google-apis-networksecurity_v1 0.16.0 → 0.18.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f4a11b9ec5e60be6a04e6732843a1c3e58ec98fb2c04a3c37354091d38e9b229
-  data.tar.gz: a134b4ea3b4dab0ec825f6fff59f7231d91ed5c2fd292428894155b2dea86bec
+  metadata.gz: 2069795cc6f82c6b7a8a3b16c6a9a4ff991316c409aeadbc05fd988732a7859b
+  data.tar.gz: f9ef220a79aa9bd8039015bab773eddb0c16b7c9ab603f73a8943de4ce7ae072
 SHA512:
-  metadata.gz: a1baac0fa17f09f83b8c22b1931f30456f86ba7a89ef64c60dbfb7c85d00d30b19c0d17d7ae2f3214691c95a5a77d07d331025d937ebf011dec56df3aa0083b9
-  data.tar.gz: eed0af13f08ddf6b36d59c91eeab43120b2557124efa682fb193712335270b10deffe5e1bd5061d530edb2d260fe4c04129776e853d3f9981637ddd226dee00e
+  metadata.gz: 1732d5f66a632054c8c0f89a43f28425b73851c265a9f212ac59aec5edbaa4d9e26754fa7cce635057f8846c24972f9ec4778b1ca9db0857bf681ff8989fb473
+  data.tar.gz: 64e6c82346fc9bfa1f4c4b3f52d903d624eaa5a8c743d2ced1302855b92ec0f856af9bbd6d7b96063a0ddb7e07c6ff02ed31846bc0ff5fa7ca17add6382de6d7

data/CHANGELOG.md

@@ -1,5 +1,13 @@
 # Release history for google-apis-networksecurity_v1
 
+### v0.18.0 (2023-04-23)
+
+* Regenerated from discovery document revision 20230415
+
+### v0.17.0 (2023-04-16)
+
+* Regenerated from discovery document revision 20230406
+
 ### v0.16.0 (2023-03-26)
 
 * Regenerated from discovery document revision 20230306

data/lib/google/apis/networksecurity_v1/classes.rb

@@ -301,6 +301,135 @@ module Google
         end
       end
       
+      # The GatewaySecurityPolicy resource contains a collection of
+      # GatewaySecurityPolicyRules and associated metadata.
+      class GatewaySecurityPolicy
+        include Google::Apis::Core::Hashable
+      
+        # Output only. The timestamp when the resource was created.
+        # Corresponds to the JSON property `createTime`
+        # @return [String]
+        attr_accessor :create_time
+      
+        # Optional. Free-text description of the resource.
+        # Corresponds to the JSON property `description`
+        # @return [String]
+        attr_accessor :description
+      
+        # Required. Name of the resource. Name is of the form projects/`project`/
+        # locations/`location`/gatewaySecurityPolicies/`gateway_security_policy`
+        # gateway_security_policy should match the pattern:(^[a-z]([a-z0-9-]`0,61`[a-z0-
+        # 9])?$).
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+      
+        # Optional. Name of a TLS Inspection Policy resource that defines how TLS
+        # inspection will be performed for any rule(s) which enables it.
+        # Corresponds to the JSON property `tlsInspectionPolicy`
+        # @return [String]
+        attr_accessor :tls_inspection_policy
+      
+        # Output only. The timestamp when the resource was updated.
+        # Corresponds to the JSON property `updateTime`
+        # @return [String]
+        attr_accessor :update_time
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @create_time = args[:create_time] if args.key?(:create_time)
+          @description = args[:description] if args.key?(:description)
+          @name = args[:name] if args.key?(:name)
+          @tls_inspection_policy = args[:tls_inspection_policy] if args.key?(:tls_inspection_policy)
+          @update_time = args[:update_time] if args.key?(:update_time)
+        end
+      end
+      
+      # The GatewaySecurityPolicyRule resource is in a nested collection within a
+      # GatewaySecurityPolicy and represents a traffic matching condition and
+      # associated action to perform.
+      class GatewaySecurityPolicyRule
+        include Google::Apis::Core::Hashable
+      
+        # Optional. CEL expression for matching on L7/application level criteria.
+        # Corresponds to the JSON property `applicationMatcher`
+        # @return [String]
+        attr_accessor :application_matcher
+      
+        # Required. Profile which tells what the primitive action should be.
+        # Corresponds to the JSON property `basicProfile`
+        # @return [String]
+        attr_accessor :basic_profile
+      
+        # Output only. Time when the rule was created.
+        # Corresponds to the JSON property `createTime`
+        # @return [String]
+        attr_accessor :create_time
+      
+        # Optional. Free-text description of the resource.
+        # Corresponds to the JSON property `description`
+        # @return [String]
+        attr_accessor :description
+      
+        # Required. Whether the rule is enforced.
+        # Corresponds to the JSON property `enabled`
+        # @return [Boolean]
+        attr_accessor :enabled
+        alias_method :enabled?, :enabled
+      
+        # Required. Immutable. Name of the resource. ame is the full resource name so
+        # projects/`project`/locations/`location`/gatewaySecurityPolicies/`
+        # gateway_security_policy`/rules/`rule` rule should match the pattern: (^[a-z]([
+        # a-z0-9-]`0,61`[a-z0-9])?$).
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+      
+        # Required. Priority of the rule. Lower number corresponds to higher precedence.
+        # Corresponds to the JSON property `priority`
+        # @return [Fixnum]
+        attr_accessor :priority
+      
+        # Required. CEL expression for matching on session criteria.
+        # Corresponds to the JSON property `sessionMatcher`
+        # @return [String]
+        attr_accessor :session_matcher
+      
+        # Optional. Flag to enable TLS inspection of traffic matching on , can only be
+        # true if the parent GatewaySecurityPolicy references a TLSInspectionConfig.
+        # Corresponds to the JSON property `tlsInspectionEnabled`
+        # @return [Boolean]
+        attr_accessor :tls_inspection_enabled
+        alias_method :tls_inspection_enabled?, :tls_inspection_enabled
+      
+        # Output only. Time when the rule was updated.
+        # Corresponds to the JSON property `updateTime`
+        # @return [String]
+        attr_accessor :update_time
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @application_matcher = args[:application_matcher] if args.key?(:application_matcher)
+          @basic_profile = args[:basic_profile] if args.key?(:basic_profile)
+          @create_time = args[:create_time] if args.key?(:create_time)
+          @description = args[:description] if args.key?(:description)
+          @enabled = args[:enabled] if args.key?(:enabled)
+          @name = args[:name] if args.key?(:name)
+          @priority = args[:priority] if args.key?(:priority)
+          @session_matcher = args[:session_matcher] if args.key?(:session_matcher)
+          @tls_inspection_enabled = args[:tls_inspection_enabled] if args.key?(:tls_inspection_enabled)
+          @update_time = args[:update_time] if args.key?(:update_time)
+        end
+      end
+      
       # Specification of certificate provider. Defines the mechanism to obtain the
       # certificate and private key for peer to peer authentication.
       class GoogleCloudNetworksecurityV1CertificateProvider
@@ -770,6 +899,72 @@ module Google
         end
       end
       
+      # Response returned by the ListGatewaySecurityPolicies method.
+      class ListGatewaySecurityPoliciesResponse
+        include Google::Apis::Core::Hashable
+      
+        # List of GatewaySecurityPolicies resources.
+        # Corresponds to the JSON property `gatewaySecurityPolicies`
+        # @return [Array<Google::Apis::NetworksecurityV1::GatewaySecurityPolicy>]
+        attr_accessor :gateway_security_policies
+      
+        # If there might be more results than those appearing in this response, then '
+        # next_page_token' is included. To get the next set of results, call this method
+        # again using the value of 'next_page_token' as 'page_token'.
+        # Corresponds to the JSON property `nextPageToken`
+        # @return [String]
+        attr_accessor :next_page_token
+      
+        # Locations that could not be reached.
+        # Corresponds to the JSON property `unreachable`
+        # @return [Array<String>]
+        attr_accessor :unreachable
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @gateway_security_policies = args[:gateway_security_policies] if args.key?(:gateway_security_policies)
+          @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
+          @unreachable = args[:unreachable] if args.key?(:unreachable)
+        end
+      end
+      
+      # Response returned by the ListGatewaySecurityPolicyRules method.
+      class ListGatewaySecurityPolicyRulesResponse
+        include Google::Apis::Core::Hashable
+      
+        # List of GatewaySecurityPolicyRule resources.
+        # Corresponds to the JSON property `gatewaySecurityPolicyRules`
+        # @return [Array<Google::Apis::NetworksecurityV1::GatewaySecurityPolicyRule>]
+        attr_accessor :gateway_security_policy_rules
+      
+        # If there might be more results than those appearing in this response, then '
+        # next_page_token' is included. To get the next set of results, call this method
+        # again using the value of 'next_page_token' as 'page_token'.
+        # Corresponds to the JSON property `nextPageToken`
+        # @return [String]
+        attr_accessor :next_page_token
+      
+        # Locations that could not be reached.
+        # Corresponds to the JSON property `unreachable`
+        # @return [Array<String>]
+        attr_accessor :unreachable
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @gateway_security_policy_rules = args[:gateway_security_policy_rules] if args.key?(:gateway_security_policy_rules)
+          @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
+          @unreachable = args[:unreachable] if args.key?(:unreachable)
+        end
+      end
+      
       # The response message for Locations.ListLocations.
       class ListLocationsResponse
         include Google::Apis::Core::Hashable
@@ -847,6 +1042,72 @@ module Google
         end
       end
       
+      # Response returned by the ListTlsInspectionPolicies method.
+      class ListTlsInspectionPoliciesResponse
+        include Google::Apis::Core::Hashable
+      
+        # If there might be more results than those appearing in this response, then '
+        # next_page_token' is included. To get the next set of results, call this method
+        # again using the value of 'next_page_token' as 'page_token'.
+        # Corresponds to the JSON property `nextPageToken`
+        # @return [String]
+        attr_accessor :next_page_token
+      
+        # List of TlsInspectionPolicies resources.
+        # Corresponds to the JSON property `tlsInspectionPolicies`
+        # @return [Array<Google::Apis::NetworksecurityV1::TlsInspectionPolicy>]
+        attr_accessor :tls_inspection_policies
+      
+        # Locations that could not be reached.
+        # Corresponds to the JSON property `unreachable`
+        # @return [Array<String>]
+        attr_accessor :unreachable
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
+          @tls_inspection_policies = args[:tls_inspection_policies] if args.key?(:tls_inspection_policies)
+          @unreachable = args[:unreachable] if args.key?(:unreachable)
+        end
+      end
+      
+      # Response returned by the ListUrlLists method.
+      class ListUrlListsResponse
+        include Google::Apis::Core::Hashable
+      
+        # If there might be more results than those appearing in this response, then `
+        # next_page_token` is included. To get the next set of results, call this method
+        # again using the value of `next_page_token` as `page_token`.
+        # Corresponds to the JSON property `nextPageToken`
+        # @return [String]
+        attr_accessor :next_page_token
+      
+        # Locations that could not be reached.
+        # Corresponds to the JSON property `unreachable`
+        # @return [Array<String>]
+        attr_accessor :unreachable
+      
+        # List of UrlList resources.
+        # Corresponds to the JSON property `urlLists`
+        # @return [Array<Google::Apis::NetworksecurityV1::UrlList>]
+        attr_accessor :url_lists
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
+          @unreachable = args[:unreachable] if args.key?(:unreachable)
+          @url_lists = args[:url_lists] if args.key?(:url_lists)
+        end
+      end
+      
       # A resource that represents Google Cloud Platform location.
       class Location
         include Google::Apis::Core::Hashable
@@ -898,12 +1159,29 @@ module Google
       class MtlsPolicy
         include Google::Apis::Core::Hashable
       
-        # Defines the mechanism to obtain the Certificate Authority certificate to
-        # validate the client certificate.
+        # Required if the policy is to be used with Traffic Director. For external HTTPS
+        # load balancers it must be empty. Defines the mechanism to obtain the
+        # Certificate Authority certificate to validate the client certificate.
         # Corresponds to the JSON property `clientValidationCa`
         # @return [Array<Google::Apis::NetworksecurityV1::ValidationCa>]
         attr_accessor :client_validation_ca
       
+        # When the client presents an invalid certificate or no certificate to the load
+        # balancer, the `client_validation_mode` specifies how the client connection is
+        # handled. Required if the policy is to be used with the external HTTPS load
+        # balancing. For Traffic Director it must be empty.
+        # Corresponds to the JSON property `clientValidationMode`
+        # @return [String]
+        attr_accessor :client_validation_mode
+      
+        # Reference to the TrustConfig from certificatemanager.googleapis.com namespace.
+        # If specified, the chain validation will be performed against certificates
+        # configured in the given TrustConfig. Allowed only if the policy is to be used
+        # with external HTTPS load balancers.
+        # Corresponds to the JSON property `clientValidationTrustConfig`
+        # @return [String]
+        attr_accessor :client_validation_trust_config
+      
         def initialize(**args)
            update!(**args)
         end
@@ -911,6 +1189,8 @@ module Google
         # Update properties of this object
         def update!(**args)
           @client_validation_ca = args[:client_validation_ca] if args.key?(:client_validation_ca)
+          @client_validation_mode = args[:client_validation_mode] if args.key?(:client_validation_mode)
+          @client_validation_trust_config = args[:client_validation_trust_config] if args.key?(:client_validation_trust_config)
         end
       end
       
@@ -1070,16 +1350,23 @@ module Google
       # ServerTlsPolicy is a resource that specifies how a server should authenticate
       # incoming requests. This resource itself does not affect configuration unless
       # it is attached to a target HTTPS proxy or endpoint config selector resource.
+      # ServerTlsPolicy in the form accepted by external HTTPS load balancers can be
+      # attached only to TargetHttpsProxy with an `EXTERNAL` or `EXTERNAL_MANAGED`
+      # load balancing scheme. Traffic Director compatible ServerTlsPolicies can be
+      # attached to EndpointPolicy and TargetHttpsProxy with Traffic Director `
+      # INTERNAL_SELF_MANAGED` load balancing scheme.
       class ServerTlsPolicy
         include Google::Apis::Core::Hashable
       
-        # Determines if server allows plaintext connections. If set to true, server
-        # allows plain text connections. By default, it is set to false. This setting is
-        # not exclusive of other encryption modes. For example, if `allow_open` and `
-        # mtls_policy` are set, server allows both plain text and mTLS connections. See
-        # documentation of other encryption modes to confirm compatibility. Consider
-        # using it if you wish to upgrade in place your deployment to TLS while having
-        # mixed TLS and non-TLS traffic reaching port :80.
+        # This field applies only for Traffic Director policies. It is must be set to
+        # false for external HTTPS load balancer policies. Determines if server allows
+        # plaintext connections. If set to true, server allows plain text connections.
+        # By default, it is set to false. This setting is not exclusive of other
+        # encryption modes. For example, if `allow_open` and `mtls_policy` are set,
+        # server allows both plain text and mTLS connections. See documentation of other
+        # encryption modes to confirm compatibility. Consider using it if you wish to
+        # upgrade in place your deployment to TLS while having mixed TLS and non-TLS
+        # traffic reaching port :80.
         # Corresponds to the JSON property `allowOpen`
         # @return [Boolean]
         attr_accessor :allow_open
@@ -1212,6 +1499,101 @@ module Google
         end
       end
       
+      # The TlsInspectionPolicy resource contains references to CA pools in
+      # Certificate Authority Service and associated metadata.
+      class TlsInspectionPolicy
+        include Google::Apis::Core::Hashable
+      
+        # Required. A CA pool resource used to issue interception certificates. The CA
+        # pool string has a relative resource path following the form "projects/`project`
+        # /locations/`location`/caPools/`ca_pool`".
+        # Corresponds to the JSON property `caPool`
+        # @return [String]
+        attr_accessor :ca_pool
+      
+        # Output only. The timestamp when the resource was created.
+        # Corresponds to the JSON property `createTime`
+        # @return [String]
+        attr_accessor :create_time
+      
+        # Optional. Free-text description of the resource.
+        # Corresponds to the JSON property `description`
+        # @return [String]
+        attr_accessor :description
+      
+        # Required. Name of the resource. Name is of the form projects/`project`/
+        # locations/`location`/tlsInspectionPolicies/`tls_inspection_policy`
+        # tls_inspection_policy should match the pattern:(^[a-z]([a-z0-9-]`0,61`[a-z0-9])
+        # ?$).
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+      
+        # Output only. The timestamp when the resource was updated.
+        # Corresponds to the JSON property `updateTime`
+        # @return [String]
+        attr_accessor :update_time
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @ca_pool = args[:ca_pool] if args.key?(:ca_pool)
+          @create_time = args[:create_time] if args.key?(:create_time)
+          @description = args[:description] if args.key?(:description)
+          @name = args[:name] if args.key?(:name)
+          @update_time = args[:update_time] if args.key?(:update_time)
+        end
+      end
+      
+      # UrlList proto helps users to set reusable, independently manageable lists of
+      # hosts, host patterns, URLs, URL patterns.
+      class UrlList
+        include Google::Apis::Core::Hashable
+      
+        # Output only. Time when the security policy was created.
+        # Corresponds to the JSON property `createTime`
+        # @return [String]
+        attr_accessor :create_time
+      
+        # Optional. Free-text description of the resource.
+        # Corresponds to the JSON property `description`
+        # @return [String]
+        attr_accessor :description
+      
+        # Required. Name of the resource provided by the user. Name is of the form
+        # projects/`project`/locations/`location`/urlLists/`url_list` url_list should
+        # match the pattern:(^[a-z]([a-z0-9-]`0,61`[a-z0-9])?$).
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+      
+        # Output only. Time when the security policy was updated.
+        # Corresponds to the JSON property `updateTime`
+        # @return [String]
+        attr_accessor :update_time
+      
+        # Required. FQDNs and URLs.
+        # Corresponds to the JSON property `values`
+        # @return [Array<String>]
+        attr_accessor :values
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @create_time = args[:create_time] if args.key?(:create_time)
+          @description = args[:description] if args.key?(:description)
+          @name = args[:name] if args.key?(:name)
+          @update_time = args[:update_time] if args.key?(:update_time)
+          @values = args[:values] if args.key?(:values)
+        end
+      end
+      
       # Specification of ValidationCA. Defines the mechanism to obtain the Certificate
       # Authority certificate to validate the peer certificate.
       class ValidationCa

data/lib/google/apis/networksecurity_v1/gem_version.rb

@@ -16,13 +16,13 @@ module Google
   module Apis
     module NetworksecurityV1
       # Version of the google-apis-networksecurity_v1 gem
-      GEM_VERSION = "0.16.0"
+      GEM_VERSION = "0.18.0"
 
       # Version of the code generator used to generate this client
       GENERATOR_VERSION = "0.12.0"
 
       # Revision of the discovery document this client was generated from
-      REVISION = "20230306"
+      REVISION = "20230415"
     end
   end
 end