google-apis-networksecurity_v1 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: 1c9dcbf7b15415580f35e59dd5d88d7f0e0f490f24f62c6ede2d4ac62ba9e449
4
+ data.tar.gz: ff1cdf09a4215684020e610a1944275a81bd14032f77653343df52084e782618
5
+ SHA512:
6
+ metadata.gz: 0aa337dfb02c15ee223d02add08445f1b7c153b10c70fccc0ca1dfa7d31741b075a118e6560a98a879967a7e594b65cd403f1204161f1f4bbb686c175ee7bb3b
7
+ data.tar.gz: 8457ed6d4137413e2fbe89a20dacb63ea088d485379f0c71e2365410239ae0af638c32a05543572b0882e59c26a2e9f31dfa8be89cc0a9650341c3b688992b52
data/.yardopts ADDED
@@ -0,0 +1,13 @@
1
+ --hide-void-return
2
+ --no-private
3
+ --verbose
4
+ --title=google-apis-networksecurity_v1
5
+ --markup-provider=redcarpet
6
+ --markup=markdown
7
+ --main OVERVIEW.md
8
+ lib/google/apis/networksecurity_v1/*.rb
9
+ lib/google/apis/networksecurity_v1.rb
10
+ -
11
+ OVERVIEW.md
12
+ CHANGELOG.md
13
+ LICENSE.md
data/CHANGELOG.md ADDED
@@ -0,0 +1,7 @@
1
+ # Release history for google-apis-networksecurity_v1
2
+
3
+ ### v0.1.0 (2021-08-29)
4
+
5
+ * Regenerated from discovery document revision 20210818
6
+ * Regenerated using generator version 0.4.0
7
+
data/LICENSE.md ADDED
@@ -0,0 +1,202 @@
1
+
2
+ Apache License
3
+ Version 2.0, January 2004
4
+ http://www.apache.org/licenses/
5
+
6
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
7
+
8
+ 1. Definitions.
9
+
10
+ "License" shall mean the terms and conditions for use, reproduction,
11
+ and distribution as defined by Sections 1 through 9 of this document.
12
+
13
+ "Licensor" shall mean the copyright owner or entity authorized by
14
+ the copyright owner that is granting the License.
15
+
16
+ "Legal Entity" shall mean the union of the acting entity and all
17
+ other entities that control, are controlled by, or are under common
18
+ control with that entity. For the purposes of this definition,
19
+ "control" means (i) the power, direct or indirect, to cause the
20
+ direction or management of such entity, whether by contract or
21
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
22
+ outstanding shares, or (iii) beneficial ownership of such entity.
23
+
24
+ "You" (or "Your") shall mean an individual or Legal Entity
25
+ exercising permissions granted by this License.
26
+
27
+ "Source" form shall mean the preferred form for making modifications,
28
+ including but not limited to software source code, documentation
29
+ source, and configuration files.
30
+
31
+ "Object" form shall mean any form resulting from mechanical
32
+ transformation or translation of a Source form, including but
33
+ not limited to compiled object code, generated documentation,
34
+ and conversions to other media types.
35
+
36
+ "Work" shall mean the work of authorship, whether in Source or
37
+ Object form, made available under the License, as indicated by a
38
+ copyright notice that is included in or attached to the work
39
+ (an example is provided in the Appendix below).
40
+
41
+ "Derivative Works" shall mean any work, whether in Source or Object
42
+ form, that is based on (or derived from) the Work and for which the
43
+ editorial revisions, annotations, elaborations, or other modifications
44
+ represent, as a whole, an original work of authorship. For the purposes
45
+ of this License, Derivative Works shall not include works that remain
46
+ separable from, or merely link (or bind by name) to the interfaces of,
47
+ the Work and Derivative Works thereof.
48
+
49
+ "Contribution" shall mean any work of authorship, including
50
+ the original version of the Work and any modifications or additions
51
+ to that Work or Derivative Works thereof, that is intentionally
52
+ submitted to Licensor for inclusion in the Work by the copyright owner
53
+ or by an individual or Legal Entity authorized to submit on behalf of
54
+ the copyright owner. For the purposes of this definition, "submitted"
55
+ means any form of electronic, verbal, or written communication sent
56
+ to the Licensor or its representatives, including but not limited to
57
+ communication on electronic mailing lists, source code control systems,
58
+ and issue tracking systems that are managed by, or on behalf of, the
59
+ Licensor for the purpose of discussing and improving the Work, but
60
+ excluding communication that is conspicuously marked or otherwise
61
+ designated in writing by the copyright owner as "Not a Contribution."
62
+
63
+ "Contributor" shall mean Licensor and any individual or Legal Entity
64
+ on behalf of whom a Contribution has been received by Licensor and
65
+ subsequently incorporated within the Work.
66
+
67
+ 2. Grant of Copyright License. Subject to the terms and conditions of
68
+ this License, each Contributor hereby grants to You a perpetual,
69
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
70
+ copyright license to reproduce, prepare Derivative Works of,
71
+ publicly display, publicly perform, sublicense, and distribute the
72
+ Work and such Derivative Works in Source or Object form.
73
+
74
+ 3. Grant of Patent License. Subject to the terms and conditions of
75
+ this License, each Contributor hereby grants to You a perpetual,
76
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
77
+ (except as stated in this section) patent license to make, have made,
78
+ use, offer to sell, sell, import, and otherwise transfer the Work,
79
+ where such license applies only to those patent claims licensable
80
+ by such Contributor that are necessarily infringed by their
81
+ Contribution(s) alone or by combination of their Contribution(s)
82
+ with the Work to which such Contribution(s) was submitted. If You
83
+ institute patent litigation against any entity (including a
84
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
85
+ or a Contribution incorporated within the Work constitutes direct
86
+ or contributory patent infringement, then any patent licenses
87
+ granted to You under this License for that Work shall terminate
88
+ as of the date such litigation is filed.
89
+
90
+ 4. Redistribution. You may reproduce and distribute copies of the
91
+ Work or Derivative Works thereof in any medium, with or without
92
+ modifications, and in Source or Object form, provided that You
93
+ meet the following conditions:
94
+
95
+ (a) You must give any other recipients of the Work or
96
+ Derivative Works a copy of this License; and
97
+
98
+ (b) You must cause any modified files to carry prominent notices
99
+ stating that You changed the files; and
100
+
101
+ (c) You must retain, in the Source form of any Derivative Works
102
+ that You distribute, all copyright, patent, trademark, and
103
+ attribution notices from the Source form of the Work,
104
+ excluding those notices that do not pertain to any part of
105
+ the Derivative Works; and
106
+
107
+ (d) If the Work includes a "NOTICE" text file as part of its
108
+ distribution, then any Derivative Works that You distribute must
109
+ include a readable copy of the attribution notices contained
110
+ within such NOTICE file, excluding those notices that do not
111
+ pertain to any part of the Derivative Works, in at least one
112
+ of the following places: within a NOTICE text file distributed
113
+ as part of the Derivative Works; within the Source form or
114
+ documentation, if provided along with the Derivative Works; or,
115
+ within a display generated by the Derivative Works, if and
116
+ wherever such third-party notices normally appear. The contents
117
+ of the NOTICE file are for informational purposes only and
118
+ do not modify the License. You may add Your own attribution
119
+ notices within Derivative Works that You distribute, alongside
120
+ or as an addendum to the NOTICE text from the Work, provided
121
+ that such additional attribution notices cannot be construed
122
+ as modifying the License.
123
+
124
+ You may add Your own copyright statement to Your modifications and
125
+ may provide additional or different license terms and conditions
126
+ for use, reproduction, or distribution of Your modifications, or
127
+ for any such Derivative Works as a whole, provided Your use,
128
+ reproduction, and distribution of the Work otherwise complies with
129
+ the conditions stated in this License.
130
+
131
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
132
+ any Contribution intentionally submitted for inclusion in the Work
133
+ by You to the Licensor shall be under the terms and conditions of
134
+ this License, without any additional terms or conditions.
135
+ Notwithstanding the above, nothing herein shall supersede or modify
136
+ the terms of any separate license agreement you may have executed
137
+ with Licensor regarding such Contributions.
138
+
139
+ 6. Trademarks. This License does not grant permission to use the trade
140
+ names, trademarks, service marks, or product names of the Licensor,
141
+ except as required for reasonable and customary use in describing the
142
+ origin of the Work and reproducing the content of the NOTICE file.
143
+
144
+ 7. Disclaimer of Warranty. Unless required by applicable law or
145
+ agreed to in writing, Licensor provides the Work (and each
146
+ Contributor provides its Contributions) on an "AS IS" BASIS,
147
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
148
+ implied, including, without limitation, any warranties or conditions
149
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
150
+ PARTICULAR PURPOSE. You are solely responsible for determining the
151
+ appropriateness of using or redistributing the Work and assume any
152
+ risks associated with Your exercise of permissions under this License.
153
+
154
+ 8. Limitation of Liability. In no event and under no legal theory,
155
+ whether in tort (including negligence), contract, or otherwise,
156
+ unless required by applicable law (such as deliberate and grossly
157
+ negligent acts) or agreed to in writing, shall any Contributor be
158
+ liable to You for damages, including any direct, indirect, special,
159
+ incidental, or consequential damages of any character arising as a
160
+ result of this License or out of the use or inability to use the
161
+ Work (including but not limited to damages for loss of goodwill,
162
+ work stoppage, computer failure or malfunction, or any and all
163
+ other commercial damages or losses), even if such Contributor
164
+ has been advised of the possibility of such damages.
165
+
166
+ 9. Accepting Warranty or Additional Liability. While redistributing
167
+ the Work or Derivative Works thereof, You may choose to offer,
168
+ and charge a fee for, acceptance of support, warranty, indemnity,
169
+ or other liability obligations and/or rights consistent with this
170
+ License. However, in accepting such obligations, You may act only
171
+ on Your own behalf and on Your sole responsibility, not on behalf
172
+ of any other Contributor, and only if You agree to indemnify,
173
+ defend, and hold each Contributor harmless for any liability
174
+ incurred by, or claims asserted against, such Contributor by reason
175
+ of your accepting any such warranty or additional liability.
176
+
177
+ END OF TERMS AND CONDITIONS
178
+
179
+ APPENDIX: How to apply the Apache License to your work.
180
+
181
+ To apply the Apache License to your work, attach the following
182
+ boilerplate notice, with the fields enclosed by brackets "[]"
183
+ replaced with your own identifying information. (Don't include
184
+ the brackets!) The text should be enclosed in the appropriate
185
+ comment syntax for the file format. We also recommend that a
186
+ file or class name and description of purpose be included on the
187
+ same "printed page" as the copyright notice for easier
188
+ identification within third-party archives.
189
+
190
+ Copyright [yyyy] [name of copyright owner]
191
+
192
+ Licensed under the Apache License, Version 2.0 (the "License");
193
+ you may not use this file except in compliance with the License.
194
+ You may obtain a copy of the License at
195
+
196
+ http://www.apache.org/licenses/LICENSE-2.0
197
+
198
+ Unless required by applicable law or agreed to in writing, software
199
+ distributed under the License is distributed on an "AS IS" BASIS,
200
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
201
+ See the License for the specific language governing permissions and
202
+ limitations under the License.
data/OVERVIEW.md ADDED
@@ -0,0 +1,96 @@
1
+ # Simple REST client for version V1 of the Network Security API
2
+
3
+ This is a simple client library for version V1 of the Network Security API. It provides:
4
+
5
+ * A client object that connects to the HTTP/JSON REST endpoint for the service.
6
+ * Ruby objects for data structures related to the service.
7
+ * Integration with the googleauth gem for authentication using OAuth, API keys, and service accounts.
8
+ * Control of retry, pagination, and timeouts.
9
+
10
+ Note that although this client library is supported and will continue to be updated to track changes to the service, it is otherwise considered complete and not under active development. Many Google services, especially Google Cloud Platform services, may provide a more modern client that is under more active development and improvement. See the section below titled *Which client should I use?* for more information.
11
+
12
+ ## Getting started
13
+
14
+ ### Before you begin
15
+
16
+ There are a few setup steps you need to complete before you can use this library:
17
+
18
+ 1. If you don't already have a Google account, [sign up](https://www.google.com/accounts).
19
+ 2. If you have never created a Google APIs Console project, read about [Managing Projects](https://cloud.google.com/resource-manager/docs/creating-managing-projects) and create a project in the [Google API Console](https://console.cloud.google.com/).
20
+ 3. Most APIs need to be enabled for your project. [Enable it](https://console.cloud.google.com/apis/library/networksecurity.googleapis.com) in the console.
21
+
22
+ ### Installation
23
+
24
+ Add this line to your application's Gemfile:
25
+
26
+ ```ruby
27
+ gem 'google-apis-networksecurity_v1', '~> 0.1'
28
+ ```
29
+
30
+ And then execute:
31
+
32
+ ```
33
+ $ bundle
34
+ ```
35
+
36
+ Or install it yourself as:
37
+
38
+ ```
39
+ $ gem install google-apis-networksecurity_v1
40
+ ```
41
+
42
+ ### Creating a client object
43
+
44
+ Once the gem is installed, you can load the client code and instantiate a client.
45
+
46
+ ```ruby
47
+ # Load the client
48
+ require "google/apis/networksecurity_v1"
49
+
50
+ # Create a client object
51
+ client = Google::Apis::NetworksecurityV1::NetworkSecurityService.new
52
+
53
+ # Authenticate calls
54
+ client.authentication = # ... use the googleauth gem to create credentials
55
+ ```
56
+
57
+ See the class reference docs for information on the methods you can call from a client.
58
+
59
+ ## Documentation
60
+
61
+ More detailed descriptions of the Google simple REST clients are available in two documents.
62
+
63
+ * The [Usage Guide](https://github.com/googleapis/google-api-ruby-client/blob/master/docs/usage-guide.md) discusses how to make API calls, how to use the provided data structures, and how to work the various features of the client library, including media upload and download, error handling, retries, pagination, and logging.
64
+ * The [Auth Guide](https://github.com/googleapis/google-api-ruby-client/blob/master/docs/auth-guide.md) discusses authentication in the client libraries, including API keys, OAuth 2.0, service accounts, and environment variables.
65
+
66
+ (Note: the above documents are written for the simple REST clients in general, and their examples may not reflect the Networksecurity service in particular.)
67
+
68
+ For reference information on specific calls in the Network Security API, see the {Google::Apis::NetworksecurityV1::NetworkSecurityService class reference docs}.
69
+
70
+ ## Which client should I use?
71
+
72
+ Google provides two types of Ruby API client libraries: **simple REST clients** and **modern clients**.
73
+
74
+ This library, `google-apis-networksecurity_v1`, is a simple REST client. You can identify these clients by their gem names, which are always in the form `google-apis-<servicename>_<serviceversion>`. The simple REST clients connect to HTTP/JSON REST endpoints and are automatically generated from service discovery documents. They support most API functionality, but their class interfaces are sometimes awkward.
75
+
76
+ Modern clients are produced by a modern code generator, sometimes combined with hand-crafted functionality. Most modern clients connect to high-performance gRPC endpoints, although a few are backed by REST services. Modern clients are available for many Google services, especially Google Cloud Platform services, but do not yet support all the services covered by the simple clients.
77
+
78
+ Gem names for modern clients are often of the form `google-cloud-<service_name>`. (For example, [google-cloud-pubsub](https://rubygems.org/gems/google-cloud-pubsub).) Note that most modern clients also have corresponding "versioned" gems with names like `google-cloud-<service_name>-<version>`. (For example, [google-cloud-pubsub-v1](https://rubygems.org/gems/google-cloud-pubsub-v1).) The "versioned" gems can be used directly, but often provide lower-level interfaces. In most cases, the main gem is recommended.
79
+
80
+ **For most users, we recommend the modern client, if one is available.** Compared with simple clients, modern clients are generally much easier to use and more Ruby-like, support more advanced features such as streaming and long-running operations, and often provide much better performance. You may consider using a simple client instead, if a modern client is not yet available for the service you want to use, or if you are not able to use gRPC on your infrastructure.
81
+
82
+ The [product documentation](https://cloud.google.com/networking) may provide guidance regarding the preferred client library to use.
83
+
84
+ ## Supported Ruby versions
85
+
86
+ This library is supported on Ruby 2.5+.
87
+
88
+ Google provides official support for Ruby versions that are actively supported by Ruby Core -- that is, Ruby versions that are either in normal maintenance or in security maintenance, and not end of life. Currently, this means Ruby 2.5 and later. Older versions of Ruby _may_ still work, but are unsupported and not recommended. See https://www.ruby-lang.org/en/downloads/branches/ for details about the Ruby support schedule.
89
+
90
+ ## License
91
+
92
+ This library is licensed under Apache 2.0. Full license text is available in the {file:LICENSE.md LICENSE}.
93
+
94
+ ## Support
95
+
96
+ Please [report bugs at the project on Github](https://github.com/google/google-api-ruby-client/issues). Don't hesitate to [ask questions](http://stackoverflow.com/questions/tagged/google-api-ruby-client) about the client or APIs on [StackOverflow](http://stackoverflow.com).
@@ -0,0 +1,1230 @@
1
+ # Copyright 2020 Google LLC
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
6
+ #
7
+ # http://www.apache.org/licenses/LICENSE-2.0
8
+ #
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
14
+
15
+ require 'date'
16
+ require 'google/apis/core/base_service'
17
+ require 'google/apis/core/json_representation'
18
+ require 'google/apis/core/hashable'
19
+ require 'google/apis/errors'
20
+
21
+ module Google
22
+ module Apis
23
+ module NetworksecurityV1
24
+
25
+ # AuthorizationPolicy is a resource that specifies how a server should authorize
26
+ # incoming connections. This resource in itself does not change the
27
+ # configuration unless it's attached to a target https proxy or endpoint config
28
+ # selector resource.
29
+ class AuthorizationPolicy
30
+ include Google::Apis::Core::Hashable
31
+
32
+ # Required. The action to take when a rule match is found. Possible values are "
33
+ # ALLOW" or "DENY".
34
+ # Corresponds to the JSON property `action`
35
+ # @return [String]
36
+ attr_accessor :action
37
+
38
+ # Output only. The timestamp when the resource was created.
39
+ # Corresponds to the JSON property `createTime`
40
+ # @return [String]
41
+ attr_accessor :create_time
42
+
43
+ # Optional. Free-text description of the resource.
44
+ # Corresponds to the JSON property `description`
45
+ # @return [String]
46
+ attr_accessor :description
47
+
48
+ # Optional. Set of label tags associated with the AuthorizationPolicy resource.
49
+ # Corresponds to the JSON property `labels`
50
+ # @return [Hash<String,String>]
51
+ attr_accessor :labels
52
+
53
+ # Required. Name of the AuthorizationPolicy resource. It matches pattern `
54
+ # projects/`project`/locations/`location`/authorizationPolicies/`.
55
+ # Corresponds to the JSON property `name`
56
+ # @return [String]
57
+ attr_accessor :name
58
+
59
+ # Optional. List of rules to match. Note that at least one of the rules must
60
+ # match in order for the action specified in the 'action' field to be taken. A
61
+ # rule is a match if there is a matching source and destination. If left blank,
62
+ # the action specified in the `action` field will be applied on every request.
63
+ # Corresponds to the JSON property `rules`
64
+ # @return [Array<Google::Apis::NetworksecurityV1::Rule>]
65
+ attr_accessor :rules
66
+
67
+ # Output only. The timestamp when the resource was updated.
68
+ # Corresponds to the JSON property `updateTime`
69
+ # @return [String]
70
+ attr_accessor :update_time
71
+
72
+ def initialize(**args)
73
+ update!(**args)
74
+ end
75
+
76
+ # Update properties of this object
77
+ def update!(**args)
78
+ @action = args[:action] if args.key?(:action)
79
+ @create_time = args[:create_time] if args.key?(:create_time)
80
+ @description = args[:description] if args.key?(:description)
81
+ @labels = args[:labels] if args.key?(:labels)
82
+ @name = args[:name] if args.key?(:name)
83
+ @rules = args[:rules] if args.key?(:rules)
84
+ @update_time = args[:update_time] if args.key?(:update_time)
85
+ end
86
+ end
87
+
88
+ # The request message for Operations.CancelOperation.
89
+ class CancelOperationRequest
90
+ include Google::Apis::Core::Hashable
91
+
92
+ def initialize(**args)
93
+ update!(**args)
94
+ end
95
+
96
+ # Update properties of this object
97
+ def update!(**args)
98
+ end
99
+ end
100
+
101
+ # Specification of a TLS certificate provider instance. Workloads may have one
102
+ # or more CertificateProvider instances (plugins) and one of them is enabled and
103
+ # configured by specifying this message. Workloads use the values from this
104
+ # message to locate and load the CertificateProvider instance configuration.
105
+ class CertificateProviderInstance
106
+ include Google::Apis::Core::Hashable
107
+
108
+ # Required. Plugin instance name, used to locate and load CertificateProvider
109
+ # instance configuration. Set to "google_cloud_private_spiffe" to use
110
+ # Certificate Authority Service certificate provider instance.
111
+ # Corresponds to the JSON property `pluginInstance`
112
+ # @return [String]
113
+ attr_accessor :plugin_instance
114
+
115
+ def initialize(**args)
116
+ update!(**args)
117
+ end
118
+
119
+ # Update properties of this object
120
+ def update!(**args)
121
+ @plugin_instance = args[:plugin_instance] if args.key?(:plugin_instance)
122
+ end
123
+ end
124
+
125
+ # ClientTlsPolicy is a resource that specifies how a client should authenticate
126
+ # connections to backends of a service. This resource itself does not affect
127
+ # configuration unless it is attached to a backend service resource.
128
+ class ClientTlsPolicy
129
+ include Google::Apis::Core::Hashable
130
+
131
+ # Specification of certificate provider. Defines the mechanism to obtain the
132
+ # certificate and private key for peer to peer authentication.
133
+ # Corresponds to the JSON property `clientCertificate`
134
+ # @return [Google::Apis::NetworksecurityV1::GoogleCloudNetworksecurityV1CertificateProvider]
135
+ attr_accessor :client_certificate
136
+
137
+ # Output only. The timestamp when the resource was created.
138
+ # Corresponds to the JSON property `createTime`
139
+ # @return [String]
140
+ attr_accessor :create_time
141
+
142
+ # Optional. Free-text description of the resource.
143
+ # Corresponds to the JSON property `description`
144
+ # @return [String]
145
+ attr_accessor :description
146
+
147
+ # Optional. Set of label tags associated with the resource.
148
+ # Corresponds to the JSON property `labels`
149
+ # @return [Hash<String,String>]
150
+ attr_accessor :labels
151
+
152
+ # Required. Name of the ClientTlsPolicy resource. It matches the pattern `
153
+ # projects/*/locations/`location`/clientTlsPolicies/`client_tls_policy``
154
+ # Corresponds to the JSON property `name`
155
+ # @return [String]
156
+ attr_accessor :name
157
+
158
+ # Optional. Defines the mechanism to obtain the Certificate Authority
159
+ # certificate to validate the server certificate. If empty, client does not
160
+ # validate the server certificate.
161
+ # Corresponds to the JSON property `serverValidationCa`
162
+ # @return [Array<Google::Apis::NetworksecurityV1::ValidationCa>]
163
+ attr_accessor :server_validation_ca
164
+
165
+ # Optional. Server Name Indication string to present to the server during TLS
166
+ # handshake. E.g: "secure.example.com".
167
+ # Corresponds to the JSON property `sni`
168
+ # @return [String]
169
+ attr_accessor :sni
170
+
171
+ # Output only. The timestamp when the resource was updated.
172
+ # Corresponds to the JSON property `updateTime`
173
+ # @return [String]
174
+ attr_accessor :update_time
175
+
176
+ def initialize(**args)
177
+ update!(**args)
178
+ end
179
+
180
+ # Update properties of this object
181
+ def update!(**args)
182
+ @client_certificate = args[:client_certificate] if args.key?(:client_certificate)
183
+ @create_time = args[:create_time] if args.key?(:create_time)
184
+ @description = args[:description] if args.key?(:description)
185
+ @labels = args[:labels] if args.key?(:labels)
186
+ @name = args[:name] if args.key?(:name)
187
+ @server_validation_ca = args[:server_validation_ca] if args.key?(:server_validation_ca)
188
+ @sni = args[:sni] if args.key?(:sni)
189
+ @update_time = args[:update_time] if args.key?(:update_time)
190
+ end
191
+ end
192
+
193
+ # Specification of traffic destination attributes.
194
+ class Destination
195
+ include Google::Apis::Core::Hashable
196
+
197
+ # Required. List of host names to match. Matched against HOST header in http
198
+ # requests. At least one host should match. Each host can be an exact match, or
199
+ # a prefix match (example "mydomain.*") or a suffix match (example // *.myorg.
200
+ # com") or a presence(any) match "*".
201
+ # Corresponds to the JSON property `hosts`
202
+ # @return [Array<String>]
203
+ attr_accessor :hosts
204
+
205
+ # Specification of HTTP header match atrributes.
206
+ # Corresponds to the JSON property `httpHeaderMatch`
207
+ # @return [Google::Apis::NetworksecurityV1::HttpHeaderMatch]
208
+ attr_accessor :http_header_match
209
+
210
+ # Optional. A list of HTTP methods to match. At least one method should match.
211
+ # Should not be set for gRPC services.
212
+ # Corresponds to the JSON property `methods`
213
+ # @return [Array<String>]
214
+ attr_accessor :methods_prop
215
+
216
+ # Required. List of destination ports to match. At least one port should match.
217
+ # Corresponds to the JSON property `ports`
218
+ # @return [Array<Fixnum>]
219
+ attr_accessor :ports
220
+
221
+ def initialize(**args)
222
+ update!(**args)
223
+ end
224
+
225
+ # Update properties of this object
226
+ def update!(**args)
227
+ @hosts = args[:hosts] if args.key?(:hosts)
228
+ @http_header_match = args[:http_header_match] if args.key?(:http_header_match)
229
+ @methods_prop = args[:methods_prop] if args.key?(:methods_prop)
230
+ @ports = args[:ports] if args.key?(:ports)
231
+ end
232
+ end
233
+
234
+ # A generic empty message that you can re-use to avoid defining duplicated empty
235
+ # messages in your APIs. A typical example is to use it as the request or the
236
+ # response type of an API method. For instance: service Foo ` rpc Bar(google.
237
+ # protobuf.Empty) returns (google.protobuf.Empty); ` The JSON representation for
238
+ # `Empty` is empty JSON object ````.
239
+ class Empty
240
+ include Google::Apis::Core::Hashable
241
+
242
+ def initialize(**args)
243
+ update!(**args)
244
+ end
245
+
246
+ # Update properties of this object
247
+ def update!(**args)
248
+ end
249
+ end
250
+
251
+ # Represents a textual expression in the Common Expression Language (CEL) syntax.
252
+ # CEL is a C-like expression language. The syntax and semantics of CEL are
253
+ # documented at https://github.com/google/cel-spec. Example (Comparison): title:
254
+ # "Summary size limit" description: "Determines if a summary is less than 100
255
+ # chars" expression: "document.summary.size() < 100" Example (Equality): title: "
256
+ # Requestor is owner" description: "Determines if requestor is the document
257
+ # owner" expression: "document.owner == request.auth.claims.email" Example (
258
+ # Logic): title: "Public documents" description: "Determine whether the document
259
+ # should be publicly visible" expression: "document.type != 'private' &&
260
+ # document.type != 'internal'" Example (Data Manipulation): title: "Notification
261
+ # string" description: "Create a notification string with a timestamp."
262
+ # expression: "'New message received at ' + string(document.create_time)" The
263
+ # exact variables and functions that may be referenced within an expression are
264
+ # determined by the service that evaluates it. See the service documentation for
265
+ # additional information.
266
+ class Expr
267
+ include Google::Apis::Core::Hashable
268
+
269
+ # Optional. Description of the expression. This is a longer text which describes
270
+ # the expression, e.g. when hovered over it in a UI.
271
+ # Corresponds to the JSON property `description`
272
+ # @return [String]
273
+ attr_accessor :description
274
+
275
+ # Textual representation of an expression in Common Expression Language syntax.
276
+ # Corresponds to the JSON property `expression`
277
+ # @return [String]
278
+ attr_accessor :expression
279
+
280
+ # Optional. String indicating the location of the expression for error reporting,
281
+ # e.g. a file name and a position in the file.
282
+ # Corresponds to the JSON property `location`
283
+ # @return [String]
284
+ attr_accessor :location
285
+
286
+ # Optional. Title for the expression, i.e. a short string describing its purpose.
287
+ # This can be used e.g. in UIs which allow to enter the expression.
288
+ # Corresponds to the JSON property `title`
289
+ # @return [String]
290
+ attr_accessor :title
291
+
292
+ def initialize(**args)
293
+ update!(**args)
294
+ end
295
+
296
+ # Update properties of this object
297
+ def update!(**args)
298
+ @description = args[:description] if args.key?(:description)
299
+ @expression = args[:expression] if args.key?(:expression)
300
+ @location = args[:location] if args.key?(:location)
301
+ @title = args[:title] if args.key?(:title)
302
+ end
303
+ end
304
+
305
+ # Specification of certificate provider. Defines the mechanism to obtain the
306
+ # certificate and private key for peer to peer authentication.
307
+ class GoogleCloudNetworksecurityV1CertificateProvider
308
+ include Google::Apis::Core::Hashable
309
+
310
+ # Specification of a TLS certificate provider instance. Workloads may have one
311
+ # or more CertificateProvider instances (plugins) and one of them is enabled and
312
+ # configured by specifying this message. Workloads use the values from this
313
+ # message to locate and load the CertificateProvider instance configuration.
314
+ # Corresponds to the JSON property `certificateProviderInstance`
315
+ # @return [Google::Apis::NetworksecurityV1::CertificateProviderInstance]
316
+ attr_accessor :certificate_provider_instance
317
+
318
+ # Specification of the GRPC Endpoint.
319
+ # Corresponds to the JSON property `grpcEndpoint`
320
+ # @return [Google::Apis::NetworksecurityV1::GoogleCloudNetworksecurityV1GrpcEndpoint]
321
+ attr_accessor :grpc_endpoint
322
+
323
+ def initialize(**args)
324
+ update!(**args)
325
+ end
326
+
327
+ # Update properties of this object
328
+ def update!(**args)
329
+ @certificate_provider_instance = args[:certificate_provider_instance] if args.key?(:certificate_provider_instance)
330
+ @grpc_endpoint = args[:grpc_endpoint] if args.key?(:grpc_endpoint)
331
+ end
332
+ end
333
+
334
+ # Specification of the GRPC Endpoint.
335
+ class GoogleCloudNetworksecurityV1GrpcEndpoint
336
+ include Google::Apis::Core::Hashable
337
+
338
+ # Required. The target URI of the gRPC endpoint. Only UDS path is supported, and
339
+ # should start with “unix:”.
340
+ # Corresponds to the JSON property `targetUri`
341
+ # @return [String]
342
+ attr_accessor :target_uri
343
+
344
+ def initialize(**args)
345
+ update!(**args)
346
+ end
347
+
348
+ # Update properties of this object
349
+ def update!(**args)
350
+ @target_uri = args[:target_uri] if args.key?(:target_uri)
351
+ end
352
+ end
353
+
354
+ # Specifies the audit configuration for a service. The configuration determines
355
+ # which permission types are logged, and what identities, if any, are exempted
356
+ # from logging. An AuditConfig must have one or more AuditLogConfigs. If there
357
+ # are AuditConfigs for both `allServices` and a specific service, the union of
358
+ # the two AuditConfigs is used for that service: the log_types specified in each
359
+ # AuditConfig are enabled, and the exempted_members in each AuditLogConfig are
360
+ # exempted. Example Policy with multiple AuditConfigs: ` "audit_configs": [ ` "
361
+ # service": "allServices", "audit_log_configs": [ ` "log_type": "DATA_READ", "
362
+ # exempted_members": [ "user:jose@example.com" ] `, ` "log_type": "DATA_WRITE" `,
363
+ # ` "log_type": "ADMIN_READ" ` ] `, ` "service": "sampleservice.googleapis.com",
364
+ # "audit_log_configs": [ ` "log_type": "DATA_READ" `, ` "log_type": "DATA_WRITE"
365
+ # , "exempted_members": [ "user:aliya@example.com" ] ` ] ` ] ` For sampleservice,
366
+ # this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also
367
+ # exempts jose@example.com from DATA_READ logging, and aliya@example.com from
368
+ # DATA_WRITE logging.
369
+ class GoogleIamV1AuditConfig
370
+ include Google::Apis::Core::Hashable
371
+
372
+ # The configuration for logging of each type of permission.
373
+ # Corresponds to the JSON property `auditLogConfigs`
374
+ # @return [Array<Google::Apis::NetworksecurityV1::GoogleIamV1AuditLogConfig>]
375
+ attr_accessor :audit_log_configs
376
+
377
+ # Specifies a service that will be enabled for audit logging. For example, `
378
+ # storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special
379
+ # value that covers all services.
380
+ # Corresponds to the JSON property `service`
381
+ # @return [String]
382
+ attr_accessor :service
383
+
384
+ def initialize(**args)
385
+ update!(**args)
386
+ end
387
+
388
+ # Update properties of this object
389
+ def update!(**args)
390
+ @audit_log_configs = args[:audit_log_configs] if args.key?(:audit_log_configs)
391
+ @service = args[:service] if args.key?(:service)
392
+ end
393
+ end
394
+
395
+ # Provides the configuration for logging a type of permissions. Example: ` "
396
+ # audit_log_configs": [ ` "log_type": "DATA_READ", "exempted_members": [ "user:
397
+ # jose@example.com" ] `, ` "log_type": "DATA_WRITE" ` ] ` This enables '
398
+ # DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from
399
+ # DATA_READ logging.
400
+ class GoogleIamV1AuditLogConfig
401
+ include Google::Apis::Core::Hashable
402
+
403
+ # Specifies the identities that do not cause logging for this type of permission.
404
+ # Follows the same format of Binding.members.
405
+ # Corresponds to the JSON property `exemptedMembers`
406
+ # @return [Array<String>]
407
+ attr_accessor :exempted_members
408
+
409
+ # The log type that this config enables.
410
+ # Corresponds to the JSON property `logType`
411
+ # @return [String]
412
+ attr_accessor :log_type
413
+
414
+ def initialize(**args)
415
+ update!(**args)
416
+ end
417
+
418
+ # Update properties of this object
419
+ def update!(**args)
420
+ @exempted_members = args[:exempted_members] if args.key?(:exempted_members)
421
+ @log_type = args[:log_type] if args.key?(:log_type)
422
+ end
423
+ end
424
+
425
+ # Associates `members` with a `role`.
426
+ class GoogleIamV1Binding
427
+ include Google::Apis::Core::Hashable
428
+
429
+ # Represents a textual expression in the Common Expression Language (CEL) syntax.
430
+ # CEL is a C-like expression language. The syntax and semantics of CEL are
431
+ # documented at https://github.com/google/cel-spec. Example (Comparison): title:
432
+ # "Summary size limit" description: "Determines if a summary is less than 100
433
+ # chars" expression: "document.summary.size() < 100" Example (Equality): title: "
434
+ # Requestor is owner" description: "Determines if requestor is the document
435
+ # owner" expression: "document.owner == request.auth.claims.email" Example (
436
+ # Logic): title: "Public documents" description: "Determine whether the document
437
+ # should be publicly visible" expression: "document.type != 'private' &&
438
+ # document.type != 'internal'" Example (Data Manipulation): title: "Notification
439
+ # string" description: "Create a notification string with a timestamp."
440
+ # expression: "'New message received at ' + string(document.create_time)" The
441
+ # exact variables and functions that may be referenced within an expression are
442
+ # determined by the service that evaluates it. See the service documentation for
443
+ # additional information.
444
+ # Corresponds to the JSON property `condition`
445
+ # @return [Google::Apis::NetworksecurityV1::Expr]
446
+ attr_accessor :condition
447
+
448
+ # Specifies the identities requesting access for a Cloud Platform resource. `
449
+ # members` can have the following values: * `allUsers`: A special identifier
450
+ # that represents anyone who is on the internet; with or without a Google
451
+ # account. * `allAuthenticatedUsers`: A special identifier that represents
452
+ # anyone who is authenticated with a Google account or a service account. * `
453
+ # user:`emailid``: An email address that represents a specific Google account.
454
+ # For example, `alice@example.com` . * `serviceAccount:`emailid``: An email
455
+ # address that represents a service account. For example, `my-other-app@appspot.
456
+ # gserviceaccount.com`. * `group:`emailid``: An email address that represents a
457
+ # Google group. For example, `admins@example.com`. * `deleted:user:`emailid`?uid=
458
+ # `uniqueid``: An email address (plus unique identifier) representing a user
459
+ # that has been recently deleted. For example, `alice@example.com?uid=
460
+ # 123456789012345678901`. If the user is recovered, this value reverts to `user:`
461
+ # emailid`` and the recovered user retains the role in the binding. * `deleted:
462
+ # serviceAccount:`emailid`?uid=`uniqueid``: An email address (plus unique
463
+ # identifier) representing a service account that has been recently deleted. For
464
+ # example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`.
465
+ # If the service account is undeleted, this value reverts to `serviceAccount:`
466
+ # emailid`` and the undeleted service account retains the role in the binding. *
467
+ # `deleted:group:`emailid`?uid=`uniqueid``: An email address (plus unique
468
+ # identifier) representing a Google group that has been recently deleted. For
469
+ # example, `admins@example.com?uid=123456789012345678901`. If the group is
470
+ # recovered, this value reverts to `group:`emailid`` and the recovered group
471
+ # retains the role in the binding. * `domain:`domain``: The G Suite domain (
472
+ # primary) that represents all the users of that domain. For example, `google.
473
+ # com` or `example.com`.
474
+ # Corresponds to the JSON property `members`
475
+ # @return [Array<String>]
476
+ attr_accessor :members
477
+
478
+ # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`
479
+ # , or `roles/owner`.
480
+ # Corresponds to the JSON property `role`
481
+ # @return [String]
482
+ attr_accessor :role
483
+
484
+ def initialize(**args)
485
+ update!(**args)
486
+ end
487
+
488
+ # Update properties of this object
489
+ def update!(**args)
490
+ @condition = args[:condition] if args.key?(:condition)
491
+ @members = args[:members] if args.key?(:members)
492
+ @role = args[:role] if args.key?(:role)
493
+ end
494
+ end
495
+
496
+ # An Identity and Access Management (IAM) policy, which specifies access
497
+ # controls for Google Cloud resources. A `Policy` is a collection of `bindings`.
498
+ # A `binding` binds one or more `members` to a single `role`. Members can be
499
+ # user accounts, service accounts, Google groups, and domains (such as G Suite).
500
+ # A `role` is a named list of permissions; each `role` can be an IAM predefined
501
+ # role or a user-created custom role. For some types of Google Cloud resources,
502
+ # a `binding` can also specify a `condition`, which is a logical expression that
503
+ # allows access to a resource only if the expression evaluates to `true`. A
504
+ # condition can add constraints based on attributes of the request, the resource,
505
+ # or both. To learn which resources support conditions in their IAM policies,
506
+ # see the [IAM documentation](https://cloud.google.com/iam/help/conditions/
507
+ # resource-policies). **JSON example:** ` "bindings": [ ` "role": "roles/
508
+ # resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "
509
+ # group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@
510
+ # appspot.gserviceaccount.com" ] `, ` "role": "roles/resourcemanager.
511
+ # organizationViewer", "members": [ "user:eve@example.com" ], "condition": ` "
512
+ # title": "expirable access", "description": "Does not grant access after Sep
513
+ # 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", `
514
+ # ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:** bindings: -
515
+ # members: - user:mike@example.com - group:admins@example.com - domain:google.
516
+ # com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/
517
+ # resourcemanager.organizationAdmin - members: - user:eve@example.com role:
518
+ # roles/resourcemanager.organizationViewer condition: title: expirable access
519
+ # description: Does not grant access after Sep 2020 expression: request.time <
520
+ # timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a
521
+ # description of IAM and its features, see the [IAM documentation](https://cloud.
522
+ # google.com/iam/docs/).
523
+ class GoogleIamV1Policy
524
+ include Google::Apis::Core::Hashable
525
+
526
+ # Specifies cloud audit logging configuration for this policy.
527
+ # Corresponds to the JSON property `auditConfigs`
528
+ # @return [Array<Google::Apis::NetworksecurityV1::GoogleIamV1AuditConfig>]
529
+ attr_accessor :audit_configs
530
+
531
+ # Associates a list of `members` to a `role`. Optionally, may specify a `
532
+ # condition` that determines how and when the `bindings` are applied. Each of
533
+ # the `bindings` must contain at least one member.
534
+ # Corresponds to the JSON property `bindings`
535
+ # @return [Array<Google::Apis::NetworksecurityV1::GoogleIamV1Binding>]
536
+ attr_accessor :bindings
537
+
538
+ # `etag` is used for optimistic concurrency control as a way to help prevent
539
+ # simultaneous updates of a policy from overwriting each other. It is strongly
540
+ # suggested that systems make use of the `etag` in the read-modify-write cycle
541
+ # to perform policy updates in order to avoid race conditions: An `etag` is
542
+ # returned in the response to `getIamPolicy`, and systems are expected to put
543
+ # that etag in the request to `setIamPolicy` to ensure that their change will be
544
+ # applied to the same version of the policy. **Important:** If you use IAM
545
+ # Conditions, you must include the `etag` field whenever you call `setIamPolicy`.
546
+ # If you omit this field, then IAM allows you to overwrite a version `3` policy
547
+ # with a version `1` policy, and all of the conditions in the version `3` policy
548
+ # are lost.
549
+ # Corresponds to the JSON property `etag`
550
+ # NOTE: Values are automatically base64 encoded/decoded in the client library.
551
+ # @return [String]
552
+ attr_accessor :etag
553
+
554
+ # Specifies the format of the policy. Valid values are `0`, `1`, and `3`.
555
+ # Requests that specify an invalid value are rejected. Any operation that
556
+ # affects conditional role bindings must specify version `3`. This requirement
557
+ # applies to the following operations: * Getting a policy that includes a
558
+ # conditional role binding * Adding a conditional role binding to a policy *
559
+ # Changing a conditional role binding in a policy * Removing any role binding,
560
+ # with or without a condition, from a policy that includes conditions **
561
+ # Important:** If you use IAM Conditions, you must include the `etag` field
562
+ # whenever you call `setIamPolicy`. If you omit this field, then IAM allows you
563
+ # to overwrite a version `3` policy with a version `1` policy, and all of the
564
+ # conditions in the version `3` policy are lost. If a policy does not include
565
+ # any conditions, operations on that policy may specify any valid version or
566
+ # leave the field unset. To learn which resources support conditions in their
567
+ # IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/
568
+ # conditions/resource-policies).
569
+ # Corresponds to the JSON property `version`
570
+ # @return [Fixnum]
571
+ attr_accessor :version
572
+
573
+ def initialize(**args)
574
+ update!(**args)
575
+ end
576
+
577
+ # Update properties of this object
578
+ def update!(**args)
579
+ @audit_configs = args[:audit_configs] if args.key?(:audit_configs)
580
+ @bindings = args[:bindings] if args.key?(:bindings)
581
+ @etag = args[:etag] if args.key?(:etag)
582
+ @version = args[:version] if args.key?(:version)
583
+ end
584
+ end
585
+
586
+ # Request message for `SetIamPolicy` method.
587
+ class GoogleIamV1SetIamPolicyRequest
588
+ include Google::Apis::Core::Hashable
589
+
590
+ # An Identity and Access Management (IAM) policy, which specifies access
591
+ # controls for Google Cloud resources. A `Policy` is a collection of `bindings`.
592
+ # A `binding` binds one or more `members` to a single `role`. Members can be
593
+ # user accounts, service accounts, Google groups, and domains (such as G Suite).
594
+ # A `role` is a named list of permissions; each `role` can be an IAM predefined
595
+ # role or a user-created custom role. For some types of Google Cloud resources,
596
+ # a `binding` can also specify a `condition`, which is a logical expression that
597
+ # allows access to a resource only if the expression evaluates to `true`. A
598
+ # condition can add constraints based on attributes of the request, the resource,
599
+ # or both. To learn which resources support conditions in their IAM policies,
600
+ # see the [IAM documentation](https://cloud.google.com/iam/help/conditions/
601
+ # resource-policies). **JSON example:** ` "bindings": [ ` "role": "roles/
602
+ # resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "
603
+ # group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@
604
+ # appspot.gserviceaccount.com" ] `, ` "role": "roles/resourcemanager.
605
+ # organizationViewer", "members": [ "user:eve@example.com" ], "condition": ` "
606
+ # title": "expirable access", "description": "Does not grant access after Sep
607
+ # 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", `
608
+ # ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:** bindings: -
609
+ # members: - user:mike@example.com - group:admins@example.com - domain:google.
610
+ # com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/
611
+ # resourcemanager.organizationAdmin - members: - user:eve@example.com role:
612
+ # roles/resourcemanager.organizationViewer condition: title: expirable access
613
+ # description: Does not grant access after Sep 2020 expression: request.time <
614
+ # timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a
615
+ # description of IAM and its features, see the [IAM documentation](https://cloud.
616
+ # google.com/iam/docs/).
617
+ # Corresponds to the JSON property `policy`
618
+ # @return [Google::Apis::NetworksecurityV1::GoogleIamV1Policy]
619
+ attr_accessor :policy
620
+
621
+ # OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only
622
+ # the fields in the mask will be modified. If no mask is provided, the following
623
+ # default mask is used: `paths: "bindings, etag"`
624
+ # Corresponds to the JSON property `updateMask`
625
+ # @return [String]
626
+ attr_accessor :update_mask
627
+
628
+ def initialize(**args)
629
+ update!(**args)
630
+ end
631
+
632
+ # Update properties of this object
633
+ def update!(**args)
634
+ @policy = args[:policy] if args.key?(:policy)
635
+ @update_mask = args[:update_mask] if args.key?(:update_mask)
636
+ end
637
+ end
638
+
639
+ # Request message for `TestIamPermissions` method.
640
+ class GoogleIamV1TestIamPermissionsRequest
641
+ include Google::Apis::Core::Hashable
642
+
643
+ # The set of permissions to check for the `resource`. Permissions with wildcards
644
+ # (such as '*' or 'storage.*') are not allowed. For more information see [IAM
645
+ # Overview](https://cloud.google.com/iam/docs/overview#permissions).
646
+ # Corresponds to the JSON property `permissions`
647
+ # @return [Array<String>]
648
+ attr_accessor :permissions
649
+
650
+ def initialize(**args)
651
+ update!(**args)
652
+ end
653
+
654
+ # Update properties of this object
655
+ def update!(**args)
656
+ @permissions = args[:permissions] if args.key?(:permissions)
657
+ end
658
+ end
659
+
660
+ # Response message for `TestIamPermissions` method.
661
+ class GoogleIamV1TestIamPermissionsResponse
662
+ include Google::Apis::Core::Hashable
663
+
664
+ # A subset of `TestPermissionsRequest.permissions` that the caller is allowed.
665
+ # Corresponds to the JSON property `permissions`
666
+ # @return [Array<String>]
667
+ attr_accessor :permissions
668
+
669
+ def initialize(**args)
670
+ update!(**args)
671
+ end
672
+
673
+ # Update properties of this object
674
+ def update!(**args)
675
+ @permissions = args[:permissions] if args.key?(:permissions)
676
+ end
677
+ end
678
+
679
+ # Specification of HTTP header match atrributes.
680
+ class HttpHeaderMatch
681
+ include Google::Apis::Core::Hashable
682
+
683
+ # Required. The name of the HTTP header to match. For matching against the HTTP
684
+ # request's authority, use a headerMatch with the header name ":authority". For
685
+ # matching a request's method, use the headerName ":method".
686
+ # Corresponds to the JSON property `headerName`
687
+ # @return [String]
688
+ attr_accessor :header_name
689
+
690
+ # Required. The value of the header must match the regular expression specified
691
+ # in regexMatch. For regular expression grammar, please see: en.cppreference.com/
692
+ # w/cpp/regex/ecmascript For matching against a port specified in the HTTP
693
+ # request, use a headerMatch with headerName set to Host and a regular
694
+ # expression that satisfies the RFC2616 Host header's port specifier.
695
+ # Corresponds to the JSON property `regexMatch`
696
+ # @return [String]
697
+ attr_accessor :regex_match
698
+
699
+ def initialize(**args)
700
+ update!(**args)
701
+ end
702
+
703
+ # Update properties of this object
704
+ def update!(**args)
705
+ @header_name = args[:header_name] if args.key?(:header_name)
706
+ @regex_match = args[:regex_match] if args.key?(:regex_match)
707
+ end
708
+ end
709
+
710
+ # Response returned by the ListAuthorizationPolicies method.
711
+ class ListAuthorizationPoliciesResponse
712
+ include Google::Apis::Core::Hashable
713
+
714
+ # List of AuthorizationPolicies resources.
715
+ # Corresponds to the JSON property `authorizationPolicies`
716
+ # @return [Array<Google::Apis::NetworksecurityV1::AuthorizationPolicy>]
717
+ attr_accessor :authorization_policies
718
+
719
+ # If there might be more results than those appearing in this response, then `
720
+ # next_page_token` is included. To get the next set of results, call this method
721
+ # again using the value of `next_page_token` as `page_token`.
722
+ # Corresponds to the JSON property `nextPageToken`
723
+ # @return [String]
724
+ attr_accessor :next_page_token
725
+
726
+ def initialize(**args)
727
+ update!(**args)
728
+ end
729
+
730
+ # Update properties of this object
731
+ def update!(**args)
732
+ @authorization_policies = args[:authorization_policies] if args.key?(:authorization_policies)
733
+ @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
734
+ end
735
+ end
736
+
737
+ # Response returned by the ListClientTlsPolicies method.
738
+ class ListClientTlsPoliciesResponse
739
+ include Google::Apis::Core::Hashable
740
+
741
+ # List of ClientTlsPolicy resources.
742
+ # Corresponds to the JSON property `clientTlsPolicies`
743
+ # @return [Array<Google::Apis::NetworksecurityV1::ClientTlsPolicy>]
744
+ attr_accessor :client_tls_policies
745
+
746
+ # If there might be more results than those appearing in this response, then `
747
+ # next_page_token` is included. To get the next set of results, call this method
748
+ # again using the value of `next_page_token` as `page_token`.
749
+ # Corresponds to the JSON property `nextPageToken`
750
+ # @return [String]
751
+ attr_accessor :next_page_token
752
+
753
+ def initialize(**args)
754
+ update!(**args)
755
+ end
756
+
757
+ # Update properties of this object
758
+ def update!(**args)
759
+ @client_tls_policies = args[:client_tls_policies] if args.key?(:client_tls_policies)
760
+ @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
761
+ end
762
+ end
763
+
764
+ # The response message for Locations.ListLocations.
765
+ class ListLocationsResponse
766
+ include Google::Apis::Core::Hashable
767
+
768
+ # A list of locations that matches the specified filter in the request.
769
+ # Corresponds to the JSON property `locations`
770
+ # @return [Array<Google::Apis::NetworksecurityV1::Location>]
771
+ attr_accessor :locations
772
+
773
+ # The standard List next-page token.
774
+ # Corresponds to the JSON property `nextPageToken`
775
+ # @return [String]
776
+ attr_accessor :next_page_token
777
+
778
+ def initialize(**args)
779
+ update!(**args)
780
+ end
781
+
782
+ # Update properties of this object
783
+ def update!(**args)
784
+ @locations = args[:locations] if args.key?(:locations)
785
+ @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
786
+ end
787
+ end
788
+
789
+ # The response message for Operations.ListOperations.
790
+ class ListOperationsResponse
791
+ include Google::Apis::Core::Hashable
792
+
793
+ # The standard List next-page token.
794
+ # Corresponds to the JSON property `nextPageToken`
795
+ # @return [String]
796
+ attr_accessor :next_page_token
797
+
798
+ # A list of operations that matches the specified filter in the request.
799
+ # Corresponds to the JSON property `operations`
800
+ # @return [Array<Google::Apis::NetworksecurityV1::Operation>]
801
+ attr_accessor :operations
802
+
803
+ def initialize(**args)
804
+ update!(**args)
805
+ end
806
+
807
+ # Update properties of this object
808
+ def update!(**args)
809
+ @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
810
+ @operations = args[:operations] if args.key?(:operations)
811
+ end
812
+ end
813
+
814
+ # Response returned by the ListServerTlsPolicies method.
815
+ class ListServerTlsPoliciesResponse
816
+ include Google::Apis::Core::Hashable
817
+
818
+ # If there might be more results than those appearing in this response, then `
819
+ # next_page_token` is included. To get the next set of results, call this method
820
+ # again using the value of `next_page_token` as `page_token`.
821
+ # Corresponds to the JSON property `nextPageToken`
822
+ # @return [String]
823
+ attr_accessor :next_page_token
824
+
825
+ # List of ServerTlsPolicy resources.
826
+ # Corresponds to the JSON property `serverTlsPolicies`
827
+ # @return [Array<Google::Apis::NetworksecurityV1::ServerTlsPolicy>]
828
+ attr_accessor :server_tls_policies
829
+
830
+ def initialize(**args)
831
+ update!(**args)
832
+ end
833
+
834
+ # Update properties of this object
835
+ def update!(**args)
836
+ @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
837
+ @server_tls_policies = args[:server_tls_policies] if args.key?(:server_tls_policies)
838
+ end
839
+ end
840
+
841
+ # A resource that represents Google Cloud Platform location.
842
+ class Location
843
+ include Google::Apis::Core::Hashable
844
+
845
+ # The friendly name for this location, typically a nearby city name. For example,
846
+ # "Tokyo".
847
+ # Corresponds to the JSON property `displayName`
848
+ # @return [String]
849
+ attr_accessor :display_name
850
+
851
+ # Cross-service attributes for the location. For example `"cloud.googleapis.com/
852
+ # region": "us-east1"`
853
+ # Corresponds to the JSON property `labels`
854
+ # @return [Hash<String,String>]
855
+ attr_accessor :labels
856
+
857
+ # The canonical id for this location. For example: `"us-east1"`.
858
+ # Corresponds to the JSON property `locationId`
859
+ # @return [String]
860
+ attr_accessor :location_id
861
+
862
+ # Service-specific metadata. For example the available capacity at the given
863
+ # location.
864
+ # Corresponds to the JSON property `metadata`
865
+ # @return [Hash<String,Object>]
866
+ attr_accessor :metadata
867
+
868
+ # Resource name for the location, which may vary between implementations. For
869
+ # example: `"projects/example-project/locations/us-east1"`
870
+ # Corresponds to the JSON property `name`
871
+ # @return [String]
872
+ attr_accessor :name
873
+
874
+ def initialize(**args)
875
+ update!(**args)
876
+ end
877
+
878
+ # Update properties of this object
879
+ def update!(**args)
880
+ @display_name = args[:display_name] if args.key?(:display_name)
881
+ @labels = args[:labels] if args.key?(:labels)
882
+ @location_id = args[:location_id] if args.key?(:location_id)
883
+ @metadata = args[:metadata] if args.key?(:metadata)
884
+ @name = args[:name] if args.key?(:name)
885
+ end
886
+ end
887
+
888
+ # Specification of the MTLSPolicy.
889
+ class MtlsPolicy
890
+ include Google::Apis::Core::Hashable
891
+
892
+ # Defines the mechanism to obtain the Certificate Authority certificate to
893
+ # validate the client certificate.
894
+ # Corresponds to the JSON property `clientValidationCa`
895
+ # @return [Array<Google::Apis::NetworksecurityV1::ValidationCa>]
896
+ attr_accessor :client_validation_ca
897
+
898
+ def initialize(**args)
899
+ update!(**args)
900
+ end
901
+
902
+ # Update properties of this object
903
+ def update!(**args)
904
+ @client_validation_ca = args[:client_validation_ca] if args.key?(:client_validation_ca)
905
+ end
906
+ end
907
+
908
+ # This resource represents a long-running operation that is the result of a
909
+ # network API call.
910
+ class Operation
911
+ include Google::Apis::Core::Hashable
912
+
913
+ # If the value is `false`, it means the operation is still in progress. If `true`
914
+ # , the operation is completed, and either `error` or `response` is available.
915
+ # Corresponds to the JSON property `done`
916
+ # @return [Boolean]
917
+ attr_accessor :done
918
+ alias_method :done?, :done
919
+
920
+ # The `Status` type defines a logical error model that is suitable for different
921
+ # programming environments, including REST APIs and RPC APIs. It is used by [
922
+ # gRPC](https://github.com/grpc). Each `Status` message contains three pieces of
923
+ # data: error code, error message, and error details. You can find out more
924
+ # about this error model and how to work with it in the [API Design Guide](https:
925
+ # //cloud.google.com/apis/design/errors).
926
+ # Corresponds to the JSON property `error`
927
+ # @return [Google::Apis::NetworksecurityV1::Status]
928
+ attr_accessor :error
929
+
930
+ # Service-specific metadata associated with the operation. It typically contains
931
+ # progress information and common metadata such as create time. Some services
932
+ # might not provide such metadata. Any method that returns a long-running
933
+ # operation should document the metadata type, if any.
934
+ # Corresponds to the JSON property `metadata`
935
+ # @return [Hash<String,Object>]
936
+ attr_accessor :metadata
937
+
938
+ # The server-assigned name, which is only unique within the same service that
939
+ # originally returns it. If you use the default HTTP mapping, the `name` should
940
+ # be a resource name ending with `operations/`unique_id``.
941
+ # Corresponds to the JSON property `name`
942
+ # @return [String]
943
+ attr_accessor :name
944
+
945
+ # The normal response of the operation in case of success. If the original
946
+ # method returns no data on success, such as `Delete`, the response is `google.
947
+ # protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`,
948
+ # the response should be the resource. For other methods, the response should
949
+ # have the type `XxxResponse`, where `Xxx` is the original method name. For
950
+ # example, if the original method name is `TakeSnapshot()`, the inferred
951
+ # response type is `TakeSnapshotResponse`.
952
+ # Corresponds to the JSON property `response`
953
+ # @return [Hash<String,Object>]
954
+ attr_accessor :response
955
+
956
+ def initialize(**args)
957
+ update!(**args)
958
+ end
959
+
960
+ # Update properties of this object
961
+ def update!(**args)
962
+ @done = args[:done] if args.key?(:done)
963
+ @error = args[:error] if args.key?(:error)
964
+ @metadata = args[:metadata] if args.key?(:metadata)
965
+ @name = args[:name] if args.key?(:name)
966
+ @response = args[:response] if args.key?(:response)
967
+ end
968
+ end
969
+
970
+ # Represents the metadata of the long-running operation.
971
+ class OperationMetadata
972
+ include Google::Apis::Core::Hashable
973
+
974
+ # Output only. API version used to start the operation.
975
+ # Corresponds to the JSON property `apiVersion`
976
+ # @return [String]
977
+ attr_accessor :api_version
978
+
979
+ # Output only. The time the operation was created.
980
+ # Corresponds to the JSON property `createTime`
981
+ # @return [String]
982
+ attr_accessor :create_time
983
+
984
+ # Output only. The time the operation finished running.
985
+ # Corresponds to the JSON property `endTime`
986
+ # @return [String]
987
+ attr_accessor :end_time
988
+
989
+ # Output only. Identifies whether the user has requested cancellation of the
990
+ # operation. Operations that have successfully been cancelled have Operation.
991
+ # error value with a google.rpc.Status.code of 1, corresponding to `Code.
992
+ # CANCELLED`.
993
+ # Corresponds to the JSON property `requestedCancellation`
994
+ # @return [Boolean]
995
+ attr_accessor :requested_cancellation
996
+ alias_method :requested_cancellation?, :requested_cancellation
997
+
998
+ # Output only. Human-readable status of the operation, if any.
999
+ # Corresponds to the JSON property `statusMessage`
1000
+ # @return [String]
1001
+ attr_accessor :status_message
1002
+
1003
+ # Output only. Server-defined resource path for the target of the operation.
1004
+ # Corresponds to the JSON property `target`
1005
+ # @return [String]
1006
+ attr_accessor :target
1007
+
1008
+ # Output only. Name of the verb executed by the operation.
1009
+ # Corresponds to the JSON property `verb`
1010
+ # @return [String]
1011
+ attr_accessor :verb
1012
+
1013
+ def initialize(**args)
1014
+ update!(**args)
1015
+ end
1016
+
1017
+ # Update properties of this object
1018
+ def update!(**args)
1019
+ @api_version = args[:api_version] if args.key?(:api_version)
1020
+ @create_time = args[:create_time] if args.key?(:create_time)
1021
+ @end_time = args[:end_time] if args.key?(:end_time)
1022
+ @requested_cancellation = args[:requested_cancellation] if args.key?(:requested_cancellation)
1023
+ @status_message = args[:status_message] if args.key?(:status_message)
1024
+ @target = args[:target] if args.key?(:target)
1025
+ @verb = args[:verb] if args.key?(:verb)
1026
+ end
1027
+ end
1028
+
1029
+ # Specification of rules.
1030
+ class Rule
1031
+ include Google::Apis::Core::Hashable
1032
+
1033
+ # Optional. List of attributes for the traffic destination. All of the
1034
+ # destinations must match. A destination is a match if a request matches all the
1035
+ # specified hosts, ports, methods and headers. If not set, the action specified
1036
+ # in the 'action' field will be applied without any rule checks for the
1037
+ # destination.
1038
+ # Corresponds to the JSON property `destinations`
1039
+ # @return [Array<Google::Apis::NetworksecurityV1::Destination>]
1040
+ attr_accessor :destinations
1041
+
1042
+ # Optional. List of attributes for the traffic source. All of the sources must
1043
+ # match. A source is a match if both principals and ip_blocks match. If not set,
1044
+ # the action specified in the 'action' field will be applied without any rule
1045
+ # checks for the source.
1046
+ # Corresponds to the JSON property `sources`
1047
+ # @return [Array<Google::Apis::NetworksecurityV1::Source>]
1048
+ attr_accessor :sources
1049
+
1050
+ def initialize(**args)
1051
+ update!(**args)
1052
+ end
1053
+
1054
+ # Update properties of this object
1055
+ def update!(**args)
1056
+ @destinations = args[:destinations] if args.key?(:destinations)
1057
+ @sources = args[:sources] if args.key?(:sources)
1058
+ end
1059
+ end
1060
+
1061
+ # ServerTlsPolicy is a resource that specifies how a server should authenticate
1062
+ # incoming requests. This resource itself does not affect configuration unless
1063
+ # it is attached to a target https proxy or endpoint config selector resource.
1064
+ class ServerTlsPolicy
1065
+ include Google::Apis::Core::Hashable
1066
+
1067
+ # Determines if server allows plaintext connections. If set to true, server
1068
+ # allows plain text connections. By default, it is set to false. This setting is
1069
+ # not exclusive of other encryption modes. For example, if `allow_open` and `
1070
+ # mtls_policy` are set, server allows both plain text and mTLS connections. See
1071
+ # documentation of other encryption modes to confirm compatibility.
1072
+ # Corresponds to the JSON property `allowOpen`
1073
+ # @return [Boolean]
1074
+ attr_accessor :allow_open
1075
+ alias_method :allow_open?, :allow_open
1076
+
1077
+ # Output only. The timestamp when the resource was created.
1078
+ # Corresponds to the JSON property `createTime`
1079
+ # @return [String]
1080
+ attr_accessor :create_time
1081
+
1082
+ # Free-text description of the resource.
1083
+ # Corresponds to the JSON property `description`
1084
+ # @return [String]
1085
+ attr_accessor :description
1086
+
1087
+ # Set of label tags associated with the resource.
1088
+ # Corresponds to the JSON property `labels`
1089
+ # @return [Hash<String,String>]
1090
+ attr_accessor :labels
1091
+
1092
+ # Specification of the MTLSPolicy.
1093
+ # Corresponds to the JSON property `mtlsPolicy`
1094
+ # @return [Google::Apis::NetworksecurityV1::MtlsPolicy]
1095
+ attr_accessor :mtls_policy
1096
+
1097
+ # Required. Name of the ServerTlsPolicy resource. It matches the pattern `
1098
+ # projects/*/locations/`location`/serverTlsPolicies/`server_tls_policy``
1099
+ # Corresponds to the JSON property `name`
1100
+ # @return [String]
1101
+ attr_accessor :name
1102
+
1103
+ # Specification of certificate provider. Defines the mechanism to obtain the
1104
+ # certificate and private key for peer to peer authentication.
1105
+ # Corresponds to the JSON property `serverCertificate`
1106
+ # @return [Google::Apis::NetworksecurityV1::GoogleCloudNetworksecurityV1CertificateProvider]
1107
+ attr_accessor :server_certificate
1108
+
1109
+ # Output only. The timestamp when the resource was updated.
1110
+ # Corresponds to the JSON property `updateTime`
1111
+ # @return [String]
1112
+ attr_accessor :update_time
1113
+
1114
+ def initialize(**args)
1115
+ update!(**args)
1116
+ end
1117
+
1118
+ # Update properties of this object
1119
+ def update!(**args)
1120
+ @allow_open = args[:allow_open] if args.key?(:allow_open)
1121
+ @create_time = args[:create_time] if args.key?(:create_time)
1122
+ @description = args[:description] if args.key?(:description)
1123
+ @labels = args[:labels] if args.key?(:labels)
1124
+ @mtls_policy = args[:mtls_policy] if args.key?(:mtls_policy)
1125
+ @name = args[:name] if args.key?(:name)
1126
+ @server_certificate = args[:server_certificate] if args.key?(:server_certificate)
1127
+ @update_time = args[:update_time] if args.key?(:update_time)
1128
+ end
1129
+ end
1130
+
1131
+ # Specification of traffic source attributes.
1132
+ class Source
1133
+ include Google::Apis::Core::Hashable
1134
+
1135
+ # Optional. List of CIDR ranges to match based on source IP address. At least
1136
+ # one IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g., "1.2.3.
1137
+ # 0/24") are supported.
1138
+ # Corresponds to the JSON property `ipBlocks`
1139
+ # @return [Array<String>]
1140
+ attr_accessor :ip_blocks
1141
+
1142
+ # Optional. List of peer identities to match for authorization. At least one
1143
+ # principal should match. Each peer can be an exact match, or a prefix match (
1144
+ # example, "namespace/*") or a suffix match (example, // */service-account") or
1145
+ # a presence match "*".
1146
+ # Corresponds to the JSON property `principals`
1147
+ # @return [Array<String>]
1148
+ attr_accessor :principals
1149
+
1150
+ def initialize(**args)
1151
+ update!(**args)
1152
+ end
1153
+
1154
+ # Update properties of this object
1155
+ def update!(**args)
1156
+ @ip_blocks = args[:ip_blocks] if args.key?(:ip_blocks)
1157
+ @principals = args[:principals] if args.key?(:principals)
1158
+ end
1159
+ end
1160
+
1161
+ # The `Status` type defines a logical error model that is suitable for different
1162
+ # programming environments, including REST APIs and RPC APIs. It is used by [
1163
+ # gRPC](https://github.com/grpc). Each `Status` message contains three pieces of
1164
+ # data: error code, error message, and error details. You can find out more
1165
+ # about this error model and how to work with it in the [API Design Guide](https:
1166
+ # //cloud.google.com/apis/design/errors).
1167
+ class Status
1168
+ include Google::Apis::Core::Hashable
1169
+
1170
+ # The status code, which should be an enum value of google.rpc.Code.
1171
+ # Corresponds to the JSON property `code`
1172
+ # @return [Fixnum]
1173
+ attr_accessor :code
1174
+
1175
+ # A list of messages that carry the error details. There is a common set of
1176
+ # message types for APIs to use.
1177
+ # Corresponds to the JSON property `details`
1178
+ # @return [Array<Hash<String,Object>>]
1179
+ attr_accessor :details
1180
+
1181
+ # A developer-facing error message, which should be in English. Any user-facing
1182
+ # error message should be localized and sent in the google.rpc.Status.details
1183
+ # field, or localized by the client.
1184
+ # Corresponds to the JSON property `message`
1185
+ # @return [String]
1186
+ attr_accessor :message
1187
+
1188
+ def initialize(**args)
1189
+ update!(**args)
1190
+ end
1191
+
1192
+ # Update properties of this object
1193
+ def update!(**args)
1194
+ @code = args[:code] if args.key?(:code)
1195
+ @details = args[:details] if args.key?(:details)
1196
+ @message = args[:message] if args.key?(:message)
1197
+ end
1198
+ end
1199
+
1200
+ # Specification of ValidationCA. Defines the mechanism to obtain the Certificate
1201
+ # Authority certificate to validate the peer certificate.
1202
+ class ValidationCa
1203
+ include Google::Apis::Core::Hashable
1204
+
1205
+ # Specification of a TLS certificate provider instance. Workloads may have one
1206
+ # or more CertificateProvider instances (plugins) and one of them is enabled and
1207
+ # configured by specifying this message. Workloads use the values from this
1208
+ # message to locate and load the CertificateProvider instance configuration.
1209
+ # Corresponds to the JSON property `certificateProviderInstance`
1210
+ # @return [Google::Apis::NetworksecurityV1::CertificateProviderInstance]
1211
+ attr_accessor :certificate_provider_instance
1212
+
1213
+ # Specification of the GRPC Endpoint.
1214
+ # Corresponds to the JSON property `grpcEndpoint`
1215
+ # @return [Google::Apis::NetworksecurityV1::GoogleCloudNetworksecurityV1GrpcEndpoint]
1216
+ attr_accessor :grpc_endpoint
1217
+
1218
+ def initialize(**args)
1219
+ update!(**args)
1220
+ end
1221
+
1222
+ # Update properties of this object
1223
+ def update!(**args)
1224
+ @certificate_provider_instance = args[:certificate_provider_instance] if args.key?(:certificate_provider_instance)
1225
+ @grpc_endpoint = args[:grpc_endpoint] if args.key?(:grpc_endpoint)
1226
+ end
1227
+ end
1228
+ end
1229
+ end
1230
+ end