google-apis-networksecurity_v1beta1 0.18.0 → 0.20.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 54471a1e38d1b8b73a65534f507c1534c79f688db818668e73577354c87772ac
4
- data.tar.gz: 318869d34b7020e6f68f4328408a798d1b5affd563673b3e9da99670aea2451e
3
+ metadata.gz: ef3a4af970b2330d2035f18ce224c97892f3bc3d31cd715d290235f6b5d30d2d
4
+ data.tar.gz: e30ae7513f7d9bccdcfa18638067a01146f2eae47f3acfa3ad0b1dd333282ee6
5
5
  SHA512:
6
- metadata.gz: d2835ca59716004e5e747c235bbe1d1e765e90137aedcab8ec10fad989fe5c8c457df8f8a57078edb25246440e58fdd47c9b7c3d1791d896de929fa72afda316
7
- data.tar.gz: 0b88ad717e2452c8da85f3633af255d3da5be0daa43a9fbd7a0bd4d03e0d49b038f148ae465e7d36be20d035b04871b819e6fc5e6d5ae3734faa391d13682e52
6
+ metadata.gz: 9b4a55aedf94521f22d66eaad10c820fa44dba7a8ab8fd534450976e11bd933f7d51146ecc32ac0c5162b8305daf138b50c223f8b8b5a631fca917c3f7675600
7
+ data.tar.gz: 5cc1b36c86a3c7720789cc9df016b14e2a2043663593d28898180038fe8b3d103f45d008d73ef856759c67c23875d6dc3656be6129f340cac647c968c1d5271a
data/CHANGELOG.md CHANGED
@@ -1,5 +1,13 @@
1
1
  # Release history for google-apis-networksecurity_v1beta1
2
2
 
3
+ ### v0.20.0 (2023-04-16)
4
+
5
+ * Regenerated from discovery document revision 20230406
6
+
7
+ ### v0.19.0 (2023-03-26)
8
+
9
+ * Regenerated from discovery document revision 20230316
10
+
3
11
  ### v0.18.0 (2023-03-12)
4
12
 
5
13
  * Regenerated from discovery document revision 20230306
@@ -438,6 +438,135 @@ module Google
438
438
  end
439
439
  end
440
440
 
441
+ # The GatewaySecurityPolicy resource contains a collection of
442
+ # GatewaySecurityPolicyRules and associated metadata.
443
+ class GatewaySecurityPolicy
444
+ include Google::Apis::Core::Hashable
445
+
446
+ # Output only. The timestamp when the resource was created.
447
+ # Corresponds to the JSON property `createTime`
448
+ # @return [String]
449
+ attr_accessor :create_time
450
+
451
+ # Optional. Free-text description of the resource.
452
+ # Corresponds to the JSON property `description`
453
+ # @return [String]
454
+ attr_accessor :description
455
+
456
+ # Required. Name of the resource. Name is of the form projects/`project`/
457
+ # locations/`location`/gatewaySecurityPolicies/`gateway_security_policy`
458
+ # gateway_security_policy should match the pattern:(^[a-z]([a-z0-9-]`0,61`[a-z0-
459
+ # 9])?$).
460
+ # Corresponds to the JSON property `name`
461
+ # @return [String]
462
+ attr_accessor :name
463
+
464
+ # Optional. Name of a TLS Inspection Policy resource that defines how TLS
465
+ # inspection will be performed for any rule(s) which enables it.
466
+ # Corresponds to the JSON property `tlsInspectionPolicy`
467
+ # @return [String]
468
+ attr_accessor :tls_inspection_policy
469
+
470
+ # Output only. The timestamp when the resource was updated.
471
+ # Corresponds to the JSON property `updateTime`
472
+ # @return [String]
473
+ attr_accessor :update_time
474
+
475
+ def initialize(**args)
476
+ update!(**args)
477
+ end
478
+
479
+ # Update properties of this object
480
+ def update!(**args)
481
+ @create_time = args[:create_time] if args.key?(:create_time)
482
+ @description = args[:description] if args.key?(:description)
483
+ @name = args[:name] if args.key?(:name)
484
+ @tls_inspection_policy = args[:tls_inspection_policy] if args.key?(:tls_inspection_policy)
485
+ @update_time = args[:update_time] if args.key?(:update_time)
486
+ end
487
+ end
488
+
489
+ # The GatewaySecurityPolicyRule resource is in a nested collection within a
490
+ # GatewaySecurityPolicy and represents a traffic matching condition and
491
+ # associated action to perform.
492
+ class GatewaySecurityPolicyRule
493
+ include Google::Apis::Core::Hashable
494
+
495
+ # Optional. CEL expression for matching on L7/application level criteria.
496
+ # Corresponds to the JSON property `applicationMatcher`
497
+ # @return [String]
498
+ attr_accessor :application_matcher
499
+
500
+ # Required. Profile which tells what the primitive action should be.
501
+ # Corresponds to the JSON property `basicProfile`
502
+ # @return [String]
503
+ attr_accessor :basic_profile
504
+
505
+ # Output only. Time when the rule was created.
506
+ # Corresponds to the JSON property `createTime`
507
+ # @return [String]
508
+ attr_accessor :create_time
509
+
510
+ # Optional. Free-text description of the resource.
511
+ # Corresponds to the JSON property `description`
512
+ # @return [String]
513
+ attr_accessor :description
514
+
515
+ # Required. Whether the rule is enforced.
516
+ # Corresponds to the JSON property `enabled`
517
+ # @return [Boolean]
518
+ attr_accessor :enabled
519
+ alias_method :enabled?, :enabled
520
+
521
+ # Required. Immutable. Name of the resource. ame is the full resource name so
522
+ # projects/`project`/locations/`location`/gatewaySecurityPolicies/`
523
+ # gateway_security_policy`/rules/`rule` rule should match the pattern: (^[a-z]([
524
+ # a-z0-9-]`0,61`[a-z0-9])?$).
525
+ # Corresponds to the JSON property `name`
526
+ # @return [String]
527
+ attr_accessor :name
528
+
529
+ # Required. Priority of the rule. Lower number corresponds to higher precedence.
530
+ # Corresponds to the JSON property `priority`
531
+ # @return [Fixnum]
532
+ attr_accessor :priority
533
+
534
+ # Required. CEL expression for matching on session criteria.
535
+ # Corresponds to the JSON property `sessionMatcher`
536
+ # @return [String]
537
+ attr_accessor :session_matcher
538
+
539
+ # Optional. Flag to enable TLS inspection of traffic matching on , can only be
540
+ # true if the parent GatewaySecurityPolicy references a TLSInspectionConfig.
541
+ # Corresponds to the JSON property `tlsInspectionEnabled`
542
+ # @return [Boolean]
543
+ attr_accessor :tls_inspection_enabled
544
+ alias_method :tls_inspection_enabled?, :tls_inspection_enabled
545
+
546
+ # Output only. Time when the rule was updated.
547
+ # Corresponds to the JSON property `updateTime`
548
+ # @return [String]
549
+ attr_accessor :update_time
550
+
551
+ def initialize(**args)
552
+ update!(**args)
553
+ end
554
+
555
+ # Update properties of this object
556
+ def update!(**args)
557
+ @application_matcher = args[:application_matcher] if args.key?(:application_matcher)
558
+ @basic_profile = args[:basic_profile] if args.key?(:basic_profile)
559
+ @create_time = args[:create_time] if args.key?(:create_time)
560
+ @description = args[:description] if args.key?(:description)
561
+ @enabled = args[:enabled] if args.key?(:enabled)
562
+ @name = args[:name] if args.key?(:name)
563
+ @priority = args[:priority] if args.key?(:priority)
564
+ @session_matcher = args[:session_matcher] if args.key?(:session_matcher)
565
+ @tls_inspection_enabled = args[:tls_inspection_enabled] if args.key?(:tls_inspection_enabled)
566
+ @update_time = args[:update_time] if args.key?(:update_time)
567
+ end
568
+ end
569
+
441
570
  # Specification of certificate provider. Defines the mechanism to obtain the
442
571
  # certificate and private key for peer to peer authentication.
443
572
  class GoogleCloudNetworksecurityV1beta1CertificateProvider
@@ -986,6 +1115,72 @@ module Google
986
1115
  end
987
1116
  end
988
1117
 
1118
+ # Response returned by the ListGatewaySecurityPolicies method.
1119
+ class ListGatewaySecurityPoliciesResponse
1120
+ include Google::Apis::Core::Hashable
1121
+
1122
+ # List of GatewaySecurityPolicies resources.
1123
+ # Corresponds to the JSON property `gatewaySecurityPolicies`
1124
+ # @return [Array<Google::Apis::NetworksecurityV1beta1::GatewaySecurityPolicy>]
1125
+ attr_accessor :gateway_security_policies
1126
+
1127
+ # If there might be more results than those appearing in this response, then '
1128
+ # next_page_token' is included. To get the next set of results, call this method
1129
+ # again using the value of 'next_page_token' as 'page_token'.
1130
+ # Corresponds to the JSON property `nextPageToken`
1131
+ # @return [String]
1132
+ attr_accessor :next_page_token
1133
+
1134
+ # Locations that could not be reached.
1135
+ # Corresponds to the JSON property `unreachable`
1136
+ # @return [Array<String>]
1137
+ attr_accessor :unreachable
1138
+
1139
+ def initialize(**args)
1140
+ update!(**args)
1141
+ end
1142
+
1143
+ # Update properties of this object
1144
+ def update!(**args)
1145
+ @gateway_security_policies = args[:gateway_security_policies] if args.key?(:gateway_security_policies)
1146
+ @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
1147
+ @unreachable = args[:unreachable] if args.key?(:unreachable)
1148
+ end
1149
+ end
1150
+
1151
+ # Response returned by the ListGatewaySecurityPolicyRules method.
1152
+ class ListGatewaySecurityPolicyRulesResponse
1153
+ include Google::Apis::Core::Hashable
1154
+
1155
+ # List of GatewaySecurityPolicyRule resources.
1156
+ # Corresponds to the JSON property `gatewaySecurityPolicyRules`
1157
+ # @return [Array<Google::Apis::NetworksecurityV1beta1::GatewaySecurityPolicyRule>]
1158
+ attr_accessor :gateway_security_policy_rules
1159
+
1160
+ # If there might be more results than those appearing in this response, then '
1161
+ # next_page_token' is included. To get the next set of results, call this method
1162
+ # again using the value of 'next_page_token' as 'page_token'.
1163
+ # Corresponds to the JSON property `nextPageToken`
1164
+ # @return [String]
1165
+ attr_accessor :next_page_token
1166
+
1167
+ # Locations that could not be reached.
1168
+ # Corresponds to the JSON property `unreachable`
1169
+ # @return [Array<String>]
1170
+ attr_accessor :unreachable
1171
+
1172
+ def initialize(**args)
1173
+ update!(**args)
1174
+ end
1175
+
1176
+ # Update properties of this object
1177
+ def update!(**args)
1178
+ @gateway_security_policy_rules = args[:gateway_security_policy_rules] if args.key?(:gateway_security_policy_rules)
1179
+ @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
1180
+ @unreachable = args[:unreachable] if args.key?(:unreachable)
1181
+ end
1182
+ end
1183
+
989
1184
  # The response message for Locations.ListLocations.
990
1185
  class ListLocationsResponse
991
1186
  include Google::Apis::Core::Hashable
@@ -1063,6 +1258,72 @@ module Google
1063
1258
  end
1064
1259
  end
1065
1260
 
1261
+ # Response returned by the ListTlsInspectionPolicies method.
1262
+ class ListTlsInspectionPoliciesResponse
1263
+ include Google::Apis::Core::Hashable
1264
+
1265
+ # If there might be more results than those appearing in this response, then '
1266
+ # next_page_token' is included. To get the next set of results, call this method
1267
+ # again using the value of 'next_page_token' as 'page_token'.
1268
+ # Corresponds to the JSON property `nextPageToken`
1269
+ # @return [String]
1270
+ attr_accessor :next_page_token
1271
+
1272
+ # List of TlsInspectionPolicies resources.
1273
+ # Corresponds to the JSON property `tlsInspectionPolicies`
1274
+ # @return [Array<Google::Apis::NetworksecurityV1beta1::TlsInspectionPolicy>]
1275
+ attr_accessor :tls_inspection_policies
1276
+
1277
+ # Locations that could not be reached.
1278
+ # Corresponds to the JSON property `unreachable`
1279
+ # @return [Array<String>]
1280
+ attr_accessor :unreachable
1281
+
1282
+ def initialize(**args)
1283
+ update!(**args)
1284
+ end
1285
+
1286
+ # Update properties of this object
1287
+ def update!(**args)
1288
+ @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
1289
+ @tls_inspection_policies = args[:tls_inspection_policies] if args.key?(:tls_inspection_policies)
1290
+ @unreachable = args[:unreachable] if args.key?(:unreachable)
1291
+ end
1292
+ end
1293
+
1294
+ # Response returned by the ListUrlLists method.
1295
+ class ListUrlListsResponse
1296
+ include Google::Apis::Core::Hashable
1297
+
1298
+ # If there might be more results than those appearing in this response, then `
1299
+ # next_page_token` is included. To get the next set of results, call this method
1300
+ # again using the value of `next_page_token` as `page_token`.
1301
+ # Corresponds to the JSON property `nextPageToken`
1302
+ # @return [String]
1303
+ attr_accessor :next_page_token
1304
+
1305
+ # Locations that could not be reached.
1306
+ # Corresponds to the JSON property `unreachable`
1307
+ # @return [Array<String>]
1308
+ attr_accessor :unreachable
1309
+
1310
+ # List of UrlList resources.
1311
+ # Corresponds to the JSON property `urlLists`
1312
+ # @return [Array<Google::Apis::NetworksecurityV1beta1::UrlList>]
1313
+ attr_accessor :url_lists
1314
+
1315
+ def initialize(**args)
1316
+ update!(**args)
1317
+ end
1318
+
1319
+ # Update properties of this object
1320
+ def update!(**args)
1321
+ @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
1322
+ @unreachable = args[:unreachable] if args.key?(:unreachable)
1323
+ @url_lists = args[:url_lists] if args.key?(:url_lists)
1324
+ end
1325
+ end
1326
+
1066
1327
  # A resource that represents Google Cloud Platform location.
1067
1328
  class Location
1068
1329
  include Google::Apis::Core::Hashable
@@ -1114,12 +1375,28 @@ module Google
1114
1375
  class MtlsPolicy
1115
1376
  include Google::Apis::Core::Hashable
1116
1377
 
1117
- # Defines the mechanism to obtain the Certificate Authority certificate to
1118
- # validate the client certificate.
1378
+ # Required if the policy is to be used with Traffic Director. For External HTTPS
1379
+ # LB it must be empty. Defines the mechanism to obtain the Certificate Authority
1380
+ # certificate to validate the client certificate.
1119
1381
  # Corresponds to the JSON property `clientValidationCa`
1120
1382
  # @return [Array<Google::Apis::NetworksecurityV1beta1::ValidationCa>]
1121
1383
  attr_accessor :client_validation_ca
1122
1384
 
1385
+ # Specifies whether client connections proceed when a client presents an invalid
1386
+ # certificate or no certificate. Required if the policy is to be used with the
1387
+ # External HTTPS LB. For Traffic Director it must be empty.
1388
+ # Corresponds to the JSON property `clientValidationMode`
1389
+ # @return [String]
1390
+ attr_accessor :client_validation_mode
1391
+
1392
+ # Reference to the TrustConfig from certificatemanager.googleapis.com namespace.
1393
+ # If specified, the chain validation will be performed against certificates
1394
+ # configured in the given TrustConfig. Allowed only if the policy is to be used
1395
+ # with External HTTPS LB.
1396
+ # Corresponds to the JSON property `clientValidationTrustConfig`
1397
+ # @return [String]
1398
+ attr_accessor :client_validation_trust_config
1399
+
1123
1400
  def initialize(**args)
1124
1401
  update!(**args)
1125
1402
  end
@@ -1127,6 +1404,8 @@ module Google
1127
1404
  # Update properties of this object
1128
1405
  def update!(**args)
1129
1406
  @client_validation_ca = args[:client_validation_ca] if args.key?(:client_validation_ca)
1407
+ @client_validation_mode = args[:client_validation_mode] if args.key?(:client_validation_mode)
1408
+ @client_validation_trust_config = args[:client_validation_trust_config] if args.key?(:client_validation_trust_config)
1130
1409
  end
1131
1410
  end
1132
1411
 
@@ -1320,16 +1599,22 @@ module Google
1320
1599
  # ServerTlsPolicy is a resource that specifies how a server should authenticate
1321
1600
  # incoming requests. This resource itself does not affect configuration unless
1322
1601
  # it is attached to a target HTTPS proxy or endpoint config selector resource.
1602
+ # ServerTlsPolicy in the form accepted by External HTTPS Load Balancer can be
1603
+ # attached only to TargetHttpsProxy with an `EXTERNAL` or `EXTERNAL_MANAGED`
1604
+ # load balancing scheme. Traffic Director compatible ServerTlsPolicies can be
1605
+ # attached to EndpointPolicy and TargetHttpsProxy with Traffic Director `
1606
+ # INTERNAL_SELF_MANAGED` load balancing scheme.
1323
1607
  class ServerTlsPolicy
1324
1608
  include Google::Apis::Core::Hashable
1325
1609
 
1326
- # Determines if server allows plaintext connections. If set to true, server
1327
- # allows plain text connections. By default, it is set to false. This setting is
1328
- # not exclusive of other encryption modes. For example, if `allow_open` and `
1329
- # mtls_policy` are set, server allows both plain text and mTLS connections. See
1330
- # documentation of other encryption modes to confirm compatibility. Consider
1331
- # using it if you wish to upgrade in place your deployment to TLS while having
1332
- # mixed TLS and non-TLS traffic reaching port :80.
1610
+ # Can be enabled only for Traffic Director policies, must be false for External
1611
+ # HTTPS LB policies. Determines if server allows plaintext connections. If set
1612
+ # to true, server allows plain text connections. By default, it is set to false.
1613
+ # This setting is not exclusive of other encryption modes. For example, if `
1614
+ # allow_open` and `mtls_policy` are set, server allows both plain text and mTLS
1615
+ # connections. See documentation of other encryption modes to confirm
1616
+ # compatibility. Consider using it if you wish to upgrade in place your
1617
+ # deployment to TLS while having mixed TLS and non-TLS traffic reaching port :80.
1333
1618
  # Corresponds to the JSON property `allowOpen`
1334
1619
  # @return [Boolean]
1335
1620
  attr_accessor :allow_open
@@ -1462,6 +1747,101 @@ module Google
1462
1747
  end
1463
1748
  end
1464
1749
 
1750
+ # The TlsInspectionPolicy resource contains references to CA pools in
1751
+ # Certificate Authority Service and associated metadata.
1752
+ class TlsInspectionPolicy
1753
+ include Google::Apis::Core::Hashable
1754
+
1755
+ # Required. A CA pool resource used to issue interception certificates. The CA
1756
+ # pool string has a relative resource path following the form "projects/`project`
1757
+ # /locations/`location`/caPools/`ca_pool`".
1758
+ # Corresponds to the JSON property `caPool`
1759
+ # @return [String]
1760
+ attr_accessor :ca_pool
1761
+
1762
+ # Output only. The timestamp when the resource was created.
1763
+ # Corresponds to the JSON property `createTime`
1764
+ # @return [String]
1765
+ attr_accessor :create_time
1766
+
1767
+ # Optional. Free-text description of the resource.
1768
+ # Corresponds to the JSON property `description`
1769
+ # @return [String]
1770
+ attr_accessor :description
1771
+
1772
+ # Required. Name of the resource. Name is of the form projects/`project`/
1773
+ # locations/`location`/tlsInspectionPolicies/`tls_inspection_policy`
1774
+ # tls_inspection_policy should match the pattern:(^[a-z]([a-z0-9-]`0,61`[a-z0-9])
1775
+ # ?$).
1776
+ # Corresponds to the JSON property `name`
1777
+ # @return [String]
1778
+ attr_accessor :name
1779
+
1780
+ # Output only. The timestamp when the resource was updated.
1781
+ # Corresponds to the JSON property `updateTime`
1782
+ # @return [String]
1783
+ attr_accessor :update_time
1784
+
1785
+ def initialize(**args)
1786
+ update!(**args)
1787
+ end
1788
+
1789
+ # Update properties of this object
1790
+ def update!(**args)
1791
+ @ca_pool = args[:ca_pool] if args.key?(:ca_pool)
1792
+ @create_time = args[:create_time] if args.key?(:create_time)
1793
+ @description = args[:description] if args.key?(:description)
1794
+ @name = args[:name] if args.key?(:name)
1795
+ @update_time = args[:update_time] if args.key?(:update_time)
1796
+ end
1797
+ end
1798
+
1799
+ # UrlList proto helps users to set reusable, independently manageable lists of
1800
+ # hosts, host patterns, URLs, URL patterns.
1801
+ class UrlList
1802
+ include Google::Apis::Core::Hashable
1803
+
1804
+ # Output only. Time when the security policy was created.
1805
+ # Corresponds to the JSON property `createTime`
1806
+ # @return [String]
1807
+ attr_accessor :create_time
1808
+
1809
+ # Optional. Free-text description of the resource.
1810
+ # Corresponds to the JSON property `description`
1811
+ # @return [String]
1812
+ attr_accessor :description
1813
+
1814
+ # Required. Name of the resource provided by the user. Name is of the form
1815
+ # projects/`project`/locations/`location`/urlLists/`url_list` url_list should
1816
+ # match the pattern:(^[a-z]([a-z0-9-]`0,61`[a-z0-9])?$).
1817
+ # Corresponds to the JSON property `name`
1818
+ # @return [String]
1819
+ attr_accessor :name
1820
+
1821
+ # Output only. Time when the security policy was updated.
1822
+ # Corresponds to the JSON property `updateTime`
1823
+ # @return [String]
1824
+ attr_accessor :update_time
1825
+
1826
+ # Required. FQDNs and URLs.
1827
+ # Corresponds to the JSON property `values`
1828
+ # @return [Array<String>]
1829
+ attr_accessor :values
1830
+
1831
+ def initialize(**args)
1832
+ update!(**args)
1833
+ end
1834
+
1835
+ # Update properties of this object
1836
+ def update!(**args)
1837
+ @create_time = args[:create_time] if args.key?(:create_time)
1838
+ @description = args[:description] if args.key?(:description)
1839
+ @name = args[:name] if args.key?(:name)
1840
+ @update_time = args[:update_time] if args.key?(:update_time)
1841
+ @values = args[:values] if args.key?(:values)
1842
+ end
1843
+ end
1844
+
1465
1845
  # Specification of ValidationCA. Defines the mechanism to obtain the Certificate
1466
1846
  # Authority certificate to validate the peer certificate.
1467
1847
  class ValidationCa
@@ -16,13 +16,13 @@ module Google
16
16
  module Apis
17
17
  module NetworksecurityV1beta1
18
18
  # Version of the google-apis-networksecurity_v1beta1 gem
19
- GEM_VERSION = "0.18.0"
19
+ GEM_VERSION = "0.20.0"
20
20
 
21
21
  # Version of the code generator used to generate this client
22
22
  GENERATOR_VERSION = "0.12.0"
23
23
 
24
24
  # Revision of the discovery document this client was generated from
25
- REVISION = "20230306"
25
+ REVISION = "20230406"
26
26
  end
27
27
  end
28
28
  end