google-cloud-assured_workloads-v1 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.yardopts +12 -0
- data/AUTHENTICATION.md +169 -0
- data/LICENSE.md +201 -0
- data/README.md +139 -0
- data/lib/google/cloud/assured_workloads/v1/assured_workloads_service/client.rb +723 -0
- data/lib/google/cloud/assured_workloads/v1/assured_workloads_service/credentials.rb +51 -0
- data/lib/google/cloud/assured_workloads/v1/assured_workloads_service/operations.rb +664 -0
- data/lib/google/cloud/assured_workloads/v1/assured_workloads_service/paths.rb +69 -0
- data/lib/google/cloud/assured_workloads/v1/assured_workloads_service.rb +50 -0
- data/lib/google/cloud/assured_workloads/v1/version.rb +28 -0
- data/lib/google/cloud/assured_workloads/v1.rb +38 -0
- data/lib/google/cloud/assuredworkloads/v1/assuredworkloads_pb.rb +116 -0
- data/lib/google/cloud/assuredworkloads/v1/assuredworkloads_services_pb.rb +58 -0
- data/lib/google-cloud-assured_workloads-v1.rb +21 -0
- data/proto_docs/README.md +4 -0
- data/proto_docs/google/api/field_behavior.rb +71 -0
- data/proto_docs/google/api/resource.rb +283 -0
- data/proto_docs/google/cloud/assuredworkloads/v1/assuredworkloads.rb +316 -0
- data/proto_docs/google/longrunning/operations.rb +164 -0
- data/proto_docs/google/protobuf/any.rb +141 -0
- data/proto_docs/google/protobuf/duration.rb +98 -0
- data/proto_docs/google/protobuf/empty.rb +36 -0
- data/proto_docs/google/protobuf/field_mask.rb +229 -0
- data/proto_docs/google/protobuf/timestamp.rb +129 -0
- data/proto_docs/google/rpc/status.rb +46 -0
- metadata +217 -0
@@ -0,0 +1,283 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2021 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Api
|
22
|
+
# A simple descriptor of a resource type.
|
23
|
+
#
|
24
|
+
# ResourceDescriptor annotates a resource message (either by means of a
|
25
|
+
# protobuf annotation or use in the service config), and associates the
|
26
|
+
# resource's schema, the resource type, and the pattern of the resource name.
|
27
|
+
#
|
28
|
+
# Example:
|
29
|
+
#
|
30
|
+
# message Topic {
|
31
|
+
# // Indicates this message defines a resource schema.
|
32
|
+
# // Declares the resource type in the format of {service}/{kind}.
|
33
|
+
# // For Kubernetes resources, the format is {api group}/{kind}.
|
34
|
+
# option (google.api.resource) = {
|
35
|
+
# type: "pubsub.googleapis.com/Topic"
|
36
|
+
# name_descriptor: {
|
37
|
+
# pattern: "projects/{project}/topics/{topic}"
|
38
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Project"
|
39
|
+
# parent_name_extractor: "projects/{project}"
|
40
|
+
# }
|
41
|
+
# };
|
42
|
+
# }
|
43
|
+
#
|
44
|
+
# The ResourceDescriptor Yaml config will look like:
|
45
|
+
#
|
46
|
+
# resources:
|
47
|
+
# - type: "pubsub.googleapis.com/Topic"
|
48
|
+
# name_descriptor:
|
49
|
+
# - pattern: "projects/{project}/topics/{topic}"
|
50
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Project"
|
51
|
+
# parent_name_extractor: "projects/{project}"
|
52
|
+
#
|
53
|
+
# Sometimes, resources have multiple patterns, typically because they can
|
54
|
+
# live under multiple parents.
|
55
|
+
#
|
56
|
+
# Example:
|
57
|
+
#
|
58
|
+
# message LogEntry {
|
59
|
+
# option (google.api.resource) = {
|
60
|
+
# type: "logging.googleapis.com/LogEntry"
|
61
|
+
# name_descriptor: {
|
62
|
+
# pattern: "projects/{project}/logs/{log}"
|
63
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Project"
|
64
|
+
# parent_name_extractor: "projects/{project}"
|
65
|
+
# }
|
66
|
+
# name_descriptor: {
|
67
|
+
# pattern: "folders/{folder}/logs/{log}"
|
68
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Folder"
|
69
|
+
# parent_name_extractor: "folders/{folder}"
|
70
|
+
# }
|
71
|
+
# name_descriptor: {
|
72
|
+
# pattern: "organizations/{organization}/logs/{log}"
|
73
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Organization"
|
74
|
+
# parent_name_extractor: "organizations/{organization}"
|
75
|
+
# }
|
76
|
+
# name_descriptor: {
|
77
|
+
# pattern: "billingAccounts/{billing_account}/logs/{log}"
|
78
|
+
# parent_type: "billing.googleapis.com/BillingAccount"
|
79
|
+
# parent_name_extractor: "billingAccounts/{billing_account}"
|
80
|
+
# }
|
81
|
+
# };
|
82
|
+
# }
|
83
|
+
#
|
84
|
+
# The ResourceDescriptor Yaml config will look like:
|
85
|
+
#
|
86
|
+
# resources:
|
87
|
+
# - type: 'logging.googleapis.com/LogEntry'
|
88
|
+
# name_descriptor:
|
89
|
+
# - pattern: "projects/{project}/logs/{log}"
|
90
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Project"
|
91
|
+
# parent_name_extractor: "projects/{project}"
|
92
|
+
# - pattern: "folders/{folder}/logs/{log}"
|
93
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Folder"
|
94
|
+
# parent_name_extractor: "folders/{folder}"
|
95
|
+
# - pattern: "organizations/{organization}/logs/{log}"
|
96
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Organization"
|
97
|
+
# parent_name_extractor: "organizations/{organization}"
|
98
|
+
# - pattern: "billingAccounts/{billing_account}/logs/{log}"
|
99
|
+
# parent_type: "billing.googleapis.com/BillingAccount"
|
100
|
+
# parent_name_extractor: "billingAccounts/{billing_account}"
|
101
|
+
#
|
102
|
+
# For flexible resources, the resource name doesn't contain parent names, but
|
103
|
+
# the resource itself has parents for policy evaluation.
|
104
|
+
#
|
105
|
+
# Example:
|
106
|
+
#
|
107
|
+
# message Shelf {
|
108
|
+
# option (google.api.resource) = {
|
109
|
+
# type: "library.googleapis.com/Shelf"
|
110
|
+
# name_descriptor: {
|
111
|
+
# pattern: "shelves/{shelf}"
|
112
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Project"
|
113
|
+
# }
|
114
|
+
# name_descriptor: {
|
115
|
+
# pattern: "shelves/{shelf}"
|
116
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Folder"
|
117
|
+
# }
|
118
|
+
# };
|
119
|
+
# }
|
120
|
+
#
|
121
|
+
# The ResourceDescriptor Yaml config will look like:
|
122
|
+
#
|
123
|
+
# resources:
|
124
|
+
# - type: 'library.googleapis.com/Shelf'
|
125
|
+
# name_descriptor:
|
126
|
+
# - pattern: "shelves/{shelf}"
|
127
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Project"
|
128
|
+
# - pattern: "shelves/{shelf}"
|
129
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Folder"
|
130
|
+
# @!attribute [rw] type
|
131
|
+
# @return [::String]
|
132
|
+
# The resource type. It must be in the format of
|
133
|
+
# \\{service_name}/\\{resource_type_kind}. The `resource_type_kind` must be
|
134
|
+
# singular and must not include version numbers.
|
135
|
+
#
|
136
|
+
# Example: `storage.googleapis.com/Bucket`
|
137
|
+
#
|
138
|
+
# The value of the resource_type_kind must follow the regular expression
|
139
|
+
# /[A-Za-z][a-zA-Z0-9]+/. It should start with an upper case character and
|
140
|
+
# should use PascalCase (UpperCamelCase). The maximum number of
|
141
|
+
# characters allowed for the `resource_type_kind` is 100.
|
142
|
+
# @!attribute [rw] pattern
|
143
|
+
# @return [::Array<::String>]
|
144
|
+
# Optional. The relative resource name pattern associated with this resource
|
145
|
+
# type. The DNS prefix of the full resource name shouldn't be specified here.
|
146
|
+
#
|
147
|
+
# The path pattern must follow the syntax, which aligns with HTTP binding
|
148
|
+
# syntax:
|
149
|
+
#
|
150
|
+
# Template = Segment { "/" Segment } ;
|
151
|
+
# Segment = LITERAL | Variable ;
|
152
|
+
# Variable = "{" LITERAL "}" ;
|
153
|
+
#
|
154
|
+
# Examples:
|
155
|
+
#
|
156
|
+
# - "projects/\\{project}/topics/\\{topic}"
|
157
|
+
# - "projects/\\{project}/knowledgeBases/\\{knowledge_base}"
|
158
|
+
#
|
159
|
+
# The components in braces correspond to the IDs for each resource in the
|
160
|
+
# hierarchy. It is expected that, if multiple patterns are provided,
|
161
|
+
# the same component name (e.g. "project") refers to IDs of the same
|
162
|
+
# type of resource.
|
163
|
+
# @!attribute [rw] name_field
|
164
|
+
# @return [::String]
|
165
|
+
# Optional. The field on the resource that designates the resource name
|
166
|
+
# field. If omitted, this is assumed to be "name".
|
167
|
+
# @!attribute [rw] history
|
168
|
+
# @return [::Google::Api::ResourceDescriptor::History]
|
169
|
+
# Optional. The historical or future-looking state of the resource pattern.
|
170
|
+
#
|
171
|
+
# Example:
|
172
|
+
#
|
173
|
+
# // The InspectTemplate message originally only supported resource
|
174
|
+
# // names with organization, and project was added later.
|
175
|
+
# message InspectTemplate {
|
176
|
+
# option (google.api.resource) = {
|
177
|
+
# type: "dlp.googleapis.com/InspectTemplate"
|
178
|
+
# pattern:
|
179
|
+
# "organizations/{organization}/inspectTemplates/{inspect_template}"
|
180
|
+
# pattern: "projects/{project}/inspectTemplates/{inspect_template}"
|
181
|
+
# history: ORIGINALLY_SINGLE_PATTERN
|
182
|
+
# };
|
183
|
+
# }
|
184
|
+
# @!attribute [rw] plural
|
185
|
+
# @return [::String]
|
186
|
+
# The plural name used in the resource name and permission names, such as
|
187
|
+
# 'projects' for the resource name of 'projects/\\{project}' and the permission
|
188
|
+
# name of 'cloudresourcemanager.googleapis.com/projects.get'. It is the same
|
189
|
+
# concept of the `plural` field in k8s CRD spec
|
190
|
+
# https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/
|
191
|
+
#
|
192
|
+
# Note: The plural form is required even for singleton resources. See
|
193
|
+
# https://aip.dev/156
|
194
|
+
# @!attribute [rw] singular
|
195
|
+
# @return [::String]
|
196
|
+
# The same concept of the `singular` field in k8s CRD spec
|
197
|
+
# https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/
|
198
|
+
# Such as "project" for the `resourcemanager.googleapis.com/Project` type.
|
199
|
+
# @!attribute [rw] style
|
200
|
+
# @return [::Array<::Google::Api::ResourceDescriptor::Style>]
|
201
|
+
# Style flag(s) for this resource.
|
202
|
+
# These indicate that a resource is expected to conform to a given
|
203
|
+
# style. See the specific style flags for additional information.
|
204
|
+
class ResourceDescriptor
|
205
|
+
include ::Google::Protobuf::MessageExts
|
206
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
207
|
+
|
208
|
+
# A description of the historical or future-looking state of the
|
209
|
+
# resource pattern.
|
210
|
+
module History
|
211
|
+
# The "unset" value.
|
212
|
+
HISTORY_UNSPECIFIED = 0
|
213
|
+
|
214
|
+
# The resource originally had one pattern and launched as such, and
|
215
|
+
# additional patterns were added later.
|
216
|
+
ORIGINALLY_SINGLE_PATTERN = 1
|
217
|
+
|
218
|
+
# The resource has one pattern, but the API owner expects to add more
|
219
|
+
# later. (This is the inverse of ORIGINALLY_SINGLE_PATTERN, and prevents
|
220
|
+
# that from being necessary once there are multiple patterns.)
|
221
|
+
FUTURE_MULTI_PATTERN = 2
|
222
|
+
end
|
223
|
+
|
224
|
+
# A flag representing a specific style that a resource claims to conform to.
|
225
|
+
module Style
|
226
|
+
# The unspecified value. Do not use.
|
227
|
+
STYLE_UNSPECIFIED = 0
|
228
|
+
|
229
|
+
# This resource is intended to be "declarative-friendly".
|
230
|
+
#
|
231
|
+
# Declarative-friendly resources must be more strictly consistent, and
|
232
|
+
# setting this to true communicates to tools that this resource should
|
233
|
+
# adhere to declarative-friendly expectations.
|
234
|
+
#
|
235
|
+
# Note: This is used by the API linter (linter.aip.dev) to enable
|
236
|
+
# additional checks.
|
237
|
+
DECLARATIVE_FRIENDLY = 1
|
238
|
+
end
|
239
|
+
end
|
240
|
+
|
241
|
+
# Defines a proto annotation that describes a string field that refers to
|
242
|
+
# an API resource.
|
243
|
+
# @!attribute [rw] type
|
244
|
+
# @return [::String]
|
245
|
+
# The resource type that the annotated field references.
|
246
|
+
#
|
247
|
+
# Example:
|
248
|
+
#
|
249
|
+
# message Subscription {
|
250
|
+
# string topic = 2 [(google.api.resource_reference) = {
|
251
|
+
# type: "pubsub.googleapis.com/Topic"
|
252
|
+
# }];
|
253
|
+
# }
|
254
|
+
#
|
255
|
+
# Occasionally, a field may reference an arbitrary resource. In this case,
|
256
|
+
# APIs use the special value * in their resource reference.
|
257
|
+
#
|
258
|
+
# Example:
|
259
|
+
#
|
260
|
+
# message GetIamPolicyRequest {
|
261
|
+
# string resource = 2 [(google.api.resource_reference) = {
|
262
|
+
# type: "*"
|
263
|
+
# }];
|
264
|
+
# }
|
265
|
+
# @!attribute [rw] child_type
|
266
|
+
# @return [::String]
|
267
|
+
# The resource type of a child collection that the annotated field
|
268
|
+
# references. This is useful for annotating the `parent` field that
|
269
|
+
# doesn't have a fixed resource type.
|
270
|
+
#
|
271
|
+
# Example:
|
272
|
+
#
|
273
|
+
# message ListLogEntriesRequest {
|
274
|
+
# string parent = 1 [(google.api.resource_reference) = {
|
275
|
+
# child_type: "logging.googleapis.com/LogEntry"
|
276
|
+
# };
|
277
|
+
# }
|
278
|
+
class ResourceReference
|
279
|
+
include ::Google::Protobuf::MessageExts
|
280
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
281
|
+
end
|
282
|
+
end
|
283
|
+
end
|
@@ -0,0 +1,316 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2021 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module AssuredWorkloads
|
23
|
+
module V1
|
24
|
+
# Request for creating a workload.
|
25
|
+
# @!attribute [rw] parent
|
26
|
+
# @return [::String]
|
27
|
+
# Required. The resource name of the new Workload's parent.
|
28
|
+
# Must be of the form `organizations/{org_id}/locations/{location_id}`.
|
29
|
+
# @!attribute [rw] workload
|
30
|
+
# @return [::Google::Cloud::AssuredWorkloads::V1::Workload]
|
31
|
+
# Required. Assured Workload to create
|
32
|
+
# @!attribute [rw] external_id
|
33
|
+
# @return [::String]
|
34
|
+
# Optional. A identifier associated with the workload and underlying projects which
|
35
|
+
# allows for the break down of billing costs for a workload. The value
|
36
|
+
# provided for the identifier will add a label to the workload and contained
|
37
|
+
# projects with the identifier as the value.
|
38
|
+
class CreateWorkloadRequest
|
39
|
+
include ::Google::Protobuf::MessageExts
|
40
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
41
|
+
end
|
42
|
+
|
43
|
+
# Request for Updating a workload.
|
44
|
+
# @!attribute [rw] workload
|
45
|
+
# @return [::Google::Cloud::AssuredWorkloads::V1::Workload]
|
46
|
+
# Required. The workload to update.
|
47
|
+
# The workload’s `name` field is used to identify the workload to be updated.
|
48
|
+
# Format:
|
49
|
+
# organizations/\\{org_id}/locations/\\{location_id}/workloads/\\{workload_id}
|
50
|
+
# @!attribute [rw] update_mask
|
51
|
+
# @return [::Google::Protobuf::FieldMask]
|
52
|
+
# Required. The list of fields to be updated.
|
53
|
+
class UpdateWorkloadRequest
|
54
|
+
include ::Google::Protobuf::MessageExts
|
55
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
56
|
+
end
|
57
|
+
|
58
|
+
# Request for deleting a Workload.
|
59
|
+
# @!attribute [rw] name
|
60
|
+
# @return [::String]
|
61
|
+
# Required. The `name` field is used to identify the workload.
|
62
|
+
# Format:
|
63
|
+
# organizations/\\{org_id}/locations/\\{location_id}/workloads/\\{workload_id}
|
64
|
+
# @!attribute [rw] etag
|
65
|
+
# @return [::String]
|
66
|
+
# Optional. The etag of the workload.
|
67
|
+
# If this is provided, it must match the server's etag.
|
68
|
+
class DeleteWorkloadRequest
|
69
|
+
include ::Google::Protobuf::MessageExts
|
70
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
71
|
+
end
|
72
|
+
|
73
|
+
# Request for fetching a workload.
|
74
|
+
# @!attribute [rw] name
|
75
|
+
# @return [::String]
|
76
|
+
# Required. The resource name of the Workload to fetch. This is the workloads's
|
77
|
+
# relative path in the API, formatted as
|
78
|
+
# "organizations/\\{organization_id}/locations/\\{location_id}/workloads/\\{workload_id}".
|
79
|
+
# For example,
|
80
|
+
# "organizations/123/locations/us-east1/workloads/assured-workload-1".
|
81
|
+
class GetWorkloadRequest
|
82
|
+
include ::Google::Protobuf::MessageExts
|
83
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
84
|
+
end
|
85
|
+
|
86
|
+
# Request for fetching workloads in an organization.
|
87
|
+
# @!attribute [rw] parent
|
88
|
+
# @return [::String]
|
89
|
+
# Required. Parent Resource to list workloads from.
|
90
|
+
# Must be of the form `organizations/{org_id}/locations/{location}`.
|
91
|
+
# @!attribute [rw] page_size
|
92
|
+
# @return [::Integer]
|
93
|
+
# Page size.
|
94
|
+
# @!attribute [rw] page_token
|
95
|
+
# @return [::String]
|
96
|
+
# Page token returned from previous request. Page token contains context from
|
97
|
+
# previous request. Page token needs to be passed in the second and following
|
98
|
+
# requests.
|
99
|
+
# @!attribute [rw] filter
|
100
|
+
# @return [::String]
|
101
|
+
# A custom filter for filtering by properties of a workload. At this time,
|
102
|
+
# only filtering by labels is supported.
|
103
|
+
class ListWorkloadsRequest
|
104
|
+
include ::Google::Protobuf::MessageExts
|
105
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
106
|
+
end
|
107
|
+
|
108
|
+
# Response of ListWorkloads endpoint.
|
109
|
+
# @!attribute [rw] workloads
|
110
|
+
# @return [::Array<::Google::Cloud::AssuredWorkloads::V1::Workload>]
|
111
|
+
# List of Workloads under a given parent.
|
112
|
+
# @!attribute [rw] next_page_token
|
113
|
+
# @return [::String]
|
114
|
+
# The next page token. Return empty if reached the last page.
|
115
|
+
class ListWorkloadsResponse
|
116
|
+
include ::Google::Protobuf::MessageExts
|
117
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
118
|
+
end
|
119
|
+
|
120
|
+
# An Workload object for managing highly regulated workloads of cloud
|
121
|
+
# customers.
|
122
|
+
# @!attribute [rw] name
|
123
|
+
# @return [::String]
|
124
|
+
# Optional. The resource name of the workload.
|
125
|
+
# Format:
|
126
|
+
# organizations/\\{organization}/locations/\\{location}/workloads/\\{workload}
|
127
|
+
#
|
128
|
+
# Read-only.
|
129
|
+
# @!attribute [rw] display_name
|
130
|
+
# @return [::String]
|
131
|
+
# Required. The user-assigned display name of the Workload.
|
132
|
+
# When present it must be between 4 to 30 characters.
|
133
|
+
# Allowed characters are: lowercase and uppercase letters, numbers,
|
134
|
+
# hyphen, and spaces.
|
135
|
+
#
|
136
|
+
# Example: My Workload
|
137
|
+
# @!attribute [r] resources
|
138
|
+
# @return [::Array<::Google::Cloud::AssuredWorkloads::V1::Workload::ResourceInfo>]
|
139
|
+
# Output only. The resources associated with this workload.
|
140
|
+
# These resources will be created when creating the workload.
|
141
|
+
# If any of the projects already exist, the workload creation will fail.
|
142
|
+
# Always read only.
|
143
|
+
# @!attribute [rw] compliance_regime
|
144
|
+
# @return [::Google::Cloud::AssuredWorkloads::V1::Workload::ComplianceRegime]
|
145
|
+
# Required. Immutable. Compliance Regime associated with this workload.
|
146
|
+
# @!attribute [r] create_time
|
147
|
+
# @return [::Google::Protobuf::Timestamp]
|
148
|
+
# Output only. Immutable. The Workload creation timestamp.
|
149
|
+
# @!attribute [rw] billing_account
|
150
|
+
# @return [::String]
|
151
|
+
# Required. Input only. The billing account used for the resources which are
|
152
|
+
# direct children of workload. This billing account is initially associated
|
153
|
+
# with the resources created as part of Workload creation.
|
154
|
+
# After the initial creation of these resources, the customer can change
|
155
|
+
# the assigned billing account.
|
156
|
+
# The resource name has the form
|
157
|
+
# `billingAccounts/{billing_account_id}`. For example,
|
158
|
+
# `billingAccounts/012345-567890-ABCDEF`.
|
159
|
+
# @!attribute [rw] etag
|
160
|
+
# @return [::String]
|
161
|
+
# Optional. ETag of the workload, it is calculated on the basis
|
162
|
+
# of the Workload contents. It will be used in Update & Delete operations.
|
163
|
+
# @!attribute [rw] labels
|
164
|
+
# @return [::Google::Protobuf::Map{::String => ::String}]
|
165
|
+
# Optional. Labels applied to the workload.
|
166
|
+
# @!attribute [rw] provisioned_resources_parent
|
167
|
+
# @return [::String]
|
168
|
+
# Input only. The parent resource for the resources managed by this Assured Workload. May
|
169
|
+
# be either empty or a folder resource which is a child of the
|
170
|
+
# Workload parent. If not specified all resources are created under the
|
171
|
+
# parent organization.
|
172
|
+
# Format:
|
173
|
+
# folders/\\{folder_id}
|
174
|
+
# @!attribute [rw] kms_settings
|
175
|
+
# @return [::Google::Cloud::AssuredWorkloads::V1::Workload::KMSSettings]
|
176
|
+
# Input only. Settings used to create a CMEK crypto key. When set a project with a KMS
|
177
|
+
# CMEK key is provisioned. This field is mandatory for a subset of Compliance
|
178
|
+
# Regimes.
|
179
|
+
# @!attribute [rw] resource_settings
|
180
|
+
# @return [::Array<::Google::Cloud::AssuredWorkloads::V1::Workload::ResourceSettings>]
|
181
|
+
# Input only. Resource properties that are used to customize workload resources.
|
182
|
+
# These properties (such as custom project id) will be used to create
|
183
|
+
# workload resources if possible. This field is optional.
|
184
|
+
class Workload
|
185
|
+
include ::Google::Protobuf::MessageExts
|
186
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
187
|
+
|
188
|
+
# Represent the resources that are children of this Workload.
|
189
|
+
# @!attribute [rw] resource_id
|
190
|
+
# @return [::Integer]
|
191
|
+
# Resource identifier.
|
192
|
+
# For a project this represents project_number.
|
193
|
+
# @!attribute [rw] resource_type
|
194
|
+
# @return [::Google::Cloud::AssuredWorkloads::V1::Workload::ResourceInfo::ResourceType]
|
195
|
+
# Indicates the type of resource.
|
196
|
+
class ResourceInfo
|
197
|
+
include ::Google::Protobuf::MessageExts
|
198
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
199
|
+
|
200
|
+
# The type of resource.
|
201
|
+
module ResourceType
|
202
|
+
# Unknown resource type.
|
203
|
+
RESOURCE_TYPE_UNSPECIFIED = 0
|
204
|
+
|
205
|
+
# Consumer project.
|
206
|
+
CONSUMER_PROJECT = 1
|
207
|
+
|
208
|
+
# Consumer project containing encryption keys.
|
209
|
+
ENCRYPTION_KEYS_PROJECT = 2
|
210
|
+
|
211
|
+
# Keyring resource that hosts encryption keys.
|
212
|
+
KEYRING = 3
|
213
|
+
end
|
214
|
+
end
|
215
|
+
|
216
|
+
# Settings specific to the Key Management Service.
|
217
|
+
# @!attribute [rw] next_rotation_time
|
218
|
+
# @return [::Google::Protobuf::Timestamp]
|
219
|
+
# Required. Input only. Immutable. The time at which the Key Management Service will automatically create a
|
220
|
+
# new version of the crypto key and mark it as the primary.
|
221
|
+
# @!attribute [rw] rotation_period
|
222
|
+
# @return [::Google::Protobuf::Duration]
|
223
|
+
# Required. Input only. Immutable. [next_rotation_time] will be advanced by this period when the Key
|
224
|
+
# Management Service automatically rotates a key. Must be at least 24 hours
|
225
|
+
# and at most 876,000 hours.
|
226
|
+
class KMSSettings
|
227
|
+
include ::Google::Protobuf::MessageExts
|
228
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
229
|
+
end
|
230
|
+
|
231
|
+
# Represent the custom settings for the resources to be created.
|
232
|
+
# @!attribute [rw] resource_id
|
233
|
+
# @return [::String]
|
234
|
+
# Resource identifier.
|
235
|
+
# For a project this represents project_id. If the project is already
|
236
|
+
# taken, the workload creation will fail.
|
237
|
+
# @!attribute [rw] resource_type
|
238
|
+
# @return [::Google::Cloud::AssuredWorkloads::V1::Workload::ResourceInfo::ResourceType]
|
239
|
+
# Indicates the type of resource. This field should be specified to
|
240
|
+
# correspond the id to the right project type (CONSUMER_PROJECT or
|
241
|
+
# ENCRYPTION_KEYS_PROJECT)
|
242
|
+
# @!attribute [rw] display_name
|
243
|
+
# @return [::String]
|
244
|
+
# User-assigned resource display name.
|
245
|
+
# If not empty it will be used to create a resource with the specified
|
246
|
+
# name.
|
247
|
+
class ResourceSettings
|
248
|
+
include ::Google::Protobuf::MessageExts
|
249
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
250
|
+
end
|
251
|
+
|
252
|
+
# @!attribute [rw] key
|
253
|
+
# @return [::String]
|
254
|
+
# @!attribute [rw] value
|
255
|
+
# @return [::String]
|
256
|
+
class LabelsEntry
|
257
|
+
include ::Google::Protobuf::MessageExts
|
258
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
259
|
+
end
|
260
|
+
|
261
|
+
# Supported Compliance Regimes.
|
262
|
+
module ComplianceRegime
|
263
|
+
# Unknown compliance regime.
|
264
|
+
COMPLIANCE_REGIME_UNSPECIFIED = 0
|
265
|
+
|
266
|
+
# Information protection as per DoD IL4 requirements.
|
267
|
+
IL4 = 1
|
268
|
+
|
269
|
+
# Criminal Justice Information Services (CJIS) Security policies.
|
270
|
+
CJIS = 2
|
271
|
+
|
272
|
+
# FedRAMP High data protection controls
|
273
|
+
FEDRAMP_HIGH = 3
|
274
|
+
|
275
|
+
# FedRAMP Moderate data protection controls
|
276
|
+
FEDRAMP_MODERATE = 4
|
277
|
+
|
278
|
+
# Assured Workloads For US Regions data protection controls
|
279
|
+
US_REGIONAL_ACCESS = 5
|
280
|
+
|
281
|
+
# Health Insurance Portability and Accountability Act controls
|
282
|
+
HIPAA = 6
|
283
|
+
|
284
|
+
# Health Information Trust Alliance controls
|
285
|
+
HITRUST = 7
|
286
|
+
|
287
|
+
# Assured Workloads For EU Regions and Support controls
|
288
|
+
EU_REGIONS_AND_SUPPORT = 8
|
289
|
+
|
290
|
+
# Assured Workloads For Canada Regions and Support controls
|
291
|
+
CA_REGIONS_AND_SUPPORT = 9
|
292
|
+
end
|
293
|
+
end
|
294
|
+
|
295
|
+
# Operation metadata to give request details of CreateWorkload.
|
296
|
+
# @!attribute [rw] create_time
|
297
|
+
# @return [::Google::Protobuf::Timestamp]
|
298
|
+
# Optional. Time when the operation was created.
|
299
|
+
# @!attribute [rw] display_name
|
300
|
+
# @return [::String]
|
301
|
+
# Optional. The display name of the workload.
|
302
|
+
# @!attribute [rw] parent
|
303
|
+
# @return [::String]
|
304
|
+
# Optional. The parent of the workload.
|
305
|
+
# @!attribute [rw] compliance_regime
|
306
|
+
# @return [::Google::Cloud::AssuredWorkloads::V1::Workload::ComplianceRegime]
|
307
|
+
# Optional. Compliance controls that should be applied to the resources managed by
|
308
|
+
# the workload.
|
309
|
+
class CreateWorkloadOperationMetadata
|
310
|
+
include ::Google::Protobuf::MessageExts
|
311
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
312
|
+
end
|
313
|
+
end
|
314
|
+
end
|
315
|
+
end
|
316
|
+
end
|