google-apis-networksecurity_v1 0.32.0 → 0.34.0

data/lib/google/apis/networksecurity_v1/classes.rb

@@ -131,6 +131,32 @@ module Google
         end
       end
       
+      # Defines what action to take for antivirus threats per protocol.
+      class AntivirusOverride
+        include Google::Apis::Core::Hashable
+      
+        # Required. Threat action override. For some threat types, only a subset of
+        # actions applies.
+        # Corresponds to the JSON property `action`
+        # @return [String]
+        attr_accessor :action
+      
+        # Required. Protocol to match.
+        # Corresponds to the JSON property `protocol`
+        # @return [String]
+        attr_accessor :protocol
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @action = args[:action] if args.key?(:action)
+          @protocol = args[:protocol] if args.key?(:protocol)
+        end
+      end
+      
       # AuthorizationPolicy is a resource that specifies how a server should authorize
       # incoming connections. This resource in itself does not change the
       # configuration unless it's attached to a target https proxy or endpoint config
@@ -351,11 +377,13 @@ module Google
       
         # Optional. A list of identities derived from the client's certificate. This
         # field will not match on a request unless mutual TLS is enabled for the
-        # Forwarding rule or Gateway. Each identity is a string whose value is matched
-        # against the URI SAN, or DNS SAN or the subject field in the client's
-        # certificate. The match can be exact, prefix, suffix or a substring match. One
-        # of exact, prefix, suffix or contains must be specified. Limited to 5
-        # principals.
+        # forwarding rule or Gateway. For Application Load Balancers, each identity is a
+        # string whose value is matched against the URI SAN, or DNS SAN, or SPIFFE ID,
+        # or the subject field in the client's certificate. For Cloud Service Mesh, each
+        # identity is a string whose value is matched against the URI SAN, or DNS SAN,
+        # or the subject field in the client's certificate. The match can be exact,
+        # prefix, suffix, or a substring match. One of exact, prefix, suffix, or
+        # contains must be specified. Limited to 5 principals.
         # Corresponds to the JSON property `principals`
         # @return [Array<Google::Apis::NetworksecurityV1::AuthzPolicyAuthzRuleStringMatch>]
         attr_accessor :principals
@@ -842,13 +870,14 @@ module Google
         end
       end
       
-      # CustomInterceptProfile defines the Packet Intercept Endpoint Group used to
-      # intercept traffic to a third-party firewall in a Firewall rule.
+      # CustomInterceptProfile defines in-band integration behavior (intercept). It is
+      # used by firewall rules with an APPLY_SECURITY_PROFILE_GROUP action.
       class CustomInterceptProfile
         include Google::Apis::Core::Hashable
       
-        # Required. The InterceptEndpointGroup to which traffic associated with the SP
-        # should be mirrored.
+        # Required. The target InterceptEndpointGroup. When a firewall rule with this
+        # security profile attached matches a packet, the packet will be intercepted to
+        # the location-local target in this group.
         # Corresponds to the JSON property `interceptEndpointGroup`
         # @return [String]
         attr_accessor :intercept_endpoint_group
@@ -863,13 +892,14 @@ module Google
         end
       end
       
-      # CustomMirroringProfile defines an action for mirroring traffic to a collector'
-      # s EndpointGroup
+      # CustomMirroringProfile defines out-of-band integration behavior (mirroring).
+      # It is used by mirroring rules with a MIRROR action.
       class CustomMirroringProfile
         include Google::Apis::Core::Hashable
       
-        # Required. The MirroringEndpointGroup to which traffic associated with the SP
-        # should be mirrored.
+        # Required. The target MirroringEndpointGroup. When a mirroring rule with this
+        # security profile attached matches a packet, a replica will be mirrored to the
+        # location-local target in this group.
         # Corresponds to the JSON property `mirroringEndpointGroup`
         # @return [String]
         attr_accessor :mirroring_endpoint_group
@@ -1046,6 +1076,18 @@ module Google
         attr_accessor :reconciling
         alias_method :reconciling?, :reconciling
       
+        # Output only. [Output Only] Reserved for future use.
+        # Corresponds to the JSON property `satisfiesPzi`
+        # @return [Boolean]
+        attr_accessor :satisfies_pzi
+        alias_method :satisfies_pzi?, :satisfies_pzi
+      
+        # Output only. [Output Only] Reserved for future use.
+        # Corresponds to the JSON property `satisfiesPzs`
+        # @return [Boolean]
+        attr_accessor :satisfies_pzs
+        alias_method :satisfies_pzs?, :satisfies_pzs
+      
         # Output only. Current state of the endpoint.
         # Corresponds to the JSON property `state`
         # @return [String]
@@ -1070,6 +1112,8 @@ module Google
           @labels = args[:labels] if args.key?(:labels)
           @name = args[:name] if args.key?(:name)
           @reconciling = args[:reconciling] if args.key?(:reconciling)
+          @satisfies_pzi = args[:satisfies_pzi] if args.key?(:satisfies_pzi)
+          @satisfies_pzs = args[:satisfies_pzs] if args.key?(:satisfies_pzs)
           @state = args[:state] if args.key?(:state)
           @update_time = args[:update_time] if args.key?(:update_time)
         end
@@ -1823,6 +1867,11 @@ module Google
         # @return [String]
         attr_accessor :next_page_token
       
+        # Locations that could not be reached.
+        # Corresponds to the JSON property `unreachable`
+        # @return [Array<String>]
+        attr_accessor :unreachable
+      
         def initialize(**args)
            update!(**args)
         end
@@ -1831,6 +1880,7 @@ module Google
         def update!(**args)
           @address_groups = args[:address_groups] if args.key?(:address_groups)
           @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
+          @unreachable = args[:unreachable] if args.key?(:unreachable)
         end
       end
       
@@ -2072,6 +2122,120 @@ module Google
         end
       end
       
+      # Response message for ListMirroringDeploymentGroups.
+      class ListMirroringDeploymentGroupsResponse
+        include Google::Apis::Core::Hashable
+      
+        # The deployment groups from the specified parent.
+        # Corresponds to the JSON property `mirroringDeploymentGroups`
+        # @return [Array<Google::Apis::NetworksecurityV1::MirroringDeploymentGroup>]
+        attr_accessor :mirroring_deployment_groups
+      
+        # A token that can be sent as `page_token` to retrieve the next page. If this
+        # field is omitted, there are no subsequent pages. See https://google.aip.dev/
+        # 158 for more details.
+        # Corresponds to the JSON property `nextPageToken`
+        # @return [String]
+        attr_accessor :next_page_token
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @mirroring_deployment_groups = args[:mirroring_deployment_groups] if args.key?(:mirroring_deployment_groups)
+          @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
+        end
+      end
+      
+      # Response message for ListMirroringDeployments.
+      class ListMirroringDeploymentsResponse
+        include Google::Apis::Core::Hashable
+      
+        # The deployments from the specified parent.
+        # Corresponds to the JSON property `mirroringDeployments`
+        # @return [Array<Google::Apis::NetworksecurityV1::MirroringDeployment>]
+        attr_accessor :mirroring_deployments
+      
+        # A token that can be sent as `page_token` to retrieve the next page. If this
+        # field is omitted, there are no subsequent pages. See https://google.aip.dev/
+        # 158 for more details.
+        # Corresponds to the JSON property `nextPageToken`
+        # @return [String]
+        attr_accessor :next_page_token
+      
+        # Locations that could not be reached.
+        # Corresponds to the JSON property `unreachable`
+        # @return [Array<String>]
+        attr_accessor :unreachable
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @mirroring_deployments = args[:mirroring_deployments] if args.key?(:mirroring_deployments)
+          @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
+          @unreachable = args[:unreachable] if args.key?(:unreachable)
+        end
+      end
+      
+      # Response message for ListMirroringEndpointGroupAssociations.
+      class ListMirroringEndpointGroupAssociationsResponse
+        include Google::Apis::Core::Hashable
+      
+        # The associations from the specified parent.
+        # Corresponds to the JSON property `mirroringEndpointGroupAssociations`
+        # @return [Array<Google::Apis::NetworksecurityV1::MirroringEndpointGroupAssociation>]
+        attr_accessor :mirroring_endpoint_group_associations
+      
+        # A token that can be sent as `page_token` to retrieve the next page. If this
+        # field is omitted, there are no subsequent pages. See https://google.aip.dev/
+        # 158 for more details.
+        # Corresponds to the JSON property `nextPageToken`
+        # @return [String]
+        attr_accessor :next_page_token
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @mirroring_endpoint_group_associations = args[:mirroring_endpoint_group_associations] if args.key?(:mirroring_endpoint_group_associations)
+          @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
+        end
+      end
+      
+      # Response message for ListMirroringEndpointGroups.
+      class ListMirroringEndpointGroupsResponse
+        include Google::Apis::Core::Hashable
+      
+        # The endpoint groups from the specified parent.
+        # Corresponds to the JSON property `mirroringEndpointGroups`
+        # @return [Array<Google::Apis::NetworksecurityV1::MirroringEndpointGroup>]
+        attr_accessor :mirroring_endpoint_groups
+      
+        # A token that can be sent as `page_token` to retrieve the next page. If this
+        # field is omitted, there are no subsequent pages. See https://google.aip.dev/
+        # 158 for more details.
+        # Corresponds to the JSON property `nextPageToken`
+        # @return [String]
+        attr_accessor :next_page_token
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @mirroring_endpoint_groups = args[:mirroring_endpoint_groups] if args.key?(:mirroring_endpoint_groups)
+          @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
+        end
+      end
+      
       # The response message for Operations.ListOperations.
       class ListOperationsResponse
         include Google::Apis::Core::Hashable
@@ -2167,6 +2331,13 @@ module Google
         # @return [Array<Google::Apis::NetworksecurityV1::ServerTlsPolicy>]
         attr_accessor :server_tls_policies
       
+        # Unreachable resources. Populated when the request opts into `
+        # return_partial_success` and reading across collections e.g. when attempting to
+        # list all resources across all supported locations.
+        # Corresponds to the JSON property `unreachable`
+        # @return [Array<String>]
+        attr_accessor :unreachable
+      
         def initialize(**args)
            update!(**args)
         end
@@ -2175,6 +2346,7 @@ module Google
         def update!(**args)
           @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
           @server_tls_policies = args[:server_tls_policies] if args.key?(:server_tls_policies)
+          @unreachable = args[:unreachable] if args.key?(:unreachable)
         end
       end
       
@@ -2330,6 +2502,529 @@ module Google
         end
       end
       
+      # A deployment represents a zonal mirroring backend ready to accept GENEVE-
+      # encapsulated replica traffic, e.g. a zonal instance group fronted by an
+      # internal passthrough load balancer. Deployments are always part of a global
+      # deployment group which represents a global mirroring service.
+      class MirroringDeployment
+        include Google::Apis::Core::Hashable
+      
+        # Output only. The timestamp when the resource was created. See https://google.
+        # aip.dev/148#timestamps.
+        # Corresponds to the JSON property `createTime`
+        # @return [String]
+        attr_accessor :create_time
+      
+        # Optional. User-provided description of the deployment. Used as additional
+        # context for the deployment.
+        # Corresponds to the JSON property `description`
+        # @return [String]
+        attr_accessor :description
+      
+        # Required. Immutable. The regional forwarding rule that fronts the mirroring
+        # collectors, for example: `projects/123456789/regions/us-central1/
+        # forwardingRules/my-rule`. See https://google.aip.dev/124.
+        # Corresponds to the JSON property `forwardingRule`
+        # @return [String]
+        attr_accessor :forwarding_rule
+      
+        # Optional. Labels are key/value pairs that help to organize and filter
+        # resources.
+        # Corresponds to the JSON property `labels`
+        # @return [Hash<String,String>]
+        attr_accessor :labels
+      
+        # Required. Immutable. The deployment group that this deployment is a part of,
+        # for example: `projects/123456789/locations/global/mirroringDeploymentGroups/my-
+        # dg`. See https://google.aip.dev/124.
+        # Corresponds to the JSON property `mirroringDeploymentGroup`
+        # @return [String]
+        attr_accessor :mirroring_deployment_group
+      
+        # Immutable. Identifier. The resource name of this deployment, for example: `
+        # projects/123456789/locations/us-central1-a/mirroringDeployments/my-dep`. See
+        # https://google.aip.dev/122 for more details.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+      
+        # Output only. The current state of the resource does not match the user's
+        # intended state, and the system is working to reconcile them. This part of the
+        # normal operation (e.g. linking a new association to the parent group). See
+        # https://google.aip.dev/128.
+        # Corresponds to the JSON property `reconciling`
+        # @return [Boolean]
+        attr_accessor :reconciling
+        alias_method :reconciling?, :reconciling
+      
+        # Output only. The current state of the deployment. See https://google.aip.dev/
+        # 216.
+        # Corresponds to the JSON property `state`
+        # @return [String]
+        attr_accessor :state
+      
+        # Output only. The timestamp when the resource was most recently updated. See
+        # https://google.aip.dev/148#timestamps.
+        # Corresponds to the JSON property `updateTime`
+        # @return [String]
+        attr_accessor :update_time
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @create_time = args[:create_time] if args.key?(:create_time)
+          @description = args[:description] if args.key?(:description)
+          @forwarding_rule = args[:forwarding_rule] if args.key?(:forwarding_rule)
+          @labels = args[:labels] if args.key?(:labels)
+          @mirroring_deployment_group = args[:mirroring_deployment_group] if args.key?(:mirroring_deployment_group)
+          @name = args[:name] if args.key?(:name)
+          @reconciling = args[:reconciling] if args.key?(:reconciling)
+          @state = args[:state] if args.key?(:state)
+          @update_time = args[:update_time] if args.key?(:update_time)
+        end
+      end
+      
+      # A deployment group aggregates many zonal mirroring backends (deployments) into
+      # a single global mirroring service. Consumers can connect this service using an
+      # endpoint group.
+      class MirroringDeploymentGroup
+        include Google::Apis::Core::Hashable
+      
+        # Output only. The list of endpoint groups that are connected to this resource.
+        # Corresponds to the JSON property `connectedEndpointGroups`
+        # @return [Array<Google::Apis::NetworksecurityV1::MirroringDeploymentGroupConnectedEndpointGroup>]
+        attr_accessor :connected_endpoint_groups
+      
+        # Output only. The timestamp when the resource was created. See https://google.
+        # aip.dev/148#timestamps.
+        # Corresponds to the JSON property `createTime`
+        # @return [String]
+        attr_accessor :create_time
+      
+        # Optional. User-provided description of the deployment group. Used as
+        # additional context for the deployment group.
+        # Corresponds to the JSON property `description`
+        # @return [String]
+        attr_accessor :description
+      
+        # Optional. Labels are key/value pairs that help to organize and filter
+        # resources.
+        # Corresponds to the JSON property `labels`
+        # @return [Hash<String,String>]
+        attr_accessor :labels
+      
+        # Output only. The list of locations where the deployment group is present.
+        # Corresponds to the JSON property `locations`
+        # @return [Array<Google::Apis::NetworksecurityV1::MirroringLocation>]
+        attr_accessor :locations
+      
+        # Immutable. Identifier. The resource name of this deployment group, for example:
+        # `projects/123456789/locations/global/mirroringDeploymentGroups/my-dg`. See
+        # https://google.aip.dev/122 for more details.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+      
+        # Output only. The list of Mirroring Deployments that belong to this group.
+        # Corresponds to the JSON property `nestedDeployments`
+        # @return [Array<Google::Apis::NetworksecurityV1::MirroringDeploymentGroupDeployment>]
+        attr_accessor :nested_deployments
+      
+        # Required. Immutable. The network that will be used for all child deployments,
+        # for example: `projects/`project`/global/networks/`network``. See https://
+        # google.aip.dev/124.
+        # Corresponds to the JSON property `network`
+        # @return [String]
+        attr_accessor :network
+      
+        # Output only. The current state of the resource does not match the user's
+        # intended state, and the system is working to reconcile them. This is part of
+        # the normal operation (e.g. adding a new deployment to the group) See https://
+        # google.aip.dev/128.
+        # Corresponds to the JSON property `reconciling`
+        # @return [Boolean]
+        attr_accessor :reconciling
+        alias_method :reconciling?, :reconciling
+      
+        # Output only. The current state of the deployment group. See https://google.aip.
+        # dev/216.
+        # Corresponds to the JSON property `state`
+        # @return [String]
+        attr_accessor :state
+      
+        # Output only. The timestamp when the resource was most recently updated. See
+        # https://google.aip.dev/148#timestamps.
+        # Corresponds to the JSON property `updateTime`
+        # @return [String]
+        attr_accessor :update_time
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @connected_endpoint_groups = args[:connected_endpoint_groups] if args.key?(:connected_endpoint_groups)
+          @create_time = args[:create_time] if args.key?(:create_time)
+          @description = args[:description] if args.key?(:description)
+          @labels = args[:labels] if args.key?(:labels)
+          @locations = args[:locations] if args.key?(:locations)
+          @name = args[:name] if args.key?(:name)
+          @nested_deployments = args[:nested_deployments] if args.key?(:nested_deployments)
+          @network = args[:network] if args.key?(:network)
+          @reconciling = args[:reconciling] if args.key?(:reconciling)
+          @state = args[:state] if args.key?(:state)
+          @update_time = args[:update_time] if args.key?(:update_time)
+        end
+      end
+      
+      # An endpoint group connected to this deployment group.
+      class MirroringDeploymentGroupConnectedEndpointGroup
+        include Google::Apis::Core::Hashable
+      
+        # Output only. The connected endpoint group's resource name, for example: `
+        # projects/123456789/locations/global/mirroringEndpointGroups/my-eg`. See https:/
+        # /google.aip.dev/124.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @name = args[:name] if args.key?(:name)
+        end
+      end
+      
+      # A deployment belonging to this deployment group.
+      class MirroringDeploymentGroupDeployment
+        include Google::Apis::Core::Hashable
+      
+        # Output only. The name of the Mirroring Deployment, in the format: `projects/`
+        # project`/locations/`location`/mirroringDeployments/`mirroring_deployment``.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+      
+        # Output only. Most recent known state of the deployment.
+        # Corresponds to the JSON property `state`
+        # @return [String]
+        attr_accessor :state
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @name = args[:name] if args.key?(:name)
+          @state = args[:state] if args.key?(:state)
+        end
+      end
+      
+      # An endpoint group is a consumer frontend for a deployment group (backend). In
+      # order to configure mirroring for a network, consumers must create: - An
+      # association between their network and the endpoint group. - A security profile
+      # that points to the endpoint group. - A mirroring rule that references the
+      # security profile (group).
+      class MirroringEndpointGroup
+        include Google::Apis::Core::Hashable
+      
+        # Output only. List of associations to this endpoint group.
+        # Corresponds to the JSON property `associations`
+        # @return [Array<Google::Apis::NetworksecurityV1::MirroringEndpointGroupAssociationDetails>]
+        attr_accessor :associations
+      
+        # Output only. List of details about the connected deployment groups to this
+        # endpoint group.
+        # Corresponds to the JSON property `connectedDeploymentGroups`
+        # @return [Array<Google::Apis::NetworksecurityV1::MirroringEndpointGroupConnectedDeploymentGroup>]
+        attr_accessor :connected_deployment_groups
+      
+        # Output only. The timestamp when the resource was created. See https://google.
+        # aip.dev/148#timestamps.
+        # Corresponds to the JSON property `createTime`
+        # @return [String]
+        attr_accessor :create_time
+      
+        # Optional. User-provided description of the endpoint group. Used as additional
+        # context for the endpoint group.
+        # Corresponds to the JSON property `description`
+        # @return [String]
+        attr_accessor :description
+      
+        # Optional. Labels are key/value pairs that help to organize and filter
+        # resources.
+        # Corresponds to the JSON property `labels`
+        # @return [Hash<String,String>]
+        attr_accessor :labels
+      
+        # Immutable. The deployment group that this DIRECT endpoint group is connected
+        # to, for example: `projects/123456789/locations/global/
+        # mirroringDeploymentGroups/my-dg`. See https://google.aip.dev/124.
+        # Corresponds to the JSON property `mirroringDeploymentGroup`
+        # @return [String]
+        attr_accessor :mirroring_deployment_group
+      
+        # Immutable. Identifier. The resource name of this endpoint group, for example: `
+        # projects/123456789/locations/global/mirroringEndpointGroups/my-eg`. See https:/
+        # /google.aip.dev/122 for more details.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+      
+        # Output only. The current state of the resource does not match the user's
+        # intended state, and the system is working to reconcile them. This is part of
+        # the normal operation (e.g. adding a new association to the group). See https://
+        # google.aip.dev/128.
+        # Corresponds to the JSON property `reconciling`
+        # @return [Boolean]
+        attr_accessor :reconciling
+        alias_method :reconciling?, :reconciling
+      
+        # Output only. The current state of the endpoint group. See https://google.aip.
+        # dev/216.
+        # Corresponds to the JSON property `state`
+        # @return [String]
+        attr_accessor :state
+      
+        # Output only. The timestamp when the resource was most recently updated. See
+        # https://google.aip.dev/148#timestamps.
+        # Corresponds to the JSON property `updateTime`
+        # @return [String]
+        attr_accessor :update_time
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @associations = args[:associations] if args.key?(:associations)
+          @connected_deployment_groups = args[:connected_deployment_groups] if args.key?(:connected_deployment_groups)
+          @create_time = args[:create_time] if args.key?(:create_time)
+          @description = args[:description] if args.key?(:description)
+          @labels = args[:labels] if args.key?(:labels)
+          @mirroring_deployment_group = args[:mirroring_deployment_group] if args.key?(:mirroring_deployment_group)
+          @name = args[:name] if args.key?(:name)
+          @reconciling = args[:reconciling] if args.key?(:reconciling)
+          @state = args[:state] if args.key?(:state)
+          @update_time = args[:update_time] if args.key?(:update_time)
+        end
+      end
+      
+      # An endpoint group association represents a link between a network and an
+      # endpoint group in the organization. Creating an association creates the
+      # networking infrastructure linking the network to the endpoint group, but does
+      # not enable mirroring by itself. To enable mirroring, the user must also create
+      # a network firewall policy containing mirroring rules and associate it with the
+      # network.
+      class MirroringEndpointGroupAssociation
+        include Google::Apis::Core::Hashable
+      
+        # Output only. The timestamp when the resource was created. See https://google.
+        # aip.dev/148#timestamps.
+        # Corresponds to the JSON property `createTime`
+        # @return [String]
+        attr_accessor :create_time
+      
+        # Optional. Labels are key/value pairs that help to organize and filter
+        # resources.
+        # Corresponds to the JSON property `labels`
+        # @return [Hash<String,String>]
+        attr_accessor :labels
+      
+        # Output only. The list of locations where the association is configured. This
+        # information is retrieved from the linked endpoint group.
+        # Corresponds to the JSON property `locations`
+        # @return [Array<Google::Apis::NetworksecurityV1::MirroringLocation>]
+        attr_accessor :locations
+      
+        # Output only. The list of locations where the association is present. This
+        # information is retrieved from the linked endpoint group, and not configured as
+        # part of the association itself.
+        # Corresponds to the JSON property `locationsDetails`
+        # @return [Array<Google::Apis::NetworksecurityV1::MirroringEndpointGroupAssociationLocationDetails>]
+        attr_accessor :locations_details
+      
+        # Immutable. The endpoint group that this association is connected to, for
+        # example: `projects/123456789/locations/global/mirroringEndpointGroups/my-eg`.
+        # See https://google.aip.dev/124.
+        # Corresponds to the JSON property `mirroringEndpointGroup`
+        # @return [String]
+        attr_accessor :mirroring_endpoint_group
+      
+        # Immutable. Identifier. The resource name of this endpoint group association,
+        # for example: `projects/123456789/locations/global/
+        # mirroringEndpointGroupAssociations/my-eg-association`. See https://google.aip.
+        # dev/122 for more details.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+      
+        # Immutable. The VPC network that is associated. for example: `projects/
+        # 123456789/global/networks/my-network`. See https://google.aip.dev/124.
+        # Corresponds to the JSON property `network`
+        # @return [String]
+        attr_accessor :network
+      
+        # Output only. The current state of the resource does not match the user's
+        # intended state, and the system is working to reconcile them. This part of the
+        # normal operation (e.g. adding a new location to the target deployment group).
+        # See https://google.aip.dev/128.
+        # Corresponds to the JSON property `reconciling`
+        # @return [Boolean]
+        attr_accessor :reconciling
+        alias_method :reconciling?, :reconciling
+      
+        # Output only. Current state of the endpoint group association.
+        # Corresponds to the JSON property `state`
+        # @return [String]
+        attr_accessor :state
+      
+        # Output only. The timestamp when the resource was most recently updated. See
+        # https://google.aip.dev/148#timestamps.
+        # Corresponds to the JSON property `updateTime`
+        # @return [String]
+        attr_accessor :update_time
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @create_time = args[:create_time] if args.key?(:create_time)
+          @labels = args[:labels] if args.key?(:labels)
+          @locations = args[:locations] if args.key?(:locations)
+          @locations_details = args[:locations_details] if args.key?(:locations_details)
+          @mirroring_endpoint_group = args[:mirroring_endpoint_group] if args.key?(:mirroring_endpoint_group)
+          @name = args[:name] if args.key?(:name)
+          @network = args[:network] if args.key?(:network)
+          @reconciling = args[:reconciling] if args.key?(:reconciling)
+          @state = args[:state] if args.key?(:state)
+          @update_time = args[:update_time] if args.key?(:update_time)
+        end
+      end
+      
+      # The endpoint group's view of a connected association.
+      class MirroringEndpointGroupAssociationDetails
+        include Google::Apis::Core::Hashable
+      
+        # Output only. The connected association's resource name, for example: `projects/
+        # 123456789/locations/global/mirroringEndpointGroupAssociations/my-ega`. See
+        # https://google.aip.dev/124.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+      
+        # Output only. The associated network, for example: projects/123456789/global/
+        # networks/my-network. See https://google.aip.dev/124.
+        # Corresponds to the JSON property `network`
+        # @return [String]
+        attr_accessor :network
+      
+        # Output only. Most recent known state of the association.
+        # Corresponds to the JSON property `state`
+        # @return [String]
+        attr_accessor :state
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @name = args[:name] if args.key?(:name)
+          @network = args[:network] if args.key?(:network)
+          @state = args[:state] if args.key?(:state)
+        end
+      end
+      
+      # Contains details about the state of an association in a specific cloud
+      # location.
+      class MirroringEndpointGroupAssociationLocationDetails
+        include Google::Apis::Core::Hashable
+      
+        # Output only. The cloud location, e.g. "us-central1-a" or "asia-south1".
+        # Corresponds to the JSON property `location`
+        # @return [String]
+        attr_accessor :location
+      
+        # Output only. The current state of the association in this location.
+        # Corresponds to the JSON property `state`
+        # @return [String]
+        attr_accessor :state
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @location = args[:location] if args.key?(:location)
+          @state = args[:state] if args.key?(:state)
+        end
+      end
+      
+      # The endpoint group's view of a connected deployment group.
+      class MirroringEndpointGroupConnectedDeploymentGroup
+        include Google::Apis::Core::Hashable
+      
+        # Output only. The list of locations where the deployment group is present.
+        # Corresponds to the JSON property `locations`
+        # @return [Array<Google::Apis::NetworksecurityV1::MirroringLocation>]
+        attr_accessor :locations
+      
+        # Output only. The connected deployment group's resource name, for example: `
+        # projects/123456789/locations/global/mirroringDeploymentGroups/my-dg`. See
+        # https://google.aip.dev/124.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @locations = args[:locations] if args.key?(:locations)
+          @name = args[:name] if args.key?(:name)
+        end
+      end
+      
+      # Details about mirroring in a specific cloud location.
+      class MirroringLocation
+        include Google::Apis::Core::Hashable
+      
+        # Output only. The cloud location, e.g. "us-central1-a" or "asia-south1".
+        # Corresponds to the JSON property `location`
+        # @return [String]
+        attr_accessor :location
+      
+        # Output only. The current state of the association in this location.
+        # Corresponds to the JSON property `state`
+        # @return [String]
+        attr_accessor :state
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @location = args[:location] if args.key?(:location)
+          @state = args[:state] if args.key?(:state)
+        end
+      end
+      
       # This resource represents a long-running operation that is the result of a
       # network API call.
       class Operation
@@ -2527,14 +3222,14 @@ module Google
         # @return [String]
         attr_accessor :create_time
       
-        # CustomInterceptProfile defines the Packet Intercept Endpoint Group used to
-        # intercept traffic to a third-party firewall in a Firewall rule.
+        # CustomInterceptProfile defines in-band integration behavior (intercept). It is
+        # used by firewall rules with an APPLY_SECURITY_PROFILE_GROUP action.
         # Corresponds to the JSON property `customInterceptProfile`
         # @return [Google::Apis::NetworksecurityV1::CustomInterceptProfile]
         attr_accessor :custom_intercept_profile
       
-        # CustomMirroringProfile defines an action for mirroring traffic to a collector'
-        # s EndpointGroup
+        # CustomMirroringProfile defines out-of-band integration behavior (mirroring).
+        # It is used by mirroring rules with a MIRROR action.
         # Corresponds to the JSON property `customMirroringProfile`
         # @return [Google::Apis::NetworksecurityV1::CustomMirroringProfile]
         attr_accessor :custom_mirroring_profile
@@ -2620,6 +3315,12 @@ module Google
         # @return [String]
         attr_accessor :custom_mirroring_profile
       
+        # Output only. Identifier used by the data-path. Unique within `container,
+        # location`.
+        # Corresponds to the JSON property `dataPathId`
+        # @return [Fixnum]
+        attr_accessor :data_path_id
+      
         # Optional. An optional description of the profile group. Max length 2048
         # characters.
         # Corresponds to the JSON property `description`
@@ -2665,6 +3366,7 @@ module Google
           @create_time = args[:create_time] if args.key?(:create_time)
           @custom_intercept_profile = args[:custom_intercept_profile] if args.key?(:custom_intercept_profile)
           @custom_mirroring_profile = args[:custom_mirroring_profile] if args.key?(:custom_mirroring_profile)
+          @data_path_id = args[:data_path_id] if args.key?(:data_path_id)
           @description = args[:description] if args.key?(:description)
           @etag = args[:etag] if args.key?(:etag)
           @labels = args[:labels] if args.key?(:labels)
@@ -2888,6 +3590,11 @@ module Google
       class ThreatPreventionProfile
         include Google::Apis::Core::Hashable
       
+        # Optional. Configuration for overriding antivirus actions per protocol.
+        # Corresponds to the JSON property `antivirusOverrides`
+        # @return [Array<Google::Apis::NetworksecurityV1::AntivirusOverride>]
+        attr_accessor :antivirus_overrides
+      
         # Optional. Configuration for overriding threats actions by severity match.
         # Corresponds to the JSON property `severityOverrides`
         # @return [Array<Google::Apis::NetworksecurityV1::SeverityOverride>]
@@ -2906,6 +3613,7 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @antivirus_overrides = args[:antivirus_overrides] if args.key?(:antivirus_overrides)
           @severity_overrides = args[:severity_overrides] if args.key?(:severity_overrides)
           @threat_overrides = args[:threat_overrides] if args.key?(:threat_overrides)
         end