google-apis-gkehub_v2alpha 0.17.0 → 0.19.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +9 -0
  3. data/lib/google/apis/gkehub_v2alpha/classes.rb +3227 -118
  4. data/lib/google/apis/gkehub_v2alpha/gem_version.rb +3 -3
  5. data/lib/google/apis/gkehub_v2alpha/representations.rb +1414 -25
  6. data/lib/google/apis/gkehub_v2alpha/service.rb +206 -2
  7. metadata +4 -4
data/lib/google/apis/gkehub_v2alpha/classes.rb CHANGED
@@ -22,6 +22,50 @@ module Google
22
22
  module Apis
23
23
  module GkehubV2alpha
24
24
 
25
+ # State for App Dev Exp Feature.
26
+ class AppDevExperienceState
27
+ include Google::Apis::Core::Hashable
28
+
29
+ # Status specifies state for the subcomponent.
30
+ # Corresponds to the JSON property `networkingInstallSucceeded`
31
+ # @return [Google::Apis::GkehubV2alpha::AppDevExperienceStatus]
32
+ attr_accessor :networking_install_succeeded
33
+
34
+ def initialize(**args)
35
+ update!(**args)
36
+ end
37
+
38
+ # Update properties of this object
39
+ def update!(**args)
40
+ @networking_install_succeeded = args[:networking_install_succeeded] if args.key?(:networking_install_succeeded)
41
+ end
42
+ end
43
+
44
+ # Status specifies state for the subcomponent.
45
+ class AppDevExperienceStatus
46
+ include Google::Apis::Core::Hashable
47
+
48
+ # Code specifies AppDevExperienceFeature's subcomponent ready state.
49
+ # Corresponds to the JSON property `code`
50
+ # @return [String]
51
+ attr_accessor :code
52
+
53
+ # Description is populated if Code is Failed, explaining why it has failed.
54
+ # Corresponds to the JSON property `description`
55
+ # @return [String]
56
+ attr_accessor :description
57
+
58
+ def initialize(**args)
59
+ update!(**args)
60
+ end
61
+
62
+ # Update properties of this object
63
+ def update!(**args)
64
+ @code = args[:code] if args.key?(:code)
65
+ @description = args[:description] if args.key?(:description)
66
+ end
67
+ end
68
+
25
69
  # The request message for Operations.CancelOperation.
26
70
  class CancelOperationRequest
27
71
  include Google::Apis::Core::Hashable
@@ -35,48 +79,3021 @@ module Google
35
79
  end
36
80
  end
37
81
 
38
- # A generic empty message that you can re-use to avoid defining duplicated empty
39
- # messages in your APIs. A typical example is to use it as the request or the
40
- # response type of an API method. For instance: service Foo ` rpc Bar(google.
41
- # protobuf.Empty) returns (google.protobuf.Empty); `
42
- class Empty
82
+ # **Cloud Build**: Configurations for each Cloud Build enabled cluster.
83
+ class CloudBuildSpec
84
+ include Google::Apis::Core::Hashable
85
+
86
+ # Whether it is allowed to run the privileged builds on the cluster or not.
87
+ # Corresponds to the JSON property `securityPolicy`
88
+ # @return [String]
89
+ attr_accessor :security_policy
90
+
91
+ # Version of the cloud build software on the cluster.
92
+ # Corresponds to the JSON property `version`
93
+ # @return [String]
94
+ attr_accessor :version
95
+
96
+ def initialize(**args)
97
+ update!(**args)
98
+ end
99
+
100
+ # Update properties of this object
101
+ def update!(**args)
102
+ @security_policy = args[:security_policy] if args.key?(:security_policy)
103
+ @version = args[:version] if args.key?(:version)
104
+ end
105
+ end
106
+
107
+ # GKEUpgrade represents a GKE provided upgrade, e.g., control plane upgrade.
108
+ class ClusterUpgradeGkeUpgrade
109
+ include Google::Apis::Core::Hashable
110
+
111
+ # Name of the upgrade, e.g., "k8s_control_plane".
112
+ # Corresponds to the JSON property `name`
113
+ # @return [String]
114
+ attr_accessor :name
115
+
116
+ # Version of the upgrade, e.g., "1.22.1-gke.100".
117
+ # Corresponds to the JSON property `version`
118
+ # @return [String]
119
+ attr_accessor :version
120
+
121
+ def initialize(**args)
122
+ update!(**args)
123
+ end
124
+
125
+ # Update properties of this object
126
+ def update!(**args)
127
+ @name = args[:name] if args.key?(:name)
128
+ @version = args[:version] if args.key?(:version)
129
+ end
130
+ end
131
+
132
+ # IgnoredMembership represents a membership ignored by the feature. A membership
133
+ # can be ignored because it was manually upgraded to a newer version than RC
134
+ # default.
135
+ class ClusterUpgradeIgnoredMembership
136
+ include Google::Apis::Core::Hashable
137
+
138
+ # Time when the membership was first set to ignored.
139
+ # Corresponds to the JSON property `ignoredTime`
140
+ # @return [String]
141
+ attr_accessor :ignored_time
142
+
143
+ # Reason why the membership is ignored.
144
+ # Corresponds to the JSON property `reason`
145
+ # @return [String]
146
+ attr_accessor :reason
147
+
148
+ def initialize(**args)
149
+ update!(**args)
150
+ end
151
+
152
+ # Update properties of this object
153
+ def update!(**args)
154
+ @ignored_time = args[:ignored_time] if args.key?(:ignored_time)
155
+ @reason = args[:reason] if args.key?(:reason)
156
+ end
157
+ end
158
+
159
+ # MembershipGKEUpgradeState is a GKEUpgrade and its state per-membership.
160
+ class ClusterUpgradeMembershipGkeUpgradeState
161
+ include Google::Apis::Core::Hashable
162
+
163
+ # UpgradeStatus provides status information for each upgrade.
164
+ # Corresponds to the JSON property `status`
165
+ # @return [Google::Apis::GkehubV2alpha::ClusterUpgradeUpgradeStatus]
166
+ attr_accessor :status
167
+
168
+ # GKEUpgrade represents a GKE provided upgrade, e.g., control plane upgrade.
169
+ # Corresponds to the JSON property `upgrade`
170
+ # @return [Google::Apis::GkehubV2alpha::ClusterUpgradeGkeUpgrade]
171
+ attr_accessor :upgrade
172
+
173
+ def initialize(**args)
174
+ update!(**args)
175
+ end
176
+
177
+ # Update properties of this object
178
+ def update!(**args)
179
+ @status = args[:status] if args.key?(:status)
180
+ @upgrade = args[:upgrade] if args.key?(:upgrade)
181
+ end
182
+ end
183
+
184
+ # Per-membership state for this feature.
185
+ class ClusterUpgradeState
186
+ include Google::Apis::Core::Hashable
187
+
188
+ # IgnoredMembership represents a membership ignored by the feature. A membership
189
+ # can be ignored because it was manually upgraded to a newer version than RC
190
+ # default.
191
+ # Corresponds to the JSON property `ignored`
192
+ # @return [Google::Apis::GkehubV2alpha::ClusterUpgradeIgnoredMembership]
193
+ attr_accessor :ignored
194
+
195
+ # Actual upgrade state against desired.
196
+ # Corresponds to the JSON property `upgrades`
197
+ # @return [Array<Google::Apis::GkehubV2alpha::ClusterUpgradeMembershipGkeUpgradeState>]
198
+ attr_accessor :upgrades
199
+
200
+ def initialize(**args)
201
+ update!(**args)
202
+ end
203
+
204
+ # Update properties of this object
205
+ def update!(**args)
206
+ @ignored = args[:ignored] if args.key?(:ignored)
207
+ @upgrades = args[:upgrades] if args.key?(:upgrades)
208
+ end
209
+ end
210
+
211
+ # UpgradeStatus provides status information for each upgrade.
212
+ class ClusterUpgradeUpgradeStatus
213
+ include Google::Apis::Core::Hashable
214
+
215
+ # Status code of the upgrade.
216
+ # Corresponds to the JSON property `code`
217
+ # @return [String]
218
+ attr_accessor :code
219
+
220
+ # Reason for this status.
221
+ # Corresponds to the JSON property `reason`
222
+ # @return [String]
223
+ attr_accessor :reason
224
+
225
+ # Last timestamp the status was updated.
226
+ # Corresponds to the JSON property `updateTime`
227
+ # @return [String]
228
+ attr_accessor :update_time
229
+
230
+ def initialize(**args)
231
+ update!(**args)
232
+ end
233
+
234
+ # Update properties of this object
235
+ def update!(**args)
236
+ @code = args[:code] if args.key?(:code)
237
+ @reason = args[:reason] if args.key?(:reason)
238
+ @update_time = args[:update_time] if args.key?(:update_time)
239
+ end
240
+ end
241
+
242
+ # Configuration for Binauthz.
243
+ class ConfigManagementBinauthzConfig
244
+ include Google::Apis::Core::Hashable
245
+
246
+ # Whether binauthz is enabled in this cluster.
247
+ # Corresponds to the JSON property `enabled`
248
+ # @return [Boolean]
249
+ attr_accessor :enabled
250
+ alias_method :enabled?, :enabled
251
+
252
+ def initialize(**args)
253
+ update!(**args)
254
+ end
255
+
256
+ # Update properties of this object
257
+ def update!(**args)
258
+ @enabled = args[:enabled] if args.key?(:enabled)
259
+ end
260
+ end
261
+
262
+ # State for Binauthz.
263
+ class ConfigManagementBinauthzState
264
+ include Google::Apis::Core::Hashable
265
+
266
+ # The version of binauthz.
267
+ # Corresponds to the JSON property `version`
268
+ # @return [Google::Apis::GkehubV2alpha::ConfigManagementBinauthzVersion]
269
+ attr_accessor :version
270
+
271
+ # The state of the binauthz webhook.
272
+ # Corresponds to the JSON property `webhook`
273
+ # @return [String]
274
+ attr_accessor :webhook
275
+
276
+ def initialize(**args)
277
+ update!(**args)
278
+ end
279
+
280
+ # Update properties of this object
281
+ def update!(**args)
282
+ @version = args[:version] if args.key?(:version)
283
+ @webhook = args[:webhook] if args.key?(:webhook)
284
+ end
285
+ end
286
+
287
+ # The version of binauthz.
288
+ class ConfigManagementBinauthzVersion
289
+ include Google::Apis::Core::Hashable
290
+
291
+ # The version of the binauthz webhook.
292
+ # Corresponds to the JSON property `webhookVersion`
293
+ # @return [String]
294
+ attr_accessor :webhook_version
295
+
296
+ def initialize(**args)
297
+ update!(**args)
298
+ end
299
+
300
+ # Update properties of this object
301
+ def update!(**args)
302
+ @webhook_version = args[:webhook_version] if args.key?(:webhook_version)
303
+ end
304
+ end
305
+
306
+ # Configuration for Config Sync
307
+ class ConfigManagementConfigSync
308
+ include Google::Apis::Core::Hashable
309
+
310
+ # Set to true to allow the vertical scaling. Defaults to false which disallows
311
+ # vertical scaling. This field is deprecated.
312
+ # Corresponds to the JSON property `allowVerticalScale`
313
+ # @return [Boolean]
314
+ attr_accessor :allow_vertical_scale
315
+ alias_method :allow_vertical_scale?, :allow_vertical_scale
316
+
317
+ # Enables the installation of ConfigSync. If set to true, ConfigSync resources
318
+ # will be created and the other ConfigSync fields will be applied if exist. If
319
+ # set to false, all other ConfigSync fields will be ignored, ConfigSync
320
+ # resources will be deleted. If omitted, ConfigSync resources will be managed
321
+ # depends on the presence of the git or oci field.
322
+ # Corresponds to the JSON property `enabled`
323
+ # @return [Boolean]
324
+ attr_accessor :enabled
325
+ alias_method :enabled?, :enabled
326
+
327
+ # Git repo configuration for a single cluster.
328
+ # Corresponds to the JSON property `git`
329
+ # @return [Google::Apis::GkehubV2alpha::ConfigManagementGitConfig]
330
+ attr_accessor :git
331
+
332
+ # The Email of the Google Cloud Service Account (GSA) used for exporting Config
333
+ # Sync metrics to Cloud Monitoring and Cloud Monarch when Workload Identity is
334
+ # enabled. The GSA should have the Monitoring Metric Writer (roles/monitoring.
335
+ # metricWriter) IAM role. The Kubernetes ServiceAccount `default` in the
336
+ # namespace `config-management-monitoring` should be bound to the GSA.
337
+ # Deprecated: If Workload Identity Federation for GKE is enabled, Google Cloud
338
+ # Service Account is no longer needed for exporting Config Sync metrics: https://
339
+ # cloud.google.com/kubernetes-engine/enterprise/config-sync/docs/how-to/monitor-
340
+ # config-sync-cloud-monitoring#custom-monitoring.
341
+ # Corresponds to the JSON property `metricsGcpServiceAccountEmail`
342
+ # @return [String]
343
+ attr_accessor :metrics_gcp_service_account_email
344
+
345
+ # OCI repo configuration for a single cluster.
346
+ # Corresponds to the JSON property `oci`
347
+ # @return [Google::Apis::GkehubV2alpha::ConfigManagementOciConfig]
348
+ attr_accessor :oci
349
+
350
+ # Set to true to enable the Config Sync admission webhook to prevent drifts. If
351
+ # set to `false`, disables the Config Sync admission webhook and does not
352
+ # prevent drifts.
353
+ # Corresponds to the JSON property `preventDrift`
354
+ # @return [Boolean]
355
+ attr_accessor :prevent_drift
356
+ alias_method :prevent_drift?, :prevent_drift
357
+
358
+ # Specifies whether the Config Sync Repo is in "hierarchical" or "unstructured"
359
+ # mode.
360
+ # Corresponds to the JSON property `sourceFormat`
361
+ # @return [String]
362
+ attr_accessor :source_format
363
+
364
+ # Set to true to stop syncing configs for a single cluster. Default to false.
365
+ # Corresponds to the JSON property `stopSyncing`
366
+ # @return [Boolean]
367
+ attr_accessor :stop_syncing
368
+ alias_method :stop_syncing?, :stop_syncing
369
+
370
+ def initialize(**args)
371
+ update!(**args)
372
+ end
373
+
374
+ # Update properties of this object
375
+ def update!(**args)
376
+ @allow_vertical_scale = args[:allow_vertical_scale] if args.key?(:allow_vertical_scale)
377
+ @enabled = args[:enabled] if args.key?(:enabled)
378
+ @git = args[:git] if args.key?(:git)
379
+ @metrics_gcp_service_account_email = args[:metrics_gcp_service_account_email] if args.key?(:metrics_gcp_service_account_email)
380
+ @oci = args[:oci] if args.key?(:oci)
381
+ @prevent_drift = args[:prevent_drift] if args.key?(:prevent_drift)
382
+ @source_format = args[:source_format] if args.key?(:source_format)
383
+ @stop_syncing = args[:stop_syncing] if args.key?(:stop_syncing)
384
+ end
385
+ end
386
+
387
+ # The state of ConfigSync's deployment on a cluster.
388
+ class ConfigManagementConfigSyncDeploymentState
389
+ include Google::Apis::Core::Hashable
390
+
391
+ # Deployment state of admission-webhook.
392
+ # Corresponds to the JSON property `admissionWebhook`
393
+ # @return [String]
394
+ attr_accessor :admission_webhook
395
+
396
+ # Deployment state of the git-sync pod.
397
+ # Corresponds to the JSON property `gitSync`
398
+ # @return [String]
399
+ attr_accessor :git_sync
400
+
401
+ # Deployment state of the importer pod.
402
+ # Corresponds to the JSON property `importer`
403
+ # @return [String]
404
+ attr_accessor :importer
405
+
406
+ # Deployment state of the monitor pod.
407
+ # Corresponds to the JSON property `monitor`
408
+ # @return [String]
409
+ attr_accessor :monitor
410
+
411
+ # Deployment state of otel-collector
412
+ # Corresponds to the JSON property `otelCollector`
413
+ # @return [String]
414
+ attr_accessor :otel_collector
415
+
416
+ # Deployment state of reconciler-manager pod.
417
+ # Corresponds to the JSON property `reconcilerManager`
418
+ # @return [String]
419
+ attr_accessor :reconciler_manager
420
+
421
+ # Deployment state of resource-group-controller-manager
422
+ # Corresponds to the JSON property `resourceGroupControllerManager`
423
+ # @return [String]
424
+ attr_accessor :resource_group_controller_manager
425
+
426
+ # Deployment state of root-reconciler.
427
+ # Corresponds to the JSON property `rootReconciler`
428
+ # @return [String]
429
+ attr_accessor :root_reconciler
430
+
431
+ # Deployment state of the syncer pod.
432
+ # Corresponds to the JSON property `syncer`
433
+ # @return [String]
434
+ attr_accessor :syncer
435
+
436
+ def initialize(**args)
437
+ update!(**args)
438
+ end
439
+
440
+ # Update properties of this object
441
+ def update!(**args)
442
+ @admission_webhook = args[:admission_webhook] if args.key?(:admission_webhook)
443
+ @git_sync = args[:git_sync] if args.key?(:git_sync)
444
+ @importer = args[:importer] if args.key?(:importer)
445
+ @monitor = args[:monitor] if args.key?(:monitor)
446
+ @otel_collector = args[:otel_collector] if args.key?(:otel_collector)
447
+ @reconciler_manager = args[:reconciler_manager] if args.key?(:reconciler_manager)
448
+ @resource_group_controller_manager = args[:resource_group_controller_manager] if args.key?(:resource_group_controller_manager)
449
+ @root_reconciler = args[:root_reconciler] if args.key?(:root_reconciler)
450
+ @syncer = args[:syncer] if args.key?(:syncer)
451
+ end
452
+ end
453
+
454
+ # Errors pertaining to the installation of Config Sync
455
+ class ConfigManagementConfigSyncError
456
+ include Google::Apis::Core::Hashable
457
+
458
+ # A string representing the user facing error message
459
+ # Corresponds to the JSON property `errorMessage`
460
+ # @return [String]
461
+ attr_accessor :error_message
462
+
463
+ def initialize(**args)
464
+ update!(**args)
465
+ end
466
+
467
+ # Update properties of this object
468
+ def update!(**args)
469
+ @error_message = args[:error_message] if args.key?(:error_message)
470
+ end
471
+ end
472
+
473
+ # State information for ConfigSync.
474
+ class ConfigManagementConfigSyncState
475
+ include Google::Apis::Core::Hashable
476
+
477
+ # Whether syncing resources to the cluster is stopped at the cluster level.
478
+ # Corresponds to the JSON property `clusterLevelStopSyncingState`
479
+ # @return [String]
480
+ attr_accessor :cluster_level_stop_syncing_state
481
+
482
+ # Output only. The number of RootSync and RepoSync CRs in the cluster.
483
+ # Corresponds to the JSON property `crCount`
484
+ # @return [Fixnum]
485
+ attr_accessor :cr_count
486
+
487
+ # The state of ConfigSync's deployment on a cluster.
488
+ # Corresponds to the JSON property `deploymentState`
489
+ # @return [Google::Apis::GkehubV2alpha::ConfigManagementConfigSyncDeploymentState]
490
+ attr_accessor :deployment_state
491
+
492
+ # Errors pertaining to the installation of Config Sync.
493
+ # Corresponds to the JSON property `errors`
494
+ # @return [Array<Google::Apis::GkehubV2alpha::ConfigManagementConfigSyncError>]
495
+ attr_accessor :errors
496
+
497
+ # The state of the Reposync CRD
498
+ # Corresponds to the JSON property `reposyncCrd`
499
+ # @return [String]
500
+ attr_accessor :reposync_crd
501
+
502
+ # The state of the RootSync CRD
503
+ # Corresponds to the JSON property `rootsyncCrd`
504
+ # @return [String]
505
+ attr_accessor :rootsync_crd
506
+
507
+ # The state of CS This field summarizes the other fields in this message.
508
+ # Corresponds to the JSON property `state`
509
+ # @return [String]
510
+ attr_accessor :state
511
+
512
+ # State indicating an ACM's progress syncing configurations to a cluster.
513
+ # Corresponds to the JSON property `syncState`
514
+ # @return [Google::Apis::GkehubV2alpha::ConfigManagementSyncState]
515
+ attr_accessor :sync_state
516
+
517
+ # Specific versioning information pertaining to ConfigSync's Pods.
518
+ # Corresponds to the JSON property `version`
519
+ # @return [Google::Apis::GkehubV2alpha::ConfigManagementConfigSyncVersion]
520
+ attr_accessor :version
521
+
522
+ def initialize(**args)
523
+ update!(**args)
524
+ end
525
+
526
+ # Update properties of this object
527
+ def update!(**args)
528
+ @cluster_level_stop_syncing_state = args[:cluster_level_stop_syncing_state] if args.key?(:cluster_level_stop_syncing_state)
529
+ @cr_count = args[:cr_count] if args.key?(:cr_count)
530
+ @deployment_state = args[:deployment_state] if args.key?(:deployment_state)
531
+ @errors = args[:errors] if args.key?(:errors)
532
+ @reposync_crd = args[:reposync_crd] if args.key?(:reposync_crd)
533
+ @rootsync_crd = args[:rootsync_crd] if args.key?(:rootsync_crd)
534
+ @state = args[:state] if args.key?(:state)
535
+ @sync_state = args[:sync_state] if args.key?(:sync_state)
536
+ @version = args[:version] if args.key?(:version)
537
+ end
538
+ end
539
+
540
+ # Specific versioning information pertaining to ConfigSync's Pods.
541
+ class ConfigManagementConfigSyncVersion
542
+ include Google::Apis::Core::Hashable
543
+
544
+ # Version of the deployed admission-webhook pod.
545
+ # Corresponds to the JSON property `admissionWebhook`
546
+ # @return [String]
547
+ attr_accessor :admission_webhook
548
+
549
+ # Version of the deployed git-sync pod.
550
+ # Corresponds to the JSON property `gitSync`
551
+ # @return [String]
552
+ attr_accessor :git_sync
553
+
554
+ # Version of the deployed importer pod.
555
+ # Corresponds to the JSON property `importer`
556
+ # @return [String]
557
+ attr_accessor :importer
558
+
559
+ # Version of the deployed monitor pod.
560
+ # Corresponds to the JSON property `monitor`
561
+ # @return [String]
562
+ attr_accessor :monitor
563
+
564
+ # Version of the deployed otel-collector pod
565
+ # Corresponds to the JSON property `otelCollector`
566
+ # @return [String]
567
+ attr_accessor :otel_collector
568
+
569
+ # Version of the deployed reconciler-manager pod.
570
+ # Corresponds to the JSON property `reconcilerManager`
571
+ # @return [String]
572
+ attr_accessor :reconciler_manager
573
+
574
+ # Version of the deployed resource-group-controller-manager pod
575
+ # Corresponds to the JSON property `resourceGroupControllerManager`
576
+ # @return [String]
577
+ attr_accessor :resource_group_controller_manager
578
+
579
+ # Version of the deployed reconciler container in root-reconciler pod.
580
+ # Corresponds to the JSON property `rootReconciler`
581
+ # @return [String]
582
+ attr_accessor :root_reconciler
583
+
584
+ # Version of the deployed syncer pod.
585
+ # Corresponds to the JSON property `syncer`
586
+ # @return [String]
587
+ attr_accessor :syncer
588
+
589
+ def initialize(**args)
590
+ update!(**args)
591
+ end
592
+
593
+ # Update properties of this object
594
+ def update!(**args)
595
+ @admission_webhook = args[:admission_webhook] if args.key?(:admission_webhook)
596
+ @git_sync = args[:git_sync] if args.key?(:git_sync)
597
+ @importer = args[:importer] if args.key?(:importer)
598
+ @monitor = args[:monitor] if args.key?(:monitor)
599
+ @otel_collector = args[:otel_collector] if args.key?(:otel_collector)
600
+ @reconciler_manager = args[:reconciler_manager] if args.key?(:reconciler_manager)
601
+ @resource_group_controller_manager = args[:resource_group_controller_manager] if args.key?(:resource_group_controller_manager)
602
+ @root_reconciler = args[:root_reconciler] if args.key?(:root_reconciler)
603
+ @syncer = args[:syncer] if args.key?(:syncer)
604
+ end
605
+ end
606
+
607
+ # Model for a config file in the git repo with an associated Sync error.
608
+ class ConfigManagementErrorResource
609
+ include Google::Apis::Core::Hashable
610
+
611
+ # A Kubernetes object's GVK.
612
+ # Corresponds to the JSON property `resourceGvk`
613
+ # @return [Google::Apis::GkehubV2alpha::ConfigManagementGroupVersionKind]
614
+ attr_accessor :resource_gvk
615
+
616
+ # Metadata name of the resource that is causing an error
617
+ # Corresponds to the JSON property `resourceName`
618
+ # @return [String]
619
+ attr_accessor :resource_name
620
+
621
+ # Namespace of the resource that is causing an error
622
+ # Corresponds to the JSON property `resourceNamespace`
623
+ # @return [String]
624
+ attr_accessor :resource_namespace
625
+
626
+ # Path in the git repo of the erroneous config
627
+ # Corresponds to the JSON property `sourcePath`
628
+ # @return [String]
629
+ attr_accessor :source_path
630
+
631
+ def initialize(**args)
632
+ update!(**args)
633
+ end
634
+
635
+ # Update properties of this object
636
+ def update!(**args)
637
+ @resource_gvk = args[:resource_gvk] if args.key?(:resource_gvk)
638
+ @resource_name = args[:resource_name] if args.key?(:resource_name)
639
+ @resource_namespace = args[:resource_namespace] if args.key?(:resource_namespace)
640
+ @source_path = args[:source_path] if args.key?(:source_path)
641
+ end
642
+ end
643
+
644
+ # State of Policy Controller installation.
645
+ class ConfigManagementGatekeeperDeploymentState
646
+ include Google::Apis::Core::Hashable
647
+
648
+ # Status of gatekeeper-audit deployment.
649
+ # Corresponds to the JSON property `gatekeeperAudit`
650
+ # @return [String]
651
+ attr_accessor :gatekeeper_audit
652
+
653
+ # Status of gatekeeper-controller-manager pod.
654
+ # Corresponds to the JSON property `gatekeeperControllerManagerState`
655
+ # @return [String]
656
+ attr_accessor :gatekeeper_controller_manager_state
657
+
658
+ # Status of the pod serving the mutation webhook.
659
+ # Corresponds to the JSON property `gatekeeperMutation`
660
+ # @return [String]
661
+ attr_accessor :gatekeeper_mutation
662
+
663
+ def initialize(**args)
664
+ update!(**args)
665
+ end
666
+
667
+ # Update properties of this object
668
+ def update!(**args)
669
+ @gatekeeper_audit = args[:gatekeeper_audit] if args.key?(:gatekeeper_audit)
670
+ @gatekeeper_controller_manager_state = args[:gatekeeper_controller_manager_state] if args.key?(:gatekeeper_controller_manager_state)
671
+ @gatekeeper_mutation = args[:gatekeeper_mutation] if args.key?(:gatekeeper_mutation)
672
+ end
673
+ end
674
+
675
+ # Git repo configuration for a single cluster.
676
+ class ConfigManagementGitConfig
677
+ include Google::Apis::Core::Hashable
678
+
679
+ # The Google Cloud Service Account Email used for auth when secret_type is
680
+ # gcpServiceAccount.
681
+ # Corresponds to the JSON property `gcpServiceAccountEmail`
682
+ # @return [String]
683
+ attr_accessor :gcp_service_account_email
684
+
685
+ # URL for the HTTPS proxy to be used when communicating with the Git repo.
686
+ # Corresponds to the JSON property `httpsProxy`
687
+ # @return [String]
688
+ attr_accessor :https_proxy
689
+
690
+ # The path within the Git repository that represents the top level of the repo
691
+ # to sync. Default: the root directory of the repository.
692
+ # Corresponds to the JSON property `policyDir`
693
+ # @return [String]
694
+ attr_accessor :policy_dir
695
+
696
+ # Type of secret configured for access to the Git repo. Must be one of ssh,
697
+ # cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this
698
+ # is case-sensitive. Required.
699
+ # Corresponds to the JSON property `secretType`
700
+ # @return [String]
701
+ attr_accessor :secret_type
702
+
703
+ # The branch of the repository to sync from. Default: master.
704
+ # Corresponds to the JSON property `syncBranch`
705
+ # @return [String]
706
+ attr_accessor :sync_branch
707
+
708
+ # The URL of the Git repository to use as the source of truth.
709
+ # Corresponds to the JSON property `syncRepo`
710
+ # @return [String]
711
+ attr_accessor :sync_repo
712
+
713
+ # Git revision (tag or hash) to check out. Default HEAD.
714
+ # Corresponds to the JSON property `syncRev`
715
+ # @return [String]
716
+ attr_accessor :sync_rev
717
+
718
+ # Period in seconds between consecutive syncs. Default: 15.
719
+ # Corresponds to the JSON property `syncWaitSecs`
720
+ # @return [Fixnum]
721
+ attr_accessor :sync_wait_secs
722
+
723
+ def initialize(**args)
724
+ update!(**args)
725
+ end
726
+
727
+ # Update properties of this object
728
+ def update!(**args)
729
+ @gcp_service_account_email = args[:gcp_service_account_email] if args.key?(:gcp_service_account_email)
730
+ @https_proxy = args[:https_proxy] if args.key?(:https_proxy)
731
+ @policy_dir = args[:policy_dir] if args.key?(:policy_dir)
732
+ @secret_type = args[:secret_type] if args.key?(:secret_type)
733
+ @sync_branch = args[:sync_branch] if args.key?(:sync_branch)
734
+ @sync_repo = args[:sync_repo] if args.key?(:sync_repo)
735
+ @sync_rev = args[:sync_rev] if args.key?(:sync_rev)
736
+ @sync_wait_secs = args[:sync_wait_secs] if args.key?(:sync_wait_secs)
737
+ end
738
+ end
739
+
740
+ # A Kubernetes object's GVK.
741
+ class ConfigManagementGroupVersionKind
742
+ include Google::Apis::Core::Hashable
743
+
744
+ # Kubernetes Group
745
+ # Corresponds to the JSON property `group`
746
+ # @return [String]
747
+ attr_accessor :group
748
+
749
+ # Kubernetes Kind
750
+ # Corresponds to the JSON property `kind`
751
+ # @return [String]
752
+ attr_accessor :kind
753
+
754
+ # Kubernetes Version
755
+ # Corresponds to the JSON property `version`
756
+ # @return [String]
757
+ attr_accessor :version
758
+
759
+ def initialize(**args)
760
+ update!(**args)
761
+ end
762
+
763
+ # Update properties of this object
764
+ def update!(**args)
765
+ @group = args[:group] if args.key?(:group)
766
+ @kind = args[:kind] if args.key?(:kind)
767
+ @version = args[:version] if args.key?(:version)
768
+ end
769
+ end
770
+
771
+ # Configuration for Hierarchy Controller.
772
+ class ConfigManagementHierarchyControllerConfig
773
+ include Google::Apis::Core::Hashable
774
+
775
+ # Whether hierarchical resource quota is enabled in this cluster.
776
+ # Corresponds to the JSON property `enableHierarchicalResourceQuota`
777
+ # @return [Boolean]
778
+ attr_accessor :enable_hierarchical_resource_quota
779
+ alias_method :enable_hierarchical_resource_quota?, :enable_hierarchical_resource_quota
780
+
781
+ # Whether pod tree labels are enabled in this cluster.
782
+ # Corresponds to the JSON property `enablePodTreeLabels`
783
+ # @return [Boolean]
784
+ attr_accessor :enable_pod_tree_labels
785
+ alias_method :enable_pod_tree_labels?, :enable_pod_tree_labels
786
+
787
+ # Whether Hierarchy Controller is enabled in this cluster.
788
+ # Corresponds to the JSON property `enabled`
789
+ # @return [Boolean]
790
+ attr_accessor :enabled
791
+ alias_method :enabled?, :enabled
792
+
793
+ def initialize(**args)
794
+ update!(**args)
795
+ end
796
+
797
+ # Update properties of this object
798
+ def update!(**args)
799
+ @enable_hierarchical_resource_quota = args[:enable_hierarchical_resource_quota] if args.key?(:enable_hierarchical_resource_quota)
800
+ @enable_pod_tree_labels = args[:enable_pod_tree_labels] if args.key?(:enable_pod_tree_labels)
801
+ @enabled = args[:enabled] if args.key?(:enabled)
802
+ end
803
+ end
804
+
805
+ # Deployment state for Hierarchy Controller
806
+ class ConfigManagementHierarchyControllerDeploymentState
807
+ include Google::Apis::Core::Hashable
808
+
809
+ # The deployment state for Hierarchy Controller extension (e.g. v0.7.0-hc.1).
810
+ # Corresponds to the JSON property `extension`
811
+ # @return [String]
812
+ attr_accessor :extension
813
+
814
+ # The deployment state for open source HNC (e.g. v0.7.0-hc.0).
815
+ # Corresponds to the JSON property `hnc`
816
+ # @return [String]
817
+ attr_accessor :hnc
818
+
819
+ def initialize(**args)
820
+ update!(**args)
821
+ end
822
+
823
+ # Update properties of this object
824
+ def update!(**args)
825
+ @extension = args[:extension] if args.key?(:extension)
826
+ @hnc = args[:hnc] if args.key?(:hnc)
827
+ end
828
+ end
829
+
830
+ # State for Hierarchy Controller.
831
+ class ConfigManagementHierarchyControllerState
832
+ include Google::Apis::Core::Hashable
833
+
834
+ # Deployment state for Hierarchy Controller
835
+ # Corresponds to the JSON property `state`
836
+ # @return [Google::Apis::GkehubV2alpha::ConfigManagementHierarchyControllerDeploymentState]
837
+ attr_accessor :state
838
+
839
+ # Version for Hierarchy Controller.
840
+ # Corresponds to the JSON property `version`
841
+ # @return [Google::Apis::GkehubV2alpha::ConfigManagementHierarchyControllerVersion]
842
+ attr_accessor :version
843
+
844
+ def initialize(**args)
845
+ update!(**args)
846
+ end
847
+
848
+ # Update properties of this object
849
+ def update!(**args)
850
+ @state = args[:state] if args.key?(:state)
851
+ @version = args[:version] if args.key?(:version)
852
+ end
853
+ end
854
+
855
+ # Version for Hierarchy Controller.
856
+ class ConfigManagementHierarchyControllerVersion
857
+ include Google::Apis::Core::Hashable
858
+
859
+ # Version for Hierarchy Controller extension.
860
+ # Corresponds to the JSON property `extension`
861
+ # @return [String]
862
+ attr_accessor :extension
863
+
864
+ # Version for open source HNC.
865
+ # Corresponds to the JSON property `hnc`
866
+ # @return [String]
867
+ attr_accessor :hnc
868
+
869
+ def initialize(**args)
870
+ update!(**args)
871
+ end
872
+
873
+ # Update properties of this object
874
+ def update!(**args)
875
+ @extension = args[:extension] if args.key?(:extension)
876
+ @hnc = args[:hnc] if args.key?(:hnc)
877
+ end
878
+ end
879
+
880
+ # Errors pertaining to the installation of ACM.
881
+ class ConfigManagementInstallError
882
+ include Google::Apis::Core::Hashable
883
+
884
+ # A string representing the user facing error message.
885
+ # Corresponds to the JSON property `errorMessage`
886
+ # @return [String]
887
+ attr_accessor :error_message
888
+
889
+ def initialize(**args)
890
+ update!(**args)
891
+ end
892
+
893
+ # Update properties of this object
894
+ def update!(**args)
895
+ @error_message = args[:error_message] if args.key?(:error_message)
896
+ end
897
+ end
898
+
899
+ # OCI repo configuration for a single cluster.
900
+ class ConfigManagementOciConfig
901
+ include Google::Apis::Core::Hashable
902
+
903
+ # The Google Cloud Service Account Email used for auth when secret_type is
904
+ # gcpServiceAccount.
905
+ # Corresponds to the JSON property `gcpServiceAccountEmail`
906
+ # @return [String]
907
+ attr_accessor :gcp_service_account_email
908
+
909
+ # The absolute path of the directory that contains the local resources. Default:
910
+ # the root directory of the image.
911
+ # Corresponds to the JSON property `policyDir`
912
+ # @return [String]
913
+ attr_accessor :policy_dir
914
+
915
+ # Type of secret configured for access to the Git repo.
916
+ # Corresponds to the JSON property `secretType`
917
+ # @return [String]
918
+ attr_accessor :secret_type
919
+
920
+ # The OCI image repository URL for the package to sync from. e.g. `LOCATION-
921
+ # docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME`.
922
+ # Corresponds to the JSON property `syncRepo`
923
+ # @return [String]
924
+ attr_accessor :sync_repo
925
+
926
+ # Period in seconds between consecutive syncs. Default: 15.
927
+ # Corresponds to the JSON property `syncWaitSecs`
928
+ # @return [Fixnum]
929
+ attr_accessor :sync_wait_secs
930
+
931
+ def initialize(**args)
932
+ update!(**args)
933
+ end
934
+
935
+ # Update properties of this object
936
+ def update!(**args)
937
+ @gcp_service_account_email = args[:gcp_service_account_email] if args.key?(:gcp_service_account_email)
938
+ @policy_dir = args[:policy_dir] if args.key?(:policy_dir)
939
+ @secret_type = args[:secret_type] if args.key?(:secret_type)
940
+ @sync_repo = args[:sync_repo] if args.key?(:sync_repo)
941
+ @sync_wait_secs = args[:sync_wait_secs] if args.key?(:sync_wait_secs)
942
+ end
943
+ end
944
+
945
+ # State information for an ACM's Operator.
946
+ class ConfigManagementOperatorState
947
+ include Google::Apis::Core::Hashable
948
+
949
+ # The state of the Operator's deployment.
950
+ # Corresponds to the JSON property `deploymentState`
951
+ # @return [String]
952
+ attr_accessor :deployment_state
953
+
954
+ # Install errors.
955
+ # Corresponds to the JSON property `errors`
956
+ # @return [Array<Google::Apis::GkehubV2alpha::ConfigManagementInstallError>]
957
+ attr_accessor :errors
958
+
959
+ # The semenatic version number of the operator.
960
+ # Corresponds to the JSON property `version`
961
+ # @return [String]
962
+ attr_accessor :version
963
+
964
+ def initialize(**args)
965
+ update!(**args)
966
+ end
967
+
968
+ # Update properties of this object
969
+ def update!(**args)
970
+ @deployment_state = args[:deployment_state] if args.key?(:deployment_state)
971
+ @errors = args[:errors] if args.key?(:errors)
972
+ @version = args[:version] if args.key?(:version)
973
+ end
974
+ end
975
+
976
+ # Configuration for Policy Controller
977
+ class ConfigManagementPolicyController
978
+ include Google::Apis::Core::Hashable
979
+
980
+ # Sets the interval for Policy Controller Audit Scans (in seconds). When set to
981
+ # 0, this disables audit functionality altogether.
982
+ # Corresponds to the JSON property `auditIntervalSeconds`
983
+ # @return [Fixnum]
984
+ attr_accessor :audit_interval_seconds
985
+
986
+ # Enables the installation of Policy Controller. If false, the rest of
987
+ # PolicyController fields take no effect.
988
+ # Corresponds to the JSON property `enabled`
989
+ # @return [Boolean]
990
+ attr_accessor :enabled
991
+ alias_method :enabled?, :enabled
992
+
993
+ # The set of namespaces that are excluded from Policy Controller checks.
994
+ # Namespaces do not need to currently exist on the cluster.
995
+ # Corresponds to the JSON property `exemptableNamespaces`
996
+ # @return [Array<String>]
997
+ attr_accessor :exemptable_namespaces
998
+
999
+ # Logs all denies and dry run failures.
1000
+ # Corresponds to the JSON property `logDeniesEnabled`
1001
+ # @return [Boolean]
1002
+ attr_accessor :log_denies_enabled
1003
+ alias_method :log_denies_enabled?, :log_denies_enabled
1004
+
1005
+ # PolicyControllerMonitoring specifies the backends Policy Controller should
1006
+ # export metrics to. For example, to specify metrics should be exported to Cloud
1007
+ # Monitoring and Prometheus, specify backends: ["cloudmonitoring", "prometheus"]
1008
+ # Corresponds to the JSON property `monitoring`
1009
+ # @return [Google::Apis::GkehubV2alpha::ConfigManagementPolicyControllerMonitoring]
1010
+ attr_accessor :monitoring
1011
+
1012
+ # Enable or disable mutation in policy controller. If true, mutation CRDs,
1013
+ # webhook and controller deployment will be deployed to the cluster.
1014
+ # Corresponds to the JSON property `mutationEnabled`
1015
+ # @return [Boolean]
1016
+ attr_accessor :mutation_enabled
1017
+ alias_method :mutation_enabled?, :mutation_enabled
1018
+
1019
+ # Enables the ability to use Constraint Templates that reference to objects
1020
+ # other than the object currently being evaluated.
1021
+ # Corresponds to the JSON property `referentialRulesEnabled`
1022
+ # @return [Boolean]
1023
+ attr_accessor :referential_rules_enabled
1024
+ alias_method :referential_rules_enabled?, :referential_rules_enabled
1025
+
1026
+ # Installs the default template library along with Policy Controller.
1027
+ # Corresponds to the JSON property `templateLibraryInstalled`
1028
+ # @return [Boolean]
1029
+ attr_accessor :template_library_installed
1030
+ alias_method :template_library_installed?, :template_library_installed
1031
+
1032
+ # Output only. Last time this membership spec was updated.
1033
+ # Corresponds to the JSON property `updateTime`
1034
+ # @return [String]
1035
+ attr_accessor :update_time
1036
+
1037
+ def initialize(**args)
1038
+ update!(**args)
1039
+ end
1040
+
1041
+ # Update properties of this object
1042
+ def update!(**args)
1043
+ @audit_interval_seconds = args[:audit_interval_seconds] if args.key?(:audit_interval_seconds)
1044
+ @enabled = args[:enabled] if args.key?(:enabled)
1045
+ @exemptable_namespaces = args[:exemptable_namespaces] if args.key?(:exemptable_namespaces)
1046
+ @log_denies_enabled = args[:log_denies_enabled] if args.key?(:log_denies_enabled)
1047
+ @monitoring = args[:monitoring] if args.key?(:monitoring)
1048
+ @mutation_enabled = args[:mutation_enabled] if args.key?(:mutation_enabled)
1049
+ @referential_rules_enabled = args[:referential_rules_enabled] if args.key?(:referential_rules_enabled)
1050
+ @template_library_installed = args[:template_library_installed] if args.key?(:template_library_installed)
1051
+ @update_time = args[:update_time] if args.key?(:update_time)
1052
+ end
1053
+ end
1054
+
1055
+ # State for the migration of PolicyController from ACM -> PoCo Hub.
1056
+ class ConfigManagementPolicyControllerMigration
1057
+ include Google::Apis::Core::Hashable
1058
+
1059
+ # Last time this membership spec was copied to PoCo feature.
1060
+ # Corresponds to the JSON property `copyTime`
1061
+ # @return [String]
1062
+ attr_accessor :copy_time
1063
+
1064
+ # Stage of the migration.
1065
+ # Corresponds to the JSON property `stage`
1066
+ # @return [String]
1067
+ attr_accessor :stage
1068
+
1069
+ def initialize(**args)
1070
+ update!(**args)
1071
+ end
1072
+
1073
+ # Update properties of this object
1074
+ def update!(**args)
1075
+ @copy_time = args[:copy_time] if args.key?(:copy_time)
1076
+ @stage = args[:stage] if args.key?(:stage)
1077
+ end
1078
+ end
1079
+
1080
+ # PolicyControllerMonitoring specifies the backends Policy Controller should
1081
+ # export metrics to. For example, to specify metrics should be exported to Cloud
1082
+ # Monitoring and Prometheus, specify backends: ["cloudmonitoring", "prometheus"]
1083
+ class ConfigManagementPolicyControllerMonitoring
1084
+ include Google::Apis::Core::Hashable
1085
+
1086
+ # Specifies the list of backends Policy Controller will export to. An empty list
1087
+ # would effectively disable metrics export.
1088
+ # Corresponds to the JSON property `backends`
1089
+ # @return [Array<String>]
1090
+ attr_accessor :backends
1091
+
1092
+ def initialize(**args)
1093
+ update!(**args)
1094
+ end
1095
+
1096
+ # Update properties of this object
1097
+ def update!(**args)
1098
+ @backends = args[:backends] if args.key?(:backends)
1099
+ end
1100
+ end
1101
+
1102
+ # State for PolicyControllerState.
1103
+ class ConfigManagementPolicyControllerState
1104
+ include Google::Apis::Core::Hashable
1105
+
1106
+ # State of Policy Controller installation.
1107
+ # Corresponds to the JSON property `deploymentState`
1108
+ # @return [Google::Apis::GkehubV2alpha::ConfigManagementGatekeeperDeploymentState]
1109
+ attr_accessor :deployment_state
1110
+
1111
+ # State for the migration of PolicyController from ACM -> PoCo Hub.
1112
+ # Corresponds to the JSON property `migration`
1113
+ # @return [Google::Apis::GkehubV2alpha::ConfigManagementPolicyControllerMigration]
1114
+ attr_accessor :migration
1115
+
1116
+ # The build version of Gatekeeper Policy Controller is using.
1117
+ # Corresponds to the JSON property `version`
1118
+ # @return [Google::Apis::GkehubV2alpha::ConfigManagementPolicyControllerVersion]
1119
+ attr_accessor :version
1120
+
1121
+ def initialize(**args)
1122
+ update!(**args)
1123
+ end
1124
+
1125
+ # Update properties of this object
1126
+ def update!(**args)
1127
+ @deployment_state = args[:deployment_state] if args.key?(:deployment_state)
1128
+ @migration = args[:migration] if args.key?(:migration)
1129
+ @version = args[:version] if args.key?(:version)
1130
+ end
1131
+ end
1132
+
1133
+ # The build version of Gatekeeper Policy Controller is using.
1134
+ class ConfigManagementPolicyControllerVersion
1135
+ include Google::Apis::Core::Hashable
1136
+
1137
+ # The gatekeeper image tag that is composed of ACM version, git tag, build
1138
+ # number.
1139
+ # Corresponds to the JSON property `version`
1140
+ # @return [String]
1141
+ attr_accessor :version
1142
+
1143
+ def initialize(**args)
1144
+ update!(**args)
1145
+ end
1146
+
1147
+ # Update properties of this object
1148
+ def update!(**args)
1149
+ @version = args[:version] if args.key?(:version)
1150
+ end
1151
+ end
1152
+
1153
+ # **Anthos Config Management**: Configuration for a single cluster. Intended to
1154
+ # parallel the ConfigManagement CR.
1155
+ class ConfigManagementSpec
1156
+ include Google::Apis::Core::Hashable
1157
+
1158
+ # Configuration for Binauthz.
1159
+ # Corresponds to the JSON property `binauthz`
1160
+ # @return [Google::Apis::GkehubV2alpha::ConfigManagementBinauthzConfig]
1161
+ attr_accessor :binauthz
1162
+
1163
+ # The user-specified cluster name used by Config Sync cluster-name-selector
1164
+ # annotation or ClusterSelector, for applying configs to only a subset of
1165
+ # clusters. Omit this field if the cluster's fleet membership name is used by
1166
+ # Config Sync cluster-name-selector annotation or ClusterSelector. Set this
1167
+ # field if a name different from the cluster's fleet membership name is used by
1168
+ # Config Sync cluster-name-selector annotation or ClusterSelector.
1169
+ # Corresponds to the JSON property `cluster`
1170
+ # @return [String]
1171
+ attr_accessor :cluster
1172
+
1173
+ # Configuration for Config Sync
1174
+ # Corresponds to the JSON property `configSync`
1175
+ # @return [Google::Apis::GkehubV2alpha::ConfigManagementConfigSync]
1176
+ attr_accessor :config_sync
1177
+
1178
+ # Configuration for Hierarchy Controller.
1179
+ # Corresponds to the JSON property `hierarchyController`
1180
+ # @return [Google::Apis::GkehubV2alpha::ConfigManagementHierarchyControllerConfig]
1181
+ attr_accessor :hierarchy_controller
1182
+
1183
+ # Enables automatic Feature management.
1184
+ # Corresponds to the JSON property `management`
1185
+ # @return [String]
1186
+ attr_accessor :management
1187
+
1188
+ # Configuration for Policy Controller
1189
+ # Corresponds to the JSON property `policyController`
1190
+ # @return [Google::Apis::GkehubV2alpha::ConfigManagementPolicyController]
1191
+ attr_accessor :policy_controller
1192
+
1193
+ # Version of ACM installed.
1194
+ # Corresponds to the JSON property `version`
1195
+ # @return [String]
1196
+ attr_accessor :version
1197
+
1198
+ def initialize(**args)
1199
+ update!(**args)
1200
+ end
1201
+
1202
+ # Update properties of this object
1203
+ def update!(**args)
1204
+ @binauthz = args[:binauthz] if args.key?(:binauthz)
1205
+ @cluster = args[:cluster] if args.key?(:cluster)
1206
+ @config_sync = args[:config_sync] if args.key?(:config_sync)
1207
+ @hierarchy_controller = args[:hierarchy_controller] if args.key?(:hierarchy_controller)
1208
+ @management = args[:management] if args.key?(:management)
1209
+ @policy_controller = args[:policy_controller] if args.key?(:policy_controller)
1210
+ @version = args[:version] if args.key?(:version)
1211
+ end
1212
+ end
1213
+
1214
+ # **Anthos Config Management**: State for a single cluster.
1215
+ class ConfigManagementState
1216
+ include Google::Apis::Core::Hashable
1217
+
1218
+ # State for Binauthz.
1219
+ # Corresponds to the JSON property `binauthzState`
1220
+ # @return [Google::Apis::GkehubV2alpha::ConfigManagementBinauthzState]
1221
+ attr_accessor :binauthz_state
1222
+
1223
+ # This field is set to the `cluster_name` field of the Membership Spec if it is
1224
+ # not empty. Otherwise, it is set to the cluster's fleet membership name.
1225
+ # Corresponds to the JSON property `clusterName`
1226
+ # @return [String]
1227
+ attr_accessor :cluster_name
1228
+
1229
+ # State information for ConfigSync.
1230
+ # Corresponds to the JSON property `configSyncState`
1231
+ # @return [Google::Apis::GkehubV2alpha::ConfigManagementConfigSyncState]
1232
+ attr_accessor :config_sync_state
1233
+
1234
+ # State for Hierarchy Controller.
1235
+ # Corresponds to the JSON property `hierarchyControllerState`
1236
+ # @return [Google::Apis::GkehubV2alpha::ConfigManagementHierarchyControllerState]
1237
+ attr_accessor :hierarchy_controller_state
1238
+
1239
+ # **Anthos Config Management**: Configuration for a single cluster. Intended to
1240
+ # parallel the ConfigManagement CR.
1241
+ # Corresponds to the JSON property `membershipSpec`
1242
+ # @return [Google::Apis::GkehubV2alpha::ConfigManagementSpec]
1243
+ attr_accessor :membership_spec
1244
+
1245
+ # State information for an ACM's Operator.
1246
+ # Corresponds to the JSON property `operatorState`
1247
+ # @return [Google::Apis::GkehubV2alpha::ConfigManagementOperatorState]
1248
+ attr_accessor :operator_state
1249
+
1250
+ # State for PolicyControllerState.
1251
+ # Corresponds to the JSON property `policyControllerState`
1252
+ # @return [Google::Apis::GkehubV2alpha::ConfigManagementPolicyControllerState]
1253
+ attr_accessor :policy_controller_state
1254
+
1255
+ def initialize(**args)
1256
+ update!(**args)
1257
+ end
1258
+
1259
+ # Update properties of this object
1260
+ def update!(**args)
1261
+ @binauthz_state = args[:binauthz_state] if args.key?(:binauthz_state)
1262
+ @cluster_name = args[:cluster_name] if args.key?(:cluster_name)
1263
+ @config_sync_state = args[:config_sync_state] if args.key?(:config_sync_state)
1264
+ @hierarchy_controller_state = args[:hierarchy_controller_state] if args.key?(:hierarchy_controller_state)
1265
+ @membership_spec = args[:membership_spec] if args.key?(:membership_spec)
1266
+ @operator_state = args[:operator_state] if args.key?(:operator_state)
1267
+ @policy_controller_state = args[:policy_controller_state] if args.key?(:policy_controller_state)
1268
+ end
1269
+ end
1270
+
1271
+ # An ACM created error representing a problem syncing configurations.
1272
+ class ConfigManagementSyncError
1273
+ include Google::Apis::Core::Hashable
1274
+
1275
+ # An ACM defined error code
1276
+ # Corresponds to the JSON property `code`
1277
+ # @return [String]
1278
+ attr_accessor :code
1279
+
1280
+ # A description of the error
1281
+ # Corresponds to the JSON property `errorMessage`
1282
+ # @return [String]
1283
+ attr_accessor :error_message
1284
+
1285
+ # A list of config(s) associated with the error, if any
1286
+ # Corresponds to the JSON property `errorResources`
1287
+ # @return [Array<Google::Apis::GkehubV2alpha::ConfigManagementErrorResource>]
1288
+ attr_accessor :error_resources
1289
+
1290
+ def initialize(**args)
1291
+ update!(**args)
1292
+ end
1293
+
1294
+ # Update properties of this object
1295
+ def update!(**args)
1296
+ @code = args[:code] if args.key?(:code)
1297
+ @error_message = args[:error_message] if args.key?(:error_message)
1298
+ @error_resources = args[:error_resources] if args.key?(:error_resources)
1299
+ end
1300
+ end
1301
+
1302
+ # State indicating an ACM's progress syncing configurations to a cluster.
1303
+ class ConfigManagementSyncState
1304
+ include Google::Apis::Core::Hashable
1305
+
1306
+ # Sync status code.
1307
+ # Corresponds to the JSON property `code`
1308
+ # @return [String]
1309
+ attr_accessor :code
1310
+
1311
+ # A list of errors resulting from problematic configs. This list will be
1312
+ # truncated after 100 errors, although it is unlikely for that many errors to
1313
+ # simultaneously exist.
1314
+ # Corresponds to the JSON property `errors`
1315
+ # @return [Array<Google::Apis::GkehubV2alpha::ConfigManagementSyncError>]
1316
+ attr_accessor :errors
1317
+
1318
+ # Token indicating the state of the importer.
1319
+ # Corresponds to the JSON property `importToken`
1320
+ # @return [String]
1321
+ attr_accessor :import_token
1322
+
1323
+ # Deprecated: use last_sync_time instead. Timestamp of when ACM last
1324
+ # successfully synced the repo. The time format is specified in https://golang.
1325
+ # org/pkg/time/#Time.String
1326
+ # Corresponds to the JSON property `lastSync`
1327
+ # @return [String]
1328
+ attr_accessor :last_sync
1329
+
1330
+ # Timestamp type of when ACM last successfully synced the repo.
1331
+ # Corresponds to the JSON property `lastSyncTime`
1332
+ # @return [String]
1333
+ attr_accessor :last_sync_time
1334
+
1335
+ # Token indicating the state of the repo.
1336
+ # Corresponds to the JSON property `sourceToken`
1337
+ # @return [String]
1338
+ attr_accessor :source_token
1339
+
1340
+ # Token indicating the state of the syncer.
1341
+ # Corresponds to the JSON property `syncToken`
1342
+ # @return [String]
1343
+ attr_accessor :sync_token
1344
+
1345
+ def initialize(**args)
1346
+ update!(**args)
1347
+ end
1348
+
1349
+ # Update properties of this object
1350
+ def update!(**args)
1351
+ @code = args[:code] if args.key?(:code)
1352
+ @errors = args[:errors] if args.key?(:errors)
1353
+ @import_token = args[:import_token] if args.key?(:import_token)
1354
+ @last_sync = args[:last_sync] if args.key?(:last_sync)
1355
+ @last_sync_time = args[:last_sync_time] if args.key?(:last_sync_time)
1356
+ @source_token = args[:source_token] if args.key?(:source_token)
1357
+ @sync_token = args[:sync_token] if args.key?(:sync_token)
1358
+ end
1359
+ end
1360
+
1361
+ # A generic empty message that you can re-use to avoid defining duplicated empty
1362
+ # messages in your APIs. A typical example is to use it as the request or the
1363
+ # response type of an API method. For instance: service Foo ` rpc Bar(google.
1364
+ # protobuf.Empty) returns (google.protobuf.Empty); `
1365
+ class Empty
1366
+ include Google::Apis::Core::Hashable
1367
+
1368
+ def initialize(**args)
1369
+ update!(**args)
1370
+ end
1371
+
1372
+ # Update properties of this object
1373
+ def update!(**args)
1374
+ end
1375
+ end
1376
+
1377
+ # FeatureSpec contains user input per-feature spec information.
1378
+ class FeatureSpec
1379
+ include Google::Apis::Core::Hashable
1380
+
1381
+ # **Cloud Build**: Configurations for each Cloud Build enabled cluster.
1382
+ # Corresponds to the JSON property `cloudbuild`
1383
+ # @return [Google::Apis::GkehubV2alpha::CloudBuildSpec]
1384
+ attr_accessor :cloudbuild
1385
+
1386
+ # **Anthos Config Management**: Configuration for a single cluster. Intended to
1387
+ # parallel the ConfigManagement CR.
1388
+ # Corresponds to the JSON property `configmanagement`
1389
+ # @return [Google::Apis::GkehubV2alpha::ConfigManagementSpec]
1390
+ attr_accessor :configmanagement
1391
+
1392
+ # **IdentityService**: Configuration for a single membership.
1393
+ # Corresponds to the JSON property `identityservice`
1394
+ # @return [Google::Apis::GkehubV2alpha::IdentityServiceSpec]
1395
+ attr_accessor :identityservice
1396
+
1397
+ # Origin defines where this FeatureSpec originated from.
1398
+ # Corresponds to the JSON property `origin`
1399
+ # @return [Google::Apis::GkehubV2alpha::Origin]
1400
+ attr_accessor :origin
1401
+
1402
+ # **Policy Controller**: Configuration for a single cluster. Intended to
1403
+ # parallel the PolicyController CR.
1404
+ # Corresponds to the JSON property `policycontroller`
1405
+ # @return [Google::Apis::GkehubV2alpha::PolicyControllerSpec]
1406
+ attr_accessor :policycontroller
1407
+
1408
+ # **Service Mesh**: Spec for a single Membership for the servicemesh feature
1409
+ # Corresponds to the JSON property `servicemesh`
1410
+ # @return [Google::Apis::GkehubV2alpha::ServiceMeshSpec]
1411
+ attr_accessor :servicemesh
1412
+
1413
+ # **WorkloadCertificate**: The membership-specific input for WorkloadCertificate
1414
+ # feature.
1415
+ # Corresponds to the JSON property `workloadcertificate`
1416
+ # @return [Google::Apis::GkehubV2alpha::WorkloadCertificateSpec]
1417
+ attr_accessor :workloadcertificate
1418
+
1419
+ def initialize(**args)
1420
+ update!(**args)
1421
+ end
1422
+
1423
+ # Update properties of this object
1424
+ def update!(**args)
1425
+ @cloudbuild = args[:cloudbuild] if args.key?(:cloudbuild)
1426
+ @configmanagement = args[:configmanagement] if args.key?(:configmanagement)
1427
+ @identityservice = args[:identityservice] if args.key?(:identityservice)
1428
+ @origin = args[:origin] if args.key?(:origin)
1429
+ @policycontroller = args[:policycontroller] if args.key?(:policycontroller)
1430
+ @servicemesh = args[:servicemesh] if args.key?(:servicemesh)
1431
+ @workloadcertificate = args[:workloadcertificate] if args.key?(:workloadcertificate)
1432
+ end
1433
+ end
1434
+
1435
+ # FeatureState contains high-level state information and per-feature state
1436
+ # information for this MembershipFeature.
1437
+ class FeatureState
1438
+ include Google::Apis::Core::Hashable
1439
+
1440
+ # State for App Dev Exp Feature.
1441
+ # Corresponds to the JSON property `appdevexperience`
1442
+ # @return [Google::Apis::GkehubV2alpha::AppDevExperienceState]
1443
+ attr_accessor :appdevexperience
1444
+
1445
+ # Per-membership state for this feature.
1446
+ # Corresponds to the JSON property `clusterupgrade`
1447
+ # @return [Google::Apis::GkehubV2alpha::ClusterUpgradeState]
1448
+ attr_accessor :clusterupgrade
1449
+
1450
+ # **Anthos Config Management**: State for a single cluster.
1451
+ # Corresponds to the JSON property `configmanagement`
1452
+ # @return [Google::Apis::GkehubV2alpha::ConfigManagementState]
1453
+ attr_accessor :configmanagement
1454
+
1455
+ # **IdentityService**: State for a single membership, analyzed and reported by
1456
+ # feature controller.
1457
+ # Corresponds to the JSON property `identityservice`
1458
+ # @return [Google::Apis::GkehubV2alpha::IdentityServiceState]
1459
+ attr_accessor :identityservice
1460
+
1461
+ # **Metering**: State for a single membership, analyzed and reported by feature
1462
+ # controller.
1463
+ # Corresponds to the JSON property `metering`
1464
+ # @return [Google::Apis::GkehubV2alpha::MeteringState]
1465
+ attr_accessor :metering
1466
+
1467
+ # **Policy Controller**: State for a single cluster.
1468
+ # Corresponds to the JSON property `policycontroller`
1469
+ # @return [Google::Apis::GkehubV2alpha::PolicyControllerState]
1470
+ attr_accessor :policycontroller
1471
+
1472
+ # **Service Mesh**: State for a single Membership, as analyzed by the Service
1473
+ # Mesh Hub Controller.
1474
+ # Corresponds to the JSON property `servicemesh`
1475
+ # @return [Google::Apis::GkehubV2alpha::ServiceMeshState]
1476
+ attr_accessor :servicemesh
1477
+
1478
+ # High-level state of a MembershipFeature.
1479
+ # Corresponds to the JSON property `state`
1480
+ # @return [Google::Apis::GkehubV2alpha::State]
1481
+ attr_accessor :state
1482
+
1483
+ def initialize(**args)
1484
+ update!(**args)
1485
+ end
1486
+
1487
+ # Update properties of this object
1488
+ def update!(**args)
1489
+ @appdevexperience = args[:appdevexperience] if args.key?(:appdevexperience)
1490
+ @clusterupgrade = args[:clusterupgrade] if args.key?(:clusterupgrade)
1491
+ @configmanagement = args[:configmanagement] if args.key?(:configmanagement)
1492
+ @identityservice = args[:identityservice] if args.key?(:identityservice)
1493
+ @metering = args[:metering] if args.key?(:metering)
1494
+ @policycontroller = args[:policycontroller] if args.key?(:policycontroller)
1495
+ @servicemesh = args[:servicemesh] if args.key?(:servicemesh)
1496
+ @state = args[:state] if args.key?(:state)
1497
+ end
1498
+ end
1499
+
1500
+ # The `Status` type defines a logical error model that is suitable for different
1501
+ # programming environments, including REST APIs and RPC APIs. It is used by [
1502
+ # gRPC](https://github.com/grpc). Each `Status` message contains three pieces of
1503
+ # data: error code, error message, and error details. You can find out more
1504
+ # about this error model and how to work with it in the [API Design Guide](https:
1505
+ # //cloud.google.com/apis/design/errors).
1506
+ class GoogleRpcStatus
1507
+ include Google::Apis::Core::Hashable
1508
+
1509
+ # The status code, which should be an enum value of google.rpc.Code.
1510
+ # Corresponds to the JSON property `code`
1511
+ # @return [Fixnum]
1512
+ attr_accessor :code
1513
+
1514
+ # A list of messages that carry the error details. There is a common set of
1515
+ # message types for APIs to use.
1516
+ # Corresponds to the JSON property `details`
1517
+ # @return [Array<Hash<String,Object>>]
1518
+ attr_accessor :details
1519
+
1520
+ # A developer-facing error message, which should be in English. Any user-facing
1521
+ # error message should be localized and sent in the google.rpc.Status.details
1522
+ # field, or localized by the client.
1523
+ # Corresponds to the JSON property `message`
1524
+ # @return [String]
1525
+ attr_accessor :message
1526
+
1527
+ def initialize(**args)
1528
+ update!(**args)
1529
+ end
1530
+
1531
+ # Update properties of this object
1532
+ def update!(**args)
1533
+ @code = args[:code] if args.key?(:code)
1534
+ @details = args[:details] if args.key?(:details)
1535
+ @message = args[:message] if args.key?(:message)
1536
+ end
1537
+ end
1538
+
1539
+ # Configuration of an auth method for a member/cluster. Only one authentication
1540
+ # method (e.g., OIDC and LDAP) can be set per AuthMethod.
1541
+ class IdentityServiceAuthMethod
1542
+ include Google::Apis::Core::Hashable
1543
+
1544
+ # Configuration for the AzureAD Auth flow.
1545
+ # Corresponds to the JSON property `azureadConfig`
1546
+ # @return [Google::Apis::GkehubV2alpha::IdentityServiceAzureAdConfig]
1547
+ attr_accessor :azuread_config
1548
+
1549
+ # Configuration for the Google Plugin Auth flow.
1550
+ # Corresponds to the JSON property `googleConfig`
1551
+ # @return [Google::Apis::GkehubV2alpha::IdentityServiceGoogleConfig]
1552
+ attr_accessor :google_config
1553
+
1554
+ # Configuration for the LDAP Auth flow.
1555
+ # Corresponds to the JSON property `ldapConfig`
1556
+ # @return [Google::Apis::GkehubV2alpha::IdentityServiceLdapConfig]
1557
+ attr_accessor :ldap_config
1558
+
1559
+ # Identifier for auth config.
1560
+ # Corresponds to the JSON property `name`
1561
+ # @return [String]
1562
+ attr_accessor :name
1563
+
1564
+ # Configuration for OIDC Auth flow.
1565
+ # Corresponds to the JSON property `oidcConfig`
1566
+ # @return [Google::Apis::GkehubV2alpha::IdentityServiceOidcConfig]
1567
+ attr_accessor :oidc_config
1568
+
1569
+ # Proxy server address to use for auth method.
1570
+ # Corresponds to the JSON property `proxy`
1571
+ # @return [String]
1572
+ attr_accessor :proxy
1573
+
1574
+ # Configuration for the SAML Auth flow.
1575
+ # Corresponds to the JSON property `samlConfig`
1576
+ # @return [Google::Apis::GkehubV2alpha::IdentityServiceSamlConfig]
1577
+ attr_accessor :saml_config
1578
+
1579
+ def initialize(**args)
1580
+ update!(**args)
1581
+ end
1582
+
1583
+ # Update properties of this object
1584
+ def update!(**args)
1585
+ @azuread_config = args[:azuread_config] if args.key?(:azuread_config)
1586
+ @google_config = args[:google_config] if args.key?(:google_config)
1587
+ @ldap_config = args[:ldap_config] if args.key?(:ldap_config)
1588
+ @name = args[:name] if args.key?(:name)
1589
+ @oidc_config = args[:oidc_config] if args.key?(:oidc_config)
1590
+ @proxy = args[:proxy] if args.key?(:proxy)
1591
+ @saml_config = args[:saml_config] if args.key?(:saml_config)
1592
+ end
1593
+ end
1594
+
1595
+ # Configuration for the AzureAD Auth flow.
1596
+ class IdentityServiceAzureAdConfig
1597
+ include Google::Apis::Core::Hashable
1598
+
1599
+ # ID for the registered client application that makes authentication requests to
1600
+ # the Azure AD identity provider.
1601
+ # Corresponds to the JSON property `clientId`
1602
+ # @return [String]
1603
+ attr_accessor :client_id
1604
+
1605
+ # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub
1606
+ # CLH.
1607
+ # Corresponds to the JSON property `clientSecret`
1608
+ # @return [String]
1609
+ attr_accessor :client_secret
1610
+
1611
+ # Output only. Encrypted AzureAD client secret.
1612
+ # Corresponds to the JSON property `encryptedClientSecret`
1613
+ # NOTE: Values are automatically base64 encoded/decoded in the client library.
1614
+ # @return [String]
1615
+ attr_accessor :encrypted_client_secret
1616
+
1617
+ # Optional. Format of the AzureAD groups that the client wants for auth.
1618
+ # Corresponds to the JSON property `groupFormat`
1619
+ # @return [String]
1620
+ attr_accessor :group_format
1621
+
1622
+ # The redirect URL that kubectl uses for authorization.
1623
+ # Corresponds to the JSON property `kubectlRedirectUri`
1624
+ # @return [String]
1625
+ attr_accessor :kubectl_redirect_uri
1626
+
1627
+ # Kind of Azure AD account to be authenticated. Supported values are or for
1628
+ # accounts belonging to a specific tenant.
1629
+ # Corresponds to the JSON property `tenant`
1630
+ # @return [String]
1631
+ attr_accessor :tenant
1632
+
1633
+ # Optional. Claim in the AzureAD ID Token that holds the user details.
1634
+ # Corresponds to the JSON property `userClaim`
1635
+ # @return [String]
1636
+ attr_accessor :user_claim
1637
+
1638
+ def initialize(**args)
1639
+ update!(**args)
1640
+ end
1641
+
1642
+ # Update properties of this object
1643
+ def update!(**args)
1644
+ @client_id = args[:client_id] if args.key?(:client_id)
1645
+ @client_secret = args[:client_secret] if args.key?(:client_secret)
1646
+ @encrypted_client_secret = args[:encrypted_client_secret] if args.key?(:encrypted_client_secret)
1647
+ @group_format = args[:group_format] if args.key?(:group_format)
1648
+ @kubectl_redirect_uri = args[:kubectl_redirect_uri] if args.key?(:kubectl_redirect_uri)
1649
+ @tenant = args[:tenant] if args.key?(:tenant)
1650
+ @user_claim = args[:user_claim] if args.key?(:user_claim)
1651
+ end
1652
+ end
1653
+
1654
+ # Configuration options for the AIS diagnostic interface.
1655
+ class IdentityServiceDiagnosticInterface
1656
+ include Google::Apis::Core::Hashable
1657
+
1658
+ # Determines whether to enable the diagnostic interface.
1659
+ # Corresponds to the JSON property `enabled`
1660
+ # @return [Boolean]
1661
+ attr_accessor :enabled
1662
+ alias_method :enabled?, :enabled
1663
+
1664
+ # Determines the expiration time of the diagnostic interface enablement. When
1665
+ # reached, requests to the interface would be automatically rejected.
1666
+ # Corresponds to the JSON property `expirationTime`
1667
+ # @return [String]
1668
+ attr_accessor :expiration_time
1669
+
1670
+ def initialize(**args)
1671
+ update!(**args)
1672
+ end
1673
+
1674
+ # Update properties of this object
1675
+ def update!(**args)
1676
+ @enabled = args[:enabled] if args.key?(:enabled)
1677
+ @expiration_time = args[:expiration_time] if args.key?(:expiration_time)
1678
+ end
1679
+ end
1680
+
1681
+ # Configuration for the Google Plugin Auth flow.
1682
+ class IdentityServiceGoogleConfig
1683
+ include Google::Apis::Core::Hashable
1684
+
1685
+ # Disable automatic configuration of Google Plugin on supported platforms.
1686
+ # Corresponds to the JSON property `disable`
1687
+ # @return [Boolean]
1688
+ attr_accessor :disable
1689
+ alias_method :disable?, :disable
1690
+
1691
+ def initialize(**args)
1692
+ update!(**args)
1693
+ end
1694
+
1695
+ # Update properties of this object
1696
+ def update!(**args)
1697
+ @disable = args[:disable] if args.key?(:disable)
1698
+ end
1699
+ end
1700
+
1701
+ # Contains the properties for locating and authenticating groups in the
1702
+ # directory.
1703
+ class IdentityServiceGroupConfig
1704
+ include Google::Apis::Core::Hashable
1705
+
1706
+ # Required. The location of the subtree in the LDAP directory to search for
1707
+ # group entries.
1708
+ # Corresponds to the JSON property `baseDn`
1709
+ # @return [String]
1710
+ attr_accessor :base_dn
1711
+
1712
+ # Optional. Optional filter to be used when searching for groups a user belongs
1713
+ # to. This can be used to explicitly match only certain groups in order to
1714
+ # reduce the amount of groups returned for each user. This defaults to "(
1715
+ # objectClass=Group)".
1716
+ # Corresponds to the JSON property `filter`
1717
+ # @return [String]
1718
+ attr_accessor :filter
1719
+
1720
+ # Optional. The identifying name of each group a user belongs to. For example,
1721
+ # if this is set to "distinguishedName" then RBACs and other group expectations
1722
+ # should be written as full DNs. This defaults to "distinguishedName".
1723
+ # Corresponds to the JSON property `idAttribute`
1724
+ # @return [String]
1725
+ attr_accessor :id_attribute
1726
+
1727
+ def initialize(**args)
1728
+ update!(**args)
1729
+ end
1730
+
1731
+ # Update properties of this object
1732
+ def update!(**args)
1733
+ @base_dn = args[:base_dn] if args.key?(:base_dn)
1734
+ @filter = args[:filter] if args.key?(:filter)
1735
+ @id_attribute = args[:id_attribute] if args.key?(:id_attribute)
1736
+ end
1737
+ end
1738
+
1739
+ # Holds non-protocol-related configuration options.
1740
+ class IdentityServiceIdentityServiceOptions
1741
+ include Google::Apis::Core::Hashable
1742
+
1743
+ # Configuration options for the AIS diagnostic interface.
1744
+ # Corresponds to the JSON property `diagnosticInterface`
1745
+ # @return [Google::Apis::GkehubV2alpha::IdentityServiceDiagnosticInterface]
1746
+ attr_accessor :diagnostic_interface
1747
+
1748
+ # Determines the lifespan of STS tokens issued by Anthos Identity Service.
1749
+ # Corresponds to the JSON property `sessionDuration`
1750
+ # @return [String]
1751
+ attr_accessor :session_duration
1752
+
1753
+ def initialize(**args)
1754
+ update!(**args)
1755
+ end
1756
+
1757
+ # Update properties of this object
1758
+ def update!(**args)
1759
+ @diagnostic_interface = args[:diagnostic_interface] if args.key?(:diagnostic_interface)
1760
+ @session_duration = args[:session_duration] if args.key?(:session_duration)
1761
+ end
1762
+ end
1763
+
1764
+ # Configuration for the LDAP Auth flow.
1765
+ class IdentityServiceLdapConfig
1766
+ include Google::Apis::Core::Hashable
1767
+
1768
+ # Contains the properties for locating and authenticating groups in the
1769
+ # directory.
1770
+ # Corresponds to the JSON property `group`
1771
+ # @return [Google::Apis::GkehubV2alpha::IdentityServiceGroupConfig]
1772
+ attr_accessor :group
1773
+
1774
+ # Server settings for the external LDAP server.
1775
+ # Corresponds to the JSON property `server`
1776
+ # @return [Google::Apis::GkehubV2alpha::IdentityServiceServerConfig]
1777
+ attr_accessor :server
1778
+
1779
+ # Contains the credentials of the service account which is authorized to perform
1780
+ # the LDAP search in the directory. The credentials can be supplied by the
1781
+ # combination of the DN and password or the client certificate.
1782
+ # Corresponds to the JSON property `serviceAccount`
1783
+ # @return [Google::Apis::GkehubV2alpha::IdentityServiceServiceAccountConfig]
1784
+ attr_accessor :service_account
1785
+
1786
+ # Defines where users exist in the LDAP directory.
1787
+ # Corresponds to the JSON property `user`
1788
+ # @return [Google::Apis::GkehubV2alpha::IdentityServiceUserConfig]
1789
+ attr_accessor :user
1790
+
1791
+ def initialize(**args)
1792
+ update!(**args)
1793
+ end
1794
+
1795
+ # Update properties of this object
1796
+ def update!(**args)
1797
+ @group = args[:group] if args.key?(:group)
1798
+ @server = args[:server] if args.key?(:server)
1799
+ @service_account = args[:service_account] if args.key?(:service_account)
1800
+ @user = args[:user] if args.key?(:user)
1801
+ end
1802
+ end
1803
+
1804
+ # Configuration for OIDC Auth flow.
1805
+ class IdentityServiceOidcConfig
1806
+ include Google::Apis::Core::Hashable
1807
+
1808
+ # PEM-encoded CA for OIDC provider.
1809
+ # Corresponds to the JSON property `certificateAuthorityData`
1810
+ # @return [String]
1811
+ attr_accessor :certificate_authority_data
1812
+
1813
+ # ID for OIDC client application.
1814
+ # Corresponds to the JSON property `clientId`
1815
+ # @return [String]
1816
+ attr_accessor :client_id
1817
+
1818
+ # Input only. Unencrypted OIDC client secret will be passed to the GKE Hub CLH.
1819
+ # Corresponds to the JSON property `clientSecret`
1820
+ # @return [String]
1821
+ attr_accessor :client_secret
1822
+
1823
+ # Flag to denote if reverse proxy is used to connect to auth provider. This flag
1824
+ # should be set to true when provider is not reachable by Google Cloud Console.
1825
+ # Corresponds to the JSON property `deployCloudConsoleProxy`
1826
+ # @return [Boolean]
1827
+ attr_accessor :deploy_cloud_console_proxy
1828
+ alias_method :deploy_cloud_console_proxy?, :deploy_cloud_console_proxy
1829
+
1830
+ # Enable access token.
1831
+ # Corresponds to the JSON property `enableAccessToken`
1832
+ # @return [Boolean]
1833
+ attr_accessor :enable_access_token
1834
+ alias_method :enable_access_token?, :enable_access_token
1835
+
1836
+ # Output only. Encrypted OIDC Client secret
1837
+ # Corresponds to the JSON property `encryptedClientSecret`
1838
+ # NOTE: Values are automatically base64 encoded/decoded in the client library.
1839
+ # @return [String]
1840
+ attr_accessor :encrypted_client_secret
1841
+
1842
+ # Comma-separated list of key-value pairs.
1843
+ # Corresponds to the JSON property `extraParams`
1844
+ # @return [String]
1845
+ attr_accessor :extra_params
1846
+
1847
+ # Prefix to prepend to group name.
1848
+ # Corresponds to the JSON property `groupPrefix`
1849
+ # @return [String]
1850
+ attr_accessor :group_prefix
1851
+
1852
+ # Claim in OIDC ID token that holds group information.
1853
+ # Corresponds to the JSON property `groupsClaim`
1854
+ # @return [String]
1855
+ attr_accessor :groups_claim
1856
+
1857
+ # URI for the OIDC provider. This should point to the level below .well-known/
1858
+ # openid-configuration.
1859
+ # Corresponds to the JSON property `issuerUri`
1860
+ # @return [String]
1861
+ attr_accessor :issuer_uri
1862
+
1863
+ # Registered redirect uri to redirect users going through OAuth flow using
1864
+ # kubectl plugin.
1865
+ # Corresponds to the JSON property `kubectlRedirectUri`
1866
+ # @return [String]
1867
+ attr_accessor :kubectl_redirect_uri
1868
+
1869
+ # Comma-separated list of identifiers.
1870
+ # Corresponds to the JSON property `scopes`
1871
+ # @return [String]
1872
+ attr_accessor :scopes
1873
+
1874
+ # Claim in OIDC ID token that holds username.
1875
+ # Corresponds to the JSON property `userClaim`
1876
+ # @return [String]
1877
+ attr_accessor :user_claim
1878
+
1879
+ # Prefix to prepend to user name.
1880
+ # Corresponds to the JSON property `userPrefix`
1881
+ # @return [String]
1882
+ attr_accessor :user_prefix
1883
+
1884
+ def initialize(**args)
1885
+ update!(**args)
1886
+ end
1887
+
1888
+ # Update properties of this object
1889
+ def update!(**args)
1890
+ @certificate_authority_data = args[:certificate_authority_data] if args.key?(:certificate_authority_data)
1891
+ @client_id = args[:client_id] if args.key?(:client_id)
1892
+ @client_secret = args[:client_secret] if args.key?(:client_secret)
1893
+ @deploy_cloud_console_proxy = args[:deploy_cloud_console_proxy] if args.key?(:deploy_cloud_console_proxy)
1894
+ @enable_access_token = args[:enable_access_token] if args.key?(:enable_access_token)
1895
+ @encrypted_client_secret = args[:encrypted_client_secret] if args.key?(:encrypted_client_secret)
1896
+ @extra_params = args[:extra_params] if args.key?(:extra_params)
1897
+ @group_prefix = args[:group_prefix] if args.key?(:group_prefix)
1898
+ @groups_claim = args[:groups_claim] if args.key?(:groups_claim)
1899
+ @issuer_uri = args[:issuer_uri] if args.key?(:issuer_uri)
1900
+ @kubectl_redirect_uri = args[:kubectl_redirect_uri] if args.key?(:kubectl_redirect_uri)
1901
+ @scopes = args[:scopes] if args.key?(:scopes)
1902
+ @user_claim = args[:user_claim] if args.key?(:user_claim)
1903
+ @user_prefix = args[:user_prefix] if args.key?(:user_prefix)
1904
+ end
1905
+ end
1906
+
1907
+ # Configuration for the SAML Auth flow.
1908
+ class IdentityServiceSamlConfig
1909
+ include Google::Apis::Core::Hashable
1910
+
1911
+ # Optional. The mapping of additional user attributes like nickname, birthday
1912
+ # and address etc.. `key` is the name of this additional attribute. `value` is a
1913
+ # string presenting as CEL(common expression language, go/cel) used for getting
1914
+ # the value from the resources. Take nickname as an example, in this case, `key`
1915
+ # is "attribute.nickname" and `value` is "assertion.nickname".
1916
+ # Corresponds to the JSON property `attributeMapping`
1917
+ # @return [Hash<String,String>]
1918
+ attr_accessor :attribute_mapping
1919
+
1920
+ # Optional. Prefix to prepend to group name.
1921
+ # Corresponds to the JSON property `groupPrefix`
1922
+ # @return [String]
1923
+ attr_accessor :group_prefix
1924
+
1925
+ # Optional. The SAML attribute to read groups from. This value is expected to be
1926
+ # a string and will be passed along as-is (with the option of being prefixed by
1927
+ # the `group_prefix`).
1928
+ # Corresponds to the JSON property `groupsAttribute`
1929
+ # @return [String]
1930
+ attr_accessor :groups_attribute
1931
+
1932
+ # Required. The list of IdP certificates to validate the SAML response against.
1933
+ # Corresponds to the JSON property `identityProviderCertificates`
1934
+ # @return [Array<String>]
1935
+ attr_accessor :identity_provider_certificates
1936
+
1937
+ # Required. The entity ID of the SAML IdP.
1938
+ # Corresponds to the JSON property `identityProviderId`
1939
+ # @return [String]
1940
+ attr_accessor :identity_provider_id
1941
+
1942
+ # Required. The URI where the SAML IdP exposes the SSO service.
1943
+ # Corresponds to the JSON property `identityProviderSsoUri`
1944
+ # @return [String]
1945
+ attr_accessor :identity_provider_sso_uri
1946
+
1947
+ # Optional. The SAML attribute to read username from. If unspecified, the
1948
+ # username will be read from the NameID element of the assertion in SAML
1949
+ # response. This value is expected to be a string and will be passed along as-is
1950
+ # (with the option of being prefixed by the `user_prefix`).
1951
+ # Corresponds to the JSON property `userAttribute`
1952
+ # @return [String]
1953
+ attr_accessor :user_attribute
1954
+
1955
+ # Optional. Prefix to prepend to user name.
1956
+ # Corresponds to the JSON property `userPrefix`
1957
+ # @return [String]
1958
+ attr_accessor :user_prefix
1959
+
1960
+ def initialize(**args)
1961
+ update!(**args)
1962
+ end
1963
+
1964
+ # Update properties of this object
1965
+ def update!(**args)
1966
+ @attribute_mapping = args[:attribute_mapping] if args.key?(:attribute_mapping)
1967
+ @group_prefix = args[:group_prefix] if args.key?(:group_prefix)
1968
+ @groups_attribute = args[:groups_attribute] if args.key?(:groups_attribute)
1969
+ @identity_provider_certificates = args[:identity_provider_certificates] if args.key?(:identity_provider_certificates)
1970
+ @identity_provider_id = args[:identity_provider_id] if args.key?(:identity_provider_id)
1971
+ @identity_provider_sso_uri = args[:identity_provider_sso_uri] if args.key?(:identity_provider_sso_uri)
1972
+ @user_attribute = args[:user_attribute] if args.key?(:user_attribute)
1973
+ @user_prefix = args[:user_prefix] if args.key?(:user_prefix)
1974
+ end
1975
+ end
1976
+
1977
+ # Server settings for the external LDAP server.
1978
+ class IdentityServiceServerConfig
1979
+ include Google::Apis::Core::Hashable
1980
+
1981
+ # Optional. Contains a Base64 encoded, PEM formatted certificate authority
1982
+ # certificate for the LDAP server. This must be provided for the "ldaps" and "
1983
+ # startTLS" connections.
1984
+ # Corresponds to the JSON property `certificateAuthorityData`
1985
+ # NOTE: Values are automatically base64 encoded/decoded in the client library.
1986
+ # @return [String]
1987
+ attr_accessor :certificate_authority_data
1988
+
1989
+ # Optional. Defines the connection type to communicate with the LDAP server. If `
1990
+ # starttls` or `ldaps` is specified, the certificate_authority_data should not
1991
+ # be empty.
1992
+ # Corresponds to the JSON property `connectionType`
1993
+ # @return [String]
1994
+ attr_accessor :connection_type
1995
+
1996
+ # Required. Defines the hostname or IP of the LDAP server. Port is optional and
1997
+ # will default to 389, if unspecified. For example, "ldap.server.example" or "10.
1998
+ # 10.10.10:389".
1999
+ # Corresponds to the JSON property `host`
2000
+ # @return [String]
2001
+ attr_accessor :host
2002
+
2003
+ def initialize(**args)
2004
+ update!(**args)
2005
+ end
2006
+
2007
+ # Update properties of this object
2008
+ def update!(**args)
2009
+ @certificate_authority_data = args[:certificate_authority_data] if args.key?(:certificate_authority_data)
2010
+ @connection_type = args[:connection_type] if args.key?(:connection_type)
2011
+ @host = args[:host] if args.key?(:host)
2012
+ end
2013
+ end
2014
+
2015
+ # Contains the credentials of the service account which is authorized to perform
2016
+ # the LDAP search in the directory. The credentials can be supplied by the
2017
+ # combination of the DN and password or the client certificate.
2018
+ class IdentityServiceServiceAccountConfig
2019
+ include Google::Apis::Core::Hashable
2020
+
2021
+ # The structure holds the LDAP simple binding credential.
2022
+ # Corresponds to the JSON property `simpleBindCredentials`
2023
+ # @return [Google::Apis::GkehubV2alpha::IdentityServiceSimpleBindCredentials]
2024
+ attr_accessor :simple_bind_credentials
2025
+
2026
+ def initialize(**args)
2027
+ update!(**args)
2028
+ end
2029
+
2030
+ # Update properties of this object
2031
+ def update!(**args)
2032
+ @simple_bind_credentials = args[:simple_bind_credentials] if args.key?(:simple_bind_credentials)
2033
+ end
2034
+ end
2035
+
2036
+ # The structure holds the LDAP simple binding credential.
2037
+ class IdentityServiceSimpleBindCredentials
2038
+ include Google::Apis::Core::Hashable
2039
+
2040
+ # Required. The distinguished name(DN) of the service account object/user.
2041
+ # Corresponds to the JSON property `dn`
2042
+ # @return [String]
2043
+ attr_accessor :dn
2044
+
2045
+ # Output only. The encrypted password of the service account object/user.
2046
+ # Corresponds to the JSON property `encryptedPassword`
2047
+ # NOTE: Values are automatically base64 encoded/decoded in the client library.
2048
+ # @return [String]
2049
+ attr_accessor :encrypted_password
2050
+
2051
+ # Required. Input only. The password of the service account object/user.
2052
+ # Corresponds to the JSON property `password`
2053
+ # @return [String]
2054
+ attr_accessor :password
2055
+
2056
+ def initialize(**args)
2057
+ update!(**args)
2058
+ end
2059
+
2060
+ # Update properties of this object
2061
+ def update!(**args)
2062
+ @dn = args[:dn] if args.key?(:dn)
2063
+ @encrypted_password = args[:encrypted_password] if args.key?(:encrypted_password)
2064
+ @password = args[:password] if args.key?(:password)
2065
+ end
2066
+ end
2067
+
2068
+ # **IdentityService**: Configuration for a single membership.
2069
+ class IdentityServiceSpec
2070
+ include Google::Apis::Core::Hashable
2071
+
2072
+ # A member may support multiple auth methods.
2073
+ # Corresponds to the JSON property `authMethods`
2074
+ # @return [Array<Google::Apis::GkehubV2alpha::IdentityServiceAuthMethod>]
2075
+ attr_accessor :auth_methods
2076
+
2077
+ # Holds non-protocol-related configuration options.
2078
+ # Corresponds to the JSON property `identityServiceOptions`
2079
+ # @return [Google::Apis::GkehubV2alpha::IdentityServiceIdentityServiceOptions]
2080
+ attr_accessor :identity_service_options
2081
+
2082
+ def initialize(**args)
2083
+ update!(**args)
2084
+ end
2085
+
2086
+ # Update properties of this object
2087
+ def update!(**args)
2088
+ @auth_methods = args[:auth_methods] if args.key?(:auth_methods)
2089
+ @identity_service_options = args[:identity_service_options] if args.key?(:identity_service_options)
2090
+ end
2091
+ end
2092
+
2093
+ # **IdentityService**: State for a single membership, analyzed and reported by
2094
+ # feature controller.
2095
+ class IdentityServiceState
2096
+ include Google::Apis::Core::Hashable
2097
+
2098
+ # The reason of the failure.
2099
+ # Corresponds to the JSON property `failureReason`
2100
+ # @return [String]
2101
+ attr_accessor :failure_reason
2102
+
2103
+ # Installed AIS version. This is the AIS version installed on this member. The
2104
+ # values makes sense iff state is OK.
2105
+ # Corresponds to the JSON property `installedVersion`
2106
+ # @return [String]
2107
+ attr_accessor :installed_version
2108
+
2109
+ # **IdentityService**: Configuration for a single membership.
2110
+ # Corresponds to the JSON property `memberConfig`
2111
+ # @return [Google::Apis::GkehubV2alpha::IdentityServiceSpec]
2112
+ attr_accessor :member_config
2113
+
2114
+ # Deployment state on this member
2115
+ # Corresponds to the JSON property `state`
2116
+ # @return [String]
2117
+ attr_accessor :state
2118
+
2119
+ def initialize(**args)
2120
+ update!(**args)
2121
+ end
2122
+
2123
+ # Update properties of this object
2124
+ def update!(**args)
2125
+ @failure_reason = args[:failure_reason] if args.key?(:failure_reason)
2126
+ @installed_version = args[:installed_version] if args.key?(:installed_version)
2127
+ @member_config = args[:member_config] if args.key?(:member_config)
2128
+ @state = args[:state] if args.key?(:state)
2129
+ end
2130
+ end
2131
+
2132
+ # Defines where users exist in the LDAP directory.
2133
+ class IdentityServiceUserConfig
2134
+ include Google::Apis::Core::Hashable
2135
+
2136
+ # Required. The location of the subtree in the LDAP directory to search for user
2137
+ # entries.
2138
+ # Corresponds to the JSON property `baseDn`
2139
+ # @return [String]
2140
+ attr_accessor :base_dn
2141
+
2142
+ # Optional. Filter to apply when searching for the user. This can be used to
2143
+ # further restrict the user accounts which are allowed to login. This defaults
2144
+ # to "(objectClass=User)".
2145
+ # Corresponds to the JSON property `filter`
2146
+ # @return [String]
2147
+ attr_accessor :filter
2148
+
2149
+ # Optional. Determines which attribute to use as the user's identity after they
2150
+ # are authenticated. This is distinct from the loginAttribute field to allow
2151
+ # users to login with a username, but then have their actual identifier be an
2152
+ # email address or full Distinguished Name (DN). For example, setting
2153
+ # loginAttribute to "sAMAccountName" and identifierAttribute to "
2154
+ # userPrincipalName" would allow a user to login as "bsmith", but actual RBAC
2155
+ # policies for the user would be written as "bsmith@example.com". Using "
2156
+ # userPrincipalName" is recommended since this will be unique for each user.
2157
+ # This defaults to "userPrincipalName".
2158
+ # Corresponds to the JSON property `idAttribute`
2159
+ # @return [String]
2160
+ attr_accessor :id_attribute
2161
+
2162
+ # Optional. The name of the attribute which matches against the input username.
2163
+ # This is used to find the user in the LDAP database e.g. "(=)" and is combined
2164
+ # with the optional filter field. This defaults to "userPrincipalName".
2165
+ # Corresponds to the JSON property `loginAttribute`
2166
+ # @return [String]
2167
+ attr_accessor :login_attribute
2168
+
2169
+ def initialize(**args)
2170
+ update!(**args)
2171
+ end
2172
+
2173
+ # Update properties of this object
2174
+ def update!(**args)
2175
+ @base_dn = args[:base_dn] if args.key?(:base_dn)
2176
+ @filter = args[:filter] if args.key?(:filter)
2177
+ @id_attribute = args[:id_attribute] if args.key?(:id_attribute)
2178
+ @login_attribute = args[:login_attribute] if args.key?(:login_attribute)
2179
+ end
2180
+ end
2181
+
2182
+ # LifecycleState describes the state of a MembershipFeature *resource* in the
2183
+ # GkeHub API. See `FeatureState` for the "running state" of the
2184
+ # MembershipFeature.
2185
+ class LifecycleState
2186
+ include Google::Apis::Core::Hashable
2187
+
2188
+ # Output only. The current state of the Feature resource in the Hub API.
2189
+ # Corresponds to the JSON property `state`
2190
+ # @return [String]
2191
+ attr_accessor :state
2192
+
2193
+ def initialize(**args)
2194
+ update!(**args)
2195
+ end
2196
+
2197
+ # Update properties of this object
2198
+ def update!(**args)
2199
+ @state = args[:state] if args.key?(:state)
2200
+ end
2201
+ end
2202
+
2203
+ # The response message for Locations.ListLocations.
2204
+ class ListLocationsResponse
2205
+ include Google::Apis::Core::Hashable
2206
+
2207
+ # A list of locations that matches the specified filter in the request.
2208
+ # Corresponds to the JSON property `locations`
2209
+ # @return [Array<Google::Apis::GkehubV2alpha::Location>]
2210
+ attr_accessor :locations
2211
+
2212
+ # The standard List next-page token.
2213
+ # Corresponds to the JSON property `nextPageToken`
2214
+ # @return [String]
2215
+ attr_accessor :next_page_token
2216
+
2217
+ def initialize(**args)
2218
+ update!(**args)
2219
+ end
2220
+
2221
+ # Update properties of this object
2222
+ def update!(**args)
2223
+ @locations = args[:locations] if args.key?(:locations)
2224
+ @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
2225
+ end
2226
+ end
2227
+
2228
+ # Response message for the `GkeHubFeature.ListMembershipFeatures` method.
2229
+ class ListMembershipFeaturesResponse
2230
+ include Google::Apis::Core::Hashable
2231
+
2232
+ # The list of matching MembershipFeatures.
2233
+ # Corresponds to the JSON property `membershipFeatures`
2234
+ # @return [Array<Google::Apis::GkehubV2alpha::MembershipFeature>]
2235
+ attr_accessor :membership_features
2236
+
2237
+ # A token to request the next page of resources from the `ListMembershipFeatures`
2238
+ # method. The value of an empty string means that there are no more resources
2239
+ # to return.
2240
+ # Corresponds to the JSON property `nextPageToken`
2241
+ # @return [String]
2242
+ attr_accessor :next_page_token
2243
+
2244
+ # List of locations that could not be reached while fetching this list.
2245
+ # Corresponds to the JSON property `unreachable`
2246
+ # @return [Array<String>]
2247
+ attr_accessor :unreachable
2248
+
2249
+ def initialize(**args)
2250
+ update!(**args)
2251
+ end
2252
+
2253
+ # Update properties of this object
2254
+ def update!(**args)
2255
+ @membership_features = args[:membership_features] if args.key?(:membership_features)
2256
+ @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
2257
+ @unreachable = args[:unreachable] if args.key?(:unreachable)
2258
+ end
2259
+ end
2260
+
2261
+ # The response message for Operations.ListOperations.
2262
+ class ListOperationsResponse
2263
+ include Google::Apis::Core::Hashable
2264
+
2265
+ # The standard List next-page token.
2266
+ # Corresponds to the JSON property `nextPageToken`
2267
+ # @return [String]
2268
+ attr_accessor :next_page_token
2269
+
2270
+ # A list of operations that matches the specified filter in the request.
2271
+ # Corresponds to the JSON property `operations`
2272
+ # @return [Array<Google::Apis::GkehubV2alpha::Operation>]
2273
+ attr_accessor :operations
2274
+
2275
+ def initialize(**args)
2276
+ update!(**args)
2277
+ end
2278
+
2279
+ # Update properties of this object
2280
+ def update!(**args)
2281
+ @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
2282
+ @operations = args[:operations] if args.key?(:operations)
2283
+ end
2284
+ end
2285
+
2286
+ # A resource that represents a Google Cloud location.
2287
+ class Location
2288
+ include Google::Apis::Core::Hashable
2289
+
2290
+ # The friendly name for this location, typically a nearby city name. For example,
2291
+ # "Tokyo".
2292
+ # Corresponds to the JSON property `displayName`
2293
+ # @return [String]
2294
+ attr_accessor :display_name
2295
+
2296
+ # Cross-service attributes for the location. For example `"cloud.googleapis.com/
2297
+ # region": "us-east1"`
2298
+ # Corresponds to the JSON property `labels`
2299
+ # @return [Hash<String,String>]
2300
+ attr_accessor :labels
2301
+
2302
+ # The canonical id for this location. For example: `"us-east1"`.
2303
+ # Corresponds to the JSON property `locationId`
2304
+ # @return [String]
2305
+ attr_accessor :location_id
2306
+
2307
+ # Service-specific metadata. For example the available capacity at the given
2308
+ # location.
2309
+ # Corresponds to the JSON property `metadata`
2310
+ # @return [Hash<String,Object>]
2311
+ attr_accessor :metadata
2312
+
2313
+ # Resource name for the location, which may vary between implementations. For
2314
+ # example: `"projects/example-project/locations/us-east1"`
2315
+ # Corresponds to the JSON property `name`
2316
+ # @return [String]
2317
+ attr_accessor :name
2318
+
2319
+ def initialize(**args)
2320
+ update!(**args)
2321
+ end
2322
+
2323
+ # Update properties of this object
2324
+ def update!(**args)
2325
+ @display_name = args[:display_name] if args.key?(:display_name)
2326
+ @labels = args[:labels] if args.key?(:labels)
2327
+ @location_id = args[:location_id] if args.key?(:location_id)
2328
+ @metadata = args[:metadata] if args.key?(:metadata)
2329
+ @name = args[:name] if args.key?(:name)
2330
+ end
2331
+ end
2332
+
2333
+ # MembershipFeature represents the settings and status of a Fleet Feature
2334
+ # enabled on a single Fleet Membership.
2335
+ class MembershipFeature
2336
+ include Google::Apis::Core::Hashable
2337
+
2338
+ # Output only. When the MembershipFeature resource was created.
2339
+ # Corresponds to the JSON property `createTime`
2340
+ # @return [String]
2341
+ attr_accessor :create_time
2342
+
2343
+ # Output only. When the MembershipFeature resource was deleted.
2344
+ # Corresponds to the JSON property `deleteTime`
2345
+ # @return [String]
2346
+ attr_accessor :delete_time
2347
+
2348
+ # GCP labels for this MembershipFeature.
2349
+ # Corresponds to the JSON property `labels`
2350
+ # @return [Hash<String,String>]
2351
+ attr_accessor :labels
2352
+
2353
+ # LifecycleState describes the state of a MembershipFeature *resource* in the
2354
+ # GkeHub API. See `FeatureState` for the "running state" of the
2355
+ # MembershipFeature.
2356
+ # Corresponds to the JSON property `lifecycleState`
2357
+ # @return [Google::Apis::GkehubV2alpha::LifecycleState]
2358
+ attr_accessor :lifecycle_state
2359
+
2360
+ # Output only. The resource name of the membershipFeature, in the format: `
2361
+ # projects/`project`/locations/`location`/memberships/`membership`/features/`
2362
+ # feature``. Note that `membershipFeatures` is shortened to `features` in the
2363
+ # resource name. (see http://go/aip/122#collection-identifiers)
2364
+ # Corresponds to the JSON property `name`
2365
+ # @return [String]
2366
+ attr_accessor :name
2367
+
2368
+ # FeatureSpec contains user input per-feature spec information.
2369
+ # Corresponds to the JSON property `spec`
2370
+ # @return [Google::Apis::GkehubV2alpha::FeatureSpec]
2371
+ attr_accessor :spec
2372
+
2373
+ # FeatureState contains high-level state information and per-feature state
2374
+ # information for this MembershipFeature.
2375
+ # Corresponds to the JSON property `state`
2376
+ # @return [Google::Apis::GkehubV2alpha::FeatureState]
2377
+ attr_accessor :state
2378
+
2379
+ # Output only. When the MembershipFeature resource was last updated.
2380
+ # Corresponds to the JSON property `updateTime`
2381
+ # @return [String]
2382
+ attr_accessor :update_time
2383
+
2384
+ def initialize(**args)
2385
+ update!(**args)
2386
+ end
2387
+
2388
+ # Update properties of this object
2389
+ def update!(**args)
2390
+ @create_time = args[:create_time] if args.key?(:create_time)
2391
+ @delete_time = args[:delete_time] if args.key?(:delete_time)
2392
+ @labels = args[:labels] if args.key?(:labels)
2393
+ @lifecycle_state = args[:lifecycle_state] if args.key?(:lifecycle_state)
2394
+ @name = args[:name] if args.key?(:name)
2395
+ @spec = args[:spec] if args.key?(:spec)
2396
+ @state = args[:state] if args.key?(:state)
2397
+ @update_time = args[:update_time] if args.key?(:update_time)
2398
+ end
2399
+ end
2400
+
2401
+ # **Metering**: State for a single membership, analyzed and reported by feature
2402
+ # controller.
2403
+ class MeteringState
2404
+ include Google::Apis::Core::Hashable
2405
+
2406
+ # The time stamp of the most recent measurement of the number of vCPUs in the
2407
+ # cluster.
2408
+ # Corresponds to the JSON property `lastMeasurementTime`
2409
+ # @return [String]
2410
+ attr_accessor :last_measurement_time
2411
+
2412
+ # The vCPUs capacity in the cluster according to the most recent measurement (1/
2413
+ # 1000 precision).
2414
+ # Corresponds to the JSON property `preciseLastMeasuredClusterVcpuCapacity`
2415
+ # @return [Float]
2416
+ attr_accessor :precise_last_measured_cluster_vcpu_capacity
2417
+
2418
+ def initialize(**args)
2419
+ update!(**args)
2420
+ end
2421
+
2422
+ # Update properties of this object
2423
+ def update!(**args)
2424
+ @last_measurement_time = args[:last_measurement_time] if args.key?(:last_measurement_time)
2425
+ @precise_last_measured_cluster_vcpu_capacity = args[:precise_last_measured_cluster_vcpu_capacity] if args.key?(:precise_last_measured_cluster_vcpu_capacity)
2426
+ end
2427
+ end
2428
+
2429
+ # This resource represents a long-running operation that is the result of a
2430
+ # network API call.
2431
+ class Operation
2432
+ include Google::Apis::Core::Hashable
2433
+
2434
+ # If the value is `false`, it means the operation is still in progress. If `true`
2435
+ # , the operation is completed, and either `error` or `response` is available.
2436
+ # Corresponds to the JSON property `done`
2437
+ # @return [Boolean]
2438
+ attr_accessor :done
2439
+ alias_method :done?, :done
2440
+
2441
+ # The `Status` type defines a logical error model that is suitable for different
2442
+ # programming environments, including REST APIs and RPC APIs. It is used by [
2443
+ # gRPC](https://github.com/grpc). Each `Status` message contains three pieces of
2444
+ # data: error code, error message, and error details. You can find out more
2445
+ # about this error model and how to work with it in the [API Design Guide](https:
2446
+ # //cloud.google.com/apis/design/errors).
2447
+ # Corresponds to the JSON property `error`
2448
+ # @return [Google::Apis::GkehubV2alpha::GoogleRpcStatus]
2449
+ attr_accessor :error
2450
+
2451
+ # Service-specific metadata associated with the operation. It typically contains
2452
+ # progress information and common metadata such as create time. Some services
2453
+ # might not provide such metadata. Any method that returns a long-running
2454
+ # operation should document the metadata type, if any.
2455
+ # Corresponds to the JSON property `metadata`
2456
+ # @return [Hash<String,Object>]
2457
+ attr_accessor :metadata
2458
+
2459
+ # The server-assigned name, which is only unique within the same service that
2460
+ # originally returns it. If you use the default HTTP mapping, the `name` should
2461
+ # be a resource name ending with `operations/`unique_id``.
2462
+ # Corresponds to the JSON property `name`
2463
+ # @return [String]
2464
+ attr_accessor :name
2465
+
2466
+ # The normal, successful response of the operation. If the original method
2467
+ # returns no data on success, such as `Delete`, the response is `google.protobuf.
2468
+ # Empty`. If the original method is standard `Get`/`Create`/`Update`, the
2469
+ # response should be the resource. For other methods, the response should have
2470
+ # the type `XxxResponse`, where `Xxx` is the original method name. For example,
2471
+ # if the original method name is `TakeSnapshot()`, the inferred response type is
2472
+ # `TakeSnapshotResponse`.
2473
+ # Corresponds to the JSON property `response`
2474
+ # @return [Hash<String,Object>]
2475
+ attr_accessor :response
2476
+
2477
+ def initialize(**args)
2478
+ update!(**args)
2479
+ end
2480
+
2481
+ # Update properties of this object
2482
+ def update!(**args)
2483
+ @done = args[:done] if args.key?(:done)
2484
+ @error = args[:error] if args.key?(:error)
2485
+ @metadata = args[:metadata] if args.key?(:metadata)
2486
+ @name = args[:name] if args.key?(:name)
2487
+ @response = args[:response] if args.key?(:response)
2488
+ end
2489
+ end
2490
+
2491
+ # Metadata of the long-running operation.
2492
+ class OperationMetadata
2493
+ include Google::Apis::Core::Hashable
2494
+
2495
+ # Output only. API version used to start the operation.
2496
+ # Corresponds to the JSON property `apiVersion`
2497
+ # @return [String]
2498
+ attr_accessor :api_version
2499
+
2500
+ # Output only. Identifies whether the user has requested cancellation of the
2501
+ # operation. Operations that have successfully been cancelled have Operation.
2502
+ # error value with a google.rpc.Status.code of 1, corresponding to `Code.
2503
+ # CANCELLED`.
2504
+ # Corresponds to the JSON property `cancelRequested`
2505
+ # @return [Boolean]
2506
+ attr_accessor :cancel_requested
2507
+ alias_method :cancel_requested?, :cancel_requested
2508
+
2509
+ # Output only. The time the operation was created.
2510
+ # Corresponds to the JSON property `createTime`
2511
+ # @return [String]
2512
+ attr_accessor :create_time
2513
+
2514
+ # Output only. The time the operation finished running.
2515
+ # Corresponds to the JSON property `endTime`
2516
+ # @return [String]
2517
+ attr_accessor :end_time
2518
+
2519
+ # Output only. Human-readable status of the operation, if any.
2520
+ # Corresponds to the JSON property `statusDetail`
2521
+ # @return [String]
2522
+ attr_accessor :status_detail
2523
+
2524
+ # Output only. Server-defined resource path for the target of the operation.
2525
+ # Corresponds to the JSON property `target`
2526
+ # @return [String]
2527
+ attr_accessor :target
2528
+
2529
+ # Output only. Name of the verb executed by the operation.
2530
+ # Corresponds to the JSON property `verb`
2531
+ # @return [String]
2532
+ attr_accessor :verb
2533
+
2534
+ def initialize(**args)
2535
+ update!(**args)
2536
+ end
2537
+
2538
+ # Update properties of this object
2539
+ def update!(**args)
2540
+ @api_version = args[:api_version] if args.key?(:api_version)
2541
+ @cancel_requested = args[:cancel_requested] if args.key?(:cancel_requested)
2542
+ @create_time = args[:create_time] if args.key?(:create_time)
2543
+ @end_time = args[:end_time] if args.key?(:end_time)
2544
+ @status_detail = args[:status_detail] if args.key?(:status_detail)
2545
+ @target = args[:target] if args.key?(:target)
2546
+ @verb = args[:verb] if args.key?(:verb)
2547
+ end
2548
+ end
2549
+
2550
+ # Origin defines where this FeatureSpec originated from.
2551
+ class Origin
2552
+ include Google::Apis::Core::Hashable
2553
+
2554
+ # Type specifies which type of origin is set.
2555
+ # Corresponds to the JSON property `type`
2556
+ # @return [String]
2557
+ attr_accessor :type
2558
+
2559
+ def initialize(**args)
2560
+ update!(**args)
2561
+ end
2562
+
2563
+ # Update properties of this object
2564
+ def update!(**args)
2565
+ @type = args[:type] if args.key?(:type)
2566
+ end
2567
+ end
2568
+
2569
+ # BundleInstallSpec is the specification configuration for a single managed
2570
+ # bundle.
2571
+ class PolicyControllerBundleInstallSpec
2572
+ include Google::Apis::Core::Hashable
2573
+
2574
+ # the set of namespaces to be exempted from the bundle
2575
+ # Corresponds to the JSON property `exemptedNamespaces`
2576
+ # @return [Array<String>]
2577
+ attr_accessor :exempted_namespaces
2578
+
2579
+ def initialize(**args)
2580
+ update!(**args)
2581
+ end
2582
+
2583
+ # Update properties of this object
2584
+ def update!(**args)
2585
+ @exempted_namespaces = args[:exempted_namespaces] if args.key?(:exempted_namespaces)
2586
+ end
2587
+ end
2588
+
2589
+ # Configuration for Policy Controller
2590
+ class PolicyControllerHubConfig
2591
+ include Google::Apis::Core::Hashable
2592
+
2593
+ # Sets the interval for Policy Controller Audit Scans (in seconds). When set to
2594
+ # 0, this disables audit functionality altogether.
2595
+ # Corresponds to the JSON property `auditIntervalSeconds`
2596
+ # @return [Fixnum]
2597
+ attr_accessor :audit_interval_seconds
2598
+
2599
+ # The maximum number of audit violations to be stored in a constraint. If not
2600
+ # set, the internal default (currently 20) will be used.
2601
+ # Corresponds to the JSON property `constraintViolationLimit`
2602
+ # @return [Fixnum]
2603
+ attr_accessor :constraint_violation_limit
2604
+
2605
+ # Map of deployment configs to deployments (“admission”, “audit”, “mutation”).
2606
+ # Corresponds to the JSON property `deploymentConfigs`
2607
+ # @return [Hash<String,Google::Apis::GkehubV2alpha::PolicyControllerPolicyControllerDeploymentConfig>]
2608
+ attr_accessor :deployment_configs
2609
+
2610
+ # The set of namespaces that are excluded from Policy Controller checks.
2611
+ # Namespaces do not need to currently exist on the cluster.
2612
+ # Corresponds to the JSON property `exemptableNamespaces`
2613
+ # @return [Array<String>]
2614
+ attr_accessor :exemptable_namespaces
2615
+
2616
+ # The install_spec represents the intended state specified by the latest request
2617
+ # that mutated install_spec in the feature spec, not the lifecycle state of the
2618
+ # feature observed by the Hub feature controller that is reported in the feature
2619
+ # state.
2620
+ # Corresponds to the JSON property `installSpec`
2621
+ # @return [String]
2622
+ attr_accessor :install_spec
2623
+
2624
+ # Logs all denies and dry run failures.
2625
+ # Corresponds to the JSON property `logDeniesEnabled`
2626
+ # @return [Boolean]
2627
+ attr_accessor :log_denies_enabled
2628
+ alias_method :log_denies_enabled?, :log_denies_enabled
2629
+
2630
+ # MonitoringConfig specifies the backends Policy Controller should export
2631
+ # metrics to. For example, to specify metrics should be exported to Cloud
2632
+ # Monitoring and Prometheus, specify backends: ["cloudmonitoring", "prometheus"]
2633
+ # Corresponds to the JSON property `monitoring`
2634
+ # @return [Google::Apis::GkehubV2alpha::PolicyControllerMonitoringConfig]
2635
+ attr_accessor :monitoring
2636
+
2637
+ # Enables the ability to mutate resources using Policy Controller.
2638
+ # Corresponds to the JSON property `mutationEnabled`
2639
+ # @return [Boolean]
2640
+ attr_accessor :mutation_enabled
2641
+ alias_method :mutation_enabled?, :mutation_enabled
2642
+
2643
+ # PolicyContentSpec defines the user's desired content configuration on the
2644
+ # cluster.
2645
+ # Corresponds to the JSON property `policyContent`
2646
+ # @return [Google::Apis::GkehubV2alpha::PolicyControllerPolicyContentSpec]
2647
+ attr_accessor :policy_content
2648
+
2649
+ # Enables the ability to use Constraint Templates that reference to objects
2650
+ # other than the object currently being evaluated.
2651
+ # Corresponds to the JSON property `referentialRulesEnabled`
2652
+ # @return [Boolean]
2653
+ attr_accessor :referential_rules_enabled
2654
+ alias_method :referential_rules_enabled?, :referential_rules_enabled
2655
+
2656
+ def initialize(**args)
2657
+ update!(**args)
2658
+ end
2659
+
2660
+ # Update properties of this object
2661
+ def update!(**args)
2662
+ @audit_interval_seconds = args[:audit_interval_seconds] if args.key?(:audit_interval_seconds)
2663
+ @constraint_violation_limit = args[:constraint_violation_limit] if args.key?(:constraint_violation_limit)
2664
+ @deployment_configs = args[:deployment_configs] if args.key?(:deployment_configs)
2665
+ @exemptable_namespaces = args[:exemptable_namespaces] if args.key?(:exemptable_namespaces)
2666
+ @install_spec = args[:install_spec] if args.key?(:install_spec)
2667
+ @log_denies_enabled = args[:log_denies_enabled] if args.key?(:log_denies_enabled)
2668
+ @monitoring = args[:monitoring] if args.key?(:monitoring)
2669
+ @mutation_enabled = args[:mutation_enabled] if args.key?(:mutation_enabled)
2670
+ @policy_content = args[:policy_content] if args.key?(:policy_content)
2671
+ @referential_rules_enabled = args[:referential_rules_enabled] if args.key?(:referential_rules_enabled)
2672
+ end
2673
+ end
2674
+
2675
+ # MonitoringConfig specifies the backends Policy Controller should export
2676
+ # metrics to. For example, to specify metrics should be exported to Cloud
2677
+ # Monitoring and Prometheus, specify backends: ["cloudmonitoring", "prometheus"]
2678
+ class PolicyControllerMonitoringConfig
2679
+ include Google::Apis::Core::Hashable
2680
+
2681
+ # Specifies the list of backends Policy Controller will export to. An empty list
2682
+ # would effectively disable metrics export.
2683
+ # Corresponds to the JSON property `backends`
2684
+ # @return [Array<String>]
2685
+ attr_accessor :backends
2686
+
2687
+ def initialize(**args)
2688
+ update!(**args)
2689
+ end
2690
+
2691
+ # Update properties of this object
2692
+ def update!(**args)
2693
+ @backends = args[:backends] if args.key?(:backends)
2694
+ end
2695
+ end
2696
+
2697
+ # OnClusterState represents the state of a sub-component of Policy Controller.
2698
+ class PolicyControllerOnClusterState
2699
+ include Google::Apis::Core::Hashable
2700
+
2701
+ # Surface potential errors or information logs.
2702
+ # Corresponds to the JSON property `details`
2703
+ # @return [String]
2704
+ attr_accessor :details
2705
+
2706
+ # The lifecycle state of this component.
2707
+ # Corresponds to the JSON property `state`
2708
+ # @return [String]
2709
+ attr_accessor :state
2710
+
2711
+ def initialize(**args)
2712
+ update!(**args)
2713
+ end
2714
+
2715
+ # Update properties of this object
2716
+ def update!(**args)
2717
+ @details = args[:details] if args.key?(:details)
2718
+ @state = args[:state] if args.key?(:state)
2719
+ end
2720
+ end
2721
+
2722
+ # PolicyContentSpec defines the user's desired content configuration on the
2723
+ # cluster.
2724
+ class PolicyControllerPolicyContentSpec
2725
+ include Google::Apis::Core::Hashable
2726
+
2727
+ # map of bundle name to BundleInstallSpec. The bundle name maps to the `
2728
+ # bundleName` key in the `policycontroller.gke.io/constraintData` annotation on
2729
+ # a constraint.
2730
+ # Corresponds to the JSON property `bundles`
2731
+ # @return [Hash<String,Google::Apis::GkehubV2alpha::PolicyControllerBundleInstallSpec>]
2732
+ attr_accessor :bundles
2733
+
2734
+ # The config specifying which default library templates to install.
2735
+ # Corresponds to the JSON property `templateLibrary`
2736
+ # @return [Google::Apis::GkehubV2alpha::PolicyControllerTemplateLibraryConfig]
2737
+ attr_accessor :template_library
2738
+
2739
+ def initialize(**args)
2740
+ update!(**args)
2741
+ end
2742
+
2743
+ # Update properties of this object
2744
+ def update!(**args)
2745
+ @bundles = args[:bundles] if args.key?(:bundles)
2746
+ @template_library = args[:template_library] if args.key?(:template_library)
2747
+ end
2748
+ end
2749
+
2750
+ # The state of the policy controller policy content
2751
+ class PolicyControllerPolicyContentState
2752
+ include Google::Apis::Core::Hashable
2753
+
2754
+ # The state of the any bundles included in the chosen version of the manifest
2755
+ # Corresponds to the JSON property `bundleStates`
2756
+ # @return [Hash<String,Google::Apis::GkehubV2alpha::PolicyControllerOnClusterState>]
2757
+ attr_accessor :bundle_states
2758
+
2759
+ # OnClusterState represents the state of a sub-component of Policy Controller.
2760
+ # Corresponds to the JSON property `referentialSyncConfigState`
2761
+ # @return [Google::Apis::GkehubV2alpha::PolicyControllerOnClusterState]
2762
+ attr_accessor :referential_sync_config_state
2763
+
2764
+ # OnClusterState represents the state of a sub-component of Policy Controller.
2765
+ # Corresponds to the JSON property `templateLibraryState`
2766
+ # @return [Google::Apis::GkehubV2alpha::PolicyControllerOnClusterState]
2767
+ attr_accessor :template_library_state
2768
+
2769
+ def initialize(**args)
2770
+ update!(**args)
2771
+ end
2772
+
2773
+ # Update properties of this object
2774
+ def update!(**args)
2775
+ @bundle_states = args[:bundle_states] if args.key?(:bundle_states)
2776
+ @referential_sync_config_state = args[:referential_sync_config_state] if args.key?(:referential_sync_config_state)
2777
+ @template_library_state = args[:template_library_state] if args.key?(:template_library_state)
2778
+ end
2779
+ end
2780
+
2781
+ # Deployment-specific configuration.
2782
+ class PolicyControllerPolicyControllerDeploymentConfig
2783
+ include Google::Apis::Core::Hashable
2784
+
2785
+ # ResourceRequirements describes the compute resource requirements.
2786
+ # Corresponds to the JSON property `containerResources`
2787
+ # @return [Google::Apis::GkehubV2alpha::PolicyControllerResourceRequirements]
2788
+ attr_accessor :container_resources
2789
+
2790
+ # Pod affinity configuration.
2791
+ # Corresponds to the JSON property `podAffinity`
2792
+ # @return [String]
2793
+ attr_accessor :pod_affinity
2794
+
2795
+ # Pod anti-affinity enablement. Deprecated: use `pod_affinity` instead.
2796
+ # Corresponds to the JSON property `podAntiAffinity`
2797
+ # @return [Boolean]
2798
+ attr_accessor :pod_anti_affinity
2799
+ alias_method :pod_anti_affinity?, :pod_anti_affinity
2800
+
2801
+ # Pod tolerations of node taints.
2802
+ # Corresponds to the JSON property `podTolerations`
2803
+ # @return [Array<Google::Apis::GkehubV2alpha::PolicyControllerToleration>]
2804
+ attr_accessor :pod_tolerations
2805
+
2806
+ # Pod replica count.
2807
+ # Corresponds to the JSON property `replicaCount`
2808
+ # @return [Fixnum]
2809
+ attr_accessor :replica_count
2810
+
2811
+ def initialize(**args)
2812
+ update!(**args)
2813
+ end
2814
+
2815
+ # Update properties of this object
2816
+ def update!(**args)
2817
+ @container_resources = args[:container_resources] if args.key?(:container_resources)
2818
+ @pod_affinity = args[:pod_affinity] if args.key?(:pod_affinity)
2819
+ @pod_anti_affinity = args[:pod_anti_affinity] if args.key?(:pod_anti_affinity)
2820
+ @pod_tolerations = args[:pod_tolerations] if args.key?(:pod_tolerations)
2821
+ @replica_count = args[:replica_count] if args.key?(:replica_count)
2822
+ end
2823
+ end
2824
+
2825
+ # ResourceList contains container resource requirements.
2826
+ class PolicyControllerResourceList
2827
+ include Google::Apis::Core::Hashable
2828
+
2829
+ # CPU requirement expressed in Kubernetes resource units.
2830
+ # Corresponds to the JSON property `cpu`
2831
+ # @return [String]
2832
+ attr_accessor :cpu
2833
+
2834
+ # Memory requirement expressed in Kubernetes resource units.
2835
+ # Corresponds to the JSON property `memory`
2836
+ # @return [String]
2837
+ attr_accessor :memory
2838
+
2839
+ def initialize(**args)
2840
+ update!(**args)
2841
+ end
2842
+
2843
+ # Update properties of this object
2844
+ def update!(**args)
2845
+ @cpu = args[:cpu] if args.key?(:cpu)
2846
+ @memory = args[:memory] if args.key?(:memory)
2847
+ end
2848
+ end
2849
+
2850
+ # ResourceRequirements describes the compute resource requirements.
2851
+ class PolicyControllerResourceRequirements
2852
+ include Google::Apis::Core::Hashable
2853
+
2854
+ # ResourceList contains container resource requirements.
2855
+ # Corresponds to the JSON property `limits`
2856
+ # @return [Google::Apis::GkehubV2alpha::PolicyControllerResourceList]
2857
+ attr_accessor :limits
2858
+
2859
+ # ResourceList contains container resource requirements.
2860
+ # Corresponds to the JSON property `requests`
2861
+ # @return [Google::Apis::GkehubV2alpha::PolicyControllerResourceList]
2862
+ attr_accessor :requests
2863
+
2864
+ def initialize(**args)
2865
+ update!(**args)
2866
+ end
2867
+
2868
+ # Update properties of this object
2869
+ def update!(**args)
2870
+ @limits = args[:limits] if args.key?(:limits)
2871
+ @requests = args[:requests] if args.key?(:requests)
2872
+ end
2873
+ end
2874
+
2875
+ # **Policy Controller**: Configuration for a single cluster. Intended to
2876
+ # parallel the PolicyController CR.
2877
+ class PolicyControllerSpec
2878
+ include Google::Apis::Core::Hashable
2879
+
2880
+ # Configuration for Policy Controller
2881
+ # Corresponds to the JSON property `policyControllerHubConfig`
2882
+ # @return [Google::Apis::GkehubV2alpha::PolicyControllerHubConfig]
2883
+ attr_accessor :policy_controller_hub_config
2884
+
2885
+ # Version of Policy Controller installed.
2886
+ # Corresponds to the JSON property `version`
2887
+ # @return [String]
2888
+ attr_accessor :version
2889
+
2890
+ def initialize(**args)
2891
+ update!(**args)
2892
+ end
2893
+
2894
+ # Update properties of this object
2895
+ def update!(**args)
2896
+ @policy_controller_hub_config = args[:policy_controller_hub_config] if args.key?(:policy_controller_hub_config)
2897
+ @version = args[:version] if args.key?(:version)
2898
+ end
2899
+ end
2900
+
2901
+ # **Policy Controller**: State for a single cluster.
2902
+ class PolicyControllerState
2903
+ include Google::Apis::Core::Hashable
2904
+
2905
+ # Currently these include (also serving as map keys): 1. "admission" 2. "audit"
2906
+ # 3. "mutation"
2907
+ # Corresponds to the JSON property `componentStates`
2908
+ # @return [Hash<String,Google::Apis::GkehubV2alpha::PolicyControllerOnClusterState>]
2909
+ attr_accessor :component_states
2910
+
2911
+ # The state of the policy controller policy content
2912
+ # Corresponds to the JSON property `policyContentState`
2913
+ # @return [Google::Apis::GkehubV2alpha::PolicyControllerPolicyContentState]
2914
+ attr_accessor :policy_content_state
2915
+
2916
+ # The overall Policy Controller lifecycle state observed by the Hub Feature
2917
+ # controller.
2918
+ # Corresponds to the JSON property `state`
2919
+ # @return [String]
2920
+ attr_accessor :state
2921
+
2922
+ def initialize(**args)
2923
+ update!(**args)
2924
+ end
2925
+
2926
+ # Update properties of this object
2927
+ def update!(**args)
2928
+ @component_states = args[:component_states] if args.key?(:component_states)
2929
+ @policy_content_state = args[:policy_content_state] if args.key?(:policy_content_state)
2930
+ @state = args[:state] if args.key?(:state)
2931
+ end
2932
+ end
2933
+
2934
+ # The config specifying which default library templates to install.
2935
+ class PolicyControllerTemplateLibraryConfig
2936
+ include Google::Apis::Core::Hashable
2937
+
2938
+ # Configures the manner in which the template library is installed on the
2939
+ # cluster.
2940
+ # Corresponds to the JSON property `installation`
2941
+ # @return [String]
2942
+ attr_accessor :installation
2943
+
2944
+ def initialize(**args)
2945
+ update!(**args)
2946
+ end
2947
+
2948
+ # Update properties of this object
2949
+ def update!(**args)
2950
+ @installation = args[:installation] if args.key?(:installation)
2951
+ end
2952
+ end
2953
+
2954
+ # Toleration of a node taint.
2955
+ class PolicyControllerToleration
43
2956
  include Google::Apis::Core::Hashable
44
2957
 
2958
+ # Matches a taint effect.
2959
+ # Corresponds to the JSON property `effect`
2960
+ # @return [String]
2961
+ attr_accessor :effect
2962
+
2963
+ # Matches a taint key (not necessarily unique).
2964
+ # Corresponds to the JSON property `key`
2965
+ # @return [String]
2966
+ attr_accessor :key
2967
+
2968
+ # Matches a taint operator.
2969
+ # Corresponds to the JSON property `operator`
2970
+ # @return [String]
2971
+ attr_accessor :operator
2972
+
2973
+ # Matches a taint value.
2974
+ # Corresponds to the JSON property `value`
2975
+ # @return [String]
2976
+ attr_accessor :value
2977
+
45
2978
  def initialize(**args)
46
2979
  update!(**args)
47
2980
  end
48
2981
 
49
2982
  # Update properties of this object
50
2983
  def update!(**args)
2984
+ @effect = args[:effect] if args.key?(:effect)
2985
+ @key = args[:key] if args.key?(:key)
2986
+ @operator = args[:operator] if args.key?(:operator)
2987
+ @value = args[:value] if args.key?(:value)
51
2988
  end
52
2989
  end
53
2990
 
54
- # The `Status` type defines a logical error model that is suitable for different
55
- # programming environments, including REST APIs and RPC APIs. It is used by [
56
- # gRPC](https://github.com/grpc). Each `Status` message contains three pieces of
57
- # data: error code, error message, and error details. You can find out more
58
- # about this error model and how to work with it in the [API Design Guide](https:
59
- # //cloud.google.com/apis/design/errors).
60
- class GoogleRpcStatus
2991
+ # AnalysisMessage is a single message produced by an analyzer, and it used to
2992
+ # communicate to the end user about the state of their Service Mesh
2993
+ # configuration.
2994
+ class ServiceMeshAnalysisMessage
61
2995
  include Google::Apis::Core::Hashable
62
2996
 
63
- # The status code, which should be an enum value of google.rpc.Code.
2997
+ # A UI can combine these args with a template (based on message_base.type) to
2998
+ # produce an internationalized message.
2999
+ # Corresponds to the JSON property `args`
3000
+ # @return [Hash<String,Object>]
3001
+ attr_accessor :args
3002
+
3003
+ # A human readable description of what the error means. It is suitable for non-
3004
+ # internationalize display purposes.
3005
+ # Corresponds to the JSON property `description`
3006
+ # @return [String]
3007
+ attr_accessor :description
3008
+
3009
+ # AnalysisMessageBase describes some common information that is needed for all
3010
+ # messages.
3011
+ # Corresponds to the JSON property `messageBase`
3012
+ # @return [Google::Apis::GkehubV2alpha::ServiceMeshAnalysisMessageBase]
3013
+ attr_accessor :message_base
3014
+
3015
+ # A list of strings specifying the resource identifiers that were the cause of
3016
+ # message generation. A "path" here may be: * MEMBERSHIP_ID if the cause is a
3017
+ # specific member cluster * MEMBERSHIP_ID/(NAMESPACE\/)?RESOURCETYPE/NAME if the
3018
+ # cause is a resource in a cluster
3019
+ # Corresponds to the JSON property `resourcePaths`
3020
+ # @return [Array<String>]
3021
+ attr_accessor :resource_paths
3022
+
3023
+ def initialize(**args)
3024
+ update!(**args)
3025
+ end
3026
+
3027
+ # Update properties of this object
3028
+ def update!(**args)
3029
+ @args = args[:args] if args.key?(:args)
3030
+ @description = args[:description] if args.key?(:description)
3031
+ @message_base = args[:message_base] if args.key?(:message_base)
3032
+ @resource_paths = args[:resource_paths] if args.key?(:resource_paths)
3033
+ end
3034
+ end
3035
+
3036
+ # AnalysisMessageBase describes some common information that is needed for all
3037
+ # messages.
3038
+ class ServiceMeshAnalysisMessageBase
3039
+ include Google::Apis::Core::Hashable
3040
+
3041
+ # A url pointing to the Service Mesh or Istio documentation for this specific
3042
+ # error type.
3043
+ # Corresponds to the JSON property `documentationUrl`
3044
+ # @return [String]
3045
+ attr_accessor :documentation_url
3046
+
3047
+ # Represents how severe a message is.
3048
+ # Corresponds to the JSON property `level`
3049
+ # @return [String]
3050
+ attr_accessor :level
3051
+
3052
+ # A unique identifier for the type of message. Display_name is intended to be
3053
+ # human-readable, code is intended to be machine readable. There should be a one-
3054
+ # to-one mapping between display_name and code. (i.e. do not re-use
3055
+ # display_names or codes between message types.) See istio.analysis.v1alpha1.
3056
+ # AnalysisMessageBase.Type
3057
+ # Corresponds to the JSON property `type`
3058
+ # @return [Google::Apis::GkehubV2alpha::ServiceMeshType]
3059
+ attr_accessor :type
3060
+
3061
+ def initialize(**args)
3062
+ update!(**args)
3063
+ end
3064
+
3065
+ # Update properties of this object
3066
+ def update!(**args)
3067
+ @documentation_url = args[:documentation_url] if args.key?(:documentation_url)
3068
+ @level = args[:level] if args.key?(:level)
3069
+ @type = args[:type] if args.key?(:type)
3070
+ end
3071
+ end
3072
+
3073
+ # Condition being reported.
3074
+ class ServiceMeshCondition
3075
+ include Google::Apis::Core::Hashable
3076
+
3077
+ # Unique identifier of the condition which describes the condition recognizable
3078
+ # to the user.
64
3079
  # Corresponds to the JSON property `code`
65
- # @return [Fixnum]
3080
+ # @return [String]
66
3081
  attr_accessor :code
67
3082
 
68
- # A list of messages that carry the error details. There is a common set of
69
- # message types for APIs to use.
3083
+ # A short summary about the issue.
70
3084
  # Corresponds to the JSON property `details`
71
- # @return [Array<Hash<String,Object>>]
3085
+ # @return [String]
72
3086
  attr_accessor :details
73
3087
 
74
- # A developer-facing error message, which should be in English. Any user-facing
75
- # error message should be localized and sent in the google.rpc.Status.details
76
- # field, or localized by the client.
77
- # Corresponds to the JSON property `message`
3088
+ # Links contains actionable information.
3089
+ # Corresponds to the JSON property `documentationLink`
78
3090
  # @return [String]
79
- attr_accessor :message
3091
+ attr_accessor :documentation_link
3092
+
3093
+ # Severity level of the condition.
3094
+ # Corresponds to the JSON property `severity`
3095
+ # @return [String]
3096
+ attr_accessor :severity
80
3097
 
81
3098
  def initialize(**args)
82
3099
  update!(**args)
@@ -86,23 +3103,29 @@ module Google
86
3103
  def update!(**args)
87
3104
  @code = args[:code] if args.key?(:code)
88
3105
  @details = args[:details] if args.key?(:details)
89
- @message = args[:message] if args.key?(:message)
3106
+ @documentation_link = args[:documentation_link] if args.key?(:documentation_link)
3107
+ @severity = args[:severity] if args.key?(:severity)
90
3108
  end
91
3109
  end
92
3110
 
93
- # The response message for Locations.ListLocations.
94
- class ListLocationsResponse
3111
+ # Status of control plane management.
3112
+ class ServiceMeshControlPlaneManagement
95
3113
  include Google::Apis::Core::Hashable
96
3114
 
97
- # A list of locations that matches the specified filter in the request.
98
- # Corresponds to the JSON property `locations`
99
- # @return [Array<Google::Apis::GkehubV2alpha::Location>]
100
- attr_accessor :locations
3115
+ # Explanation of state.
3116
+ # Corresponds to the JSON property `details`
3117
+ # @return [Array<Google::Apis::GkehubV2alpha::ServiceMeshStatusDetails>]
3118
+ attr_accessor :details
101
3119
 
102
- # The standard List next-page token.
103
- # Corresponds to the JSON property `nextPageToken`
3120
+ # Output only. Implementation of managed control plane.
3121
+ # Corresponds to the JSON property `implementation`
104
3122
  # @return [String]
105
- attr_accessor :next_page_token
3123
+ attr_accessor :implementation
3124
+
3125
+ # LifecycleState of control plane management.
3126
+ # Corresponds to the JSON property `state`
3127
+ # @return [String]
3128
+ attr_accessor :state
106
3129
 
107
3130
  def initialize(**args)
108
3131
  update!(**args)
@@ -110,24 +3133,63 @@ module Google
110
3133
 
111
3134
  # Update properties of this object
112
3135
  def update!(**args)
113
- @locations = args[:locations] if args.key?(:locations)
114
- @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
3136
+ @details = args[:details] if args.key?(:details)
3137
+ @implementation = args[:implementation] if args.key?(:implementation)
3138
+ @state = args[:state] if args.key?(:state)
115
3139
  end
116
3140
  end
117
3141
 
118
- # The response message for Operations.ListOperations.
119
- class ListOperationsResponse
3142
+ # Status of data plane management. Only reported per-member.
3143
+ class ServiceMeshDataPlaneManagement
120
3144
  include Google::Apis::Core::Hashable
121
3145
 
122
- # The standard List next-page token.
123
- # Corresponds to the JSON property `nextPageToken`
3146
+ # Explanation of the status.
3147
+ # Corresponds to the JSON property `details`
3148
+ # @return [Array<Google::Apis::GkehubV2alpha::ServiceMeshStatusDetails>]
3149
+ attr_accessor :details
3150
+
3151
+ # Lifecycle status of data plane management.
3152
+ # Corresponds to the JSON property `state`
124
3153
  # @return [String]
125
- attr_accessor :next_page_token
3154
+ attr_accessor :state
126
3155
 
127
- # A list of operations that matches the specified filter in the request.
128
- # Corresponds to the JSON property `operations`
129
- # @return [Array<Google::Apis::GkehubV2alpha::Operation>]
130
- attr_accessor :operations
3156
+ def initialize(**args)
3157
+ update!(**args)
3158
+ end
3159
+
3160
+ # Update properties of this object
3161
+ def update!(**args)
3162
+ @details = args[:details] if args.key?(:details)
3163
+ @state = args[:state] if args.key?(:state)
3164
+ end
3165
+ end
3166
+
3167
+ # **Service Mesh**: Spec for a single Membership for the servicemesh feature
3168
+ class ServiceMeshSpec
3169
+ include Google::Apis::Core::Hashable
3170
+
3171
+ # Optional. Specifies the API that will be used for configuring the mesh
3172
+ # workloads.
3173
+ # Corresponds to the JSON property `configApi`
3174
+ # @return [String]
3175
+ attr_accessor :config_api
3176
+
3177
+ # Deprecated: use `management` instead Enables automatic control plane
3178
+ # management.
3179
+ # Corresponds to the JSON property `controlPlane`
3180
+ # @return [String]
3181
+ attr_accessor :control_plane
3182
+
3183
+ # Determines which release channel to use for default injection and service mesh
3184
+ # APIs.
3185
+ # Corresponds to the JSON property `defaultChannel`
3186
+ # @return [String]
3187
+ attr_accessor :default_channel
3188
+
3189
+ # Optional. Enables automatic Service Mesh management.
3190
+ # Corresponds to the JSON property `management`
3191
+ # @return [String]
3192
+ attr_accessor :management
131
3193
 
132
3194
  def initialize(**args)
133
3195
  update!(**args)
@@ -135,43 +3197,104 @@ module Google
135
3197
 
136
3198
  # Update properties of this object
137
3199
  def update!(**args)
138
- @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
139
- @operations = args[:operations] if args.key?(:operations)
3200
+ @config_api = args[:config_api] if args.key?(:config_api)
3201
+ @control_plane = args[:control_plane] if args.key?(:control_plane)
3202
+ @default_channel = args[:default_channel] if args.key?(:default_channel)
3203
+ @management = args[:management] if args.key?(:management)
140
3204
  end
141
3205
  end
142
3206
 
143
- # A resource that represents a Google Cloud location.
144
- class Location
3207
+ # **Service Mesh**: State for a single Membership, as analyzed by the Service
3208
+ # Mesh Hub Controller.
3209
+ class ServiceMeshState
145
3210
  include Google::Apis::Core::Hashable
146
3211
 
147
- # The friendly name for this location, typically a nearby city name. For example,
148
- # "Tokyo".
149
- # Corresponds to the JSON property `displayName`
3212
+ # Output only. Results of running Service Mesh analyzers.
3213
+ # Corresponds to the JSON property `analysisMessages`
3214
+ # @return [Array<Google::Apis::GkehubV2alpha::ServiceMeshAnalysisMessage>]
3215
+ attr_accessor :analysis_messages
3216
+
3217
+ # Output only. List of conditions reported for this membership.
3218
+ # Corresponds to the JSON property `conditions`
3219
+ # @return [Array<Google::Apis::GkehubV2alpha::ServiceMeshCondition>]
3220
+ attr_accessor :conditions
3221
+
3222
+ # The API version (i.e. Istio CRD version) for configuring service mesh in this
3223
+ # cluster. This version is influenced by the `default_channel` field.
3224
+ # Corresponds to the JSON property `configApiVersion`
150
3225
  # @return [String]
151
- attr_accessor :display_name
3226
+ attr_accessor :config_api_version
152
3227
 
153
- # Cross-service attributes for the location. For example `"cloud.googleapis.com/
154
- # region": "us-east1"`
155
- # Corresponds to the JSON property `labels`
156
- # @return [Hash<String,String>]
157
- attr_accessor :labels
3228
+ # Status of control plane management.
3229
+ # Corresponds to the JSON property `controlPlaneManagement`
3230
+ # @return [Google::Apis::GkehubV2alpha::ServiceMeshControlPlaneManagement]
3231
+ attr_accessor :control_plane_management
158
3232
 
159
- # The canonical id for this location. For example: `"us-east1"`.
160
- # Corresponds to the JSON property `locationId`
3233
+ # Status of data plane management. Only reported per-member.
3234
+ # Corresponds to the JSON property `dataPlaneManagement`
3235
+ # @return [Google::Apis::GkehubV2alpha::ServiceMeshDataPlaneManagement]
3236
+ attr_accessor :data_plane_management
3237
+
3238
+ def initialize(**args)
3239
+ update!(**args)
3240
+ end
3241
+
3242
+ # Update properties of this object
3243
+ def update!(**args)
3244
+ @analysis_messages = args[:analysis_messages] if args.key?(:analysis_messages)
3245
+ @conditions = args[:conditions] if args.key?(:conditions)
3246
+ @config_api_version = args[:config_api_version] if args.key?(:config_api_version)
3247
+ @control_plane_management = args[:control_plane_management] if args.key?(:control_plane_management)
3248
+ @data_plane_management = args[:data_plane_management] if args.key?(:data_plane_management)
3249
+ end
3250
+ end
3251
+
3252
+ # Structured and human-readable details for a status.
3253
+ class ServiceMeshStatusDetails
3254
+ include Google::Apis::Core::Hashable
3255
+
3256
+ # A machine-readable code that further describes a broad status.
3257
+ # Corresponds to the JSON property `code`
161
3258
  # @return [String]
162
- attr_accessor :location_id
3259
+ attr_accessor :code
163
3260
 
164
- # Service-specific metadata. For example the available capacity at the given
165
- # location.
166
- # Corresponds to the JSON property `metadata`
167
- # @return [Hash<String,Object>]
168
- attr_accessor :metadata
3261
+ # Human-readable explanation of code.
3262
+ # Corresponds to the JSON property `details`
3263
+ # @return [String]
3264
+ attr_accessor :details
169
3265
 
170
- # Resource name for the location, which may vary between implementations. For
171
- # example: `"projects/example-project/locations/us-east1"`
172
- # Corresponds to the JSON property `name`
3266
+ def initialize(**args)
3267
+ update!(**args)
3268
+ end
3269
+
3270
+ # Update properties of this object
3271
+ def update!(**args)
3272
+ @code = args[:code] if args.key?(:code)
3273
+ @details = args[:details] if args.key?(:details)
3274
+ end
3275
+ end
3276
+
3277
+ # A unique identifier for the type of message. Display_name is intended to be
3278
+ # human-readable, code is intended to be machine readable. There should be a one-
3279
+ # to-one mapping between display_name and code. (i.e. do not re-use
3280
+ # display_names or codes between message types.) See istio.analysis.v1alpha1.
3281
+ # AnalysisMessageBase.Type
3282
+ class ServiceMeshType
3283
+ include Google::Apis::Core::Hashable
3284
+
3285
+ # A 7 character code matching `^IST[0-9]`4`$` or `^ASM[0-9]`4`$`, intended to
3286
+ # uniquely identify the message type. (e.g. "IST0001" is mapped to the "
3287
+ # InternalError" message type.)
3288
+ # Corresponds to the JSON property `code`
173
3289
  # @return [String]
174
- attr_accessor :name
3290
+ attr_accessor :code
3291
+
3292
+ # A human-readable name for the message type. e.g. "InternalError", "
3293
+ # PodMissingProxy". This should be the same for all messages of the same type. (
3294
+ # This corresponds to the `name` field in open-source Istio.)
3295
+ # Corresponds to the JSON property `displayName`
3296
+ # @return [String]
3297
+ attr_accessor :display_name
175
3298
 
176
3299
  def initialize(**args)
177
3300
  update!(**args)
@@ -179,61 +3302,51 @@ module Google
179
3302
 
180
3303
  # Update properties of this object
181
3304
  def update!(**args)
3305
+ @code = args[:code] if args.key?(:code)
182
3306
  @display_name = args[:display_name] if args.key?(:display_name)
183
- @labels = args[:labels] if args.key?(:labels)
184
- @location_id = args[:location_id] if args.key?(:location_id)
185
- @metadata = args[:metadata] if args.key?(:metadata)
186
- @name = args[:name] if args.key?(:name)
187
3307
  end
188
3308
  end
189
3309
 
190
- # This resource represents a long-running operation that is the result of a
191
- # network API call.
192
- class Operation
3310
+ # High-level state of a MembershipFeature.
3311
+ class State
193
3312
  include Google::Apis::Core::Hashable
194
3313
 
195
- # If the value is `false`, it means the operation is still in progress. If `true`
196
- # , the operation is completed, and either `error` or `response` is available.
197
- # Corresponds to the JSON property `done`
198
- # @return [Boolean]
199
- attr_accessor :done
200
- alias_method :done?, :done
201
-
202
- # The `Status` type defines a logical error model that is suitable for different
203
- # programming environments, including REST APIs and RPC APIs. It is used by [
204
- # gRPC](https://github.com/grpc). Each `Status` message contains three pieces of
205
- # data: error code, error message, and error details. You can find out more
206
- # about this error model and how to work with it in the [API Design Guide](https:
207
- # //cloud.google.com/apis/design/errors).
208
- # Corresponds to the JSON property `error`
209
- # @return [Google::Apis::GkehubV2alpha::GoogleRpcStatus]
210
- attr_accessor :error
3314
+ # The high-level, machine-readable status of this MembershipFeature.
3315
+ # Corresponds to the JSON property `code`
3316
+ # @return [String]
3317
+ attr_accessor :code
211
3318
 
212
- # Service-specific metadata associated with the operation. It typically contains
213
- # progress information and common metadata such as create time. Some services
214
- # might not provide such metadata. Any method that returns a long-running
215
- # operation should document the metadata type, if any.
216
- # Corresponds to the JSON property `metadata`
217
- # @return [Hash<String,Object>]
218
- attr_accessor :metadata
3319
+ # A human-readable description of the current status.
3320
+ # Corresponds to the JSON property `description`
3321
+ # @return [String]
3322
+ attr_accessor :description
219
3323
 
220
- # The server-assigned name, which is only unique within the same service that
221
- # originally returns it. If you use the default HTTP mapping, the `name` should
222
- # be a resource name ending with `operations/`unique_id``.
223
- # Corresponds to the JSON property `name`
3324
+ # The time this status and any related Feature-specific details were updated.
3325
+ # Corresponds to the JSON property `updateTime`
224
3326
  # @return [String]
225
- attr_accessor :name
3327
+ attr_accessor :update_time
226
3328
 
227
- # The normal, successful response of the operation. If the original method
228
- # returns no data on success, such as `Delete`, the response is `google.protobuf.
229
- # Empty`. If the original method is standard `Get`/`Create`/`Update`, the
230
- # response should be the resource. For other methods, the response should have
231
- # the type `XxxResponse`, where `Xxx` is the original method name. For example,
232
- # if the original method name is `TakeSnapshot()`, the inferred response type is
233
- # `TakeSnapshotResponse`.
234
- # Corresponds to the JSON property `response`
235
- # @return [Hash<String,Object>]
236
- attr_accessor :response
3329
+ def initialize(**args)
3330
+ update!(**args)
3331
+ end
3332
+
3333
+ # Update properties of this object
3334
+ def update!(**args)
3335
+ @code = args[:code] if args.key?(:code)
3336
+ @description = args[:description] if args.key?(:description)
3337
+ @update_time = args[:update_time] if args.key?(:update_time)
3338
+ end
3339
+ end
3340
+
3341
+ # **WorkloadCertificate**: The membership-specific input for WorkloadCertificate
3342
+ # feature.
3343
+ class WorkloadCertificateSpec
3344
+ include Google::Apis::Core::Hashable
3345
+
3346
+ # CertificateManagement specifies workload certificate management.
3347
+ # Corresponds to the JSON property `certificateManagement`
3348
+ # @return [String]
3349
+ attr_accessor :certificate_management
237
3350
 
238
3351
  def initialize(**args)
239
3352
  update!(**args)
@@ -241,11 +3354,7 @@ module Google
241
3354
 
242
3355
  # Update properties of this object
243
3356
  def update!(**args)
244
- @done = args[:done] if args.key?(:done)
245
- @error = args[:error] if args.key?(:error)
246
- @metadata = args[:metadata] if args.key?(:metadata)
247
- @name = args[:name] if args.key?(:name)
248
- @response = args[:response] if args.key?(:response)
3357
+ @certificate_management = args[:certificate_management] if args.key?(:certificate_management)
249
3358
  end
250
3359
  end
251
3360
  end