google-cloud-compute-v1 3.0.0 → 3.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -3818,7 +3818,7 @@ module Google
|
|
|
3818
3818
|
# A list of locality load-balancing policies to be used in order of preference. When you use localityLbPolicies, you must set at least one value for either the localityLbPolicies[].policy or the localityLbPolicies[].customPolicy field. localityLbPolicies overrides any value set in the localityLbPolicy field. For an example of how to use this field, see Define a list of preferred policies. Caution: This field and its children are intended for use in a service mesh that includes gRPC clients only. Envoy proxies can't use backend services that have this configuration.
|
|
3819
3819
|
# @!attribute [rw] locality_lb_policy
|
|
3820
3820
|
# @return [::String]
|
|
3821
|
-
# The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see
|
|
3821
|
+
# The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see Maglev: A Fast and Reliable Software Network Load Balancer. - WEIGHTED_ROUND_ROBIN: Per-endpoint Weighted Round Robin Load Balancing using weights computed from Backend reported Custom Metrics. If set, the Backend Service responses are expected to contain non-standard HTTP response header field Endpoint-Load-Metrics. The reported metrics to use for computing the weights are specified via the customMetrics field. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, HTTP2 or H2C, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED, INTERNAL_MANAGED, or EXTERNAL_MANAGED. If sessionAffinity is not configured—that is, if session affinity remains at the default value of NONE—then the default value for localityLbPolicy is ROUND_ROBIN. If session affinity is set to a value other than NONE, then the default value for localityLbPolicy is MAGLEV. Only ROUND_ROBIN and RING_HASH are supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. localityLbPolicy cannot be specified with haPolicy.
|
|
3822
3822
|
# Check the LocalityLbPolicy enum for the list of possible values.
|
|
3823
3823
|
# @!attribute [rw] log_config
|
|
3824
3824
|
# @return [::Google::Cloud::Compute::V1::BackendServiceLogConfig]
|
|
@@ -3868,7 +3868,7 @@ module Google
|
|
|
3868
3868
|
# URLs of networkservices.ServiceBinding resources. Can only be set if load balancing scheme is INTERNAL_SELF_MANAGED. If set, lists of backends and health checks must be both empty.
|
|
3869
3869
|
# @!attribute [rw] service_lb_policy
|
|
3870
3870
|
# @return [::String]
|
|
3871
|
-
# URL to networkservices.ServiceLbPolicy resource. Can only be set if load balancing scheme is
|
|
3871
|
+
# URL to networkservices.ServiceLbPolicy resource. Can only be set if load balancing scheme is EXTERNAL_MANAGED, INTERNAL_MANAGED or INTERNAL_SELF_MANAGED and the scope is global.
|
|
3872
3872
|
# @!attribute [rw] session_affinity
|
|
3873
3873
|
# @return [::String]
|
|
3874
3874
|
# Type of session affinity to use. The default is NONE. Only NONE and HEADER_FIELD are supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. For more details, see: [Session Affinity](https://cloud.google.com/load-balancing/docs/backend-service#session_affinity). sessionAffinity cannot be specified with haPolicy.
|
|
@@ -3966,7 +3966,7 @@ module Google
|
|
|
3966
3966
|
INVALID_LOAD_BALANCING_SCHEME = 275_352_060
|
|
3967
3967
|
end
|
|
3968
3968
|
|
|
3969
|
-
# The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see
|
|
3969
|
+
# The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see Maglev: A Fast and Reliable Software Network Load Balancer. - WEIGHTED_ROUND_ROBIN: Per-endpoint Weighted Round Robin Load Balancing using weights computed from Backend reported Custom Metrics. If set, the Backend Service responses are expected to contain non-standard HTTP response header field Endpoint-Load-Metrics. The reported metrics to use for computing the weights are specified via the customMetrics field. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, HTTP2 or H2C, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED, INTERNAL_MANAGED, or EXTERNAL_MANAGED. If sessionAffinity is not configured—that is, if session affinity remains at the default value of NONE—then the default value for localityLbPolicy is ROUND_ROBIN. If session affinity is set to a value other than NONE, then the default value for localityLbPolicy is MAGLEV. Only ROUND_ROBIN and RING_HASH are supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. localityLbPolicy cannot be specified with haPolicy.
|
|
3970
3970
|
module LocalityLbPolicy
|
|
3971
3971
|
# A value indicating that the enum field is not set.
|
|
3972
3972
|
UNDEFINED_LOCALITY_LB_POLICY = 0
|
|
@@ -3976,7 +3976,7 @@ module Google
|
|
|
3976
3976
|
# An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
|
|
3977
3977
|
LEAST_REQUEST = 46_604_921
|
|
3978
3978
|
|
|
3979
|
-
# This algorithm implements consistent hashing to backends. Maglev can be used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see
|
|
3979
|
+
# This algorithm implements consistent hashing to backends. Maglev can be used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see Maglev: A Fast and Reliable Software Network Load Balancer.
|
|
3980
3980
|
MAGLEV = 119_180_266
|
|
3981
3981
|
|
|
3982
3982
|
# Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
|
|
@@ -3991,6 +3991,9 @@ module Google
|
|
|
3991
3991
|
# This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
|
|
3992
3992
|
ROUND_ROBIN = 153_895_801
|
|
3993
3993
|
|
|
3994
|
+
# Per-instance weighted Load Balancing via health check reported weights. In internal passthrough network load balancing, it is weighted rendezvous hashing. This option is only supported in internal passthrough network load balancing.
|
|
3995
|
+
WEIGHTED_GCP_RENDEZVOUS = 82_501_640
|
|
3996
|
+
|
|
3994
3997
|
# Per-instance weighted Load Balancing via health check reported weights. If set, the Backend Service must configure a non legacy HTTP-based Health Check, and health check replies are expected to contain non-standard HTTP response header field X-Load-Balancing-Endpoint-Weight to specify the per-instance weights. If set, Load Balancing is weighted based on the per-instance weights reported in the last processed health check replies, as long as every instance either reported a valid weight or had UNAVAILABLE_WEIGHT. Otherwise, Load Balancing remains equal-weight. This option is only supported in Network Load Balancing.
|
|
3995
3998
|
WEIGHTED_MAGLEV = 254_930_962
|
|
3996
3999
|
|
|
@@ -4437,7 +4440,7 @@ module Google
|
|
|
4437
4440
|
# An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
|
|
4438
4441
|
LEAST_REQUEST = 46_604_921
|
|
4439
4442
|
|
|
4440
|
-
# This algorithm implements consistent hashing to backends. Maglev can be used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see
|
|
4443
|
+
# This algorithm implements consistent hashing to backends. Maglev can be used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see Maglev: A Fast and Reliable Software Network Load Balancer.
|
|
4441
4444
|
MAGLEV = 119_180_266
|
|
4442
4445
|
|
|
4443
4446
|
# Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
|
|
@@ -4452,6 +4455,9 @@ module Google
|
|
|
4452
4455
|
# This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
|
|
4453
4456
|
ROUND_ROBIN = 153_895_801
|
|
4454
4457
|
|
|
4458
|
+
# Per-instance weighted Load Balancing via health check reported weights. In internal passthrough network load balancing, it is weighted rendezvous hashing. This option is only supported in internal passthrough network load balancing.
|
|
4459
|
+
WEIGHTED_GCP_RENDEZVOUS = 82_501_640
|
|
4460
|
+
|
|
4455
4461
|
# Per-instance weighted Load Balancing via health check reported weights. If set, the Backend Service must configure a non legacy HTTP-based Health Check, and health check replies are expected to contain non-standard HTTP response header field X-Load-Balancing-Endpoint-Weight to specify the per-instance weights. If set, Load Balancing is weighted based on the per-instance weights reported in the last processed health check replies, as long as every instance either reported a valid weight or had UNAVAILABLE_WEIGHT. Otherwise, Load Balancing remains equal-weight. This option is only supported in Network Load Balancing.
|
|
4456
4462
|
WEIGHTED_MAGLEV = 254_930_962
|
|
4457
4463
|
|
|
@@ -30643,6 +30649,9 @@ module Google
|
|
|
30643
30649
|
end
|
|
30644
30650
|
|
|
30645
30651
|
# Contains output only fields. Use this sub-message for actual values set on Instance attributes as compared to the value requested by the user (intent) in their instance CRUD calls.
|
|
30652
|
+
# @!attribute [rw] effective_instance_metadata
|
|
30653
|
+
# @return [::Google::Cloud::Compute::V1::ResourceStatusEffectiveInstanceMetadata]
|
|
30654
|
+
# [Output Only] Effective metadata is a field that consolidates project, zonal instance settings, and instance-level predefined metadata keys to provide the overridden value for those metadata keys at the instance level.
|
|
30646
30655
|
# @!attribute [rw] physical_host
|
|
30647
30656
|
# @return [::String]
|
|
30648
30657
|
# [Output Only] The precise location of your instance within the zone's data center, including the block, sub-block, and host. The field is formatted as follows: blockId/subBlockId/hostId.
|
|
@@ -30658,6 +30667,36 @@ module Google
|
|
|
30658
30667
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
30659
30668
|
end
|
|
30660
30669
|
|
|
30670
|
+
# Effective values of predefined metadata keys for an instance.
|
|
30671
|
+
# @!attribute [rw] block_project_ssh_keys_metadata_value
|
|
30672
|
+
# @return [::Boolean]
|
|
30673
|
+
# Effective block-project-ssh-keys value at Instance level.
|
|
30674
|
+
# @!attribute [rw] enable_guest_attributes_metadata_value
|
|
30675
|
+
# @return [::Boolean]
|
|
30676
|
+
# Effective enable-guest-attributes value at Instance level.
|
|
30677
|
+
# @!attribute [rw] enable_os_inventory_metadata_value
|
|
30678
|
+
# @return [::Boolean]
|
|
30679
|
+
# Effective enable-os-inventory value at Instance level.
|
|
30680
|
+
# @!attribute [rw] enable_osconfig_metadata_value
|
|
30681
|
+
# @return [::Boolean]
|
|
30682
|
+
# Effective enable-osconfig value at Instance level.
|
|
30683
|
+
# @!attribute [rw] enable_oslogin_metadata_value
|
|
30684
|
+
# @return [::Boolean]
|
|
30685
|
+
# Effective enable-oslogin value at Instance level.
|
|
30686
|
+
# @!attribute [rw] serial_port_enable_metadata_value
|
|
30687
|
+
# @return [::Boolean]
|
|
30688
|
+
# Effective serial-port-enable value at Instance level.
|
|
30689
|
+
# @!attribute [rw] serial_port_logging_enable_metadata_value
|
|
30690
|
+
# @return [::Boolean]
|
|
30691
|
+
# Effective serial-port-logging-enable value at Instance level.
|
|
30692
|
+
# @!attribute [rw] vm_dns_setting_metadata_value
|
|
30693
|
+
# @return [::String]
|
|
30694
|
+
# Effective VM DNS setting at Instance level.
|
|
30695
|
+
class ResourceStatusEffectiveInstanceMetadata
|
|
30696
|
+
include ::Google::Protobuf::MessageExts
|
|
30697
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
30698
|
+
end
|
|
30699
|
+
|
|
30661
30700
|
# Represents the physical host topology of the host on which the VM is running.
|
|
30662
30701
|
# @!attribute [rw] block
|
|
30663
30702
|
# @return [::String]
|
|
@@ -32379,7 +32418,7 @@ module Google
|
|
|
32379
32418
|
# [Output Only] Server-defined URL for the resource.
|
|
32380
32419
|
# @!attribute [rw] type
|
|
32381
32420
|
# @return [::String]
|
|
32382
|
-
# The type indicates the intended use of the security policy. - CLOUD_ARMOR: Cloud Armor backend security policies can be configured to filter incoming HTTP requests targeting backend services. They filter requests before they hit the origin servers. - CLOUD_ARMOR_EDGE: Cloud Armor edge security policies can be configured to filter incoming HTTP requests targeting backend services (including Cloud CDN-enabled) as well as backend buckets (Cloud Storage). They filter requests before the request is served from Google's cache. - CLOUD_ARMOR_INTERNAL_SERVICE: Cloud Armor internal service policies can be configured to filter HTTP requests targeting services managed by Traffic Director in a service mesh. They filter requests before the request is served from the application. - CLOUD_ARMOR_NETWORK: Cloud Armor network policies can be configured to filter packets targeting network load balancing resources such as backend services, target pools, target instances, and instances with external IPs. They filter requests before the request is served from the application. This field can be set only at resource creation time.
|
|
32421
|
+
# The type indicates the intended use of the security policy. - CLOUD_ARMOR: Cloud Armor backend security policies can be configured to filter incoming HTTP requests targeting backend services. They filter requests before they hit the origin servers. - CLOUD_ARMOR_EDGE: Cloud Armor edge security policies can be configured to filter incoming HTTP requests targeting backend services (including Cloud CDN-enabled) as well as backend buckets (Cloud Storage). They filter requests before the request is served from Google's cache. - CLOUD_ARMOR_INTERNAL_SERVICE (preview only): Cloud Armor internal service policies can be configured to filter HTTP requests targeting services managed by Traffic Director in a service mesh. They filter requests before the request is served from the application. - CLOUD_ARMOR_NETWORK: Cloud Armor network policies can be configured to filter packets targeting network load balancing resources such as backend services, target pools, target instances, and instances with external IPs. They filter requests before the request is served from the application. This field can be set only at resource creation time.
|
|
32383
32422
|
# Check the Type enum for the list of possible values.
|
|
32384
32423
|
# @!attribute [rw] user_defined_fields
|
|
32385
32424
|
# @return [::Array<::Google::Cloud::Compute::V1::SecurityPolicyUserDefinedField>]
|
|
@@ -32397,7 +32436,7 @@ module Google
|
|
|
32397
32436
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
32398
32437
|
end
|
|
32399
32438
|
|
|
32400
|
-
# The type indicates the intended use of the security policy. - CLOUD_ARMOR: Cloud Armor backend security policies can be configured to filter incoming HTTP requests targeting backend services. They filter requests before they hit the origin servers. - CLOUD_ARMOR_EDGE: Cloud Armor edge security policies can be configured to filter incoming HTTP requests targeting backend services (including Cloud CDN-enabled) as well as backend buckets (Cloud Storage). They filter requests before the request is served from Google's cache. - CLOUD_ARMOR_INTERNAL_SERVICE: Cloud Armor internal service policies can be configured to filter HTTP requests targeting services managed by Traffic Director in a service mesh. They filter requests before the request is served from the application. - CLOUD_ARMOR_NETWORK: Cloud Armor network policies can be configured to filter packets targeting network load balancing resources such as backend services, target pools, target instances, and instances with external IPs. They filter requests before the request is served from the application. This field can be set only at resource creation time.
|
|
32439
|
+
# The type indicates the intended use of the security policy. - CLOUD_ARMOR: Cloud Armor backend security policies can be configured to filter incoming HTTP requests targeting backend services. They filter requests before they hit the origin servers. - CLOUD_ARMOR_EDGE: Cloud Armor edge security policies can be configured to filter incoming HTTP requests targeting backend services (including Cloud CDN-enabled) as well as backend buckets (Cloud Storage). They filter requests before the request is served from Google's cache. - CLOUD_ARMOR_INTERNAL_SERVICE (preview only): Cloud Armor internal service policies can be configured to filter HTTP requests targeting services managed by Traffic Director in a service mesh. They filter requests before the request is served from the application. - CLOUD_ARMOR_NETWORK: Cloud Armor network policies can be configured to filter packets targeting network load balancing resources such as backend services, target pools, target instances, and instances with external IPs. They filter requests before the request is served from the application. This field can be set only at resource creation time.
|
|
32401
32440
|
module Type
|
|
32402
32441
|
# A value indicating that the enum field is not set.
|
|
32403
32442
|
UNDEFINED_TYPE = 0
|
|
@@ -32602,7 +32641,7 @@ module Google
|
|
|
32602
32641
|
# Represents a rule that describes one or more match conditions along with the action to be taken when traffic matches this condition (allow or deny).
|
|
32603
32642
|
# @!attribute [rw] action
|
|
32604
32643
|
# @return [::String]
|
|
32605
|
-
# The Action to perform when the rule is matched. The following are the valid actions: - allow: allow access to target. - deny(STATUS): deny access to target, returns the HTTP response code specified. Valid values for `STATUS` are 403, 404, and 502. - rate_based_ban: limit client traffic to the configured threshold and ban the client if the traffic exceeds the threshold. Configure parameters for this action in RateLimitOptions. Requires rate_limit_options to be set. - redirect: redirect to a different target. This can either be an internal reCAPTCHA redirect, or an external URL-based redirect via a 302 response. Parameters for this action can be configured via redirectOptions. This action is only supported in Global Security Policies of type CLOUD_ARMOR. - throttle: limit client traffic to the configured threshold. Configure parameters for this action in rateLimitOptions. Requires rate_limit_options to be set for this.
|
|
32644
|
+
# The Action to perform when the rule is matched. The following are the valid actions: - allow: allow access to target. - deny(STATUS): deny access to target, returns the HTTP response code specified. Valid values for `STATUS` are 403, 404, and 502. - rate_based_ban: limit client traffic to the configured threshold and ban the client if the traffic exceeds the threshold. Configure parameters for this action in RateLimitOptions. Requires rate_limit_options to be set. - redirect: redirect to a different target. This can either be an internal reCAPTCHA redirect, or an external URL-based redirect via a 302 response. Parameters for this action can be configured via redirectOptions. This action is only supported in Global Security Policies of type CLOUD_ARMOR. - throttle: limit client traffic to the configured threshold. Configure parameters for this action in rateLimitOptions. Requires rate_limit_options to be set for this. - fairshare (preview only): when traffic reaches the threshold limit, requests from the clients matching this rule begin to be rate-limited using the Fair Share algorithm. This action is only allowed in security policies of type `CLOUD_ARMOR_INTERNAL_SERVICE`.
|
|
32606
32645
|
# @!attribute [rw] description
|
|
32607
32646
|
# @return [::String]
|
|
32608
32647
|
# An optional description of this resource. Provide this property when you create the resource.
|
|
@@ -32629,7 +32668,7 @@ module Google
|
|
|
32629
32668
|
# An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
|
|
32630
32669
|
# @!attribute [rw] rate_limit_options
|
|
32631
32670
|
# @return [::Google::Cloud::Compute::V1::SecurityPolicyRuleRateLimitOptions]
|
|
32632
|
-
# Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions.
|
|
32671
|
+
# Must be specified if the action is "rate_based_ban" or "throttle" or "fairshare". Cannot be specified for any other actions.
|
|
32633
32672
|
# @!attribute [rw] redirect_options
|
|
32634
32673
|
# @return [::Google::Cloud::Compute::V1::SecurityPolicyRuleRedirectOptions]
|
|
32635
32674
|
# Parameters defining the redirect action. Cannot be specified for any other actions. This field is only supported in Global Security Policies of type CLOUD_ARMOR.
|
|
@@ -32828,7 +32867,7 @@ module Google
|
|
|
32828
32867
|
# Action to take for requests that are under the configured rate limit threshold. Valid option is "allow" only.
|
|
32829
32868
|
# @!attribute [rw] enforce_on_key
|
|
32830
32869
|
# @return [::String]
|
|
32831
|
-
# Determines the key to enforce the rate_limit_threshold on. Possible values are: - ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKey" is not configured. - IP: The source IP address of the request is the key. Each IP has this limit enforced separately. - HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. - XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. - HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. - HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. - SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. - REGION_CODE: The country/region from which the request originates. - TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. - USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. - TLS_JA4_FINGERPRINT: JA4 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL.
|
|
32870
|
+
# Determines the key to enforce the rate_limit_threshold on. Possible values are: - ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKey" is not configured. - IP: The source IP address of the request is the key. Each IP has this limit enforced separately. - HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. - XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. - HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. - HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. - SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. - REGION_CODE: The country/region from which the request originates. - TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. - USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. - TLS_JA4_FINGERPRINT: JA4 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. For "fairshare" action, this value is limited to ALL i.e. a single rate limit threshold is enforced for all the requests matching the rule.
|
|
32832
32871
|
# Check the EnforceOnKey enum for the list of possible values.
|
|
32833
32872
|
# @!attribute [rw] enforce_on_key_configs
|
|
32834
32873
|
# @return [::Array<::Google::Cloud::Compute::V1::SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig>]
|
|
@@ -32849,7 +32888,7 @@ module Google
|
|
|
32849
32888
|
include ::Google::Protobuf::MessageExts
|
|
32850
32889
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
32851
32890
|
|
|
32852
|
-
# Determines the key to enforce the rate_limit_threshold on. Possible values are: - ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKey" is not configured. - IP: The source IP address of the request is the key. Each IP has this limit enforced separately. - HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. - XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. - HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. - HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. - SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. - REGION_CODE: The country/region from which the request originates. - TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. - USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. - TLS_JA4_FINGERPRINT: JA4 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL.
|
|
32891
|
+
# Determines the key to enforce the rate_limit_threshold on. Possible values are: - ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKey" is not configured. - IP: The source IP address of the request is the key. Each IP has this limit enforced separately. - HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. - XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. - HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. - HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. - SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. - REGION_CODE: The country/region from which the request originates. - TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. - USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. - TLS_JA4_FINGERPRINT: JA4 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. For "fairshare" action, this value is limited to ALL i.e. a single rate limit threshold is enforced for all the requests matching the rule.
|
|
32853
32892
|
module EnforceOnKey
|
|
32854
32893
|
# A value indicating that the enum field is not set.
|
|
32855
32894
|
UNDEFINED_ENFORCE_ON_KEY = 0
|
|
@@ -37560,7 +37599,7 @@ module Google
|
|
|
37560
37599
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
37561
37600
|
end
|
|
37562
37601
|
|
|
37563
|
-
# Represents a Target HTTPS Proxy resource. Google Compute Engine has two Target HTTPS Proxy resources: * [Global](/compute/docs/reference/rest/v1/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/v1/regionTargetHttpsProxies) A target HTTPS proxy is a component of Google Cloud HTTPS load balancers. *
|
|
37602
|
+
# Represents a Target HTTPS Proxy resource. Google Compute Engine has two Target HTTPS Proxy resources: * [Global](/compute/docs/reference/rest/v1/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/v1/regionTargetHttpsProxies) A target HTTPS proxy is a component of Google Cloud HTTPS load balancers. * targetHttpsProxies are used by global external Application Load Balancers, classic Application Load Balancers, cross-region internal Application Load Balancers, and Traffic Director. * regionTargetHttpsProxies are used by regional internal Application Load Balancers and regional external Application Load Balancers. Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
|
|
37564
37603
|
# @!attribute [rw] authorization_policy
|
|
37565
37604
|
# @return [::String]
|
|
37566
37605
|
# Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy. Refer to the AuthorizationPolicy resource for additional details. authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. Note: This field currently has no impact.
|
|
@@ -39067,6 +39106,9 @@ module Google
|
|
|
39067
39106
|
# Maintenance due to NVLink failure.
|
|
39068
39107
|
FAILURE_NVLINK = 484_426_295
|
|
39069
39108
|
|
|
39109
|
+
# Maintenance due to redundant hardware fault.
|
|
39110
|
+
FAILURE_REDUNDANT_HARDWARE_FAULT = 31_000_530
|
|
39111
|
+
|
|
39070
39112
|
# Maintenance due to infrastructure relocation.
|
|
39071
39113
|
INFRASTRUCTURE_RELOCATION = 359_845_636
|
|
39072
39114
|
|