - name: 'priority' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The priority of this intent. Higher numbers represent higher priorities. - If the supplied value is unspecified or 0, the service translates the value to 500,000, which corresponds to the Normal priority in the console. - If the supplied value is negative, the intent is ignored in runtime detect intent requests. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'isFallback' + description: | + Indicates whether this is a fallback intent. + default_from_api: true + - !ruby/object:Api::Type::Boolean + name: 'mlDisabled' +======= - name: 'isFallback' type: Boolean description: | @@ -89,11 +160,23 @@ properties: default_from_api: true - name: 'mlDisabled' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates whether Machine Learning is disabled for the intent. Note: If mlDisabled setting is set to true, then this intent is not taken into account during inference in ML ONLY match mode. Also, auto-markup in the UI is turned off. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'inputContextNames' + item_type: Api::Type::String + description: | + The list of context names required for this intent to be triggered. + Format: projects//agent/sessions/-/contexts/. + - !ruby/object:Api::Type::Array + name: 'events' + item_type: Api::Type::String +======= - name: 'inputContextNames' type: Array description: | @@ -103,18 +186,52 @@ properties: type: String - name: 'events' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The collection of event names that trigger the intent. If the collection of input contexts is not empty, all of the contexts must be present in the active user session for an event to trigger this intent. See the [events reference](https://cloud.google.com/dialogflow/docs/events-overview) for more details. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'action' +======= item_type: type: String - name: 'action' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the action associated with the intent. Note: The action name must not contain whitespaces. default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'resetContexts' + description: | + Indicates whether to delete all contexts in the current session when this intent is matched. + default_from_api: true + - !ruby/object:Api::Type::Array + name: 'defaultResponsePlatforms' + description: | + The list of platforms for which the first responses will be copied from the messages in PLATFORM_UNSPECIFIED + (i.e. default platform). + item_type: !ruby/object:Api::Type::Enum + name: 'platform' + description: | + Represents different platforms that a rich message can be intended for. + values: + - :FACEBOOK + - :SLACK + - :TELEGRAM + - :KIK + - :SKYPE + - :LINE + - :VIBER + - :ACTIONS_ON_GOOGLE + - :GOOGLE_HANGOUTS + - !ruby/object:Api::Type::String + name: 'rootFollowupIntentName' +======= - name: 'resetContexts' type: Boolean description: | @@ -141,18 +258,41 @@ properties: - 'GOOGLE_HANGOUTS' - name: 'rootFollowupIntentName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The unique identifier of the root intent in the chain of followup intents. It identifies the correct followup intents chain for this intent. Format: projects//agent/intents/. output: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'parentFollowupIntentName' +======= - name: 'parentFollowupIntentName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The unique identifier of the parent intent in the chain of followup intents. Format: projects//agent/intents/. immutable: true default_from_api: true +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'followupIntentInfo' + output: true + description: | + Information about all followup intents that have this intent as a direct or indirect parent. We populate this field + only in the output. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'followupIntentName' + description: | + The unique identifier of the followup intent. + Format: projects//agent/intents/. + - !ruby/object:Api::Type::String + name: 'parentFollowupIntentName' +======= - name: 'followupIntentInfo' type: Array description: | @@ -169,6 +309,7 @@ properties: Format: projects//agent/intents/. - name: 'parentFollowupIntentName' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The unique identifier of the followup intent's parent. Format: projects//agent/intents/. diff --git a/mmv1/products/dialogflow/go_Agent.yaml b/mmv1/products/dialogflow/go_Agent.yaml new file mode 100644 index 000000000000..d2e4d1c259f5 --- /dev/null +++ b/mmv1/products/dialogflow/go_Agent.yaml @@ -0,0 +1,142 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Agent' +description: | + A Dialogflow agent is a virtual agent that handles conversations with your end-users. It is a natural language + understanding module that understands the nuances of human language. Dialogflow translates end-user text or audio + during a conversation to structured data that your apps and services can understand. You design and build a Dialogflow + agent to handle the types of conversations required for your system. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/dialogflow/docs/' + api: 'https://cloud.google.com/dialogflow/docs/reference/rest/v2/projects/agent' +docs: +# Only one agent per project, API does not have an agent ID +id_format: '{{project}}' +base_url: 'projects/{{project}}/agent' +self_link: 'projects/{{project}}/agent' +update_verb: 'POST' +import_format: + - '{{project}}' +timeouts: + insert_minutes: 40 + update_minutes: 40 + delete_minutes: 20 +custom_code: +exclude_sweeper: true +examples: + - name: 'dialogflow_agent_full' + primary_resource_id: 'full_agent' + vars: + agent_name: 'dialogflow-agent' +parameters: +properties: + - name: 'displayName' + type: String + description: | + The name of this agent. + required: true + - name: 'defaultLanguageCode' + type: String + description: | + The default language of the agent as a language tag. [See Language Support](https://cloud.google.com/dialogflow/docs/reference/language) + for a list of the currently supported language codes. This field cannot be updated after creation. + required: true + immutable: true + - name: 'supportedLanguageCodes' + type: Array + description: | + The list of all languages supported by this agent (except for the defaultLanguageCode). + item_type: + type: String + - name: 'timeZone' + type: String + description: | + The time zone of this agent from the [time zone database](https://www.iana.org/time-zones), e.g., America/New_York, + Europe/Paris. + required: true + - name: 'description' + type: String + description: | + The description of this agent. The maximum length is 500 characters. If exceeded, the request is rejected. + validation: + function: 'validation.StringLenBetween(0, 500)' + - name: 'avatarUri' + type: String + description: | + The URI of the agent's avatar, which are used throughout the Dialogflow console. When an image URL is entered + into this field, the Dialogflow will save the image in the backend. The address of the backend image returned + from the API will be shown in the [avatarUriBackend] field. + ignore_read: true + - name: 'avatarUriBackend' + type: String + description: | + The URI of the agent's avatar as returned from the API. Output only. To provide an image URL for the agent avatar, + the [avatarUri] field can be used. + api_name: avatarUri + output: true + - name: 'enableLogging' + type: Boolean + description: | + Determines whether this agent should log conversation queries. + - name: 'matchMode' + type: Enum + description: | + Determines how intents are detected from user queries. + * MATCH_MODE_HYBRID: Best for agents with a small number of examples in intents and/or wide use of templates + syntax and composite entities. + * MATCH_MODE_ML_ONLY: Can be used for agents with a large number of examples in intents, especially the ones + using @sys.any or very large developer entities. + default_from_api: true + enum_values: + - 'MATCH_MODE_HYBRID' + - 'MATCH_MODE_ML_ONLY' + - name: 'classificationThreshold' + type: Double + description: | + To filter out false positive results and still get variety in matched natural language inputs for your agent, + you can tune the machine learning classification threshold. If the returned score value is less than the threshold + value, then a fallback intent will be triggered or, if there are no fallback intents defined, no intent will be + triggered. The score values range from 0.0 (completely uncertain) to 1.0 (completely certain). If set to 0.0, the + default of 0.3 is used. + - name: 'apiVersion' + type: Enum + description: | + API version displayed in Dialogflow console. If not specified, V2 API is assumed. Clients are free to query + different service endpoints for different API versions. However, bots connectors and webhook calls will follow + the specified API version. + * API_VERSION_V1: Legacy V1 API. + * API_VERSION_V2: V2 API. + * API_VERSION_V2_BETA_1: V2beta1 API. + default_from_api: true + enum_values: + - 'API_VERSION_V1' + - 'API_VERSION_V2' + - 'API_VERSION_V2_BETA_1' + - name: 'tier' + type: Enum + description: | + The agent tier. If not specified, TIER_STANDARD is assumed. + * TIER_STANDARD: Standard tier. + * TIER_ENTERPRISE: Enterprise tier (Essentials). + * TIER_ENTERPRISE_PLUS: Enterprise tier (Plus). + NOTE: Due to consistency issues, the provider will not read this field from the API. Drift is possible between + the Terraform state and Dialogflow if the agent tier is changed outside of Terraform. + ignore_read: true + enum_values: + - 'TIER_STANDARD' + - 'TIER_ENTERPRISE' + - 'TIER_ENTERPRISE_PLUS' diff --git a/mmv1/products/dialogflow/go_EntityType.yaml b/mmv1/products/dialogflow/go_EntityType.yaml new file mode 100644 index 000000000000..2c2974e0e3da --- /dev/null +++ b/mmv1/products/dialogflow/go_EntityType.yaml @@ -0,0 +1,101 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'EntityType' +description: | + Represents an entity type. Entity types serve as a tool for extracting parameter values from natural language queries. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/dialogflow/docs/' + api: 'https://cloud.google.com/dialogflow/docs/reference/rest/v2/projects.agent.entityTypes' +docs: +id_format: '{{name}}' +base_url: 'projects/{{project}}/agent/entityTypes/' +self_link: '{{name}}' +update_verb: 'PATCH' +import_format: + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + post_create: 'templates/terraform/post_create/go/set_computed_name.tmpl' + custom_import: 'templates/terraform/custom_import/go/self_link_as_name_set_project.go.tmpl' +# Skip sweeper gen since this is a child resource. +exclude_sweeper: true +examples: + - name: 'dialogflow_entity_type_basic' + primary_resource_id: 'basic_entity_type' + vars: + intent_name: 'basic-entity-type' + exclude_test: true +parameters: +properties: + - name: 'name' + type: String + description: | + The unique identifier of the entity type. + Format: projects//agent/entityTypes/. + output: true + - name: 'displayName' + type: String + description: | + The name of this entity type to be displayed on the console. + required: true + - name: 'kind' + type: Enum + description: | + Indicates the kind of entity type. + * KIND_MAP: Map entity types allow mapping of a group of synonyms to a reference value. + * KIND_LIST: List entity types contain a set of entries that do not map to reference values. However, list entity + types can contain references to other entity types (with or without aliases). + * KIND_REGEXP: Regexp entity types allow to specify regular expressions in entries values. + required: true + enum_values: + - 'KIND_MAP' + - 'KIND_LIST' + - 'KIND_REGEXP' + - name: 'enableFuzzyExtraction' + type: Boolean + description: | + Enables fuzzy entity extraction during classification. + - name: 'entities' + type: Array + description: | + The collection of entity entries associated with the entity type. + item_type: + type: NestedObject + properties: + - name: 'value' + type: String + description: | + The primary value associated with this entity entry. For example, if the entity type is vegetable, the value + could be scallions. + For KIND_MAP entity types: + * A reference value to be used in place of synonyms. + For KIND_LIST entity types: + * A string that can contain references to other entity types (with or without aliases). + required: true + - name: 'synonyms' + type: Array + description: | + A collection of value synonyms. For example, if the entity type is vegetable, and value is scallions, a synonym + could be green onions. + For KIND_LIST entity types: + * This collection must contain exactly one synonym equal to value. + required: true + item_type: + type: String diff --git a/mmv1/products/dialogflow/go_Fulfillment.yaml b/mmv1/products/dialogflow/go_Fulfillment.yaml new file mode 100644 index 000000000000..15a9dbb42547 --- /dev/null +++ b/mmv1/products/dialogflow/go_Fulfillment.yaml @@ -0,0 +1,104 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Fulfillment' +description: | + By default, your agent responds to a matched intent with a static response. If you're using one of the integration options, you can provide a more dynamic response by using fulfillment. When you enable fulfillment for an intent, Dialogflow responds to that intent by calling a service that you define. For example, if an end-user wants to schedule a haircut on Friday, your service can check your database and respond to the end-user with availability information for Friday. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/dialogflow/es/docs/fulfillment-overview' + api: 'https://cloud.google.com/dialogflow/es/docs/reference/rest/v2/projects.agent/getFulfillment' +docs: +id_format: '{{name}}' +base_url: 'projects/{{project}}/agent/fulfillment/' +self_link: '{{name}}' +create_url: 'projects/{{project}}/agent/fulfillment/?updateMask=name,displayName,enabled,genericWebService,features' +create_verb: 'PATCH' +update_url: 'projects/{{project}}/agent/fulfillment/' +update_verb: 'PATCH' +update_mask: true +delete_url: 'projects/{{project}}/agent/fulfillment/?updateMask=name,displayName,enabled,genericWebService,features' +delete_verb: 'PATCH' +import_format: + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + post_create: 'templates/terraform/post_create/go/set_computed_name.tmpl' + custom_import: 'templates/terraform/custom_import/go/self_link_as_name_set_project.go.tmpl' +# Skip sweeper gen since this is a child resource. +exclude_sweeper: true +examples: + - name: 'dialogflow_fulfillment_basic' + primary_resource_id: 'basic_fulfillment' + vars: + fulfillment_name: 'basic-fulfillment' + exclude_test: true +parameters: +properties: + - name: 'name' + type: String + description: | + The unique identifier of the fulfillment. + Format: projects//agent/fulfillment - projects//locations//agent/fulfillment + output: true + - name: 'displayName' + type: String + description: | + The human-readable name of the fulfillment, unique within the agent. + required: true + - name: 'enabled' + type: Boolean + description: | + Whether fulfillment is enabled. + - name: 'features' + type: Array + description: | + The field defines whether the fulfillment is enabled for certain features. + item_type: + type: NestedObject + properties: + - name: 'type' + type: Enum + description: | + The type of the feature that enabled for fulfillment. + * SMALLTALK: Fulfillment is enabled for SmallTalk. + required: true + enum_values: + - 'SMALLTALK' + - name: 'genericWebService' + type: NestedObject + description: | + Represents configuration for a generic web service. Dialogflow supports two mechanisms for authentications: - Basic authentication with username and password. - Authentication with additional authentication headers. + properties: + - name: 'uri' + type: String + description: | + The fulfillment URI for receiving POST requests. It must use https protocol. + required: true + - name: 'username' + type: String + description: | + The user name for HTTP Basic authentication. + - name: 'password' + type: String + description: | + The password for HTTP Basic authentication. + - name: 'requestHeaders' + type: KeyValuePairs + description: | + The HTTP request headers to send together with fulfillment requests. diff --git a/mmv1/products/dialogflow/go_Intent.yaml b/mmv1/products/dialogflow/go_Intent.yaml new file mode 100644 index 000000000000..38dfae270454 --- /dev/null +++ b/mmv1/products/dialogflow/go_Intent.yaml @@ -0,0 +1,175 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Intent' +description: | + Represents a Dialogflow intent. Intents convert a number of user expressions or patterns into an action. An action + is an extraction of a user command or sentence semantics. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/dialogflow/docs/' + api: 'https://cloud.google.com/dialogflow/docs/reference/rest/v2/projects.agent.intents' +docs: +id_format: '{{name}}' +base_url: 'projects/{{project}}/agent/intents/' +self_link: '{{name}}' +update_verb: 'PATCH' +import_format: + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + post_create: 'templates/terraform/post_create/go/set_computed_name.tmpl' + custom_import: 'templates/terraform/custom_import/go/self_link_as_name_set_project.go.tmpl' +# Skip sweeper gen since this is a child resource. +exclude_sweeper: true +examples: + - name: 'dialogflow_intent_basic' + primary_resource_id: 'basic_intent' + vars: + intent_name: 'basic-intent' + exclude_test: true + - name: 'dialogflow_intent_full' + primary_resource_id: 'full_intent' + vars: + project_id: 'my-project' + account_id: 'my-account' + intent_name: 'full-intent' + test_env_vars: + org_id: 'ORG_ID' +parameters: +properties: + - name: 'name' + type: String + description: | + The unique identifier of this intent. + Format: projects//agent/intents/. + output: true + - name: 'displayName' + type: String + description: | + The name of this intent to be displayed on the console. + required: true + - name: 'webhookState' + type: Enum + description: | + Indicates whether webhooks are enabled for the intent. + * WEBHOOK_STATE_ENABLED: Webhook is enabled in the agent and in the intent. + * WEBHOOK_STATE_ENABLED_FOR_SLOT_FILLING: Webhook is enabled in the agent and in the intent. Also, each slot + filling prompt is forwarded to the webhook. + default_from_api: true + enum_values: + - 'WEBHOOK_STATE_ENABLED' + - 'WEBHOOK_STATE_ENABLED_FOR_SLOT_FILLING' + - name: 'priority' + type: Integer + description: | + The priority of this intent. Higher numbers represent higher priorities. + - If the supplied value is unspecified or 0, the service translates the value to 500,000, which corresponds + to the Normal priority in the console. + - If the supplied value is negative, the intent is ignored in runtime detect intent requests. + default_from_api: true + - name: 'isFallback' + type: Boolean + description: | + Indicates whether this is a fallback intent. + default_from_api: true + - name: 'mlDisabled' + type: Boolean + description: | + Indicates whether Machine Learning is disabled for the intent. + Note: If mlDisabled setting is set to true, then this intent is not taken into account during inference in ML + ONLY match mode. Also, auto-markup in the UI is turned off. + default_from_api: true + - name: 'inputContextNames' + type: Array + description: | + The list of context names required for this intent to be triggered. + Format: projects//agent/sessions/-/contexts/. + item_type: + type: String + - name: 'events' + type: Array + description: | + The collection of event names that trigger the intent. If the collection of input contexts is not empty, all of + the contexts must be present in the active user session for an event to trigger this intent. See the + [events reference](https://cloud.google.com/dialogflow/docs/events-overview) for more details. + item_type: + type: String + - name: 'action' + type: String + description: | + The name of the action associated with the intent. + Note: The action name must not contain whitespaces. + default_from_api: true + - name: 'resetContexts' + type: Boolean + description: | + Indicates whether to delete all contexts in the current session when this intent is matched. + default_from_api: true + - name: 'defaultResponsePlatforms' + type: Array + description: | + The list of platforms for which the first responses will be copied from the messages in PLATFORM_UNSPECIFIED + (i.e. default platform). + item_type: + type: Enum + description: | + Represents different platforms that a rich message can be intended for. + enum_values: + - 'FACEBOOK' + - 'SLACK' + - 'TELEGRAM' + - 'KIK' + - 'SKYPE' + - 'LINE' + - 'VIBER' + - 'ACTIONS_ON_GOOGLE' + - 'GOOGLE_HANGOUTS' + - name: 'rootFollowupIntentName' + type: String + description: | + The unique identifier of the root intent in the chain of followup intents. It identifies the correct followup + intents chain for this intent. + Format: projects//agent/intents/. + output: true + - name: 'parentFollowupIntentName' + type: String + description: | + The unique identifier of the parent intent in the chain of followup intents. + Format: projects//agent/intents/. + immutable: true + default_from_api: true + - name: 'followupIntentInfo' + type: Array + description: | + Information about all followup intents that have this intent as a direct or indirect parent. We populate this field + only in the output. + output: true + item_type: + type: NestedObject + properties: + - name: 'followupIntentName' + type: String + description: | + The unique identifier of the followup intent. + Format: projects//agent/intents/. + - name: 'parentFollowupIntentName' + type: String + description: | + The unique identifier of the followup intent's parent. + Format: projects//agent/intents/. diff --git a/mmv1/products/dialogflow/go_product.yaml b/mmv1/products/dialogflow/go_product.yaml new file mode 100644 index 000000000000..71e8e3d4fb82 --- /dev/null +++ b/mmv1/products/dialogflow/go_product.yaml @@ -0,0 +1,22 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'Dialogflow' +display_name: 'Dialogflow' +versions: + - name: 'ga' + base_url: 'https://dialogflow.googleapis.com/v2/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/dialogflow/product.yaml b/mmv1/products/dialogflow/product.yaml index 7a0d9d06d0a5..d1870d3932a4 100644 --- a/mmv1/products/dialogflow/product.yaml +++ b/mmv1/products/dialogflow/product.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2020 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,17 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Product +name: Dialogflow +display_name: Dialogflow +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://dialogflow.googleapis.com/v2/ +scopes: + - https://www.googleapis.com/auth/cloud-platform +======= --- name: 'Dialogflow' display_name: 'Dialogflow' @@ -19,3 +34,4 @@ versions: base_url: 'https://dialogflow.googleapis.com/v2/' scopes: - 'https://www.googleapis.com/auth/cloud-platform' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/dialogflowcx/Agent.yaml b/mmv1/products/dialogflowcx/Agent.yaml index 85270a9abc33..82d0789347ac 100644 --- a/mmv1/products/dialogflowcx/Agent.yaml +++ b/mmv1/products/dialogflowcx/Agent.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,25 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Agent' +base_url: 'projects/{{project}}/locations/{{location}}/agents' +update_verb: :PATCH +update_mask: true +description: | + Agents are best described as Natural Language Understanding (NLU) modules that transform user requests into actionable data. You can include agents in your app, product, or service to determine user intent and respond to the user in a natural way. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/dialogflow/cx/docs' + api: 'https://cloud.google.com/dialogflow/cx/docs/reference/rest/v3/projects.locations.agents' +timeouts: !ruby/object:Api::Timeouts + insert_minutes: 40 + update_minutes: 40 +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'dialogflowcx_agent_full' +======= --- name: 'Agent' description: | @@ -34,11 +57,27 @@ custom_code: exclude_sweeper: true examples: - name: 'dialogflowcx_agent_full' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'full_agent' vars: agent_name: 'dialogflowcx-agent' bucket_name: 'dialogflowcx-bucket' ignore_read_extra: +<<<<<<< HEAD + - git_integration_settings.0.github_settings.0.access_token +id_format: 'projects/{{project}}/locations/{{location}}/agents/{{name}}' +import_format: ['projects/{{project}}/locations/{{location}}/agents/{{name}}'] +skip_sweeper: true +properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + The unique identifier of the agent. + custom_flatten: templates/terraform/custom_flatten/name_from_self_link.erb + - !ruby/object:Api::Type::String + name: 'location' +======= - 'git_integration_settings.0.github_settings.0.access_token' parameters: properties: @@ -50,12 +89,37 @@ properties: custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' - name: 'location' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The name of the location this agent is located in. ~> **Note:** The first time you are deploying an Agent in your project you must configure location settings. This is a one time step but at the moment you can only [configure location settings](https://cloud.google.com/dialogflow/cx/docs/concept/region#location-settings) via the Dialogflow CX console. Another options is to use global location so you don't need to manually configure location settings. +<<<<<<< HEAD + required: true + immutable: true + url_param_only: true + - !ruby/object:Api::Type::String + name: 'displayName' + required: true + description: | + The human-readable name of the agent, unique within the location. + - !ruby/object:Api::Type::String + name: 'defaultLanguageCode' + description: | + The default language of the agent as a language tag. [See Language Support](https://cloud.google.com/dialogflow/cx/docs/reference/language) + for a list of the currently supported language codes. This field cannot be updated after creation. + immutable: true + required: true + - !ruby/object:Api::Type::Array + name: 'supportedLanguageCodes' + item_type: Api::Type::String + description: | + The list of all languages supported by this agent (except for the default_language_code). + - !ruby/object:Api::Type::String + name: 'timeZone' +======= url_param_only: true required: true immutable: true @@ -79,10 +143,51 @@ properties: type: String - name: 'timeZone' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The time zone of this agent from the [time zone database](https://www.iana.org/time-zones), e.g., America/New_York, Europe/Paris. required: true +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'description' + description: | + The description of this agent. The maximum length is 500 characters. If exceeded, the request is rejected. + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringLenBetween(0, 500)' + - !ruby/object:Api::Type::String + name: 'avatarUri' + description: | + The URI of the agent's avatar. Avatars are used throughout the Dialogflow console and in the self-hosted Web Demo integration. + - !ruby/object:Api::Type::NestedObject + name: 'speechToTextSettings' + description: | + Settings related to speech recognition. + properties: + - !ruby/object:Api::Type::Boolean + name: 'enableSpeechAdaptation' + description: | + Whether to use speech adaptation for speech recognition. + - !ruby/object:Api::Type::String + name: 'startFlow' + output: true + description: | + Name of the start flow in this agent. A start flow will be automatically created when the agent is created, and can only be deleted by deleting the agent. Format: projects//locations//agents//flows/. + - !ruby/object:Api::Type::String + name: 'securitySettings' + description: | + Name of the SecuritySettings reference for the agent. Format: projects//locations//securitySettings/. + - !ruby/object:Api::Type::Boolean + name: 'enableStackdriverLogging' + description: | + Determines whether this agent should log conversation queries. + - !ruby/object:Api::Type::Boolean + name: 'enableSpellCorrection' + description: | + Indicates if automatic spell correction is enabled in detect intent requests. + - !ruby/object:Api::Type::NestedObject + name: 'advancedSettings' +======= - name: 'description' type: String description: | @@ -121,18 +226,33 @@ properties: Indicates if automatic spell correction is enabled in detect intent requests. - name: 'advancedSettings' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Hierarchical advanced settings for this agent. The settings exposed at the lower level overrides the settings exposed at the higher level. Hierarchy: Agent->Flow->Page->Fulfillment/Parameter. default_from_api: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'audioExportGcsDestination' +======= - name: 'audioExportGcsDestination' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If present, incoming audio is exported by Dialogflow to the configured Google Cloud Storage destination. Exposed at the following levels: * Agent level * Flow level properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'uri' + description: | + The Google Cloud Storage URI for the exported objects. Whether a full object name, or just a prefix, its usage depends on the Dialogflow operation. + Format: gs://bucket/object-name-or-prefix + - !ruby/object:Api::Type::NestedObject + name: 'dtmfSettings' +======= - name: 'uri' type: String description: | @@ -140,6 +260,7 @@ properties: Format: gs://bucket/object-name-or-prefix - name: 'dtmfSettings' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Define behaviors for DTMF (dual tone multi frequency). DTMF settings does not override each other. DTMF settings set at different levels define DTMF detections running in parallel. Exposed at the following levels: * Agent level @@ -147,6 +268,22 @@ properties: * Page level * Parameter level properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'enabled' + description: | + If true, incoming audio is processed for DTMF (dual tone multi frequency) events. For example, if the caller presses a button on their telephone keypad and DTMF processing is enabled, Dialogflow will detect the event (e.g. a "3" was pressed) in the incoming audio and pass the event to the bot to drive business logic (e.g. when 3 is pressed, return the account balance). + - !ruby/object:Api::Type::Integer + name: 'maxDigits' + description: | + Max length of DTMF digits. + - !ruby/object:Api::Type::String + name: 'finishDigit' + description: | + The digit that terminates a DTMF digit sequence. + - !ruby/object:Api::Type::NestedObject + name: 'gitIntegrationSettings' +======= - name: 'enabled' type: Boolean description: | @@ -161,10 +298,44 @@ properties: The digit that terminates a DTMF digit sequence. - name: 'gitIntegrationSettings' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Git integration settings for this agent. allow_empty_object: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'githubSettings' + description: | + Settings of integration with GitHub. + custom_flatten: 'templates/terraform/custom_flatten/dialogflowcx_agent_git_integration_settings_github_settings.go.erb' # accessToken comes from config, no response + properties: + - !ruby/object:Api::Type::String + name: 'displayName' + description: | + The unique repository display name for the GitHub repository. + - !ruby/object:Api::Type::String + name: 'repositoryUri' + description: | + The GitHub repository URI related to the agent. + - !ruby/object:Api::Type::String + name: 'trackingBranch' + description: | + The branch of the GitHub repository tracked for this agent. + - !ruby/object:Api::Type::String + name: 'accessToken' + description: | + The access token used to authenticate the access to the GitHub repository. + sensitive: true + ignore_read: true + - !ruby/object:Api::Type::Array + name: 'branches' + description: | + A list of branches configured to be used from Dialogflow. + item_type: Api::Type::String + - !ruby/object:Api::Type::NestedObject + name: 'textToSpeechSettings' +======= - name: 'githubSettings' type: NestedObject description: | @@ -198,20 +369,35 @@ properties: type: String - name: 'textToSpeechSettings' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Settings related to speech synthesizing. allow_empty_object: true properties: # This is a map of language -> some settings. List of languages is large and constantly expanding so we use a string instead of a NestedObject with 100 properties. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'synthesizeSpeechConfigs' +======= - name: 'synthesizeSpeechConfigs' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Configuration of how speech should be synthesized, mapping from [language](https://cloud.google.com/dialogflow/cx/docs/reference/language) to [SynthesizeSpeechConfig](https://cloud.google.com/dialogflow/cx/docs/reference/rest/v3/projects.locations.agents#synthesizespeechconfig). These settings affect: * The phone gateway synthesize configuration set via Agent.text_to_speech_settings. * How speech is synthesized when invoking session APIs. `Agent.text_to_speech_settings` only applies if `OutputAudioConfig.synthesize_speech_config` is not specified. +<<<<<<< HEAD + custom_expand: 'templates/terraform/custom_expand/json_schema.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation +======= state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' custom_expand: 'templates/terraform/custom_expand/json_schema.tmpl' validation: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 function: 'validation.StringIsJSON' diff --git a/mmv1/products/dialogflowcx/EntityType.yaml b/mmv1/products/dialogflowcx/EntityType.yaml index 5b6ddc4c89c1..4e85fd70ac5a 100644 --- a/mmv1/products/dialogflowcx/EntityType.yaml +++ b/mmv1/products/dialogflowcx/EntityType.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,48 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'EntityType' +base_url: '{{parent}}/entityTypes' +update_verb: :PATCH +update_mask: true +description: | + Entities are extracted from user input and represent parameters that are meaningful to your application. + For example, a date range, a proper name such as a geographic location or landmark, and so on. Entities represent actionable data for your application. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/dialogflow/cx/docs' + api: 'https://cloud.google.com/dialogflow/cx/docs/reference/rest/v3/projects.locations.agents.entityTypes' +timeouts: !ruby/object:Api::Timeouts + insert_minutes: 40 + update_minutes: 40 +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/dialogflowcx_entity_type.go.erb + pre_create: templates/terraform/pre_create/dialogflow_set_location.go.erb + pre_update: templates/terraform/pre_create/dialogflow_set_location.go.erb + pre_delete: templates/terraform/pre_create/dialogflow_set_location.go.erb + pre_read: templates/terraform/pre_create/dialogflow_set_location.go.erb +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'dialogflowcx_entity_type_full' + primary_resource_id: 'basic_entity_type' + vars: + agent_name: 'dialogflowcx-agent' +skip_sweeper: true +id_format: '{{parent}}/entityTypes/{{name}}' +import_format: ['{{parent}}/entityTypes/{{name}}'] +parameters: + - !ruby/object:Api::Type::String + name: parent + url_param_only: true + immutable: true + description: | + The agent to create a entity type for. + Format: projects//locations//agents/. + - !ruby/object:Api::Type::String + name: 'languageCode' +======= --- name: 'EntityType' description: | @@ -53,12 +99,35 @@ parameters: immutable: true - name: 'languageCode' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The language of the following fields in entityType: EntityType.entities.value EntityType.entities.synonyms EntityType.excluded_phrases.value If not specified, the agent's default language is used. Many languages are supported. Note: languages must be enabled in the agent before they can be used. +<<<<<<< HEAD + immutable: true + url_param_only: true +properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + The unique identifier of the entity type. + Format: projects//locations//agents//entityTypes/. + custom_flatten: templates/terraform/custom_flatten/name_from_self_link.erb + - !ruby/object:Api::Type::String + name: 'displayName' + required: true + description: | + The human-readable name of the entity type, unique within the agent. + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringLenBetween(0, 64)' + - !ruby/object:Api::Type::Enum + name: 'kind' + required: true +======= url_param_only: true immutable: true properties: @@ -78,11 +147,20 @@ properties: function: 'validation.StringLenBetween(0, 64)' - name: 'kind' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates whether the entity type can be automatically expanded. * KIND_MAP: Map entity types allow mapping of a group of synonyms to a canonical value. * KIND_LIST: List entity types contain a set of entries that do not map to canonical values. However, list entity types can contain references to other entity types (with or without aliases). * KIND_REGEXP: Regexp entity types allow to specify regular expressions in entries values. +<<<<<<< HEAD + values: + - :KIND_MAP + - :KIND_LIST + - :KIND_REGEXP + - !ruby/object:Api::Type::Enum + name: 'autoExpansionMode' +======= required: true enum_values: - 'KIND_MAP' @@ -90,10 +168,25 @@ properties: - 'KIND_REGEXP' - name: 'autoExpansionMode' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Represents kinds of entities. * AUTO_EXPANSION_MODE_UNSPECIFIED: Auto expansion disabled for the entity. * AUTO_EXPANSION_MODE_DEFAULT: Allows an agent to recognize values that have not been explicitly listed in the entity. +<<<<<<< HEAD + values: + - :AUTO_EXPANSION_MODE_DEFAULT + - :AUTO_EXPANSION_MODE_UNSPECIFIED + - !ruby/object:Api::Type::Array + name: 'entities' + required: true + description: | + The collection of entity entries associated with the entity type. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'value' +======= enum_values: - 'AUTO_EXPANSION_MODE_DEFAULT' - 'AUTO_EXPANSION_MODE_UNSPECIFIED' @@ -107,10 +200,36 @@ properties: properties: - name: 'value' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The primary value associated with this entity entry. For example, if the entity type is vegetable, the value could be scallions. For KIND_MAP entity types: A canonical value to be used in place of synonyms. For KIND_LIST entity types: A string that can contain references to other entity types (with or without aliases). +<<<<<<< HEAD + - !ruby/object:Api::Type::Array + name: 'synonyms' + item_type: Api::Type::String + description: | + A collection of value synonyms. For example, if the entity type is vegetable, and value is scallions, a synonym could be green onions. + For KIND_LIST entity types: This collection must contain exactly one synonym equal to value. + - !ruby/object:Api::Type::Array + name: 'excludedPhrases' + description: | + Collection of exceptional words and phrases that shouldn't be matched. For example, if you have a size entity type with entry giant(an adjective), you might consider adding giants(a noun) as an exclusion. + If the kind of entity type is KIND_MAP, then the phrases specified by entities and excluded phrases should be mutually exclusive. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'value' + description: | + The word or phrase to be excluded. + - !ruby/object:Api::Type::Boolean + name: 'enableFuzzyExtraction' + description: | + Enables fuzzy entity extraction during classification. + - !ruby/object:Api::Type::Boolean + name: 'redact' +======= - name: 'synonyms' type: Array description: | @@ -136,5 +255,6 @@ properties: Enables fuzzy entity extraction during classification. - name: 'redact' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates whether parameters of the entity type should be redacted in log. If redaction is enabled, page parameters and intent parameters referring to the entity type will be replaced by parameter name when logging. diff --git a/mmv1/products/dialogflowcx/Environment.yaml b/mmv1/products/dialogflowcx/Environment.yaml index a453a2049cba..952c3b2f060e 100644 --- a/mmv1/products/dialogflowcx/Environment.yaml +++ b/mmv1/products/dialogflowcx/Environment.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,12 +15,116 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Environment' +base_url: '{{parent}}/environments' +update_verb: :PATCH +update_mask: true +======= --- name: 'Environment' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Represents an environment for an agent. You can create multiple versions of your agent and publish them to separate environments. When you edit an agent, you are editing the draft agent. At any point, you can save the draft agent as an agent version, which is an immutable snapshot of your agent. When you save the draft agent, it is published to the default environment. When you create agent versions, you can publish them to custom environments. You can create a variety of custom environments for testing, development, production, etc. +<<<<<<< HEAD +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/dialogflow/cx/docs' + api: 'https://cloud.google.com/dialogflow/cx/docs/reference/rest/v3/projects.locations.agents.environments' +async: !ruby/object:Api::OpAsync + actions: ['create', 'update'] + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + full_url: 'https://{{location}}-dialogflow.googleapis.com/v3/{{op_id}}' + wait_ms: 1000 + timeouts: !ruby/object:Api::Timeouts + insert_minutes: 60 + update_minutes: 60 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: true + allowed: + - true + - false + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' +timeouts: !ruby/object:Api::Timeouts + insert_minutes: 40 + update_minutes: 40 +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/dialogflowcx_environment.go.erb + pre_create: templates/terraform/pre_create/dialogflow_set_location.go.erb + pre_update: templates/terraform/pre_create/dialogflow_set_location.go.erb + pre_delete: templates/terraform/pre_create/dialogflow_set_location.go.erb + pre_read: templates/terraform/pre_create/dialogflow_set_location.go.erb +custom_diff: + - 'tpgresource.DefaultProviderProject' +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'dialogflowcx_environment_full' + primary_resource_id: 'development' + vars: + agent_name: 'dialogflowcx-agent' + - !ruby/object:Provider::Terraform::Examples + skip_docs: true + name: 'dialogflowcx_environment_regional' + primary_resource_id: 'development' + vars: + agent_name: 'issue-12880' +skip_sweeper: true +id_format: '{{parent}}/environments/{{name}}' +import_format: ['{{parent}}/environments/{{name}}'] +parameters: + - !ruby/object:Api::Type::String + name: parent + url_param_only: true + immutable: true + description: | + The Agent to create an Environment for. + Format: projects//locations//agents/. +properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + The name of the environment. + custom_flatten: templates/terraform/custom_flatten/name_from_self_link.erb + - !ruby/object:Api::Type::String + name: 'displayName' + required: true + description: | + The human-readable name of the environment (unique in an agent). Limit of 64 characters. + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringLenBetween(0, 64)' + - !ruby/object:Api::Type::String + name: 'description' + description: | + The human-readable description of the environment. The maximum length is 500 characters. If exceeded, the request is rejected. + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringLenBetween(0, 500)' + - !ruby/object:Api::Type::Array + name: 'versionConfigs' + required: true + description: | + A list of configurations for flow versions. You should include version configs for all flows that are reachable from [Start Flow][Agent.start_flow] in the agent. Otherwise, an error will be returned. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'version' + required: true + description: | + Format: projects/{{project}}/locations/{{location}}/agents/{{agent}}/flows/{{flow}}/versions/{{version}}. + - !ruby/object:Api::Type::Time + name: 'updateTime' + output: true +======= references: guides: 'Official Documentation': 'https://cloud.google.com/dialogflow/cx/docs' @@ -111,8 +219,12 @@ properties: required: true - name: 'updateTime' type: Time +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: 'Update time of this environment. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".' +<<<<<<< HEAD +======= output: true +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 diff --git a/mmv1/products/dialogflowcx/Flow.yaml b/mmv1/products/dialogflowcx/Flow.yaml index 22c11a4ac68b..05ab2b0b6e67 100644 --- a/mmv1/products/dialogflowcx/Flow.yaml +++ b/mmv1/products/dialogflowcx/Flow.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,32 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Flow' +base_url: '{{parent}}/flows' +update_verb: :PATCH +update_mask: true +description: | + Flows represents the conversation flows when you build your chatbot agent. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/dialogflow/cx/docs' + api: 'https://cloud.google.com/dialogflow/cx/docs/reference/rest/v3/projects.locations.agents.flows' +timeouts: !ruby/object:Api::Timeouts + insert_minutes: 40 + update_minutes: 40 +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/dialogflowcx_flow.go.erb + pre_create: templates/terraform/pre_create/dialogflowcx_set_location_skip_default_obj.go.erb + pre_update: templates/terraform/pre_create/dialogflow_set_location.go.erb + pre_delete: templates/terraform/pre_delete/dialogflowcx_set_location_skip_default_obj.go.erb + pre_read: templates/terraform/pre_create/dialogflow_set_location.go.erb +virtual_fields: + - !ruby/object:Api::Type::Boolean + name: is_default_start_flow + immutable: true +======= --- name: 'Flow' description: | @@ -54,11 +84,45 @@ examples: exclude_docs: true virtual_fields: - name: 'is_default_start_flow' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Marks this as the [Default Start Flow](https://cloud.google.com/dialogflow/cx/docs/concept/flow#start) for an agent. When you create an agent, the Default Start Flow is created automatically. The Default Start Flow cannot be deleted; deleting the `google_dialogflow_cx_flow` resource does nothing to the underlying GCP resources. ~> Avoid having multiple `google_dialogflow_cx_flow` resources linked to the same agent with `is_default_start_flow = true` because they will compete to control a single Default Start Flow resource in GCP. +<<<<<<< HEAD +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'dialogflowcx_flow_basic' + primary_resource_id: 'basic_flow' + vars: + agent_name: 'dialogflowcx-agent' + - !ruby/object:Provider::Terraform::Examples + name: 'dialogflowcx_flow_full' + primary_resource_id: 'basic_flow' + vars: + agent_name: 'dialogflowcx-agent' + bucket_name: 'dialogflowcx-bucket' + - !ruby/object:Provider::Terraform::Examples + skip_docs: true + name: 'dialogflowcx_flow_default_start_flow' + primary_resource_id: 'default_start_flow' + vars: + agent_name: 'dialogflowcx-agent' +skip_sweeper: true +id_format: '{{parent}}/flows/{{name}}' +import_format: ['{{parent}}/flows/{{name}}'] +parameters: + - !ruby/object:Api::Type::String + name: parent + url_param_only: true + immutable: true + description: | + The agent to create a flow for. + Format: projects//locations//agents/. + - !ruby/object:Api::Type::String + name: 'languageCode' +======= type: Boolean immutable: true parameters: @@ -71,6 +135,7 @@ parameters: immutable: true - name: 'languageCode' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The language of the following fields in flow: Flow.event_handlers.trigger_fulfillment.messages @@ -80,6 +145,28 @@ parameters: If not specified, the agent's default language is used. Many languages are supported. Note: languages must be enabled in the agent before they can be used. immutable: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + The unique identifier of the flow. + Format: projects//locations//agents//flows/. + custom_flatten: templates/terraform/custom_flatten/name_from_self_link.erb + - !ruby/object:Api::Type::String + name: 'displayName' + required: true + description: | + The human-readable name of the flow. + - !ruby/object:Api::Type::String + name: 'description' + description: | + The description of the flow. The maximum length is 500 characters. If exceeded, the request is rejected. + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringLenBetween(0, 500)' + - !ruby/object:Api::Type::Array + name: 'transitionRoutes' +======= - name: 'name' type: String description: | @@ -100,6 +187,7 @@ properties: function: 'validation.StringLenBetween(0, 500)' - name: 'transitionRoutes' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A flow's transition routes serve two purposes: They are responsible for matching the user's first utterances in the flow. @@ -109,6 +197,69 @@ properties: TransitionRoutes with intent specified. TransitionRoutes with only condition specified. TransitionRoutes with intent specified are inherited by pages in the flow. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + The unique identifier of this transition route. + - !ruby/object:Api::Type::String + name: 'intent' + description: | + The unique identifier of an Intent. + Format: projects//locations//agents//intents/. Indicates that the transition can only happen when the given intent is matched. At least one of intent or condition must be specified. When both intent and condition are specified, the transition can only happen when both are fulfilled. + - !ruby/object:Api::Type::String + name: 'condition' + description: | + The condition to evaluate against form parameters or session parameters. + At least one of intent or condition must be specified. When both intent and condition are specified, the transition can only happen when both are fulfilled. + - !ruby/object:Api::Type::NestedObject + name: 'triggerFulfillment' + description: | + The fulfillment to call when the condition is satisfied. At least one of triggerFulfillment and target must be specified. When both are defined, triggerFulfillment is executed first. + properties: + - !ruby/object:Api::Type::Array + name: 'messages' + description: | + The list of rich message responses to present to the user. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'channel' + description: | + The channel which the response is associated with. Clients can specify the channel via QueryParameters.channel, and only associated channel response will be returned. + - !ruby/object:Api::Type::NestedObject + name: 'text' + description: | + The text response message. + properties: + - !ruby/object:Api::Type::Array + name: 'text' + description: | + A collection of text responses. + item_type: Api::Type::String + - !ruby/object:Api::Type::Boolean + name: 'allowPlaybackInterruption' + output: true + description: | + Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. + # This can be an arbitrary json blob, so we use a string instead of a NestedObject. + - !ruby/object:Api::Type::String + name: 'payload' + description: | + A custom, platform-specific payload. + custom_expand: 'templates/terraform/custom_expand/json_schema.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::NestedObject + name: 'conversationSuccess' +======= item_type: type: NestedObject properties: @@ -171,6 +322,7 @@ properties: function: 'validation.StringIsJSON' - name: 'conversationSuccess' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates that the conversation succeeded, i.e., the bot handled the issue that the customer talked to it about. Dialogflow only uses this to determine which conversations should be counted as successful and doesn't process the metadata in this message in any way. Note that Dialogflow also considers conversations that get to the conversation end page as successful even if they don't return ConversationSuccess. @@ -179,6 +331,39 @@ properties: * In a webhook response when you determine that you handled the customer issue. properties: # This can be an arbitrary json blob, so we use a string instead of a NestedObject. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'metadata' + description: | + Custom metadata. Dialogflow doesn't impose any structure on this. + custom_expand: 'templates/terraform/custom_expand/json_schema.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::NestedObject + name: 'outputAudioText' + description: | + A text or ssml response that is preferentially used for TTS output audio synthesis, as described in the comment on the ResponseMessage message. + properties: + - !ruby/object:Api::Type::Boolean + name: 'allowPlaybackInterruption' + output: true + description: | + Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. + - !ruby/object:Api::Type::String + name: 'text' + description: | + The raw text to be synthesized. + - !ruby/object:Api::Type::String + name: 'ssml' + description: | + The SSML text to be synthesized. For more information, see SSML. + - !ruby/object:Api::Type::NestedObject + name: 'liveAgentHandoff' +======= - name: 'metadata' type: String description: | @@ -208,6 +393,7 @@ properties: The SSML text to be synthesized. For more information, see SSML. - name: 'liveAgentHandoff' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates that the conversation should be handed off to a live agent. Dialogflow only uses this to determine which conversations were handed off to a human agent for measurement purposes. What else to do with this signal is up to you and your handoff procedures. @@ -216,6 +402,108 @@ properties: * In a webhook response when you determine that the customer issue can only be handled by a human. properties: # This can be an arbitrary json blob, so we use a string instead of a NestedObject. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'metadata' + description: | + Custom metadata. Dialogflow doesn't impose any structure on this. + custom_expand: 'templates/terraform/custom_expand/json_schema.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::NestedObject + name: 'playAudio' + description: | + Specifies an audio clip to be played by the client as part of the response. + properties: + - !ruby/object:Api::Type::String + name: 'audioUri' + required: true + description: | + URI of the audio clip. Dialogflow does not impose any validation on this value. It is specific to the client that reads it. + - !ruby/object:Api::Type::Boolean + name: 'allowPlaybackInterruption' + output: true + description: | + Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. + - !ruby/object:Api::Type::NestedObject + name: 'telephonyTransferCall' + description: | + Represents the signal that telles the client to transfer the phone call connected to the agent to a third-party endpoint. + properties: + - !ruby/object:Api::Type::String + name: 'phoneNumber' + required: true + description: | + Transfer the call to a phone number in E.164 format. + - !ruby/object:Api::Type::String + name: 'webhook' + description: | + The webhook to call. Format: projects//locations//agents//webhooks/. + - !ruby/object:Api::Type::Boolean + name: 'returnPartialResponses' + description: | + Whether Dialogflow should return currently queued fulfillment response messages in streaming APIs. If a webhook is specified, it happens before Dialogflow invokes webhook. Warning: 1) This flag only affects streaming API. Responses are still queued and returned once in non-streaming API. 2) The flag can be enabled in any fulfillment but only the first 3 partial responses will be returned. You may only want to apply it to fulfillments that have slow webhooks. + - !ruby/object:Api::Type::String + name: 'tag' + description: | + The tag used by the webhook to identify which fulfillment is being called. This field is required if webhook is specified. + - !ruby/object:Api::Type::Array + name: 'setParameterActions' + description: | + Set parameter values before executing the webhook. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'parameter' + description: | + Display name of the parameter. + - !ruby/object:Api::Type::String + name: 'value' + description: | + The new JSON-encoded value of the parameter. A null value clears the parameter. + custom_expand: 'templates/terraform/custom_expand/json_value.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::Array + name: 'conditionalCases' + description: | + Conditional cases for this fulfillment. + item_type: !ruby/object:Api::Type::NestedObject + properties: + # This object has a recursive schema so we use a string instead of a NestedObject + - !ruby/object:Api::Type::String + name: 'cases' + description: | + A JSON encoded list of cascading if-else conditions. Cases are mutually exclusive. The first one with a matching condition is selected, all the rest ignored. + See [Case](https://cloud.google.com/dialogflow/cx/docs/reference/rest/v3/Fulfillment#case) for the schema. + custom_expand: 'templates/terraform/custom_expand/json_value.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::String + name: 'targetPage' + description: | + The target page to transition to. + Format: projects//locations//agents//flows//pages/. + - !ruby/object:Api::Type::String + name: 'targetFlow' + description: | + The target flow to transition to. + Format: projects//locations//agents//flows/. + - !ruby/object:Api::Type::Array + name: 'eventHandlers' +======= - name: 'metadata' type: String description: | @@ -312,12 +600,70 @@ properties: Format: projects//locations//agents//flows/. - name: 'eventHandlers' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A flow's event handlers serve two purposes: They are responsible for handling events (e.g. no match, webhook errors) in the flow. They are inherited by every page's [event handlers][Page.event_handlers], which can be used to handle common events regardless of the current page. Event handlers defined in the page have higher priority than those defined in the flow. Unlike transitionRoutes, these handlers are evaluated on a first-match basis. The first one that matches the event get executed, with the rest being ignored. default_from_api: true +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + The unique identifier of this event handler. + - !ruby/object:Api::Type::String + name: 'event' + description: | + The name of the event to handle. + - !ruby/object:Api::Type::NestedObject + name: 'triggerFulfillment' + description: | + The fulfillment to call when the event occurs. Handling webhook errors with a fulfillment enabled with webhook could cause infinite loop. It is invalid to specify such fulfillment for a handler handling webhooks. + properties: + - !ruby/object:Api::Type::Array + name: 'messages' + description: | + The list of rich message responses to present to the user. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'channel' + description: | + The channel which the response is associated with. Clients can specify the channel via QueryParameters.channel, and only associated channel response will be returned. + - !ruby/object:Api::Type::NestedObject + name: 'text' + description: | + The text response message. + properties: + - !ruby/object:Api::Type::Array + name: 'text' + description: | + A collection of text responses. + item_type: Api::Type::String + - !ruby/object:Api::Type::Boolean + name: 'allowPlaybackInterruption' + output: true + description: | + Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. + # This can be an arbitrary json blob, so we use a string instead of a NestedObject. + - !ruby/object:Api::Type::String + name: 'payload' + description: | + A custom, platform-specific payload. + custom_expand: 'templates/terraform/custom_expand/json_schema.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::NestedObject + name: 'conversationSuccess' +======= item_type: type: NestedObject properties: @@ -373,6 +719,7 @@ properties: function: 'validation.StringIsJSON' - name: 'conversationSuccess' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates that the conversation succeeded, i.e., the bot handled the issue that the customer talked to it about. Dialogflow only uses this to determine which conversations should be counted as successful and doesn't process the metadata in this message in any way. Note that Dialogflow also considers conversations that get to the conversation end page as successful even if they don't return ConversationSuccess. @@ -380,6 +727,40 @@ properties: * In the entryFulfillment of a Page if entering the page indicates that the conversation succeeded. * In a webhook response when you determine that you handled the customer issue. properties: +<<<<<<< HEAD + # This can be an arbitrary json blob, so we use a string instead of a NestedObject. + - !ruby/object:Api::Type::String + name: 'metadata' + description: | + Custom metadata. Dialogflow doesn't impose any structure on this. + custom_expand: 'templates/terraform/custom_expand/json_schema.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::NestedObject + name: 'outputAudioText' + description: | + A text or ssml response that is preferentially used for TTS output audio synthesis, as described in the comment on the ResponseMessage message. + properties: + - !ruby/object:Api::Type::Boolean + name: 'allowPlaybackInterruption' + output: true + description: | + Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. + - !ruby/object:Api::Type::String + name: 'text' + description: | + The raw text to be synthesized. + - !ruby/object:Api::Type::String + name: 'ssml' + description: | + The SSML text to be synthesized. For more information, see SSML. + - !ruby/object:Api::Type::NestedObject + name: 'liveAgentHandoff' +======= - name: 'metadata' type: String description: | @@ -409,6 +790,7 @@ properties: The SSML text to be synthesized. For more information, see SSML. - name: 'liveAgentHandoff' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates that the conversation should be handed off to a live agent. Dialogflow only uses this to determine which conversations were handed off to a human agent for measurement purposes. What else to do with this signal is up to you and your handoff procedures. @@ -416,6 +798,109 @@ properties: * In the entryFulfillment of a Page if entering the page indicates something went extremely wrong in the conversation. * In a webhook response when you determine that the customer issue can only be handled by a human. properties: +<<<<<<< HEAD + # This can be an arbitrary json blob, so we use a string instead of a NestedObject. + - !ruby/object:Api::Type::String + name: 'metadata' + description: | + Custom metadata. Dialogflow doesn't impose any structure on this. + custom_expand: 'templates/terraform/custom_expand/json_schema.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::NestedObject + name: 'playAudio' + description: | + Specifies an audio clip to be played by the client as part of the response. + properties: + - !ruby/object:Api::Type::String + name: 'audioUri' + required: true + description: | + URI of the audio clip. Dialogflow does not impose any validation on this value. It is specific to the client that reads it. + - !ruby/object:Api::Type::Boolean + name: 'allowPlaybackInterruption' + output: true + description: | + Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. + - !ruby/object:Api::Type::NestedObject + name: 'telephonyTransferCall' + description: | + Represents the signal that telles the client to transfer the phone call connected to the agent to a third-party endpoint. + properties: + - !ruby/object:Api::Type::String + name: 'phoneNumber' + required: true + description: | + Transfer the call to a phone number in E.164 format. + - !ruby/object:Api::Type::String + name: 'webhook' + description: | + The webhook to call. Format: projects//locations//agents//webhooks/. + - !ruby/object:Api::Type::Boolean + name: 'returnPartialResponses' + description: | + Whether Dialogflow should return currently queued fulfillment response messages in streaming APIs. If a webhook is specified, it happens before Dialogflow invokes webhook. Warning: 1) This flag only affects streaming API. Responses are still queued and returned once in non-streaming API. 2) The flag can be enabled in any fulfillment but only the first 3 partial responses will be returned. You may only want to apply it to fulfillments that have slow webhooks. + - !ruby/object:Api::Type::String + name: 'tag' + description: | + The tag used by the webhook to identify which fulfillment is being called. This field is required if webhook is specified. + - !ruby/object:Api::Type::Array + name: 'setParameterActions' + description: | + Set parameter values before executing the webhook. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'parameter' + description: | + Display name of the parameter. + - !ruby/object:Api::Type::String + name: 'value' + description: | + The new JSON-encoded value of the parameter. A null value clears the parameter. + custom_expand: 'templates/terraform/custom_expand/json_value.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::Array + name: 'conditionalCases' + description: | + Conditional cases for this fulfillment. + item_type: !ruby/object:Api::Type::NestedObject + properties: + # This object has a recursive schema so we use a string instead of a NestedObject + - !ruby/object:Api::Type::String + name: 'cases' + description: | + A JSON encoded list of cascading if-else conditions. Cases are mutually exclusive. The first one with a matching condition is selected, all the rest ignored. + See [Case](https://cloud.google.com/dialogflow/cx/docs/reference/rest/v3/Fulfillment#case) for the schema. + custom_expand: 'templates/terraform/custom_expand/json_value.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::String + name: 'targetPage' + description: | + The target page to transition to. + Format: projects//locations//agents//flows//pages/. + - !ruby/object:Api::Type::String + name: 'targetFlow' + description: | + The target flow to transition to. + Format: projects//locations//agents//flows/. + - !ruby/object:Api::Type::Array + name: 'transitionRouteGroups' +======= - name: 'metadata' type: String description: | @@ -511,11 +996,22 @@ properties: Format: projects//locations//agents//flows/. - name: 'transitionRouteGroups' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A flow's transition route group serve two purposes: They are responsible for matching the user's first utterances in the flow. They are inherited by every page's [transition route groups][Page.transition_route_groups]. Transition route groups defined in the page have higher priority than those defined in the flow. Format:projects//locations//agents//flows//transitionRouteGroups/. +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::NestedObject + name: 'nluSettings' + description: | + NLU related settings of the flow. + properties: + - !ruby/object:Api::Type::Enum + name: 'modelType' +======= item_type: type: String - name: 'nluSettings' @@ -525,10 +1021,23 @@ properties: properties: - name: 'modelType' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates the type of NLU model. * MODEL_TYPE_STANDARD: Use standard NLU model. * MODEL_TYPE_ADVANCED: Use advanced NLU model. +<<<<<<< HEAD + values: + - :MODEL_TYPE_STANDARD + - :MODEL_TYPE_ADVANCED + - !ruby/object:Api::Type::Double + name: 'classificationThreshold' + description: | + To filter out false positive results and still get variety in matched natural language inputs for your agent, you can tune the machine learning classification threshold. + If the returned score value is less than the threshold value, then a no-match event will be triggered. The score values range from 0.0 (completely uncertain) to 1.0 (completely certain). If set to 0.0, the default of 0.3 is used. + - !ruby/object:Api::Type::Enum + name: 'modelTrainingMode' +======= enum_values: - 'MODEL_TYPE_STANDARD' - 'MODEL_TYPE_ADVANCED' @@ -539,26 +1048,49 @@ properties: If the returned score value is less than the threshold value, then a no-match event will be triggered. The score values range from 0.0 (completely uncertain) to 1.0 (completely certain). If set to 0.0, the default of 0.3 is used. - name: 'modelTrainingMode' type: Enum +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates NLU model training mode. * MODEL_TRAINING_MODE_AUTOMATIC: NLU model training is automatically triggered when a flow gets modified. User can also manually trigger model training in this mode. * MODEL_TRAINING_MODE_MANUAL: User needs to manually trigger NLU model training. Best for large flows whose models take long time to train. +<<<<<<< HEAD + values: + - :MODEL_TRAINING_MODE_AUTOMATIC + - :MODEL_TRAINING_MODE_MANUAL + - !ruby/object:Api::Type::NestedObject + name: 'advancedSettings' +======= enum_values: - 'MODEL_TRAINING_MODE_AUTOMATIC' - 'MODEL_TRAINING_MODE_MANUAL' - name: 'advancedSettings' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Hierarchical advanced settings for this flow. The settings exposed at the lower level overrides the settings exposed at the higher level. Hierarchy: Agent->Flow->Page->Fulfillment/Parameter. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'audioExportGcsDestination' +======= - name: 'audioExportGcsDestination' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | If present, incoming audio is exported by Dialogflow to the configured Google Cloud Storage destination. Exposed at the following levels: * Agent level * Flow level properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'uri' + description: | + The Google Cloud Storage URI for the exported objects. Whether a full object name, or just a prefix, its usage depends on the Dialogflow operation. + Format: gs://bucket/object-name-or-prefix + - !ruby/object:Api::Type::NestedObject + name: 'dtmfSettings' +======= - name: 'uri' type: String description: | @@ -566,6 +1098,7 @@ properties: Format: gs://bucket/object-name-or-prefix - name: 'dtmfSettings' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Define behaviors for DTMF (dual tone multi frequency). DTMF settings does not override each other. DTMF settings set at different levels define DTMF detections running in parallel. Exposed at the following levels: * Agent level @@ -573,6 +1106,18 @@ properties: * Page level * Parameter level properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'enabled' + description: | + If true, incoming audio is processed for DTMF (dual tone multi frequency) events. For example, if the caller presses a button on their telephone keypad and DTMF processing is enabled, Dialogflow will detect the event (e.g. a "3" was pressed) in the incoming audio and pass the event to the bot to drive business logic (e.g. when 3 is pressed, return the account balance). + - !ruby/object:Api::Type::Integer + name: 'maxDigits' + description: | + Max length of DTMF digits. + - !ruby/object:Api::Type::String + name: 'finishDigit' +======= - name: 'enabled' type: Boolean description: | @@ -583,5 +1128,6 @@ properties: Max length of DTMF digits. - name: 'finishDigit' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The digit that terminates a DTMF digit sequence. diff --git a/mmv1/products/dialogflowcx/Intent.yaml b/mmv1/products/dialogflowcx/Intent.yaml index bcb8d90d85a1..f7118cd54182 100644 --- a/mmv1/products/dialogflowcx/Intent.yaml +++ b/mmv1/products/dialogflowcx/Intent.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,32 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Intent' +base_url: '{{parent}}/intents' +update_verb: :PATCH +update_mask: true +description: | + An intent represents a user's intent to interact with a conversational agent. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/dialogflow/cx/docs' + api: 'https://cloud.google.com/dialogflow/cx/docs/reference/rest/v3/projects.locations.agents.intents' +timeouts: !ruby/object:Api::Timeouts + insert_minutes: 40 + update_minutes: 40 +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/dialogflowcx_intent.go.erb + pre_create: templates/terraform/pre_create/dialogflowcx_set_location_skip_default_obj.go.erb + pre_update: templates/terraform/pre_create/dialogflow_set_location.go.erb + pre_delete: templates/terraform/pre_delete/dialogflowcx_set_location_skip_default_obj.go.erb + pre_read: templates/terraform/pre_create/dialogflow_set_location.go.erb +virtual_fields: + - !ruby/object:Api::Type::Boolean + name: is_default_welcome_intent + immutable: true +======= --- name: 'Intent' description: | @@ -54,19 +84,59 @@ examples: exclude_docs: true virtual_fields: - name: 'is_default_welcome_intent' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Marks this as the [Default Welcome Intent](https://cloud.google.com/dialogflow/cx/docs/concept/intent#welcome) for an agent. When you create an agent, a Default Welcome Intent is created automatically. The Default Welcome Intent cannot be deleted; deleting the `google_dialogflow_cx_intent` resource does nothing to the underlying GCP resources. ~> Avoid having multiple `google_dialogflow_cx_intent` resources linked to the same agent with `is_default_welcome_intent = true` because they will compete to control a single Default Welcome Intent resource in GCP. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: is_default_negative_intent + immutable: true +======= type: Boolean immutable: true - name: 'is_default_negative_intent' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Marks this as the [Default Negative Intent](https://cloud.google.com/dialogflow/cx/docs/concept/intent#negative) for an agent. When you create an agent, a Default Negative Intent is created automatically. The Default Negative Intent cannot be deleted; deleting the `google_dialogflow_cx_intent` resource does nothing to the underlying GCP resources. ~> Avoid having multiple `google_dialogflow_cx_intent` resources linked to the same agent with `is_default_negative_intent = true` because they will compete to control a single Default Negative Intent resource in GCP. +<<<<<<< HEAD +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'dialogflowcx_intent_full' + primary_resource_id: 'basic_intent' + vars: + agent_name: 'dialogflowcx-agent' + - !ruby/object:Provider::Terraform::Examples + skip_docs: true + name: 'dialogflowcx_intent_default_negative_intent' + primary_resource_id: 'default_negative_intent' + vars: + agent_name: 'dialogflowcx-agent' + - !ruby/object:Provider::Terraform::Examples + skip_docs: true + name: 'dialogflowcx_intent_default_welcome_intent' + primary_resource_id: 'default_welcome_intent' + vars: + agent_name: 'dialogflowcx-agent' +skip_sweeper: true +id_format: '{{parent}}/intents/{{name}}' +import_format: ['{{parent}}/intents/{{name}}'] +parameters: + - !ruby/object:Api::Type::String + name: parent + url_param_only: true + immutable: true + description: | + The agent to create an intent for. + Format: projects//locations//agents/. + - !ruby/object:Api::Type::String + name: 'languageCode' +======= type: Boolean immutable: true parameters: @@ -79,12 +149,43 @@ parameters: immutable: true - name: 'languageCode' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The language of the following fields in intent: Intent.training_phrases.parts.text If not specified, the agent's default language is used. Many languages are supported. Note: languages must be enabled in the agent before they can be used. immutable: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + The unique identifier of the intent. + Format: projects//locations//agents//intents/. + custom_flatten: templates/terraform/custom_flatten/name_from_self_link.erb + - !ruby/object:Api::Type::String + name: 'displayName' + required: true + description: | + The human-readable name of the intent, unique within the agent. + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringLenBetween(0, 64)' + - !ruby/object:Api::Type::Array + name: 'trainingPhrases' + description: | + The collection of training phrases the agent is trained on to identify the intent. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'id' + output: true + description: | + The unique identifier of the training phrase. + - !ruby/object:Api::Type::Array + name: 'parts' + required: true +======= - name: 'name' type: String description: | @@ -113,6 +214,7 @@ properties: output: true - name: 'parts' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The ordered list of training phrase parts. The parts are concatenated in order to form the training phrase. Note: The API does not automatically annotate training phrases like the Dialogflow Console does. @@ -121,6 +223,51 @@ properties: If you want to annotate the training phrase, you must create multiple parts, where the fields of each part are populated in one of two ways: Part.text is set to a part of the phrase that has no parameters. Part.text is set to a part of the phrase that you want to annotate, and the parameterId field is set. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'text' + required: true + description: | + The text for this part. + - !ruby/object:Api::Type::String + name: 'parameterId' + description: | + The parameter used to annotate this part of the training phrase. This field is required for annotated parts of the training phrase. + - !ruby/object:Api::Type::Integer + name: 'repeatCount' + description: | + Indicates how many times this example was added to the intent. + - !ruby/object:Api::Type::Array + name: 'parameters' + description: | + The collection of parameters associated with the intent. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'id' + required: true + description: | + The unique identifier of the parameter. This field is used by training phrases to annotate their parts. + - !ruby/object:Api::Type::String + name: 'entityType' + required: true + description: | + The entity type of the parameter. + Format: projects/-/locations/-/agents/-/entityTypes/ for system entity types (for example, projects/-/locations/-/agents/-/entityTypes/sys.date), or projects//locations//agents//entityTypes/ for developer entity types. + - !ruby/object:Api::Type::Boolean + name: 'isList' + description: | + Indicates whether the parameter represents a list of values. + - !ruby/object:Api::Type::Boolean + name: 'redact' + description: | + Indicates whether the parameter content should be redacted in log. If redaction is enabled, the parameter content will be replaced by parameter name during logging. + Note: the parameter content is subject to redaction if either parameter level redaction or entity type level redaction is enabled. + - !ruby/object:Api::Type::Integer + name: 'priority' +======= required: true item_type: type: NestedObject @@ -167,25 +314,44 @@ properties: Note: the parameter content is subject to redaction if either parameter level redaction or entity type level redaction is enabled. - name: 'priority' type: Integer +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The priority of this intent. Higher numbers represent higher priorities. If the supplied value is unspecified or 0, the service translates the value to 500,000, which corresponds to the Normal priority in the console. If the supplied value is negative, the intent is ignored in runtime detect intent requests. +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'isFallback' +======= - name: 'isFallback' type: Boolean +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates whether this is a fallback intent. Currently only default fallback intent is allowed in the agent, which is added upon agent creation. Adding training phrases to fallback intent is useful in the case of requests that are mistakenly matched, since training phrases assigned to fallback intents act as negative examples that triggers no-match event. To manage the fallback intent, set `is_default_negative_intent = true` +<<<<<<< HEAD + - !ruby/object:Api::Type::KeyValueLabels + name: 'labels' +======= - name: 'labels' type: KeyValueLabels +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The key/value metadata to label an intent. Labels can contain lowercase letters, digits and the symbols '-' and '_'. International characters are allowed, including letters from unicase alphabets. Keys must start with a letter. Keys and values can be no longer than 63 characters and no more than 128 bytes. Prefix "sys-" is reserved for Dialogflow defined labels. Currently allowed Dialogflow defined labels include: * sys-head * sys-contextual The above labels do not require value. "sys-head" means the intent is a head intent. "sys.contextual" means the intent is a contextual intent. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'description' + description: | + Human readable description for better understanding an intent like its scope, content, result etc. Maximum character limit: 140 characters. + validation: !ruby/object:Provider::Terraform::Validation +======= - name: 'description' type: String description: | Human readable description for better understanding an intent like its scope, content, result etc. Maximum character limit: 140 characters. validation: +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 function: 'validation.StringLenBetween(0, 140)' diff --git a/mmv1/products/dialogflowcx/Page.yaml b/mmv1/products/dialogflowcx/Page.yaml index 4166d047f098..1f300f56362f 100644 --- a/mmv1/products/dialogflowcx/Page.yaml +++ b/mmv1/products/dialogflowcx/Page.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,47 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'Page' +base_url: '{{parent}}/pages' +update_verb: :PATCH +update_mask: true +description: | + A Dialogflow CX conversation (session) can be described and visualized as a state machine. The states of a CX session are represented by pages. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/dialogflow/cx/docs' + api: 'https://cloud.google.com/dialogflow/cx/docs/reference/rest/v3/projects.locations.agents.flows.pages' +timeouts: !ruby/object:Api::Timeouts + insert_minutes: 40 + update_minutes: 40 +custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/dialogflowcx_page.go.erb + pre_create: templates/terraform/pre_create/dialogflow_set_location.go.erb + pre_update: templates/terraform/pre_create/dialogflow_set_location.go.erb + pre_delete: templates/terraform/pre_create/dialogflow_set_location.go.erb + pre_read: templates/terraform/pre_create/dialogflow_set_location.go.erb +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'dialogflowcx_page_full' + primary_resource_id: 'basic_page' + vars: + agent_name: 'dialogflowcx-agent' +skip_sweeper: true +id_format: '{{parent}}/pages/{{name}}' +import_format: ['{{parent}}/pages/{{name}}'] +parameters: + - !ruby/object:Api::Type::String + name: parent + url_param_only: true + immutable: true + description: | + The flow to create a page for. + Format: projects//locations//agents//flows/. + - !ruby/object:Api::Type::String + name: 'languageCode' +======= --- name: 'Page' description: | @@ -52,6 +97,7 @@ parameters: immutable: true - name: 'languageCode' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The language of the following fields in page: @@ -68,6 +114,66 @@ parameters: If not specified, the agent's default language is used. Many languages are supported. Note: languages must be enabled in the agent before they can be used. immutable: true properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + The unique identifier of the page. + Format: projects//locations//agents//flows//pages/. + custom_flatten: templates/terraform/custom_flatten/name_from_self_link.erb + - !ruby/object:Api::Type::String + name: 'displayName' + required: true + description: | + The human-readable name of the page, unique within the agent. + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringLenBetween(0, 64)' + - !ruby/object:Api::Type::NestedObject + name: 'entryFulfillment' + description: | + The fulfillment to call when the session is entering the page. + properties: + - !ruby/object:Api::Type::Array + name: 'messages' + description: | + The list of rich message responses to present to the user. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'channel' + description: | + The channel which the response is associated with. Clients can specify the channel via QueryParameters.channel, and only associated channel response will be returned. + - !ruby/object:Api::Type::NestedObject + name: 'text' + description: | + The text response message. + properties: + - !ruby/object:Api::Type::Array + name: 'text' + description: | + A collection of text responses. + item_type: Api::Type::String + - !ruby/object:Api::Type::Boolean + name: 'allowPlaybackInterruption' + output: true + description: | + Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. + # This can be an arbitrary json blob, so we use a string instead of a NestedObject. + - !ruby/object:Api::Type::String + name: 'payload' + description: | + A custom, platform-specific payload. + custom_expand: 'templates/terraform/custom_expand/json_schema.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::NestedObject + name: 'conversationSuccess' +======= - name: 'name' type: String description: | @@ -126,6 +232,7 @@ properties: function: 'validation.StringIsJSON' - name: 'conversationSuccess' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates that the conversation succeeded, i.e., the bot handled the issue that the customer talked to it about. Dialogflow only uses this to determine which conversations should be counted as successful and doesn't process the metadata in this message in any way. Note that Dialogflow also considers conversations that get to the conversation end page as successful even if they don't return ConversationSuccess. @@ -134,6 +241,39 @@ properties: * In a webhook response when you determine that you handled the customer issue. properties: # This can be an arbitrary json blob, so we use a string instead of a NestedObject. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'metadata' + description: | + Custom metadata. Dialogflow doesn't impose any structure on this. + custom_expand: 'templates/terraform/custom_expand/json_schema.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::NestedObject + name: 'outputAudioText' + description: | + A text or ssml response that is preferentially used for TTS output audio synthesis, as described in the comment on the ResponseMessage message. + properties: + - !ruby/object:Api::Type::Boolean + name: 'allowPlaybackInterruption' + output: true + description: | + Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. + - !ruby/object:Api::Type::String + name: 'text' + description: | + The raw text to be synthesized. + - !ruby/object:Api::Type::String + name: 'ssml' + description: | + The SSML text to be synthesized. For more information, see SSML. + - !ruby/object:Api::Type::NestedObject + name: 'liveAgentHandoff' +======= - name: 'metadata' type: String description: | @@ -163,6 +303,7 @@ properties: The SSML text to be synthesized. For more information, see SSML. - name: 'liveAgentHandoff' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates that the conversation should be handed off to a live agent. Dialogflow only uses this to determine which conversations were handed off to a human agent for measurement purposes. What else to do with this signal is up to you and your handoff procedures. @@ -171,6 +312,174 @@ properties: * In a webhook response when you determine that the customer issue can only be handled by a human. properties: # This can be an arbitrary json blob, so we use a string instead of a NestedObject. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'metadata' + description: | + Custom metadata. Dialogflow doesn't impose any structure on this. + custom_expand: 'templates/terraform/custom_expand/json_schema.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::NestedObject + name: 'playAudio' + description: | + Specifies an audio clip to be played by the client as part of the response. + properties: + - !ruby/object:Api::Type::String + name: 'audioUri' + required: true + description: | + URI of the audio clip. Dialogflow does not impose any validation on this value. It is specific to the client that reads it. + - !ruby/object:Api::Type::Boolean + name: 'allowPlaybackInterruption' + output: true + description: | + Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. + - !ruby/object:Api::Type::NestedObject + name: 'telephonyTransferCall' + description: | + Represents the signal that telles the client to transfer the phone call connected to the agent to a third-party endpoint. + properties: + - !ruby/object:Api::Type::String + name: 'phoneNumber' + required: true + description: | + Transfer the call to a phone number in E.164 format. + - !ruby/object:Api::Type::String + name: 'webhook' + description: | + The webhook to call. Format: projects//locations//agents//webhooks/. + - !ruby/object:Api::Type::Boolean + name: 'returnPartialResponses' + description: | + Whether Dialogflow should return currently queued fulfillment response messages in streaming APIs. If a webhook is specified, it happens before Dialogflow invokes webhook. Warning: 1) This flag only affects streaming API. Responses are still queued and returned once in non-streaming API. 2) The flag can be enabled in any fulfillment but only the first 3 partial responses will be returned. You may only want to apply it to fulfillments that have slow webhooks. + - !ruby/object:Api::Type::String + name: 'tag' + description: | + The tag used by the webhook to identify which fulfillment is being called. This field is required if webhook is specified. + - !ruby/object:Api::Type::Array + name: 'setParameterActions' + description: | + Set parameter values before executing the webhook. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'parameter' + description: | + Display name of the parameter. + - !ruby/object:Api::Type::String + name: 'value' + description: | + The new JSON-encoded value of the parameter. A null value clears the parameter. + custom_expand: 'templates/terraform/custom_expand/json_value.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::Array + name: 'conditionalCases' + description: | + Conditional cases for this fulfillment. + item_type: !ruby/object:Api::Type::NestedObject + properties: + # This object has a recursive schema so we use a string instead of a NestedObject + - !ruby/object:Api::Type::String + name: 'cases' + description: | + A JSON encoded list of cascading if-else conditions. Cases are mutually exclusive. The first one with a matching condition is selected, all the rest ignored. + See [Case](https://cloud.google.com/dialogflow/cx/docs/reference/rest/v3/Fulfillment#case) for the schema. + custom_expand: 'templates/terraform/custom_expand/json_value.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::NestedObject + name: 'form' + description: | + The form associated with the page, used for collecting parameters relevant to the page. + properties: + - !ruby/object:Api::Type::Array + name: 'parameters' + description: | + Parameters to collect from the user. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'displayName' + description: | + The human-readable name of the parameter, unique within the form. + - !ruby/object:Api::Type::Boolean + name: 'required' + description: | + Indicates whether the parameter is required. Optional parameters will not trigger prompts; however, they are filled if the user specifies them. + Required parameters must be filled before form filling concludes. + - !ruby/object:Api::Type::String + name: 'entityType' + description: | + The entity type of the parameter. + Format: projects/-/locations/-/agents/-/entityTypes/ for system entity types (for example, projects/-/locations/-/agents/-/entityTypes/sys.date), or projects//locations//agents//entityTypes/ for developer entity types. + - !ruby/object:Api::Type::Boolean + name: 'isList' + description: | + Indicates whether the parameter represents a list of values. + - !ruby/object:Api::Type::NestedObject + name: 'fillBehavior' + description: | + Defines fill behavior for the parameter. + properties: + - !ruby/object:Api::Type::NestedObject + name: 'initialPromptFulfillment' + description: | + The fulfillment to provide the initial prompt that the agent can present to the user in order to fill the parameter. + properties: + - !ruby/object:Api::Type::Array + name: 'messages' + description: | + The list of rich message responses to present to the user. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'channel' + description: | + The channel which the response is associated with. Clients can specify the channel via QueryParameters.channel, and only associated channel response will be returned. + - !ruby/object:Api::Type::NestedObject + name: 'text' + description: | + The text response message. + properties: + - !ruby/object:Api::Type::Array + name: 'text' + description: | + A collection of text responses. + item_type: Api::Type::String + - !ruby/object:Api::Type::Boolean + name: 'allowPlaybackInterruption' + output: true + description: | + Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. + # This can be an arbitrary json blob, so we use a string instead of a NestedObject. + - !ruby/object:Api::Type::String + name: 'payload' + description: | + A custom, platform-specific payload. + custom_expand: 'templates/terraform/custom_expand/json_schema.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::NestedObject + name: 'conversationSuccess' +======= - name: 'metadata' type: String description: | @@ -334,6 +643,7 @@ properties: function: 'validation.StringIsJSON' - name: 'conversationSuccess' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates that the conversation succeeded, i.e., the bot handled the issue that the customer talked to it about. Dialogflow only uses this to determine which conversations should be counted as successful and doesn't process the metadata in this message in any way. Note that Dialogflow also considers conversations that get to the conversation end page as successful even if they don't return ConversationSuccess. @@ -342,6 +652,39 @@ properties: * In a webhook response when you determine that you handled the customer issue. properties: # This can be an arbitrary json blob, so we use a string instead of a NestedObject. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'metadata' + description: | + Custom metadata. Dialogflow doesn't impose any structure on this. + custom_expand: 'templates/terraform/custom_expand/json_schema.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::NestedObject + name: 'outputAudioText' + description: | + A text or ssml response that is preferentially used for TTS output audio synthesis, as described in the comment on the ResponseMessage message. + properties: + - !ruby/object:Api::Type::Boolean + name: 'allowPlaybackInterruption' + output: true + description: | + Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. + - !ruby/object:Api::Type::String + name: 'text' + description: | + The raw text to be synthesized. + - !ruby/object:Api::Type::String + name: 'ssml' + description: | + The SSML text to be synthesized. For more information, see SSML. + - !ruby/object:Api::Type::NestedObject + name: 'liveAgentHandoff' +======= - name: 'metadata' type: String description: | @@ -371,6 +714,7 @@ properties: The SSML text to be synthesized. For more information, see SSML. - name: 'liveAgentHandoff' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates that the conversation should be handed off to a live agent. Dialogflow only uses this to determine which conversations were handed off to a human agent for measurement purposes. What else to do with this signal is up to you and your handoff procedures. @@ -379,6 +723,98 @@ properties: * In a webhook response when you determine that the customer issue can only be handled by a human. properties: # This can be an arbitrary json blob, so we use a string instead of a NestedObject. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'metadata' + description: | + Custom metadata. Dialogflow doesn't impose any structure on this. + custom_expand: 'templates/terraform/custom_expand/json_schema.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::NestedObject + name: 'playAudio' + description: | + Specifies an audio clip to be played by the client as part of the response. + properties: + - !ruby/object:Api::Type::String + name: 'audioUri' + required: true + description: | + URI of the audio clip. Dialogflow does not impose any validation on this value. It is specific to the client that reads it. + - !ruby/object:Api::Type::Boolean + name: 'allowPlaybackInterruption' + output: true + description: | + Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. + - !ruby/object:Api::Type::NestedObject + name: 'telephonyTransferCall' + description: | + Represents the signal that telles the client to transfer the phone call connected to the agent to a third-party endpoint. + properties: + - !ruby/object:Api::Type::String + name: 'phoneNumber' + required: true + description: | + Transfer the call to a phone number in E.164 format. + - !ruby/object:Api::Type::String + name: 'webhook' + description: | + The webhook to call. Format: projects//locations//agents//webhooks/. + - !ruby/object:Api::Type::Boolean + name: 'returnPartialResponses' + description: | + Whether Dialogflow should return currently queued fulfillment response messages in streaming APIs. If a webhook is specified, it happens before Dialogflow invokes webhook. Warning: 1) This flag only affects streaming API. Responses are still queued and returned once in non-streaming API. 2) The flag can be enabled in any fulfillment but only the first 3 partial responses will be returned. You may only want to apply it to fulfillments that have slow webhooks. + - !ruby/object:Api::Type::String + name: 'tag' + description: | + The tag used by the webhook to identify which fulfillment is being called. This field is required if webhook is specified. + - !ruby/object:Api::Type::Array + name: 'setParameterActions' + description: | + Set parameter values before executing the webhook. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'parameter' + description: | + Display name of the parameter. + - !ruby/object:Api::Type::String + name: 'value' + description: | + The new JSON-encoded value of the parameter. A null value clears the parameter. + custom_expand: 'templates/terraform/custom_expand/json_value.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::Array + name: 'conditionalCases' + description: | + Conditional cases for this fulfillment. + item_type: !ruby/object:Api::Type::NestedObject + properties: + # This object has a recursive schema so we use a string instead of a NestedObject + - !ruby/object:Api::Type::String + name: 'cases' + description: | + A JSON encoded list of cascading if-else conditions. Cases are mutually exclusive. The first one with a matching condition is selected, all the rest ignored. + See [Case](https://cloud.google.com/dialogflow/cx/docs/reference/rest/v3/Fulfillment#case) for the schema. + custom_expand: 'templates/terraform/custom_expand/json_value.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::Array + name: 'repromptEventHandlers' +======= - name: 'metadata' type: String description: | @@ -465,6 +901,7 @@ properties: function: 'validation.StringIsJSON' - name: 'repromptEventHandlers' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The handlers for parameter-level events, used to provide reprompt for the parameter or transition to a different page/flow. The supported events are: * sys.no-match-, where N can be from 1 to 6 @@ -477,6 +914,63 @@ properties: A sys.no-match-default or sys.no-input-default handler will be used to handle all following no-match/no-input events after all numbered no-match/no-input handlers for the parameter are consumed. A sys.invalid-parameter handler can be defined to handle the case where the parameter values have been invalidated by webhook. For example, if the user's response fill the parameter, however the parameter was invalidated by webhook, the fulfillment associated with the sys.invalid-parameter handler (if defined) will be called to provide a prompt. If the event handler for the corresponding event can't be found on the parameter, initialPromptFulfillment will be re-prompted. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + The unique identifier of this event handler. + - !ruby/object:Api::Type::String + name: 'event' + description: | + The name of the event to handle. + - !ruby/object:Api::Type::NestedObject + name: 'triggerFulfillment' + description: | + The fulfillment to call when the event occurs. Handling webhook errors with a fulfillment enabled with webhook could cause infinite loop. It is invalid to specify such fulfillment for a handler handling webhooks. + properties: + - !ruby/object:Api::Type::Array + name: 'messages' + description: | + The list of rich message responses to present to the user. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'channel' + description: | + The channel which the response is associated with. Clients can specify the channel via QueryParameters.channel, and only associated channel response will be returned. + - !ruby/object:Api::Type::NestedObject + name: 'text' + description: | + The text response message. + properties: + - !ruby/object:Api::Type::Array + name: 'text' + description: | + A collection of text responses. + item_type: Api::Type::String + - !ruby/object:Api::Type::Boolean + name: 'allowPlaybackInterruption' + output: true + description: | + Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. + # This can be an arbitrary json blob, so we use a string instead of a NestedObject. + - !ruby/object:Api::Type::String + name: 'payload' + description: | + A custom, platform-specific payload. + custom_expand: 'templates/terraform/custom_expand/json_schema.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::NestedObject + name: 'conversationSuccess' +======= item_type: type: NestedObject properties: @@ -533,6 +1027,7 @@ properties: function: 'validation.StringIsJSON' - name: 'conversationSuccess' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates that the conversation succeeded, i.e., the bot handled the issue that the customer talked to it about. Dialogflow only uses this to determine which conversations should be counted as successful and doesn't process the metadata in this message in any way. Note that Dialogflow also considers conversations that get to the conversation end page as successful even if they don't return ConversationSuccess. @@ -541,6 +1036,39 @@ properties: * In a webhook response when you determine that you handled the customer issue. properties: # This can be an arbitrary json blob, so we use a string instead of a NestedObject. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'metadata' + description: | + Custom metadata. Dialogflow doesn't impose any structure on this. + custom_expand: 'templates/terraform/custom_expand/json_schema.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::NestedObject + name: 'outputAudioText' + description: | + A text or ssml response that is preferentially used for TTS output audio synthesis, as described in the comment on the ResponseMessage message. + properties: + - !ruby/object:Api::Type::Boolean + name: 'allowPlaybackInterruption' + output: true + description: | + Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. + - !ruby/object:Api::Type::String + name: 'text' + description: | + The raw text to be synthesized. + - !ruby/object:Api::Type::String + name: 'ssml' + description: | + The SSML text to be synthesized. For more information, see SSML. + - !ruby/object:Api::Type::NestedObject + name: 'liveAgentHandoff' +======= - name: 'metadata' type: String description: | @@ -570,6 +1098,7 @@ properties: The SSML text to be synthesized. For more information, see SSML. - name: 'liveAgentHandoff' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates that the conversation should be handed off to a live agent. Dialogflow only uses this to determine which conversations were handed off to a human agent for measurement purposes. What else to do with this signal is up to you and your handoff procedures. @@ -578,6 +1107,103 @@ properties: * In a webhook response when you determine that the customer issue can only be handled by a human. properties: # This can be an arbitrary json blob, so we use a string instead of a NestedObject. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'metadata' + description: | + Custom metadata. Dialogflow doesn't impose any structure on this. + custom_expand: 'templates/terraform/custom_expand/json_schema.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::NestedObject + name: 'playAudio' + description: | + Specifies an audio clip to be played by the client as part of the response. + properties: + - !ruby/object:Api::Type::String + name: 'audioUri' + required: true + description: | + URI of the audio clip. Dialogflow does not impose any validation on this value. It is specific to the client that reads it. + - !ruby/object:Api::Type::Boolean + name: 'allowPlaybackInterruption' + output: true + description: | + Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. + - !ruby/object:Api::Type::NestedObject + name: 'telephonyTransferCall' + description: | + Represents the signal that telles the client to transfer the phone call connected to the agent to a third-party endpoint. + properties: + - !ruby/object:Api::Type::String + name: 'phoneNumber' + required: true + description: | + Transfer the call to a phone number in E.164 format. + - !ruby/object:Api::Type::String + name: 'webhook' + description: | + The webhook to call. Format: projects//locations//agents//webhooks/. + - !ruby/object:Api::Type::Boolean + name: 'returnPartialResponses' + description: | + Whether Dialogflow should return currently queued fulfillment response messages in streaming APIs. If a webhook is specified, it happens before Dialogflow invokes webhook. Warning: 1) This flag only affects streaming API. Responses are still queued and returned once in non-streaming API. 2) The flag can be enabled in any fulfillment but only the first 3 partial responses will be returned. You may only want to apply it to fulfillments that have slow webhooks. + - !ruby/object:Api::Type::String + name: 'tag' + description: | + The tag used by the webhook to identify which fulfillment is being called. This field is required if webhook is specified. + - !ruby/object:Api::Type::Array + name: 'setParameterActions' + description: | + Set parameter values before executing the webhook. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'parameter' + description: | + Display name of the parameter. + - !ruby/object:Api::Type::String + name: 'value' + description: | + The new JSON-encoded value of the parameter. A null value clears the parameter. + custom_expand: 'templates/terraform/custom_expand/json_value.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::Array + name: 'conditionalCases' + description: | + Conditional cases for this fulfillment. + item_type: !ruby/object:Api::Type::NestedObject + properties: + # This object has a recursive schema so we use a string instead of a NestedObject + - !ruby/object:Api::Type::String + name: 'cases' + description: | + A JSON encoded list of cascading if-else conditions. Cases are mutually exclusive. The first one with a matching condition is selected, all the rest ignored. + See [Case](https://cloud.google.com/dialogflow/cx/docs/reference/rest/v3/Fulfillment#case) for the schema. + custom_expand: 'templates/terraform/custom_expand/json_value.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::String + name: 'targetPage' + description: | + The target page to transition to. + Format: projects//locations//agents//flows//pages/. + - !ruby/object:Api::Type::String + name: 'targetFlow' +======= - name: 'metadata' type: String description: | @@ -669,10 +1295,31 @@ properties: Format: projects//locations//agents//flows//pages/. - name: 'targetFlow' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The target flow to transition to. Format: projects//locations//agents//flows/. # This can be an arbitrary value, so we use a string instead of a NestedObject. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'defaultValue' + description: | + The default value of an optional parameter. If the parameter is required, the default value will be ignored. + custom_expand: 'templates/terraform/custom_expand/json_value.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::Boolean + name: 'redact' + description: | + Indicates whether the parameter content should be redacted in log. + If redaction is enabled, the parameter content will be replaced by parameter name during logging. Note: the parameter content is subject to redaction if either parameter level redaction or entity type level redaction is enabled. + - !ruby/object:Api::Type::NestedObject + name: 'advancedSettings' +======= - name: 'defaultValue' type: String description: | @@ -689,12 +1336,18 @@ properties: If redaction is enabled, the parameter content will be replaced by parameter name during logging. Note: the parameter content is subject to redaction if either parameter level redaction or entity type level redaction is enabled. - name: 'advancedSettings' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Hierarchical advanced settings for this parameter. The settings exposed at the lower level overrides the settings exposed at the higher level. Hierarchy: Agent->Flow->Page->Fulfillment/Parameter. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'dtmfSettings' +======= - name: 'dtmfSettings' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Define behaviors for DTMF (dual tone multi frequency). DTMF settings does not override each other. DTMF settings set at different levels define DTMF detections running in parallel. Exposed at the following levels: * Agent level @@ -702,6 +1355,22 @@ properties: * Page level * Parameter level properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'enabled' + description: | + If true, incoming audio is processed for DTMF (dual tone multi frequency) events. For example, if the caller presses a button on their telephone keypad and DTMF processing is enabled, Dialogflow will detect the event (e.g. a "3" was pressed) in the incoming audio and pass the event to the bot to drive business logic (e.g. when 3 is pressed, return the account balance). + - !ruby/object:Api::Type::Integer + name: 'maxDigits' + description: | + Max length of DTMF digits. + - !ruby/object:Api::Type::String + name: 'finishDigit' + description: | + The digit that terminates a DTMF digit sequence. + - !ruby/object:Api::Type::Array + name: 'transitionRouteGroups' +======= - name: 'enabled' type: Boolean description: | @@ -716,15 +1385,22 @@ properties: The digit that terminates a DTMF digit sequence. - name: 'transitionRouteGroups' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Ordered list of TransitionRouteGroups associated with the page. Transition route groups must be unique within a page. If multiple transition routes within a page scope refer to the same intent, then the precedence order is: page's transition route -> page's transition route group -> flow's transition routes. If multiple transition route groups within a page contain the same intent, then the first group in the ordered list takes precedence. Format:projects//locations//agents//flows//transitionRouteGroups/. +<<<<<<< HEAD + item_type: Api::Type::String + - !ruby/object:Api::Type::Array + name: 'transitionRoutes' +======= item_type: type: String - name: 'transitionRoutes' type: Array +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | A list of transitions for the transition rules of this page. They route the conversation to another page in the same flow, or another flow. When we are in a certain page, the TransitionRoutes are evalauted in the following order: @@ -734,6 +1410,69 @@ properties: TransitionRoutes defined in the transition route groups with intent specified. TransitionRoutes defined in the page with only condition specified. TransitionRoutes defined in the transition route groups with only condition specified. +<<<<<<< HEAD + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + The unique identifier of this transition route. + - !ruby/object:Api::Type::String + name: 'intent' + description: | + The unique identifier of an Intent. + Format: projects//locations//agents//intents/. Indicates that the transition can only happen when the given intent is matched. At least one of intent or condition must be specified. When both intent and condition are specified, the transition can only happen when both are fulfilled. + - !ruby/object:Api::Type::String + name: 'condition' + description: | + The condition to evaluate against form parameters or session parameters. + At least one of intent or condition must be specified. When both intent and condition are specified, the transition can only happen when both are fulfilled. + - !ruby/object:Api::Type::NestedObject + name: 'triggerFulfillment' + description: | + The fulfillment to call when the condition is satisfied. At least one of triggerFulfillment and target must be specified. When both are defined, triggerFulfillment is executed first. + properties: + - !ruby/object:Api::Type::Array + name: 'messages' + description: | + The list of rich message responses to present to the user. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'channel' + description: | + The channel which the response is associated with. Clients can specify the channel via QueryParameters.channel, and only associated channel response will be returned. + - !ruby/object:Api::Type::NestedObject + name: 'text' + description: | + The text response message. + properties: + - !ruby/object:Api::Type::Array + name: 'text' + description: | + A collection of text responses. + item_type: Api::Type::String + - !ruby/object:Api::Type::Boolean + name: 'allowPlaybackInterruption' + output: true + description: | + Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. + # This can be an arbitrary json blob, so we use a string instead of a NestedObject. + - !ruby/object:Api::Type::String + name: 'payload' + description: | + A custom, platform-specific payload. + custom_expand: 'templates/terraform/custom_expand/json_schema.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::NestedObject + name: 'conversationSuccess' +======= item_type: type: NestedObject properties: @@ -796,6 +1535,7 @@ properties: function: 'validation.StringIsJSON' - name: 'conversationSuccess' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates that the conversation succeeded, i.e., the bot handled the issue that the customer talked to it about. Dialogflow only uses this to determine which conversations should be counted as successful and doesn't process the metadata in this message in any way. Note that Dialogflow also considers conversations that get to the conversation end page as successful even if they don't return ConversationSuccess. @@ -804,6 +1544,39 @@ properties: * In a webhook response when you determine that you handled the customer issue. properties: # This can be an arbitrary json blob, so we use a string instead of a NestedObject. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'metadata' + description: | + Custom metadata. Dialogflow doesn't impose any structure on this. + custom_expand: 'templates/terraform/custom_expand/json_schema.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::NestedObject + name: 'outputAudioText' + description: | + A text or ssml response that is preferentially used for TTS output audio synthesis, as described in the comment on the ResponseMessage message. + properties: + - !ruby/object:Api::Type::Boolean + name: 'allowPlaybackInterruption' + output: true + description: | + Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. + - !ruby/object:Api::Type::String + name: 'text' + description: | + The raw text to be synthesized. + - !ruby/object:Api::Type::String + name: 'ssml' + description: | + The SSML text to be synthesized. For more information, see SSML. + - !ruby/object:Api::Type::NestedObject + name: 'liveAgentHandoff' +======= - name: 'metadata' type: String description: | @@ -833,6 +1606,7 @@ properties: The SSML text to be synthesized. For more information, see SSML. - name: 'liveAgentHandoff' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates that the conversation should be handed off to a live agent. Dialogflow only uses this to determine which conversations were handed off to a human agent for measurement purposes. What else to do with this signal is up to you and your handoff procedures. @@ -841,6 +1615,165 @@ properties: * In a webhook response when you determine that the customer issue can only be handled by a human. properties: # This can be an arbitrary json blob, so we use a string instead of a NestedObject. +<<<<<<< HEAD + - !ruby/object:Api::Type::String + name: 'metadata' + description: | + Custom metadata. Dialogflow doesn't impose any structure on this. + custom_expand: 'templates/terraform/custom_expand/json_schema.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::NestedObject + name: 'playAudio' + description: | + Specifies an audio clip to be played by the client as part of the response. + properties: + - !ruby/object:Api::Type::String + name: 'audioUri' + required: true + description: | + URI of the audio clip. Dialogflow does not impose any validation on this value. It is specific to the client that reads it. + - !ruby/object:Api::Type::Boolean + name: 'allowPlaybackInterruption' + output: true + description: | + Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. + - !ruby/object:Api::Type::NestedObject + name: 'telephonyTransferCall' + description: | + Represents the signal that telles the client to transfer the phone call connected to the agent to a third-party endpoint. + properties: + - !ruby/object:Api::Type::String + name: 'phoneNumber' + required: true + description: | + Transfer the call to a phone number in E.164 format. + - !ruby/object:Api::Type::String + name: 'webhook' + description: | + The webhook to call. Format: projects//locations//agents//webhooks/. + - !ruby/object:Api::Type::Boolean + name: 'returnPartialResponses' + description: | + Whether Dialogflow should return currently queued fulfillment response messages in streaming APIs. If a webhook is specified, it happens before Dialogflow invokes webhook. Warning: 1) This flag only affects streaming API. Responses are still queued and returned once in non-streaming API. 2) The flag can be enabled in any fulfillment but only the first 3 partial responses will be returned. You may only want to apply it to fulfillments that have slow webhooks. + - !ruby/object:Api::Type::String + name: 'tag' + description: | + The tag used by the webhook to identify which fulfillment is being called. This field is required if webhook is specified. + - !ruby/object:Api::Type::Array + name: 'setParameterActions' + description: | + Set parameter values before executing the webhook. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'parameter' + description: | + Display name of the parameter. + - !ruby/object:Api::Type::String + name: 'value' + description: | + The new JSON-encoded value of the parameter. A null value clears the parameter. + custom_expand: 'templates/terraform/custom_expand/json_value.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::Array + name: 'conditionalCases' + description: | + Conditional cases for this fulfillment. + item_type: !ruby/object:Api::Type::NestedObject + properties: + # This object has a recursive schema so we use a string instead of a NestedObject + - !ruby/object:Api::Type::String + name: 'cases' + description: | + A JSON encoded list of cascading if-else conditions. Cases are mutually exclusive. The first one with a matching condition is selected, all the rest ignored. + See [Case](https://cloud.google.com/dialogflow/cx/docs/reference/rest/v3/Fulfillment#case) for the schema. + custom_expand: 'templates/terraform/custom_expand/json_value.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::String + name: 'targetPage' + description: | + The target page to transition to. + Format: projects//locations//agents//flows//pages/. + - !ruby/object:Api::Type::String + name: 'targetFlow' + description: | + The target flow to transition to. + Format: projects//locations//agents//flows/. + - !ruby/object:Api::Type::Array + name: 'eventHandlers' + description: | + Handlers associated with the page to handle events such as webhook errors, no match or no input. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + The unique identifier of this event handler. + - !ruby/object:Api::Type::String + name: 'event' + description: | + The name of the event to handle. + - !ruby/object:Api::Type::NestedObject + name: 'triggerFulfillment' + description: | + The fulfillment to call when the event occurs. Handling webhook errors with a fulfillment enabled with webhook could cause infinite loop. It is invalid to specify such fulfillment for a handler handling webhooks. + properties: + - !ruby/object:Api::Type::Array + name: 'messages' + description: | + The list of rich message responses to present to the user. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'channel' + description: | + The channel which the response is associated with. Clients can specify the channel via QueryParameters.channel, and only associated channel response will be returned. + - !ruby/object:Api::Type::NestedObject + name: 'text' + description: | + The text response message. + properties: + - !ruby/object:Api::Type::Array + name: 'text' + description: | + A collection of text responses. + item_type: Api::Type::String + - !ruby/object:Api::Type::Boolean + name: 'allowPlaybackInterruption' + output: true + description: | + Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. + # This can be an arbitrary json blob, so we use a string instead of a NestedObject. + - !ruby/object:Api::Type::String + name: 'payload' + description: | + A custom, platform-specific payload. + custom_expand: 'templates/terraform/custom_expand/json_schema.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::NestedObject + name: 'conversationSuccess' +======= - name: 'metadata' type: String description: | @@ -994,6 +1927,7 @@ properties: function: 'validation.StringIsJSON' - name: 'conversationSuccess' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates that the conversation succeeded, i.e., the bot handled the issue that the customer talked to it about. Dialogflow only uses this to determine which conversations should be counted as successful and doesn't process the metadata in this message in any way. Note that Dialogflow also considers conversations that get to the conversation end page as successful even if they don't return ConversationSuccess. @@ -1001,6 +1935,40 @@ properties: * In the entryFulfillment of a Page if entering the page indicates that the conversation succeeded. * In a webhook response when you determine that you handled the customer issue. properties: +<<<<<<< HEAD + # This can be an arbitrary json blob, so we use a string instead of a NestedObject. + - !ruby/object:Api::Type::String + name: 'metadata' + description: | + Custom metadata. Dialogflow doesn't impose any structure on this. + custom_expand: 'templates/terraform/custom_expand/json_schema.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::NestedObject + name: 'outputAudioText' + description: | + A text or ssml response that is preferentially used for TTS output audio synthesis, as described in the comment on the ResponseMessage message. + properties: + - !ruby/object:Api::Type::Boolean + name: 'allowPlaybackInterruption' + output: true + description: | + Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. + - !ruby/object:Api::Type::String + name: 'text' + description: | + The raw text to be synthesized. + - !ruby/object:Api::Type::String + name: 'ssml' + description: | + The SSML text to be synthesized. For more information, see SSML. + - !ruby/object:Api::Type::NestedObject + name: 'liveAgentHandoff' +======= - name: 'metadata' type: String description: | @@ -1030,6 +1998,7 @@ properties: The SSML text to be synthesized. For more information, see SSML. - name: 'liveAgentHandoff' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Indicates that the conversation should be handed off to a live agent. Dialogflow only uses this to determine which conversations were handed off to a human agent for measurement purposes. What else to do with this signal is up to you and your handoff procedures. @@ -1037,6 +2006,109 @@ properties: * In the entryFulfillment of a Page if entering the page indicates something went extremely wrong in the conversation. * In a webhook response when you determine that the customer issue can only be handled by a human. properties: +<<<<<<< HEAD + # This can be an arbitrary json blob, so we use a string instead of a NestedObject. + - !ruby/object:Api::Type::String + name: 'metadata' + description: | + Custom metadata. Dialogflow doesn't impose any structure on this. + custom_expand: 'templates/terraform/custom_expand/json_schema.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::NestedObject + name: 'playAudio' + description: | + Specifies an audio clip to be played by the client as part of the response. + properties: + - !ruby/object:Api::Type::String + name: 'audioUri' + required: true + description: | + URI of the audio clip. Dialogflow does not impose any validation on this value. It is specific to the client that reads it. + - !ruby/object:Api::Type::Boolean + name: 'allowPlaybackInterruption' + output: true + description: | + Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. + - !ruby/object:Api::Type::NestedObject + name: 'telephonyTransferCall' + description: | + Represents the signal that telles the client to transfer the phone call connected to the agent to a third-party endpoint. + properties: + - !ruby/object:Api::Type::String + name: 'phoneNumber' + required: true + description: | + Transfer the call to a phone number in E.164 format. + - !ruby/object:Api::Type::String + name: 'webhook' + description: | + The webhook to call. Format: projects//locations//agents//webhooks/. + - !ruby/object:Api::Type::Boolean + name: 'returnPartialResponses' + description: | + Whether Dialogflow should return currently queued fulfillment response messages in streaming APIs. If a webhook is specified, it happens before Dialogflow invokes webhook. Warning: 1) This flag only affects streaming API. Responses are still queued and returned once in non-streaming API. 2) The flag can be enabled in any fulfillment but only the first 3 partial responses will be returned. You may only want to apply it to fulfillments that have slow webhooks. + - !ruby/object:Api::Type::String + name: 'tag' + description: | + The tag used by the webhook to identify which fulfillment is being called. This field is required if webhook is specified. + - !ruby/object:Api::Type::Array + name: 'setParameterActions' + description: | + Set parameter values before executing the webhook. + item_type: !ruby/object:Api::Type::NestedObject + properties: + - !ruby/object:Api::Type::String + name: 'parameter' + description: | + Display name of the parameter. + - !ruby/object:Api::Type::String + name: 'value' + description: | + The new JSON-encoded value of the parameter. A null value clears the parameter. + custom_expand: 'templates/terraform/custom_expand/json_value.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::Array + name: 'conditionalCases' + description: | + Conditional cases for this fulfillment. + item_type: !ruby/object:Api::Type::NestedObject + properties: + # This object has a recursive schema so we use a string instead of a NestedObject + - !ruby/object:Api::Type::String + name: 'cases' + description: | + A JSON encoded list of cascading if-else conditions. Cases are mutually exclusive. The first one with a matching condition is selected, all the rest ignored. + See [Case](https://cloud.google.com/dialogflow/cx/docs/reference/rest/v3/Fulfillment#case) for the schema. + custom_expand: 'templates/terraform/custom_expand/json_value.erb' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' + state_func: + 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); + return s }' + validation: !ruby/object:Provider::Terraform::Validation + function: 'validation.StringIsJSON' + - !ruby/object:Api::Type::String + name: 'targetPage' + description: | + The target page to transition to. + Format: projects//locations//agents//flows//pages/. + - !ruby/object:Api::Type::String + name: 'targetFlow' + description: | + The target flow to transition to. + Format: projects//locations//agents//flows/. + - !ruby/object:Api::Type::NestedObject + name: 'advancedSettings' +======= - name: 'metadata' type: String description: | @@ -1132,12 +2204,18 @@ properties: Format: projects//locations//agents//flows/. - name: 'advancedSettings' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Hierarchical advanced settings for this page. The settings exposed at the lower level overrides the settings exposed at the higher level. Hierarchy: Agent->Flow->Page->Fulfillment/Parameter. properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::NestedObject + name: 'dtmfSettings' +======= - name: 'dtmfSettings' type: NestedObject +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | Define behaviors for DTMF (dual tone multi frequency). DTMF settings does not override each other. DTMF settings set at different levels define DTMF detections running in parallel. Exposed at the following levels: * Agent level @@ -1145,6 +2223,18 @@ properties: * Page level * Parameter level properties: +<<<<<<< HEAD + - !ruby/object:Api::Type::Boolean + name: 'enabled' + description: | + If true, incoming audio is processed for DTMF (dual tone multi frequency) events. For example, if the caller presses a button on their telephone keypad and DTMF processing is enabled, Dialogflow will detect the event (e.g. a "3" was pressed) in the incoming audio and pass the event to the bot to drive business logic (e.g. when 3 is pressed, return the account balance). + - !ruby/object:Api::Type::Integer + name: 'maxDigits' + description: | + Max length of DTMF digits. + - !ruby/object:Api::Type::String + name: 'finishDigit' +======= - name: 'enabled' type: Boolean description: | @@ -1155,5 +2245,6 @@ properties: Max length of DTMF digits. - name: 'finishDigit' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | The digit that terminates a DTMF digit sequence. diff --git a/mmv1/products/dialogflowcx/SecuritySettings.yaml b/mmv1/products/dialogflowcx/SecuritySettings.yaml index 24bbc3f9d967..03d7a1f72241 100644 --- a/mmv1/products/dialogflowcx/SecuritySettings.yaml +++ b/mmv1/products/dialogflowcx/SecuritySettings.yaml @@ -1,4 +1,8 @@ +<<<<<<< HEAD +# Copyright 2023 Google Inc. +======= # Copyright 2024 Google Inc. +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,6 +15,31 @@ # See the License for the specific language governing permissions and # limitations under the License. +<<<<<<< HEAD +--- !ruby/object:Api::Resource +name: 'SecuritySettings' +base_url: 'projects/{{project}}/locations/{{location}}/securitySettings' +update_verb: :PATCH +update_mask: true +description: | + Represents the settings related to security issues, such as data redaction and data retention. It may take hours for updates on the settings to propagate to all the related components and take effect. + Multiple security settings can be configured in each location. Each agent can specify the security settings to apply, and each setting can be applied to multiple agents in the same project and location. +references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': 'https://cloud.google.com/dialogflow/cx/docs' + api: 'https://cloud.google.com/dialogflow/cx/docs/reference/rest/v3/projects.locations.securitySettings' +timeouts: !ruby/object:Api::Timeouts + insert_minutes: 40 + update_minutes: 40 +examples: + - !ruby/object:Provider::Terraform::Examples + name: 'dialogflowcx_security_settings_basic' + primary_resource_id: 'basic_security_settings' + vars: + settings_name: 'dialogflowcx-security-settings' + - !ruby/object:Provider::Terraform::Examples + name: 'dialogflowcx_security_settings_full' +======= --- name: 'SecuritySettings' description: | @@ -39,6 +68,7 @@ examples: vars: settings_name: 'dialogflowcx-security-settings' - name: 'dialogflowcx_security_settings_full' +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 primary_resource_id: 'basic_security_settings' vars: inspect_name: 'dialogflowcx-inspect-template' @@ -46,6 +76,50 @@ examples: settings_name: 'dialogflowcx-security-settings' bucket_name: 'dialogflowcx-bucket' test_env_vars: +<<<<<<< HEAD + project: :PROJECT_NAME +id_format: 'projects/{{project}}/locations/{{location}}/securitySettings/{{name}}' +import_format: ['projects/{{project}}/locations/{{location}}/securitySettings/{{name}}'] +custom_code: !ruby/object:Provider::Terraform::CustomCode + post_create: templates/terraform/post_create/sleep.go.erb +properties: + - !ruby/object:Api::Type::String + name: 'name' + output: true + description: | + The unique identifier of the settings. + Format: projects//locations//securitySettings/. + custom_flatten: templates/terraform/custom_flatten/name_from_self_link.erb + - !ruby/object:Api::Type::String + name: 'location' + description: | + The location these settings are located in. Settings can only be applied to an agent in the same location. + See [Available Regions](https://cloud.google.com/dialogflow/cx/docs/concept/region#avail) for a list of supported locations. + required: true + immutable: true + url_param_only: true + - !ruby/object:Api::Type::String + name: 'displayName' + description: | + The human-readable name of the security settings, unique within the location. + required: true + - !ruby/object:Api::Type::Enum + name: 'redactionStrategy' + description: | + Defines how we redact data. If not set, defaults to not redacting. + * REDACT_WITH_SERVICE: Call redaction service to clean up the data to be persisted. + values: + - :REDACT_WITH_SERVICE + - !ruby/object:Api::Type::Enum + name: 'redactionScope' + description: | + Defines what types of data to redact. If not set, defaults to not redacting any kind of data. + * REDACT_DISK_STORAGE: On data to be written to disk or similar devices that are capable of holding data even if power is disconnected. This includes data that are temporarily saved on disk. + values: + - :REDACT_DISK_STORAGE + - !ruby/object:Api::Type::String + name: 'inspectTemplate' +======= project: 'PROJECT_NAME' parameters: properties: @@ -85,16 +159,37 @@ properties: - 'REDACT_DISK_STORAGE' - name: 'inspectTemplate' type: String +>>>>>>> 2fdda66097e2c96688e59f7c58c1f717c7785856 description: | [DLP](https://cloud.google.com/dlp/docs) inspect template name. Use this template to define inspect base settings. If empty, we use the default DLP inspect config. Note: inspectTemplate must be located in the same region as the SecuritySettings. Format: projects//locations//inspectTemplates/