google-apis-networksecurity_v1beta1 0.22.0 → 0.24.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2087c3c420f0e350c64411b550fdaa7c835c6fd97e258545d8e41778899594da
-  data.tar.gz: cf0aaf312204b787caefa91f821b9e14a0295a9b19ddc8e96138462791be24ea
+  metadata.gz: 8672a1a1e41e245ba62b9c751677d06ee6353710dc6465093a2558f9a9bfa031
+  data.tar.gz: 2991a9997b53e8295408c0b245cd9823486332bea23e4978b582dd421a4f4322
 SHA512:
-  metadata.gz: 9f609dec8b6602e9aaf1274a9e97a71ee652139965c59c818c3d0a3295ecbda914699cd2f4464f944c15cb09efb4d5e3a7cef9f147073884eec83bec95c07177
-  data.tar.gz: 88730cc37bf8b772fd3fbee93eb35b2e958b28a49cdb0e0b00e3ec2ac149fc2941f8e659d8e8eaada52cf743c527e45a28159c63f761debb21ca631c19dbb137
+  metadata.gz: 2d4fb1b58513f3c8d3cfd590ef964dc60fa14f5ab397b02e6d9dd97ef2fec3b0022edfbc0a22c3a6052c2b9765a9a44e74a831d195264523793f865ade673de2
+  data.tar.gz: 7919104e1bfa253372bfb96b243ebc0662d2be61324bff891b93430ca58d4d644b961cf7d619c3b8091e78b8638c8cb3a6bf13cc355958fb37df6c5fb1536e4a

data/CHANGELOG.md

@@ -1,5 +1,13 @@
 # Release history for google-apis-networksecurity_v1beta1
 
+### v0.24.0 (2023-08-03)
+
+* Regenerated from discovery document revision 20230719
+
+### v0.23.0 (2023-07-16)
+
+* Regenerated from discovery document revision 20230710
+
 ### v0.22.0 (2023-04-30)
 
 * Regenerated from discovery document revision 20230420

data/lib/google/apis/networksecurity_v1beta1/classes.rb

@@ -438,6 +438,135 @@ module Google
         end
       end
       
+      # Message describing Endpoint object
+      class FirewallEndpoint
+        include Google::Apis::Core::Hashable
+      
+        # Output only. List of networks that are associated with this endpoint in the
+        # local zone. This is a projection of the FirewallEndpointAssociations pointing
+        # at this endpoint. A network will only appear in this list after traffic
+        # routing is fully configured. Format: projects/`project`/global/networks/`name`.
+        # Corresponds to the JSON property `associatedNetworks`
+        # @return [Array<String>]
+        attr_accessor :associated_networks
+      
+        # Output only. Create time stamp
+        # Corresponds to the JSON property `createTime`
+        # @return [String]
+        attr_accessor :create_time
+      
+        # Labels as key value pairs
+        # Corresponds to the JSON property `labels`
+        # @return [Hash<String,String>]
+        attr_accessor :labels
+      
+        # Output only. name of resource
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+      
+        # Output only. Whether reconciling is in progress, recommended per https://
+        # google.aip.dev/128.
+        # Corresponds to the JSON property `reconciling`
+        # @return [Boolean]
+        attr_accessor :reconciling
+        alias_method :reconciling?, :reconciling
+      
+        # Output only. Current state of the endpoint.
+        # Corresponds to the JSON property `state`
+        # @return [String]
+        attr_accessor :state
+      
+        # Output only. Update time stamp
+        # Corresponds to the JSON property `updateTime`
+        # @return [String]
+        attr_accessor :update_time
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @associated_networks = args[:associated_networks] if args.key?(:associated_networks)
+          @create_time = args[:create_time] if args.key?(:create_time)
+          @labels = args[:labels] if args.key?(:labels)
+          @name = args[:name] if args.key?(:name)
+          @reconciling = args[:reconciling] if args.key?(:reconciling)
+          @state = args[:state] if args.key?(:state)
+          @update_time = args[:update_time] if args.key?(:update_time)
+        end
+      end
+      
+      # Message describing Association object
+      class FirewallEndpointAssociation
+        include Google::Apis::Core::Hashable
+      
+        # Output only. Create time stamp
+        # Corresponds to the JSON property `createTime`
+        # @return [String]
+        attr_accessor :create_time
+      
+        # Required. The URL of the FirewallEndpoint that is being associated.
+        # Corresponds to the JSON property `firewallEndpoint`
+        # @return [String]
+        attr_accessor :firewall_endpoint
+      
+        # Labels as key value pairs
+        # Corresponds to the JSON property `labels`
+        # @return [Hash<String,String>]
+        attr_accessor :labels
+      
+        # Output only. name of resource
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+      
+        # Required. The URL of the network that is being associated.
+        # Corresponds to the JSON property `network`
+        # @return [String]
+        attr_accessor :network
+      
+        # Output only. Whether reconciling is in progress, recommended per https://
+        # google.aip.dev/128.
+        # Corresponds to the JSON property `reconciling`
+        # @return [Boolean]
+        attr_accessor :reconciling
+        alias_method :reconciling?, :reconciling
+      
+        # Output only. Current state of the association.
+        # Corresponds to the JSON property `state`
+        # @return [String]
+        attr_accessor :state
+      
+        # Optional. The URL of the TlsInspectionPolicy that is being associated.
+        # Corresponds to the JSON property `tlsInspectionPolicy`
+        # @return [String]
+        attr_accessor :tls_inspection_policy
+      
+        # Output only. Update time stamp
+        # Corresponds to the JSON property `updateTime`
+        # @return [String]
+        attr_accessor :update_time
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @create_time = args[:create_time] if args.key?(:create_time)
+          @firewall_endpoint = args[:firewall_endpoint] if args.key?(:firewall_endpoint)
+          @labels = args[:labels] if args.key?(:labels)
+          @name = args[:name] if args.key?(:name)
+          @network = args[:network] if args.key?(:network)
+          @reconciling = args[:reconciling] if args.key?(:reconciling)
+          @state = args[:state] if args.key?(:state)
+          @tls_inspection_policy = args[:tls_inspection_policy] if args.key?(:tls_inspection_policy)
+          @update_time = args[:update_time] if args.key?(:update_time)
+        end
+      end
+      
       # The GatewaySecurityPolicy resource contains a collection of
       # GatewaySecurityPolicyRules and associated metadata.
       class GatewaySecurityPolicy
@@ -1115,6 +1244,68 @@ module Google
         end
       end
       
+      # Message for response to listing Associations
+      class ListFirewallEndpointAssociationsResponse
+        include Google::Apis::Core::Hashable
+      
+        # The list of Association
+        # Corresponds to the JSON property `firewallEndpointAssociations`
+        # @return [Array<Google::Apis::NetworksecurityV1beta1::FirewallEndpointAssociation>]
+        attr_accessor :firewall_endpoint_associations
+      
+        # A token identifying a page of results the server should return.
+        # Corresponds to the JSON property `nextPageToken`
+        # @return [String]
+        attr_accessor :next_page_token
+      
+        # Locations that could not be reached.
+        # Corresponds to the JSON property `unreachable`
+        # @return [Array<String>]
+        attr_accessor :unreachable
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @firewall_endpoint_associations = args[:firewall_endpoint_associations] if args.key?(:firewall_endpoint_associations)
+          @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
+          @unreachable = args[:unreachable] if args.key?(:unreachable)
+        end
+      end
+      
+      # Message for response to listing Endpoints
+      class ListFirewallEndpointsResponse
+        include Google::Apis::Core::Hashable
+      
+        # The list of Endpoint
+        # Corresponds to the JSON property `firewallEndpoints`
+        # @return [Array<Google::Apis::NetworksecurityV1beta1::FirewallEndpoint>]
+        attr_accessor :firewall_endpoints
+      
+        # A token identifying a page of results the server should return.
+        # Corresponds to the JSON property `nextPageToken`
+        # @return [String]
+        attr_accessor :next_page_token
+      
+        # Locations that could not be reached.
+        # Corresponds to the JSON property `unreachable`
+        # @return [Array<String>]
+        attr_accessor :unreachable
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @firewall_endpoints = args[:firewall_endpoints] if args.key?(:firewall_endpoints)
+          @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
+          @unreachable = args[:unreachable] if args.key?(:unreachable)
+        end
+      end
+      
       # Response returned by the ListGatewaySecurityPolicies method.
       class ListGatewaySecurityPoliciesResponse
         include Google::Apis::Core::Hashable
@@ -1231,6 +1422,60 @@ module Google
         end
       end
       
+      # Response returned by the ListSecurityProfileGroups method.
+      class ListSecurityProfileGroupsResponse
+        include Google::Apis::Core::Hashable
+      
+        # If there might be more results than those appearing in this response, then `
+        # next_page_token` is included. To get the next set of results, call this method
+        # again using the value of `next_page_token` as `page_token`.
+        # Corresponds to the JSON property `nextPageToken`
+        # @return [String]
+        attr_accessor :next_page_token
+      
+        # List of SecurityProfileGroups resources.
+        # Corresponds to the JSON property `securityProfileGroups`
+        # @return [Array<Google::Apis::NetworksecurityV1beta1::SecurityProfileGroup>]
+        attr_accessor :security_profile_groups
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
+          @security_profile_groups = args[:security_profile_groups] if args.key?(:security_profile_groups)
+        end
+      end
+      
+      # Response returned by the ListSecurityProfiles method.
+      class ListSecurityProfilesResponse
+        include Google::Apis::Core::Hashable
+      
+        # If there might be more results than those appearing in this response, then `
+        # next_page_token` is included. To get the next set of results, call this method
+        # again using the value of `next_page_token` as `page_token`.
+        # Corresponds to the JSON property `nextPageToken`
+        # @return [String]
+        attr_accessor :next_page_token
+      
+        # List of SecurityProfile resources.
+        # Corresponds to the JSON property `securityProfiles`
+        # @return [Array<Google::Apis::NetworksecurityV1beta1::SecurityProfile>]
+        attr_accessor :security_profiles
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
+          @security_profiles = args[:security_profiles] if args.key?(:security_profiles)
+        end
+      end
+      
       # Response returned by the ListServerTlsPolicies method.
       class ListServerTlsPoliciesResponse
         include Google::Apis::Core::Hashable
@@ -1597,6 +1842,134 @@ module Google
         end
       end
       
+      # SecurityProfile is a resource that defines the behavior for one of many
+      # ProfileTypes. Next ID: 9
+      class SecurityProfile
+        include Google::Apis::Core::Hashable
+      
+        # Output only. Resource creation timestamp.
+        # Corresponds to the JSON property `createTime`
+        # @return [String]
+        attr_accessor :create_time
+      
+        # Optional. An optional description of the profile. Max length 512 characters.
+        # Corresponds to the JSON property `description`
+        # @return [String]
+        attr_accessor :description
+      
+        # Output only. This checksum is computed by the server based on the value of
+        # other fields, and may be sent on update and delete requests to ensure the
+        # client has an up-to-date value before proceeding.
+        # Corresponds to the JSON property `etag`
+        # @return [String]
+        attr_accessor :etag
+      
+        # Optional. Labels as key value pairs.
+        # Corresponds to the JSON property `labels`
+        # @return [Hash<String,String>]
+        attr_accessor :labels
+      
+        # Immutable. Name of the SecurityProfile resource. It matches pattern `projects|
+        # organizations/*/locations/`location`/securityProfiles/`security_profile``.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+      
+        # ThreatPreventionProfile defines an action for specific threat signatures or
+        # severity levels.
+        # Corresponds to the JSON property `threatPreventionProfile`
+        # @return [Google::Apis::NetworksecurityV1beta1::ThreatPreventionProfile]
+        attr_accessor :threat_prevention_profile
+      
+        # Immutable. The single ProfileType that the SecurityProfile resource configures.
+        # Corresponds to the JSON property `type`
+        # @return [String]
+        attr_accessor :type
+      
+        # Output only. Last resource update timestamp.
+        # Corresponds to the JSON property `updateTime`
+        # @return [String]
+        attr_accessor :update_time
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @create_time = args[:create_time] if args.key?(:create_time)
+          @description = args[:description] if args.key?(:description)
+          @etag = args[:etag] if args.key?(:etag)
+          @labels = args[:labels] if args.key?(:labels)
+          @name = args[:name] if args.key?(:name)
+          @threat_prevention_profile = args[:threat_prevention_profile] if args.key?(:threat_prevention_profile)
+          @type = args[:type] if args.key?(:type)
+          @update_time = args[:update_time] if args.key?(:update_time)
+        end
+      end
+      
+      # SecurityProfileGroup is a resource that defines the behavior for various
+      # ProfileTypes. Next ID: 8
+      class SecurityProfileGroup
+        include Google::Apis::Core::Hashable
+      
+        # Output only. Resource creation timestamp.
+        # Corresponds to the JSON property `createTime`
+        # @return [String]
+        attr_accessor :create_time
+      
+        # Optional. An optional description of the profile group. Max length 2048
+        # characters.
+        # Corresponds to the JSON property `description`
+        # @return [String]
+        attr_accessor :description
+      
+        # Output only. This checksum is computed by the server based on the value of
+        # other fields, and may be sent on update and delete requests to ensure the
+        # client has an up-to-date value before proceeding.
+        # Corresponds to the JSON property `etag`
+        # @return [String]
+        attr_accessor :etag
+      
+        # Optional. Labels as key value pairs.
+        # Corresponds to the JSON property `labels`
+        # @return [Hash<String,String>]
+        attr_accessor :labels
+      
+        # Immutable. Name of the SecurityProfileGroup resource. It matches pattern `
+        # projects|organizations/*/locations/`location`/securityProfileGroups/`
+        # security_profile_group``.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+      
+        # Optional. Reference to a SecurityProfile with the threat prevention
+        # configuration for the SecurityProfileGroup.
+        # Corresponds to the JSON property `threatPreventionProfile`
+        # @return [String]
+        attr_accessor :threat_prevention_profile
+      
+        # Output only. Last resource update timestamp.
+        # Corresponds to the JSON property `updateTime`
+        # @return [String]
+        attr_accessor :update_time
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @create_time = args[:create_time] if args.key?(:create_time)
+          @description = args[:description] if args.key?(:description)
+          @etag = args[:etag] if args.key?(:etag)
+          @labels = args[:labels] if args.key?(:labels)
+          @name = args[:name] if args.key?(:name)
+          @threat_prevention_profile = args[:threat_prevention_profile] if args.key?(:threat_prevention_profile)
+          @update_time = args[:update_time] if args.key?(:update_time)
+        end
+      end
+      
       # ServerTlsPolicy is a resource that specifies how a server should authenticate
       # incoming requests. This resource itself does not affect configuration unless
       # it is attached to a target HTTPS proxy or endpoint config selector resource.
@@ -1676,6 +2049,31 @@ module Google
         end
       end
       
+      # Defines what action to take for a specific severity match.
+      class SeverityOverride
+        include Google::Apis::Core::Hashable
+      
+        # Required. Threat action override.
+        # Corresponds to the JSON property `action`
+        # @return [String]
+        attr_accessor :action
+      
+        # Required. Severity level to match.
+        # Corresponds to the JSON property `severity`
+        # @return [String]
+        attr_accessor :severity
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @action = args[:action] if args.key?(:action)
+          @severity = args[:severity] if args.key?(:severity)
+        end
+      end
+      
       # Specification of traffic source attributes.
       class Source
         include Google::Apis::Core::Hashable
@@ -1749,6 +2147,66 @@ module Google
         end
       end
       
+      # Defines what action to take for a specific threat_id match.
+      class ThreatOverride
+        include Google::Apis::Core::Hashable
+      
+        # Required. Threat action override. For some threat types, only a subset of
+        # actions applies.
+        # Corresponds to the JSON property `action`
+        # @return [String]
+        attr_accessor :action
+      
+        # Required. Vendor-specific ID of a threat to override.
+        # Corresponds to the JSON property `threatId`
+        # @return [String]
+        attr_accessor :threat_id
+      
+        # Output only. Type of the threat (read only).
+        # Corresponds to the JSON property `type`
+        # @return [String]
+        attr_accessor :type
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @action = args[:action] if args.key?(:action)
+          @threat_id = args[:threat_id] if args.key?(:threat_id)
+          @type = args[:type] if args.key?(:type)
+        end
+      end
+      
+      # ThreatPreventionProfile defines an action for specific threat signatures or
+      # severity levels.
+      class ThreatPreventionProfile
+        include Google::Apis::Core::Hashable
+      
+        # Optional. Configuration for overriding threats actions by severity match.
+        # Corresponds to the JSON property `severityOverrides`
+        # @return [Array<Google::Apis::NetworksecurityV1beta1::SeverityOverride>]
+        attr_accessor :severity_overrides
+      
+        # Optional. Configuration for overriding threats actions by threat_id match. If
+        # a threat is matched both by configuration provided in severity_overrides and
+        # threat_overrides, the threat_overrides action is applied.
+        # Corresponds to the JSON property `threatOverrides`
+        # @return [Array<Google::Apis::NetworksecurityV1beta1::ThreatOverride>]
+        attr_accessor :threat_overrides
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @severity_overrides = args[:severity_overrides] if args.key?(:severity_overrides)
+          @threat_overrides = args[:threat_overrides] if args.key?(:threat_overrides)
+        end
+      end
+      
       # The TlsInspectionPolicy resource contains references to CA pools in
       # Certificate Authority Service and associated metadata.
       class TlsInspectionPolicy
@@ -1766,11 +2224,44 @@ module Google
         # @return [String]
         attr_accessor :create_time
       
+        # Optional. List of custom TLS cipher suites selected. This field is valid only
+        # if the selected tls_feature_profile is CUSTOM. The compute.SslPoliciesService.
+        # ListAvailableFeatures method returns the set of features that can be specified
+        # in this list. Note that Secure Web Proxy does not yet honor this field.
+        # Corresponds to the JSON property `customTlsFeatures`
+        # @return [Array<String>]
+        attr_accessor :custom_tls_features
+      
         # Optional. Free-text description of the resource.
         # Corresponds to the JSON property `description`
         # @return [String]
         attr_accessor :description
       
+        # Optional. If FALSE (the default), use our default set of public CAs in
+        # addition to any CAs specified in trust_config. These public CAs are currently
+        # based on the Mozilla Root Program and are subject to change over time. If TRUE,
+        # do not accept our default set of public CAs. Only CAs specified in
+        # trust_config will be accepted. This defaults to FALSE (use public CAs in
+        # addition to trust_config) for backwards compatibility, but trusting public
+        # root CAs is *not recommended* unless the traffic in question is outbound to
+        # public web servers. When possible, prefer setting this to "false" and
+        # explicitly specifying trusted CAs and certificates in a TrustConfig. Note that
+        # Secure Web Proxy does not yet honor this field.
+        # Corresponds to the JSON property `excludePublicCaSet`
+        # @return [Boolean]
+        attr_accessor :exclude_public_ca_set
+        alias_method :exclude_public_ca_set?, :exclude_public_ca_set
+      
+        # Optional. Minimum TLS version that the firewall should use when negotiating
+        # connections with both clients and servers. If this is not set, then the
+        # default value is to allow the broadest set of clients and servers (TLS 1.0 or
+        # higher). Setting this to more restrictive values may improve security, but may
+        # also prevent the firewall from connecting to some clients or servers. Note
+        # that Secure Web Proxy does not yet honor this field.
+        # Corresponds to the JSON property `minTlsVersion`
+        # @return [String]
+        attr_accessor :min_tls_version
+      
         # Required. Name of the resource. Name is of the form projects/`project`/
         # locations/`location`/tlsInspectionPolicies/`tls_inspection_policy`
         # tls_inspection_policy should match the pattern:(^[a-z]([a-z0-9-]`0,61`[a-z0-9])
@@ -1779,6 +2270,25 @@ module Google
         # @return [String]
         attr_accessor :name
       
+        # Optional. The selected Profile. If this is not set, then the default value is
+        # to allow the broadest set of clients and servers ("PROFILE_COMPATIBLE").
+        # Setting this to more restrictive values may improve security, but may also
+        # prevent the TLS inspection proxy from connecting to some clients or servers.
+        # Note that Secure Web Proxy does not yet honor this field.
+        # Corresponds to the JSON property `tlsFeatureProfile`
+        # @return [String]
+        attr_accessor :tls_feature_profile
+      
+        # Optional. A TrustConfig resource used when making a connection to the TLS
+        # server. This is a relative resource path following the form "projects/`project`
+        # /locations/`location`/trustConfigs/`trust_config`". This is necessary to
+        # intercept TLS connections to servers with certificates signed by a private CA
+        # or self-signed certificates. Note that Secure Web Proxy does not yet honor
+        # this field.
+        # Corresponds to the JSON property `trustConfig`
+        # @return [String]
+        attr_accessor :trust_config
+      
         # Output only. The timestamp when the resource was updated.
         # Corresponds to the JSON property `updateTime`
         # @return [String]
@@ -1792,8 +2302,13 @@ module Google
         def update!(**args)
           @ca_pool = args[:ca_pool] if args.key?(:ca_pool)
           @create_time = args[:create_time] if args.key?(:create_time)
+          @custom_tls_features = args[:custom_tls_features] if args.key?(:custom_tls_features)
           @description = args[:description] if args.key?(:description)
+          @exclude_public_ca_set = args[:exclude_public_ca_set] if args.key?(:exclude_public_ca_set)
+          @min_tls_version = args[:min_tls_version] if args.key?(:min_tls_version)
           @name = args[:name] if args.key?(:name)
+          @tls_feature_profile = args[:tls_feature_profile] if args.key?(:tls_feature_profile)
+          @trust_config = args[:trust_config] if args.key?(:trust_config)
           @update_time = args[:update_time] if args.key?(:update_time)
         end
       end

data/lib/google/apis/networksecurity_v1beta1/gem_version.rb

@@ -16,13 +16,13 @@ module Google
   module Apis
     module NetworksecurityV1beta1
       # Version of the google-apis-networksecurity_v1beta1 gem
-      GEM_VERSION = "0.22.0"
+      GEM_VERSION = "0.24.0"
 
       # Version of the code generator used to generate this client
       GENERATOR_VERSION = "0.12.0"
 
       # Revision of the discovery document this client was generated from
-      REVISION = "20230420"
+      REVISION = "20230719"
     end
   end
 end