@databricks/sdk-networking 0.1.0-dev.2 → 0.1.0-dev.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/v1/client.d.ts +13 -13
- package/dist/v1/client.d.ts.map +1 -1
- package/dist/v1/client.js +13 -13
- package/dist/v1/client.js.map +1 -1
- package/dist/v1/index.d.ts +1 -1
- package/dist/v1/index.d.ts.map +1 -1
- package/dist/v1/index.js.map +1 -1
- package/dist/v1/model.d.ts +180 -143
- package/dist/v1/model.d.ts.map +1 -1
- package/dist/v1/model.js +229 -293
- package/dist/v1/model.js.map +1 -1
- package/dist/v1/utils.d.ts.map +1 -1
- package/dist/v1/utils.js +2 -1
- package/dist/v1/utils.js.map +1 -1
- package/package.json +6 -6
- package/src/v1/client.ts +0 -1704
- package/src/v1/index.ts +0 -155
- package/src/v1/model.ts +0 -4519
- package/src/v1/transport.ts +0 -73
- package/src/v1/utils.ts +0 -156
package/src/v1/model.ts
DELETED
|
@@ -1,4519 +0,0 @@
|
|
|
1
|
-
// Code generated from API definition by Databricks SDK Generator. DO NOT EDIT.
|
|
2
|
-
|
|
3
|
-
import {Temporal} from '@js-temporal/polyfill';
|
|
4
|
-
import {FieldMask} from '@databricks/sdk-core/wkt';
|
|
5
|
-
import type {FieldMaskSchema} from '@databricks/sdk-core/wkt';
|
|
6
|
-
import {z} from 'zod';
|
|
7
|
-
|
|
8
|
-
export enum CustomerFacingVpcEndpointUseCase {
|
|
9
|
-
WORKSPACE_ACCESS = 'WORKSPACE_ACCESS',
|
|
10
|
-
DATAPLANE_RELAY_ACCESS = 'DATAPLANE_RELAY_ACCESS',
|
|
11
|
-
/** General access, replaces WORKSPACE_ACCESS in customer-facing API. */
|
|
12
|
-
GENERAL_ACCESS = 'GENERAL_ACCESS',
|
|
13
|
-
}
|
|
14
|
-
|
|
15
|
-
/**
|
|
16
|
-
* The target resources that are supported by Network Connectivity Config.
|
|
17
|
-
* Note: some egress types can support general types that are not defined in EgressResourceType.
|
|
18
|
-
* E.g.: Azure private endpoint supports private link enabled Azure services.
|
|
19
|
-
*/
|
|
20
|
-
export enum EgressResourceType {
|
|
21
|
-
EGRESS_RESOURCE_TYPE_UNSPECIFIED = 'EGRESS_RESOURCE_TYPE_UNSPECIFIED',
|
|
22
|
-
AZURE_BLOB_STORAGE = 'AZURE_BLOB_STORAGE',
|
|
23
|
-
}
|
|
24
|
-
|
|
25
|
-
export enum EndpointState {
|
|
26
|
-
/** The endpoint is pending approval. */
|
|
27
|
-
PENDING = 'PENDING',
|
|
28
|
-
/** The endpoint has been approved and is ready for use. */
|
|
29
|
-
APPROVED = 'APPROVED',
|
|
30
|
-
/** The endpoint encountered some issues during setup. */
|
|
31
|
-
FAILED = 'FAILED',
|
|
32
|
-
/** The endpoint was once established but later disconnected. This endpoint doesn't provide connectivity. */
|
|
33
|
-
DISCONNECTED = 'DISCONNECTED',
|
|
34
|
-
}
|
|
35
|
-
|
|
36
|
-
/**
|
|
37
|
-
* Type of IP access list. Valid values are as follows and are case-sensitive:
|
|
38
|
-
*
|
|
39
|
-
* * `ALLOW`: An allow list. Include this IP or range.
|
|
40
|
-
* * `BLOCK`: A block list. Exclude this IP or range. IP addresses in the block list are excluded even if they are included in an allow list.
|
|
41
|
-
*/
|
|
42
|
-
export enum IpAccessListType {
|
|
43
|
-
ALLOW = 'ALLOW',
|
|
44
|
-
/** Blocks the associated CIDRs. */
|
|
45
|
-
BLOCK = 'BLOCK',
|
|
46
|
-
}
|
|
47
|
-
|
|
48
|
-
export enum PrivateAccessLevel {
|
|
49
|
-
/** Only specifically listed endpoints can access my workspace */
|
|
50
|
-
ENDPOINT = 'ENDPOINT',
|
|
51
|
-
/** Only endpoints in the same account can access my workspace */
|
|
52
|
-
ACCOUNT = 'ACCOUNT',
|
|
53
|
-
}
|
|
54
|
-
|
|
55
|
-
export enum VpcStatus {
|
|
56
|
-
VALID = 'VALID',
|
|
57
|
-
BROKEN = 'BROKEN',
|
|
58
|
-
UNATTACHED = 'UNATTACHED',
|
|
59
|
-
/** Some optional tests are failing for this Vpc, see NetworkWarning for more information */
|
|
60
|
-
WARNED = 'WARNED',
|
|
61
|
-
}
|
|
62
|
-
|
|
63
|
-
/**
|
|
64
|
-
* Type of IP access list. Valid values are as follows and are case-sensitive:
|
|
65
|
-
*
|
|
66
|
-
* * `ALLOW`: An allow list. Include this IP or range.
|
|
67
|
-
* * `BLOCK`: A block list. Exclude this IP or range. IP addresses in the block list are excluded even if they are included in an allow list.
|
|
68
|
-
*/
|
|
69
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested enum name.
|
|
70
|
-
export enum AccountIpAccessListType_IpAccessListType {
|
|
71
|
-
/** Allows the associated CIDRs. */
|
|
72
|
-
ALLOW = 'ALLOW',
|
|
73
|
-
/** Blocks the associated CIDRs. */
|
|
74
|
-
BLOCK = 'BLOCK',
|
|
75
|
-
}
|
|
76
|
-
|
|
77
|
-
/**
|
|
78
|
-
* Qualifies the breadth of API access permitted by an ingress network policy rule.
|
|
79
|
-
* API_SCOPE_QUALIFIER_READ narrows matching to read-only variants of the listed scopes;
|
|
80
|
-
* API_SCOPE_QUALIFIER_ALL matches any scope. When unset, scopes match exactly as listed.
|
|
81
|
-
*/
|
|
82
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested enum name.
|
|
83
|
-
export enum CustomerFacingIngressNetworkPolicy_ApiScopeQualifier {
|
|
84
|
-
/** Narrows matching to read-only variants of the listed scopes (e.g. GET/HEAD requests). */
|
|
85
|
-
API_SCOPE_QUALIFIER_READ = 'API_SCOPE_QUALIFIER_READ',
|
|
86
|
-
/** Matches any scope regardless of access level. */
|
|
87
|
-
API_SCOPE_QUALIFIER_ALL = 'API_SCOPE_QUALIFIER_ALL',
|
|
88
|
-
}
|
|
89
|
-
|
|
90
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested enum name.
|
|
91
|
-
export enum CustomerFacingIngressNetworkPolicy_Authentication_IdentityType {
|
|
92
|
-
IDENTITY_TYPE_UNSPECIFIED = 'IDENTITY_TYPE_UNSPECIFIED',
|
|
93
|
-
IDENTITY_TYPE_ALL_USERS = 'IDENTITY_TYPE_ALL_USERS',
|
|
94
|
-
IDENTITY_TYPE_ALL_SERVICE_PRINCIPALS = 'IDENTITY_TYPE_ALL_SERVICE_PRINCIPALS',
|
|
95
|
-
IDENTITY_TYPE_SELECTED_IDENTITIES = 'IDENTITY_TYPE_SELECTED_IDENTITIES',
|
|
96
|
-
}
|
|
97
|
-
|
|
98
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested enum name.
|
|
99
|
-
export enum CustomerFacingIngressNetworkPolicy_AuthenticationIdentity_PrincipalType {
|
|
100
|
-
PRINCIPAL_TYPE_UNSPECIFIED = 'PRINCIPAL_TYPE_UNSPECIFIED',
|
|
101
|
-
PRINCIPAL_TYPE_USER = 'PRINCIPAL_TYPE_USER',
|
|
102
|
-
PRINCIPAL_TYPE_SERVICE_PRINCIPAL = 'PRINCIPAL_TYPE_SERVICE_PRINCIPAL',
|
|
103
|
-
}
|
|
104
|
-
|
|
105
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested enum name.
|
|
106
|
-
export enum CustomerFacingIngressNetworkPolicy_CrossWorkspaceAccess_RestrictionMode {
|
|
107
|
-
FULL_ACCESS = 'FULL_ACCESS',
|
|
108
|
-
RESTRICTED_ACCESS = 'RESTRICTED_ACCESS',
|
|
109
|
-
}
|
|
110
|
-
|
|
111
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested enum name.
|
|
112
|
-
export enum CustomerFacingIngressNetworkPolicy_PrivateAccess_RestrictionMode {
|
|
113
|
-
ALLOW_ALL_REGISTERED_ENDPOINTS = 'ALLOW_ALL_REGISTERED_ENDPOINTS',
|
|
114
|
-
RESTRICTED_ACCESS = 'RESTRICTED_ACCESS',
|
|
115
|
-
}
|
|
116
|
-
|
|
117
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested enum name.
|
|
118
|
-
export enum CustomerFacingIngressNetworkPolicy_PublicAccess_RestrictionMode {
|
|
119
|
-
FULL_ACCESS = 'FULL_ACCESS',
|
|
120
|
-
RESTRICTED_ACCESS = 'RESTRICTED_ACCESS',
|
|
121
|
-
}
|
|
122
|
-
|
|
123
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested enum name.
|
|
124
|
-
export enum CustomerFacingNetworkConnectivityConfigAwsPrivateEndpointRule_PrivateLinkConnectionState {
|
|
125
|
-
PRIVATE_LINK_CONNECTION_STATE_UNSPECIFIED = 'PRIVATE_LINK_CONNECTION_STATE_UNSPECIFIED',
|
|
126
|
-
/** The endpoint has been approved and is ready to use in your serverless compute resources. */
|
|
127
|
-
ESTABLISHED = 'ESTABLISHED',
|
|
128
|
-
/** Connection was rejected by the private link resource owner. */
|
|
129
|
-
REJECTED = 'REJECTED',
|
|
130
|
-
/**
|
|
131
|
-
* Connection was removed by the private link resource owner, the private endpoint becomes informative and should
|
|
132
|
-
* be deleted for clean-up.
|
|
133
|
-
*/
|
|
134
|
-
DISCONNECTED = 'DISCONNECTED',
|
|
135
|
-
/** If the endpoint is created but not approved in 14 days, it is EXPIRED. */
|
|
136
|
-
EXPIRED = 'EXPIRED',
|
|
137
|
-
/** The endpoint has been created and pending approval. */
|
|
138
|
-
PENDING = 'PENDING',
|
|
139
|
-
/** The endpoint creation is in progress. */
|
|
140
|
-
CREATING = 'CREATING',
|
|
141
|
-
/** The endpoint creation failed. */
|
|
142
|
-
CREATE_FAILED = 'CREATE_FAILED',
|
|
143
|
-
}
|
|
144
|
-
|
|
145
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested enum name.
|
|
146
|
-
export enum CustomerFacingNetworkConnectivityConfigAzurePrivateEndpointRule_PrivateLinkConnectionState {
|
|
147
|
-
PRIVATE_LINK_CONNECTION_STATE_UNSPECIFIED = 'PRIVATE_LINK_CONNECTION_STATE_UNSPECIFIED',
|
|
148
|
-
/** The endpoint has been created and pending approval. */
|
|
149
|
-
INIT = 'INIT',
|
|
150
|
-
/** The endpoint has been approved and is ready to use in your serverless compute resources. */
|
|
151
|
-
ESTABLISHED = 'ESTABLISHED',
|
|
152
|
-
/** Connection was rejected by the private link resource owner. */
|
|
153
|
-
REJECTED = 'REJECTED',
|
|
154
|
-
/**
|
|
155
|
-
* Connection was removed by the private link resource owner, the private endpoint becomes informative and should
|
|
156
|
-
* be deleted for clean-up.
|
|
157
|
-
*/
|
|
158
|
-
DISCONNECTED = 'DISCONNECTED',
|
|
159
|
-
/** If the endpoint was created but not approved in 14 days, it will be EXPIRED. */
|
|
160
|
-
EXPIRED = 'EXPIRED',
|
|
161
|
-
/** The endpoint has been created and pending approval. */
|
|
162
|
-
PENDING = 'PENDING',
|
|
163
|
-
/** The endpoint creation is in progress. */
|
|
164
|
-
CREATING = 'CREATING',
|
|
165
|
-
/** The endpoint creation failed. */
|
|
166
|
-
CREATE_FAILED = 'CREATE_FAILED',
|
|
167
|
-
}
|
|
168
|
-
|
|
169
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested enum name.
|
|
170
|
-
export enum EgressNetworkPolicy_NetworkAccessPolicy_InternetDestination_InternetDestinationType {
|
|
171
|
-
INTERNET_DESTINATION_TYPE_UNSPECIFIED = 'INTERNET_DESTINATION_TYPE_UNSPECIFIED',
|
|
172
|
-
/** This is defined as `FQDN` in settings-policy/api/proto/messages.proto. Translation is done in accounts-lake-net-manager/src/util/NetworkPolicySettingUtil.scala. */
|
|
173
|
-
DNS_NAME = 'DNS_NAME',
|
|
174
|
-
}
|
|
175
|
-
|
|
176
|
-
/** The values should match the list of workloads used in networkconfig.proto */
|
|
177
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested enum name.
|
|
178
|
-
export enum EgressNetworkPolicy_NetworkAccessPolicy_PolicyEnforcement_DryRunModeProductFilter {
|
|
179
|
-
DRY_RUN_MODE_PRODUCT_FILTER_UNSPECIFIED = 'DRY_RUN_MODE_PRODUCT_FILTER_UNSPECIFIED',
|
|
180
|
-
/** SQL Warehouse product */
|
|
181
|
-
DBSQL = 'DBSQL',
|
|
182
|
-
/** Machine Learning serving product */
|
|
183
|
-
ML_SERVING = 'ML_SERVING',
|
|
184
|
-
}
|
|
185
|
-
|
|
186
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested enum name.
|
|
187
|
-
export enum EgressNetworkPolicy_NetworkAccessPolicy_PolicyEnforcement_EnforcementMode {
|
|
188
|
-
ENFORCEMENT_MODE_UNSPECIFIED = 'ENFORCEMENT_MODE_UNSPECIFIED',
|
|
189
|
-
/** Blocks traffic that violates network policy. This is the default mode. */
|
|
190
|
-
ENFORCED = 'ENFORCED',
|
|
191
|
-
/** Logs violations without blocking traffic. Useful for testing policies before enforcement. */
|
|
192
|
-
DRY_RUN = 'DRY_RUN',
|
|
193
|
-
}
|
|
194
|
-
|
|
195
|
-
/**
|
|
196
|
-
* At which level can <Databricks> and <Databricks> managed compute access Internet.
|
|
197
|
-
* FULL_ACCESS: <Databricks> can access Internet. No blocking rules will apply.
|
|
198
|
-
* RESTRICTED_ACCESS: <Databricks> can only access explicitly allowed internet and storage destinations,
|
|
199
|
-
* as well as UC connections and external locations.
|
|
200
|
-
*/
|
|
201
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested enum name.
|
|
202
|
-
export enum EgressNetworkPolicy_NetworkAccessPolicy_RestrictionMode {
|
|
203
|
-
RESTRICTION_MODE_UNSPECIFIED = 'RESTRICTION_MODE_UNSPECIFIED',
|
|
204
|
-
FULL_ACCESS = 'FULL_ACCESS',
|
|
205
|
-
RESTRICTED_ACCESS = 'RESTRICTED_ACCESS',
|
|
206
|
-
}
|
|
207
|
-
|
|
208
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested enum name.
|
|
209
|
-
export enum EgressNetworkPolicy_NetworkAccessPolicy_StorageDestination_StorageDestinationType {
|
|
210
|
-
STORAGE_DESTINATION_TYPE_UNSPECIFIED = 'STORAGE_DESTINATION_TYPE_UNSPECIFIED',
|
|
211
|
-
/**
|
|
212
|
-
* AWS_S3 can be used both for direct AWS S3 access and for cross-cloud access from Azure and GCP
|
|
213
|
-
* When used in an Azure/GCP context, this indicates cross-cloud access from Azure/GCP to the specified S3 bucket
|
|
214
|
-
*/
|
|
215
|
-
AWS_S3 = 'AWS_S3',
|
|
216
|
-
AZURE_STORAGE = 'AZURE_STORAGE',
|
|
217
|
-
GOOGLE_CLOUD_STORAGE = 'GOOGLE_CLOUD_STORAGE',
|
|
218
|
-
}
|
|
219
|
-
|
|
220
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested enum name.
|
|
221
|
-
export enum EndpointUseCase_EndpointUseCase {
|
|
222
|
-
/** service-direct frontend private link connectivity. */
|
|
223
|
-
SERVICE_DIRECT = 'SERVICE_DIRECT',
|
|
224
|
-
}
|
|
225
|
-
|
|
226
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested enum name.
|
|
227
|
-
export enum NccPrivateEndpointRule_PrivateLinkConnectionState {
|
|
228
|
-
PRIVATE_LINK_CONNECTION_STATE_UNSPECIFIED = 'PRIVATE_LINK_CONNECTION_STATE_UNSPECIFIED',
|
|
229
|
-
/** The endpoint has been approved and is ready to use in your serverless compute resources. */
|
|
230
|
-
ESTABLISHED = 'ESTABLISHED',
|
|
231
|
-
/** Connection was rejected by the private link resource owner. */
|
|
232
|
-
REJECTED = 'REJECTED',
|
|
233
|
-
/**
|
|
234
|
-
* Connection was removed by the private link resource owner, the private endpoint becomes informative and should
|
|
235
|
-
* be deleted for clean-up.
|
|
236
|
-
*/
|
|
237
|
-
DISCONNECTED = 'DISCONNECTED',
|
|
238
|
-
/** If the endpoint was created but not approved in 14 days, it will be EXPIRED. */
|
|
239
|
-
EXPIRED = 'EXPIRED',
|
|
240
|
-
/** The endpoint has been created and pending approval. */
|
|
241
|
-
PENDING = 'PENDING',
|
|
242
|
-
/** The endpoint creation is in progress. */
|
|
243
|
-
CREATING = 'CREATING',
|
|
244
|
-
/** The endpoint creation failed. */
|
|
245
|
-
CREATE_FAILED = 'CREATE_FAILED',
|
|
246
|
-
}
|
|
247
|
-
|
|
248
|
-
/** Definition of an IP Access list */
|
|
249
|
-
export interface AccountIpAccessList {
|
|
250
|
-
/** Universally unique identifier (UUID) of the IP access list. */
|
|
251
|
-
listId?: string | undefined;
|
|
252
|
-
/** Label for the IP access list. This **cannot** be empty. */
|
|
253
|
-
label?: string | undefined;
|
|
254
|
-
ipAddresses?: string[] | undefined;
|
|
255
|
-
/** Total number of IP or CIDR values. */
|
|
256
|
-
addressCount?: number | undefined;
|
|
257
|
-
listType?: AccountIpAccessListType_IpAccessListType | undefined;
|
|
258
|
-
/** Creation timestamp in milliseconds. */
|
|
259
|
-
createdAt?: bigint | undefined;
|
|
260
|
-
/** The ID of the user that created this list. */
|
|
261
|
-
createdBy?: bigint | undefined;
|
|
262
|
-
/** Update timestamp in milliseconds. */
|
|
263
|
-
updatedAt?: bigint | undefined;
|
|
264
|
-
/** The ID of the user that last updated this list. */
|
|
265
|
-
updatedBy?: bigint | undefined;
|
|
266
|
-
/** Specifies whether this IP access list is enabled. */
|
|
267
|
-
enabled?: boolean | undefined;
|
|
268
|
-
}
|
|
269
|
-
|
|
270
|
-
// eslint-disable-next-line @typescript-eslint/no-empty-object-type
|
|
271
|
-
export interface AccountIpAccessListType {}
|
|
272
|
-
|
|
273
|
-
export interface AccountNetworkPolicy {
|
|
274
|
-
/** The unique identifier for the network policy. */
|
|
275
|
-
networkPolicyId?: string | undefined;
|
|
276
|
-
/** The associated account ID for this Network Policy object. */
|
|
277
|
-
accountId?: string | undefined;
|
|
278
|
-
/** The network policies applying for egress traffic. */
|
|
279
|
-
egress?: EgressNetworkPolicy | undefined;
|
|
280
|
-
/** The network policies applying for ingress traffic. */
|
|
281
|
-
ingress?: CustomerFacingIngressNetworkPolicy | undefined;
|
|
282
|
-
/**
|
|
283
|
-
* The ingress policy for dry run mode. Dry run will always run even if the request
|
|
284
|
-
* is allowed by the ingress policy. When this field is set, the policy will be evaluated
|
|
285
|
-
* and emit logs only without blocking requests.
|
|
286
|
-
*/
|
|
287
|
-
ingressDryRun?: CustomerFacingIngressNetworkPolicy | undefined;
|
|
288
|
-
}
|
|
289
|
-
|
|
290
|
-
export interface AzurePrivateEndpointInfo {
|
|
291
|
-
/** The name of the Private Endpoint in the Azure subscription. */
|
|
292
|
-
privateEndpointName?: string | undefined;
|
|
293
|
-
/**
|
|
294
|
-
* The GUID of the Private Endpoint resource in the Azure subscription.
|
|
295
|
-
* This is assigned by Azure when the user sets up the Private Endpoint.
|
|
296
|
-
*/
|
|
297
|
-
privateEndpointResourceGuid?: string | undefined;
|
|
298
|
-
/** The full resource ID of the Private Endpoint. */
|
|
299
|
-
privateEndpointResourceId?: string | undefined;
|
|
300
|
-
/** The resource ID of the Databricks Private Link Service that this Private Endpoint connects to. */
|
|
301
|
-
privateLinkServiceId?: string | undefined;
|
|
302
|
-
}
|
|
303
|
-
|
|
304
|
-
/** Details required to configure a block list or allow list. */
|
|
305
|
-
export interface CreateAccountIpAccessListRequest {
|
|
306
|
-
accountId?: string | undefined;
|
|
307
|
-
label?: string | undefined;
|
|
308
|
-
listType?: AccountIpAccessListType_IpAccessListType | undefined;
|
|
309
|
-
ipAddresses?: string[] | undefined;
|
|
310
|
-
}
|
|
311
|
-
|
|
312
|
-
/** An IP access list was successfully created. */
|
|
313
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
314
|
-
export interface CreateAccountIpAccessListRequest_Response {
|
|
315
|
-
ipAccessList?: AccountIpAccessList | undefined;
|
|
316
|
-
}
|
|
317
|
-
|
|
318
|
-
export interface CreateEndpointRequest {
|
|
319
|
-
/**
|
|
320
|
-
* The parent resource name of the account under which the endpoint is created.
|
|
321
|
-
* Format: `accounts/{account_id}`.
|
|
322
|
-
*/
|
|
323
|
-
parent?: string | undefined;
|
|
324
|
-
endpoint?: Endpoint | undefined;
|
|
325
|
-
}
|
|
326
|
-
|
|
327
|
-
/** Details required to configure a block list or allow list. */
|
|
328
|
-
export interface CreateIpAccessList {
|
|
329
|
-
/** Label for the IP access list. This **cannot** be empty. */
|
|
330
|
-
label?: string | undefined;
|
|
331
|
-
listType?: IpAccessListType | undefined;
|
|
332
|
-
ipAddresses?: string[] | undefined;
|
|
333
|
-
}
|
|
334
|
-
|
|
335
|
-
/** An IP access list was successfully created. */
|
|
336
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
337
|
-
export interface CreateIpAccessList_Response {
|
|
338
|
-
ipAccessList?: IpAccessList | undefined;
|
|
339
|
-
}
|
|
340
|
-
|
|
341
|
-
/** Properties of the new private endpoint rule. */
|
|
342
|
-
export interface CreateNccPrivateEndpointRuleRequest {
|
|
343
|
-
/** Your Network Connectivity Configuration ID. */
|
|
344
|
-
networkConnectivityConfigId?: string | undefined;
|
|
345
|
-
/** Your <Databricks> account ID. You can find your account ID in your <Databricks> accounts console. */
|
|
346
|
-
accountId?: string | undefined;
|
|
347
|
-
privateEndpointRule?: CreatePrivateEndpointRule | undefined;
|
|
348
|
-
}
|
|
349
|
-
|
|
350
|
-
/** Properties of the new network connectivity configuration. */
|
|
351
|
-
export interface CreateNetworkConnectivityConfigRequest {
|
|
352
|
-
/** Your <Databricks> account ID. You can find your account ID in your <Databricks> accounts console. */
|
|
353
|
-
accountId?: string | undefined;
|
|
354
|
-
networkConnectivityConfig?:
|
|
355
|
-
| CreateNetworkConnectivityConfiguration
|
|
356
|
-
| undefined;
|
|
357
|
-
}
|
|
358
|
-
|
|
359
|
-
/** Properties of the new network connectivity configuration. */
|
|
360
|
-
export interface CreateNetworkConnectivityConfiguration {
|
|
361
|
-
/** <Databricks> network connectivity configuration ID. */
|
|
362
|
-
networkConnectivityConfigId?: string | undefined;
|
|
363
|
-
/** Your <Databricks> account ID. You can find your account ID in your <Databricks> accounts console. */
|
|
364
|
-
accountId?: string | undefined;
|
|
365
|
-
/**
|
|
366
|
-
* The name of the network connectivity configuration. The name can contain alphanumeric characters, hyphens,
|
|
367
|
-
* and underscores. The length must be between 3 and 30 characters. The name must match the regular
|
|
368
|
-
* expression ^[0-9a-zA-Z-_]{3,30}$
|
|
369
|
-
*/
|
|
370
|
-
name?: string | undefined;
|
|
371
|
-
/**
|
|
372
|
-
* The region for the network connectivity configuration.
|
|
373
|
-
* Only workspaces in the same region can be attached to the network connectivity configuration.
|
|
374
|
-
*/
|
|
375
|
-
region?: string | undefined;
|
|
376
|
-
/** The network connectivity rules that apply to network traffic from your serverless compute resources. */
|
|
377
|
-
egressConfig?:
|
|
378
|
-
| CustomerFacingNetworkConnectivityConfigEgressConfig
|
|
379
|
-
| undefined;
|
|
380
|
-
/** Time in epoch milliseconds when this object was updated. */
|
|
381
|
-
updatedTime?: bigint | undefined;
|
|
382
|
-
/** Time in epoch milliseconds when this object was created. */
|
|
383
|
-
creationTime?: bigint | undefined;
|
|
384
|
-
}
|
|
385
|
-
|
|
386
|
-
export interface CreateNetworkPolicyRequest {
|
|
387
|
-
/** Your <Databricks> account ID. You can find your account ID in your <Databricks> accounts console. */
|
|
388
|
-
accountId?: string | undefined;
|
|
389
|
-
/** Network policy configuration details. */
|
|
390
|
-
networkPolicy?: AccountNetworkPolicy | undefined;
|
|
391
|
-
}
|
|
392
|
-
|
|
393
|
-
export interface CreateNetworkRequest {
|
|
394
|
-
accountId?: string | undefined;
|
|
395
|
-
/** The human-readable name of the network configuration. */
|
|
396
|
-
networkName?: string | undefined;
|
|
397
|
-
/** The ID of the VPC associated with this network configuration. VPC IDs can be used in multiple networks. */
|
|
398
|
-
vpcId?: string | undefined;
|
|
399
|
-
/** IDs of at least two subnets associated with this network. Subnet IDs **cannot** be used in multiple network configurations. */
|
|
400
|
-
subnetIds?: string[] | undefined;
|
|
401
|
-
/** IDs of one to five security groups associated with this network. Security group IDs **cannot** be used in multiple network configurations. */
|
|
402
|
-
securityGroupIds?: string[] | undefined;
|
|
403
|
-
vpcEndpoints?: NetworkVpcEndpoints | undefined;
|
|
404
|
-
gcpNetworkInfo?: GcpNetworkInfo | undefined;
|
|
405
|
-
}
|
|
406
|
-
|
|
407
|
-
export interface CreatePrivateAccessSettingsRequest {
|
|
408
|
-
accountId?: string | undefined;
|
|
409
|
-
/** The human-readable name of the private access settings object. */
|
|
410
|
-
privateAccessSettingsName?: string | undefined;
|
|
411
|
-
/** The AWS region for workspaces attached to this private access settings object. */
|
|
412
|
-
region?: string | undefined;
|
|
413
|
-
/** Determines if the workspace can be accessed over public internet. For fully private workspaces, you can optionally specify false, but only if you implement both the front-end and the back-end PrivateLink connections. Otherwise, specify true, which means that public access is enabled. */
|
|
414
|
-
publicAccessEnabled?: boolean | undefined;
|
|
415
|
-
/**
|
|
416
|
-
* The private access level controls which VPC endpoints can connect to the UI or API of any workspace that attaches this private access settings object.
|
|
417
|
-
* `ACCOUNT` level access (the default) allows only VPC endpoints that are registered in your <Databricks> account connect to your workspace.
|
|
418
|
-
* `ENDPOINT` level access allows only specified VPC endpoints connect to your workspace. For details, see allowed_vpc_endpoint_ids.
|
|
419
|
-
*/
|
|
420
|
-
privateAccessLevel?: PrivateAccessLevel | undefined;
|
|
421
|
-
/**
|
|
422
|
-
* An array of Databricks VPC endpoint IDs. This is the <Databricks> ID returned when registering the VPC endpoint configuration in your <Databricks> account. This is not the ID of the VPC endpoint in AWS.
|
|
423
|
-
* Only used when private_access_level is set to ENDPOINT. This is an allow list of VPC endpoints registered in your <Databricks> account that can connect to your workspace over AWS PrivateLink.
|
|
424
|
-
* Note: If hybrid access to your workspace is enabled by setting public_access_enabled to true, this control only works for PrivateLink connections. To control how your workspace is accessed via public internet, see IP access lists.
|
|
425
|
-
*/
|
|
426
|
-
allowedVpcEndpointIds?: string[] | undefined;
|
|
427
|
-
}
|
|
428
|
-
|
|
429
|
-
/**
|
|
430
|
-
* Properties of the new private endpoint rule.
|
|
431
|
-
* Note that you must approve the endpoint in Azure portal after initialization.
|
|
432
|
-
*/
|
|
433
|
-
export interface CreatePrivateEndpointRule {
|
|
434
|
-
/** The ID of a private endpoint rule. */
|
|
435
|
-
ruleId?: string | undefined;
|
|
436
|
-
/** The ID of a network connectivity configuration, which is the parent resource of this private endpoint rule object. */
|
|
437
|
-
networkConnectivityConfigId?: string | undefined;
|
|
438
|
-
/**
|
|
439
|
-
* The current status of this private endpoint. The private endpoint rules are effective only if the connection state
|
|
440
|
-
* is ESTABLISHED. Remember that you must approve new endpoints on your resources in the Cloud console
|
|
441
|
-
* before they take effect.
|
|
442
|
-
* The possible values are:
|
|
443
|
-
* - PENDING: The endpoint has been created and pending approval.
|
|
444
|
-
* - ESTABLISHED: The endpoint has been approved and is ready to use in your serverless compute resources.
|
|
445
|
-
* - REJECTED: Connection was rejected by the private link resource owner.
|
|
446
|
-
* - DISCONNECTED: Connection was removed by the private link resource owner, the private endpoint becomes informative and should be deleted for clean-up.
|
|
447
|
-
* - EXPIRED: If the endpoint was created but not approved in 14 days, it will be EXPIRED.
|
|
448
|
-
* - CREATING: The endpoint creation is in progress. Once successfully created, the state will transition to PENDING.
|
|
449
|
-
* - CREATE_FAILED: The endpoint creation failed. You can check the error_message field for more details.
|
|
450
|
-
*/
|
|
451
|
-
connectionState?:
|
|
452
|
-
| NccPrivateEndpointRule_PrivateLinkConnectionState
|
|
453
|
-
| undefined;
|
|
454
|
-
/**
|
|
455
|
-
* Only used by private endpoints to customer-managed private endpoint services.
|
|
456
|
-
*
|
|
457
|
-
* Domain names of target private link service.
|
|
458
|
-
* When updating this field, the full list of target domain_names must be specified.
|
|
459
|
-
*/
|
|
460
|
-
domainNames?: string[] | undefined;
|
|
461
|
-
/** Time in epoch milliseconds when this object was created. */
|
|
462
|
-
creationTime?: bigint | undefined;
|
|
463
|
-
/** Time in epoch milliseconds when this object was updated. */
|
|
464
|
-
updatedTime?: bigint | undefined;
|
|
465
|
-
/** Whether this private endpoint is deactivated. */
|
|
466
|
-
deactivated?: boolean | undefined;
|
|
467
|
-
/** Time in epoch milliseconds when this object was deactivated. */
|
|
468
|
-
deactivatedAt?: bigint | undefined;
|
|
469
|
-
errorMessage?: string | undefined;
|
|
470
|
-
/** The Azure resource ID of the target resource. */
|
|
471
|
-
resourceId?: string | undefined;
|
|
472
|
-
/**
|
|
473
|
-
* Not used by customer-managed private endpoint services.
|
|
474
|
-
*
|
|
475
|
-
* The sub-resource type (group ID) of the target resource.
|
|
476
|
-
* Note that to connect to workspace root storage (root DBFS), you need two endpoints, one for blob and one for dfs.
|
|
477
|
-
*/
|
|
478
|
-
groupId?: string | undefined;
|
|
479
|
-
/** The name of the Azure private endpoint resource. */
|
|
480
|
-
endpointName?: string | undefined;
|
|
481
|
-
/** <Databricks> account ID. You can find your account ID from the Accounts Console. */
|
|
482
|
-
accountId?: string | undefined;
|
|
483
|
-
/** The full target AWS endpoint service name that connects to the destination resources of the private endpoint. */
|
|
484
|
-
endpointService?: string | undefined;
|
|
485
|
-
/**
|
|
486
|
-
* Only used by private endpoints towards AWS S3 service.
|
|
487
|
-
*
|
|
488
|
-
* The globally unique S3 bucket names that will be accessed via the VPC endpoint.
|
|
489
|
-
* The bucket names must be in the same region as the NCC/endpoint service.
|
|
490
|
-
* When updating this field, we perform full update on this field. Please ensure a full list of desired
|
|
491
|
-
* resource_names is provided.
|
|
492
|
-
*/
|
|
493
|
-
resourceNames?: string[] | undefined;
|
|
494
|
-
/** The AWS VPC endpoint ID. You can use this ID to identify the VPC endpoint created by <Databricks>. */
|
|
495
|
-
vpcEndpointId?: string | undefined;
|
|
496
|
-
/**
|
|
497
|
-
* Update this field to activate/deactivate this private endpoint to allow egress access from
|
|
498
|
-
* serverless compute resources. Only honored for first-party services on each cloud (e.g. AWS S3).
|
|
499
|
-
*/
|
|
500
|
-
enabled?: boolean | undefined;
|
|
501
|
-
endpoint?: {$case: 'gcpEndpoint'; gcpEndpoint: GcpEndpoint} | undefined;
|
|
502
|
-
}
|
|
503
|
-
|
|
504
|
-
export interface CreateVpcEndpointRequest {
|
|
505
|
-
accountId?: string | undefined;
|
|
506
|
-
/** The human-readable name of the storage configuration. */
|
|
507
|
-
vpcEndpointName?: string | undefined;
|
|
508
|
-
/** The region in which this VPC endpoint object exists. */
|
|
509
|
-
region?: string | undefined;
|
|
510
|
-
/** The ID of the VPC endpoint object in AWS. */
|
|
511
|
-
awsVpcEndpointId?: string | undefined;
|
|
512
|
-
vpcEndpointInfo?:
|
|
513
|
-
| {
|
|
514
|
-
$case: 'gcpVpcEndpointInfo';
|
|
515
|
-
/** The cloud info of this vpc endpoint. */
|
|
516
|
-
gcpVpcEndpointInfo: CustomerFacingGcpVpcEndpointInfo;
|
|
517
|
-
}
|
|
518
|
-
| undefined;
|
|
519
|
-
}
|
|
520
|
-
|
|
521
|
-
export interface CustomerFacingGcpVpcEndpointInfo {
|
|
522
|
-
pscConnectionId?: string | undefined;
|
|
523
|
-
projectId?: string | undefined;
|
|
524
|
-
pscEndpointName?: string | undefined;
|
|
525
|
-
endpointRegion?: string | undefined;
|
|
526
|
-
serviceAttachmentId?: string | undefined;
|
|
527
|
-
}
|
|
528
|
-
|
|
529
|
-
/**
|
|
530
|
-
* This proto is under development.
|
|
531
|
-
* The network policies applying for ingress traffic.
|
|
532
|
-
* Any changes here should also be synced to estore/namespaces/lakehousenetworkmanager/latest.proto.
|
|
533
|
-
*/
|
|
534
|
-
export interface CustomerFacingIngressNetworkPolicy {
|
|
535
|
-
/**
|
|
536
|
-
* The network policy restrictions for public access to the workspace.
|
|
537
|
-
* Configures how public internet traffic is allowed or denied access.
|
|
538
|
-
*/
|
|
539
|
-
publicAccess?: CustomerFacingIngressNetworkPolicy_PublicAccess | undefined;
|
|
540
|
-
/**
|
|
541
|
-
* The network policy restrictions for private access to the workspace.
|
|
542
|
-
* Configures how registered private endpoints are allowed or denied access.
|
|
543
|
-
*/
|
|
544
|
-
privateAccess?: CustomerFacingIngressNetworkPolicy_PrivateAccess | undefined;
|
|
545
|
-
crossWorkspaceAccess?:
|
|
546
|
-
| CustomerFacingIngressNetworkPolicy_CrossWorkspaceAccess
|
|
547
|
-
| undefined;
|
|
548
|
-
}
|
|
549
|
-
|
|
550
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
551
|
-
export interface CustomerFacingIngressNetworkPolicy_AccountApiDestination {
|
|
552
|
-
scopes?: string[] | undefined;
|
|
553
|
-
/** Qualifies the breadth of API access for the listed scopes. See ApiScopeQualifier. */
|
|
554
|
-
scopeQualifier?:
|
|
555
|
-
| CustomerFacingIngressNetworkPolicy_ApiScopeQualifier
|
|
556
|
-
| undefined;
|
|
557
|
-
}
|
|
558
|
-
|
|
559
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
560
|
-
export interface CustomerFacingIngressNetworkPolicy_AccountDatabricksOneDestination {
|
|
561
|
-
/** Must be set to true. */
|
|
562
|
-
allDestinations?: boolean | undefined;
|
|
563
|
-
}
|
|
564
|
-
|
|
565
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
566
|
-
export interface CustomerFacingIngressNetworkPolicy_AccountUiDestination {
|
|
567
|
-
/** Must be set to true. */
|
|
568
|
-
allDestinations?: boolean | undefined;
|
|
569
|
-
}
|
|
570
|
-
|
|
571
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
572
|
-
export interface CustomerFacingIngressNetworkPolicy_AppsRuntimeDestination {
|
|
573
|
-
/** Must be set to true. */
|
|
574
|
-
allDestinations?: boolean | undefined;
|
|
575
|
-
}
|
|
576
|
-
|
|
577
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
578
|
-
export interface CustomerFacingIngressNetworkPolicy_Authentication {
|
|
579
|
-
identityType?:
|
|
580
|
-
| CustomerFacingIngressNetworkPolicy_Authentication_IdentityType
|
|
581
|
-
| undefined;
|
|
582
|
-
/** Valid only when IdentityType is IDENTITY_TYPE_SELECTED_IDENTITIES. */
|
|
583
|
-
identities?:
|
|
584
|
-
| CustomerFacingIngressNetworkPolicy_AuthenticationIdentity[]
|
|
585
|
-
| undefined;
|
|
586
|
-
}
|
|
587
|
-
|
|
588
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
589
|
-
export interface CustomerFacingIngressNetworkPolicy_AuthenticationIdentity {
|
|
590
|
-
principalType?:
|
|
591
|
-
| CustomerFacingIngressNetworkPolicy_AuthenticationIdentity_PrincipalType
|
|
592
|
-
| undefined;
|
|
593
|
-
principalId?: bigint | undefined;
|
|
594
|
-
}
|
|
595
|
-
|
|
596
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
597
|
-
export interface CustomerFacingIngressNetworkPolicy_CrossWorkspaceAccess {
|
|
598
|
-
restrictionMode?:
|
|
599
|
-
| CustomerFacingIngressNetworkPolicy_CrossWorkspaceAccess_RestrictionMode
|
|
600
|
-
| undefined;
|
|
601
|
-
denyRules?:
|
|
602
|
-
| CustomerFacingIngressNetworkPolicy_CrossWorkspaceIngressRule[]
|
|
603
|
-
| undefined;
|
|
604
|
-
allowRules?:
|
|
605
|
-
| CustomerFacingIngressNetworkPolicy_CrossWorkspaceIngressRule[]
|
|
606
|
-
| undefined;
|
|
607
|
-
}
|
|
608
|
-
|
|
609
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
610
|
-
export interface CustomerFacingIngressNetworkPolicy_CrossWorkspaceIngressRule {
|
|
611
|
-
origin?:
|
|
612
|
-
| CustomerFacingIngressNetworkPolicy_CrossWorkspaceRequestOrigin
|
|
613
|
-
| undefined;
|
|
614
|
-
destination?:
|
|
615
|
-
| CustomerFacingIngressNetworkPolicy_RequestDestination
|
|
616
|
-
| undefined;
|
|
617
|
-
authentication?:
|
|
618
|
-
| CustomerFacingIngressNetworkPolicy_Authentication
|
|
619
|
-
| undefined;
|
|
620
|
-
/** The label for this ingress rule. */
|
|
621
|
-
label?: string | undefined;
|
|
622
|
-
}
|
|
623
|
-
|
|
624
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
625
|
-
export interface CustomerFacingIngressNetworkPolicy_CrossWorkspaceRequestOrigin {
|
|
626
|
-
source?:
|
|
627
|
-
| {
|
|
628
|
-
$case: 'allSourceWorkspaces';
|
|
629
|
-
/** Matches all source workspaces. */
|
|
630
|
-
allSourceWorkspaces: boolean;
|
|
631
|
-
}
|
|
632
|
-
| {
|
|
633
|
-
$case: 'selectedWorkspaces';
|
|
634
|
-
/** Specific source workspace IDs to match. */
|
|
635
|
-
selectedWorkspaces: CustomerFacingIngressNetworkPolicy_WorkspaceIdList;
|
|
636
|
-
}
|
|
637
|
-
| undefined;
|
|
638
|
-
}
|
|
639
|
-
|
|
640
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
641
|
-
export interface CustomerFacingIngressNetworkPolicy_Endpoints {
|
|
642
|
-
endpointIds?: string[] | undefined;
|
|
643
|
-
}
|
|
644
|
-
|
|
645
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
646
|
-
export interface CustomerFacingIngressNetworkPolicy_IpRanges {
|
|
647
|
-
/** We only support IPv4 and IPv4 CIDR notation for now. */
|
|
648
|
-
ipRanges?: string[] | undefined;
|
|
649
|
-
}
|
|
650
|
-
|
|
651
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
652
|
-
export interface CustomerFacingIngressNetworkPolicy_LakebaseRuntimeDestination {
|
|
653
|
-
/** Must be set to true. */
|
|
654
|
-
allDestinations?: boolean | undefined;
|
|
655
|
-
}
|
|
656
|
-
|
|
657
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
658
|
-
export interface CustomerFacingIngressNetworkPolicy_PrivateAccess {
|
|
659
|
-
restrictionMode?:
|
|
660
|
-
| CustomerFacingIngressNetworkPolicy_PrivateAccess_RestrictionMode
|
|
661
|
-
| undefined;
|
|
662
|
-
denyRules?:
|
|
663
|
-
| CustomerFacingIngressNetworkPolicy_PrivateIngressRule[]
|
|
664
|
-
| undefined;
|
|
665
|
-
allowRules?:
|
|
666
|
-
| CustomerFacingIngressNetworkPolicy_PrivateIngressRule[]
|
|
667
|
-
| undefined;
|
|
668
|
-
}
|
|
669
|
-
|
|
670
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
671
|
-
export interface CustomerFacingIngressNetworkPolicy_PrivateIngressRule {
|
|
672
|
-
origin?: CustomerFacingIngressNetworkPolicy_PrivateRequestOrigin | undefined;
|
|
673
|
-
destination?:
|
|
674
|
-
| CustomerFacingIngressNetworkPolicy_RequestDestination
|
|
675
|
-
| undefined;
|
|
676
|
-
authentication?:
|
|
677
|
-
| CustomerFacingIngressNetworkPolicy_Authentication
|
|
678
|
-
| undefined;
|
|
679
|
-
/** The label for this ingress rule. */
|
|
680
|
-
label?: string | undefined;
|
|
681
|
-
}
|
|
682
|
-
|
|
683
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
684
|
-
export interface CustomerFacingIngressNetworkPolicy_PrivateRequestOrigin {
|
|
685
|
-
source?:
|
|
686
|
-
| {
|
|
687
|
-
$case: 'endpoints';
|
|
688
|
-
endpoints: CustomerFacingIngressNetworkPolicy_Endpoints;
|
|
689
|
-
}
|
|
690
|
-
| {$case: 'allRegisteredEndpoints'; allRegisteredEndpoints: boolean}
|
|
691
|
-
| {$case: 'azureWorkspacePrivateLink'; azureWorkspacePrivateLink: boolean}
|
|
692
|
-
| {$case: 'allPrivateAccess'; allPrivateAccess: boolean}
|
|
693
|
-
| undefined;
|
|
694
|
-
}
|
|
695
|
-
|
|
696
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
697
|
-
export interface CustomerFacingIngressNetworkPolicy_PublicAccess {
|
|
698
|
-
restrictionMode?:
|
|
699
|
-
| CustomerFacingIngressNetworkPolicy_PublicAccess_RestrictionMode
|
|
700
|
-
| undefined;
|
|
701
|
-
denyRules?:
|
|
702
|
-
| CustomerFacingIngressNetworkPolicy_PublicIngressRule[]
|
|
703
|
-
| undefined;
|
|
704
|
-
allowRules?:
|
|
705
|
-
| CustomerFacingIngressNetworkPolicy_PublicIngressRule[]
|
|
706
|
-
| undefined;
|
|
707
|
-
}
|
|
708
|
-
|
|
709
|
-
/**
|
|
710
|
-
* An ingress rule is enforced when a request satisfies all
|
|
711
|
-
* specified attributes — including request origin, destination, and authentication.
|
|
712
|
-
*/
|
|
713
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
714
|
-
export interface CustomerFacingIngressNetworkPolicy_PublicIngressRule {
|
|
715
|
-
origin?: CustomerFacingIngressNetworkPolicy_PublicRequestOrigin | undefined;
|
|
716
|
-
destination?:
|
|
717
|
-
| CustomerFacingIngressNetworkPolicy_RequestDestination
|
|
718
|
-
| undefined;
|
|
719
|
-
authentication?:
|
|
720
|
-
| CustomerFacingIngressNetworkPolicy_Authentication
|
|
721
|
-
| undefined;
|
|
722
|
-
/** The label for this ingress rule. */
|
|
723
|
-
label?: string | undefined;
|
|
724
|
-
}
|
|
725
|
-
|
|
726
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
727
|
-
export interface CustomerFacingIngressNetworkPolicy_PublicRequestOrigin {
|
|
728
|
-
source?:
|
|
729
|
-
| {
|
|
730
|
-
$case: 'allIpRanges';
|
|
731
|
-
/** Matches all IPv4 and IPv6 ranges (both public and private). */
|
|
732
|
-
allIpRanges: boolean;
|
|
733
|
-
}
|
|
734
|
-
| {
|
|
735
|
-
$case: 'includedIpRanges';
|
|
736
|
-
/** Will not allow IP ranges with private IPs. */
|
|
737
|
-
includedIpRanges: CustomerFacingIngressNetworkPolicy_IpRanges;
|
|
738
|
-
}
|
|
739
|
-
| {
|
|
740
|
-
$case: 'excludedIpRanges';
|
|
741
|
-
/** Excluded means: all public IP ranges except this one. */
|
|
742
|
-
excludedIpRanges: CustomerFacingIngressNetworkPolicy_IpRanges;
|
|
743
|
-
}
|
|
744
|
-
| undefined;
|
|
745
|
-
}
|
|
746
|
-
|
|
747
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
748
|
-
export interface CustomerFacingIngressNetworkPolicy_RequestDestination {
|
|
749
|
-
/**
|
|
750
|
-
* When true, match all destinations, no other destination fields can be set.
|
|
751
|
-
* When not set or false, at least one specific destination must be provided.
|
|
752
|
-
*/
|
|
753
|
-
allDestinations?: boolean | undefined;
|
|
754
|
-
workspaceUi?:
|
|
755
|
-
| CustomerFacingIngressNetworkPolicy_WorkspaceUiDestination
|
|
756
|
-
| undefined;
|
|
757
|
-
workspaceApi?:
|
|
758
|
-
| CustomerFacingIngressNetworkPolicy_WorkspaceApiDestination
|
|
759
|
-
| undefined;
|
|
760
|
-
appsRuntime?:
|
|
761
|
-
| CustomerFacingIngressNetworkPolicy_AppsRuntimeDestination
|
|
762
|
-
| undefined;
|
|
763
|
-
lakebaseRuntime?:
|
|
764
|
-
| CustomerFacingIngressNetworkPolicy_LakebaseRuntimeDestination
|
|
765
|
-
| undefined;
|
|
766
|
-
accountUi?:
|
|
767
|
-
| CustomerFacingIngressNetworkPolicy_AccountUiDestination
|
|
768
|
-
| undefined;
|
|
769
|
-
accountApi?:
|
|
770
|
-
| CustomerFacingIngressNetworkPolicy_AccountApiDestination
|
|
771
|
-
| undefined;
|
|
772
|
-
accountDatabricksOne?:
|
|
773
|
-
| CustomerFacingIngressNetworkPolicy_AccountDatabricksOneDestination
|
|
774
|
-
| undefined;
|
|
775
|
-
}
|
|
776
|
-
|
|
777
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
778
|
-
export interface CustomerFacingIngressNetworkPolicy_WorkspaceApiDestination {
|
|
779
|
-
scopes?: string[] | undefined;
|
|
780
|
-
/** Qualifies the breadth of API access for the listed scopes. See ApiScopeQualifier. */
|
|
781
|
-
scopeQualifier?:
|
|
782
|
-
| CustomerFacingIngressNetworkPolicy_ApiScopeQualifier
|
|
783
|
-
| undefined;
|
|
784
|
-
}
|
|
785
|
-
|
|
786
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
787
|
-
export interface CustomerFacingIngressNetworkPolicy_WorkspaceIdList {
|
|
788
|
-
workspaceIds?: bigint[] | undefined;
|
|
789
|
-
}
|
|
790
|
-
|
|
791
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
792
|
-
export interface CustomerFacingIngressNetworkPolicy_WorkspaceUiDestination {
|
|
793
|
-
/** Must be set to true. */
|
|
794
|
-
allDestinations?: boolean | undefined;
|
|
795
|
-
}
|
|
796
|
-
|
|
797
|
-
/** Properties of the new network connectivity configuration. */
|
|
798
|
-
export interface CustomerFacingNetworkConnectivityConfig {
|
|
799
|
-
/** <Databricks> network connectivity configuration ID. */
|
|
800
|
-
networkConnectivityConfigId?: string | undefined;
|
|
801
|
-
/** Your <Databricks> account ID. You can find your account ID in your <Databricks> accounts console. */
|
|
802
|
-
accountId?: string | undefined;
|
|
803
|
-
/**
|
|
804
|
-
* The name of the network connectivity configuration. The name can contain alphanumeric characters, hyphens,
|
|
805
|
-
* and underscores. The length must be between 3 and 30 characters. The name must match the regular
|
|
806
|
-
* expression ^[0-9a-zA-Z-_]{3,30}$
|
|
807
|
-
*/
|
|
808
|
-
name?: string | undefined;
|
|
809
|
-
/**
|
|
810
|
-
* The region for the network connectivity configuration.
|
|
811
|
-
* Only workspaces in the same region can be attached to the network connectivity configuration.
|
|
812
|
-
*/
|
|
813
|
-
region?: string | undefined;
|
|
814
|
-
/** The network connectivity rules that apply to network traffic from your serverless compute resources. */
|
|
815
|
-
egressConfig?:
|
|
816
|
-
| CustomerFacingNetworkConnectivityConfigEgressConfig
|
|
817
|
-
| undefined;
|
|
818
|
-
/** Time in epoch milliseconds when this object was updated. */
|
|
819
|
-
updatedTime?: bigint | undefined;
|
|
820
|
-
/** Time in epoch milliseconds when this object was created. */
|
|
821
|
-
creationTime?: bigint | undefined;
|
|
822
|
-
}
|
|
823
|
-
|
|
824
|
-
/**
|
|
825
|
-
* Properties of the new private endpoint rule.
|
|
826
|
-
* Note that for private endpoints towards a VPC endpoint service behind a customer-managed NLB,
|
|
827
|
-
* you must approve the endpoint in AWS console after initialization.
|
|
828
|
-
*/
|
|
829
|
-
export interface CustomerFacingNetworkConnectivityConfigAwsPrivateEndpointRule {
|
|
830
|
-
/** The ID of a private endpoint rule. */
|
|
831
|
-
ruleId?: string | undefined;
|
|
832
|
-
/** The ID of a network connectivity configuration, which is the parent resource of this private endpoint rule object. */
|
|
833
|
-
networkConnectivityConfigId?: string | undefined;
|
|
834
|
-
/** <Databricks> account ID. You can find your account ID from the Accounts Console. */
|
|
835
|
-
accountId?: string | undefined;
|
|
836
|
-
/** The full target AWS endpoint service name that connects to the destination resources of the private endpoint. */
|
|
837
|
-
endpointService?: string | undefined;
|
|
838
|
-
/**
|
|
839
|
-
* Only used by private endpoints towards a VPC endpoint service for customer-managed VPC endpoint service.
|
|
840
|
-
*
|
|
841
|
-
* The target AWS resource FQDNs accessible via the VPC endpoint service.
|
|
842
|
-
* When updating this field, we perform full update on this field. Please ensure a full list of desired domain_names is provided.
|
|
843
|
-
*/
|
|
844
|
-
domainNames?: string[] | undefined;
|
|
845
|
-
/**
|
|
846
|
-
* Only used by private endpoints towards AWS S3 service.
|
|
847
|
-
*
|
|
848
|
-
* The globally unique S3 bucket names that will be accessed via the VPC endpoint.
|
|
849
|
-
* The bucket names must be in the same region as the NCC/endpoint service.
|
|
850
|
-
* When updating this field, we perform full update on this field.
|
|
851
|
-
* Please ensure a full list of desired resource_names is provided.
|
|
852
|
-
*/
|
|
853
|
-
resourceNames?: string[] | undefined;
|
|
854
|
-
/** The AWS VPC endpoint ID. You can use this ID to identify VPC endpoint created by <Databricks>. */
|
|
855
|
-
vpcEndpointId?: string | undefined;
|
|
856
|
-
/**
|
|
857
|
-
* The current status of this private endpoint. The private endpoint rules are effective only if the connection state
|
|
858
|
-
* is ESTABLISHED. Remember that you must approve new endpoints on your resources in the AWS console
|
|
859
|
-
* before they take effect.
|
|
860
|
-
* The possible values are:
|
|
861
|
-
* - PENDING: The endpoint has been created and pending approval.
|
|
862
|
-
* - ESTABLISHED: The endpoint has been approved and is ready to use in your serverless compute resources.
|
|
863
|
-
* - REJECTED: Connection was rejected by the private link resource owner.
|
|
864
|
-
* - DISCONNECTED: Connection was removed by the private link resource owner, the private endpoint becomes informative and should be deleted for clean-up.
|
|
865
|
-
* - EXPIRED: If the endpoint is created but not approved in 14 days, it is EXPIRED.
|
|
866
|
-
*/
|
|
867
|
-
connectionState?:
|
|
868
|
-
| CustomerFacingNetworkConnectivityConfigAwsPrivateEndpointRule_PrivateLinkConnectionState
|
|
869
|
-
| undefined;
|
|
870
|
-
/** Time in epoch milliseconds when this object was created. */
|
|
871
|
-
creationTime?: bigint | undefined;
|
|
872
|
-
/** Time in epoch milliseconds when this object was updated. */
|
|
873
|
-
updatedTime?: bigint | undefined;
|
|
874
|
-
/** Whether this private endpoint is deactivated. */
|
|
875
|
-
deactivated?: boolean | undefined;
|
|
876
|
-
/** Time in epoch milliseconds when this object was deactivated. */
|
|
877
|
-
deactivatedAt?: bigint | undefined;
|
|
878
|
-
/**
|
|
879
|
-
* Only used by private endpoints towards an AWS S3 service.
|
|
880
|
-
*
|
|
881
|
-
* Update this field to activate/deactivate this private endpoint to allow egress access from serverless compute resources.
|
|
882
|
-
*/
|
|
883
|
-
enabled?: boolean | undefined;
|
|
884
|
-
errorMessage?: string | undefined;
|
|
885
|
-
}
|
|
886
|
-
|
|
887
|
-
/**
|
|
888
|
-
* Properties of the new private endpoint rule.
|
|
889
|
-
* Note that you must approve the endpoint in Azure portal after initialization.
|
|
890
|
-
*/
|
|
891
|
-
export interface CustomerFacingNetworkConnectivityConfigAzurePrivateEndpointRule {
|
|
892
|
-
/** The ID of a private endpoint rule. */
|
|
893
|
-
ruleId?: string | undefined;
|
|
894
|
-
/** The ID of a network connectivity configuration, which is the parent resource of this private endpoint rule object. */
|
|
895
|
-
networkConnectivityConfigId?: string | undefined;
|
|
896
|
-
/** The Azure resource ID of the target resource. */
|
|
897
|
-
resourceId?: string | undefined;
|
|
898
|
-
/**
|
|
899
|
-
* Only used by private endpoints to Azure first-party services.
|
|
900
|
-
*
|
|
901
|
-
* The sub-resource type (group ID) of the target resource.
|
|
902
|
-
* Note that to connect to workspace root storage (root DBFS), you need two endpoints, one for blob and one for dfs.
|
|
903
|
-
*/
|
|
904
|
-
groupId?: string | undefined;
|
|
905
|
-
/** The name of the Azure private endpoint resource. */
|
|
906
|
-
endpointName?: string | undefined;
|
|
907
|
-
/**
|
|
908
|
-
* The current status of this private endpoint. The private endpoint rules are effective only if the connection state
|
|
909
|
-
* is ESTABLISHED. Remember that you must approve new endpoints on your resources in the Azure portal
|
|
910
|
-
* before they take effect.
|
|
911
|
-
* The possible values are:
|
|
912
|
-
* - INIT: (deprecated) The endpoint has been created and pending approval.
|
|
913
|
-
* - PENDING: The endpoint has been created and pending approval.
|
|
914
|
-
* - ESTABLISHED: The endpoint has been approved and is ready to use in your serverless compute resources.
|
|
915
|
-
* - REJECTED: Connection was rejected by the private link resource owner.
|
|
916
|
-
* - DISCONNECTED: Connection was removed by the private link resource owner, the private endpoint becomes informative and should be deleted for clean-up.
|
|
917
|
-
* - EXPIRED: If the endpoint was created but not approved in 14 days, it will be EXPIRED.
|
|
918
|
-
*/
|
|
919
|
-
connectionState?:
|
|
920
|
-
| CustomerFacingNetworkConnectivityConfigAzurePrivateEndpointRule_PrivateLinkConnectionState
|
|
921
|
-
| undefined;
|
|
922
|
-
/** Time in epoch milliseconds when this object was created. */
|
|
923
|
-
creationTime?: bigint | undefined;
|
|
924
|
-
/** Time in epoch milliseconds when this object was updated. */
|
|
925
|
-
updatedTime?: bigint | undefined;
|
|
926
|
-
/** Whether this private endpoint is deactivated. */
|
|
927
|
-
deactivated?: boolean | undefined;
|
|
928
|
-
/** Time in epoch milliseconds when this object was deactivated. */
|
|
929
|
-
deactivatedAt?: bigint | undefined;
|
|
930
|
-
/**
|
|
931
|
-
* Not used by customer-managed private endpoint services.
|
|
932
|
-
*
|
|
933
|
-
* Domain names of target private link service.
|
|
934
|
-
* When updating this field, the full list of target domain_names must be specified.
|
|
935
|
-
*/
|
|
936
|
-
domainNames?: string[] | undefined;
|
|
937
|
-
errorMessage?: string | undefined;
|
|
938
|
-
}
|
|
939
|
-
|
|
940
|
-
export interface CustomerFacingNetworkConnectivityConfigEgressConfig {
|
|
941
|
-
/**
|
|
942
|
-
* The network connectivity rules that are applied by default without resource specific configurations.
|
|
943
|
-
* You can find the stable network information of your serverless compute resources here.
|
|
944
|
-
*/
|
|
945
|
-
defaultRules?: NetworkConnectivityConfigEgressConfig_DefaultRule | undefined;
|
|
946
|
-
/** The network connectivity rules that configured for each destinations. These rules override default rules. */
|
|
947
|
-
targetRules?:
|
|
948
|
-
| CustomerFacingNetworkConnectivityConfigEgressConfig_CustomerFacingTargetRule
|
|
949
|
-
| undefined;
|
|
950
|
-
}
|
|
951
|
-
|
|
952
|
-
/** Target rule controls the egress rules that are dedicated to specific resources. */
|
|
953
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
954
|
-
export interface CustomerFacingNetworkConnectivityConfigEgressConfig_CustomerFacingTargetRule {
|
|
955
|
-
azurePrivateEndpointRules?:
|
|
956
|
-
| CustomerFacingNetworkConnectivityConfigAzurePrivateEndpointRule[]
|
|
957
|
-
| undefined;
|
|
958
|
-
/** AWS private endpoint rule controls the AWS private endpoint based egress rules. */
|
|
959
|
-
awsPrivateEndpointRules?:
|
|
960
|
-
| CustomerFacingNetworkConnectivityConfigAwsPrivateEndpointRule[]
|
|
961
|
-
| undefined;
|
|
962
|
-
}
|
|
963
|
-
|
|
964
|
-
/** * */
|
|
965
|
-
export interface CustomerFacingPrivateAccessSettings {
|
|
966
|
-
/** <Databricks> private access settings ID. */
|
|
967
|
-
privateAccessSettingsId?: string | undefined;
|
|
968
|
-
/** The <Databricks> account ID that hosts the private access settings. */
|
|
969
|
-
accountId?: string | undefined;
|
|
970
|
-
/** The human-readable name of the private access settings object. */
|
|
971
|
-
privateAccessSettingsName?: string | undefined;
|
|
972
|
-
/** The AWS region for workspaces attached to this private access settings object. */
|
|
973
|
-
region?: string | undefined;
|
|
974
|
-
/** Determines if the workspace can be accessed over public internet. For fully private workspaces, you can optionally specify false, but only if you implement both the front-end and the back-end PrivateLink connections. Otherwise, specify true, which means that public access is enabled. */
|
|
975
|
-
publicAccessEnabled?: boolean | undefined;
|
|
976
|
-
/**
|
|
977
|
-
* The private access level controls which VPC endpoints can connect to the UI or API of any workspace that attaches this private access settings object.
|
|
978
|
-
* `ACCOUNT` level access (the default) allows only VPC endpoints that are registered in your <Databricks> account connect to your workspace.
|
|
979
|
-
* `ENDPOINT` level access allows only specified VPC endpoints connect to your workspace. For details, see allowed_vpc_endpoint_ids.
|
|
980
|
-
*/
|
|
981
|
-
privateAccessLevel?: PrivateAccessLevel | undefined;
|
|
982
|
-
/**
|
|
983
|
-
* An array of Databricks VPC endpoint IDs. This is the <Databricks> ID that is returned when registering the VPC endpoint configuration in your <Databricks> account. This is not the ID of the VPC endpoint in AWS.
|
|
984
|
-
* Only used when private_access_level is set to ENDPOINT. This is an allow list of VPC endpoints that in your account that can connect to your workspace over AWS PrivateLink.
|
|
985
|
-
* If hybrid access to your workspace is enabled by setting public_access_enabled to true, this control only works for PrivateLink connections. To control how your workspace is accessed via public internet, see IP access lists.
|
|
986
|
-
*/
|
|
987
|
-
allowedVpcEndpointIds?: string[] | undefined;
|
|
988
|
-
}
|
|
989
|
-
|
|
990
|
-
/** * */
|
|
991
|
-
export interface CustomerFacingVpcEndpoint {
|
|
992
|
-
/** Databricks VPC endpoint ID. This is the <Databricks>-specific name of the VPC endpoint. Do not confuse this with the `aws_vpc_endpoint_id`, which is the ID within AWS of the VPC endpoint. */
|
|
993
|
-
vpcEndpointId?: string | undefined;
|
|
994
|
-
/**
|
|
995
|
-
* The <Databricks> account ID that hosts the VPC endpoint configuration.
|
|
996
|
-
* TODO - This may signal an OpenAPI diff; it does not show up in the generated spec
|
|
997
|
-
*/
|
|
998
|
-
accountId?: string | undefined;
|
|
999
|
-
/** The human-readable name of the storage configuration. */
|
|
1000
|
-
vpcEndpointName?: string | undefined;
|
|
1001
|
-
/** The ID of the VPC endpoint object in AWS. */
|
|
1002
|
-
awsVpcEndpointId?: string | undefined;
|
|
1003
|
-
/** The ID of the <Databricks> [endpoint service](https://docs.aws.amazon.com/vpc/latest/privatelink/endpoint-service.html) that this VPC endpoint is connected to. For a list of endpoint service IDs for each supported AWS region, see the [Databricks PrivateLink documentation](https://docs.databricks.com/administration-guide/cloud-configurations/aws/privatelink.html). */
|
|
1004
|
-
awsEndpointServiceId?: string | undefined;
|
|
1005
|
-
/**
|
|
1006
|
-
* This enumeration represents the type of Databricks VPC endpoint service that was used when creating this VPC endpoint.
|
|
1007
|
-
* If the VPC endpoint connects to the <Databricks> control plane for either the front-end connection or the back-end REST API connection, the value is GENERAL_ACCESS.
|
|
1008
|
-
* If the VPC endpoint connects to the <Databricks> workspace for the back-end secure cluster connectivity relay, the value is DATAPLANE_RELAY_ACCESS.
|
|
1009
|
-
*/
|
|
1010
|
-
useCase?: CustomerFacingVpcEndpointUseCase | undefined;
|
|
1011
|
-
/** The AWS region in which this VPC endpoint object exists. */
|
|
1012
|
-
region?: string | undefined;
|
|
1013
|
-
/** The AWS Account in which the VPC endpoint object exists. */
|
|
1014
|
-
awsAccountId?: string | undefined;
|
|
1015
|
-
/** The current state (such as `available` or `rejected`) of the VPC endpoint. Derived from AWS. For the full set of values, see [AWS DescribeVpcEndpoint documentation](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html). */
|
|
1016
|
-
state?: string | undefined;
|
|
1017
|
-
vpcEndpointInfo?:
|
|
1018
|
-
| {
|
|
1019
|
-
$case: 'gcpVpcEndpointInfo';
|
|
1020
|
-
/**
|
|
1021
|
-
* The cloud info of this vpc endpoint.
|
|
1022
|
-
* Info for a GCP vpc endpoint.
|
|
1023
|
-
*/
|
|
1024
|
-
gcpVpcEndpointInfo: CustomerFacingGcpVpcEndpointInfo;
|
|
1025
|
-
}
|
|
1026
|
-
| undefined;
|
|
1027
|
-
}
|
|
1028
|
-
|
|
1029
|
-
/** Next Id: 3 */
|
|
1030
|
-
export interface DeleteAccountIpAccessListRequest {
|
|
1031
|
-
accountId?: string | undefined;
|
|
1032
|
-
/** The ID for the corresponding IP access list */
|
|
1033
|
-
listId?: string | undefined;
|
|
1034
|
-
}
|
|
1035
|
-
|
|
1036
|
-
/** The IP access list was successfully deleted. */
|
|
1037
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention, @typescript-eslint/no-empty-object-type -- Proto-style nested message name.
|
|
1038
|
-
export interface DeleteAccountIpAccessListRequest_Response {}
|
|
1039
|
-
|
|
1040
|
-
export interface DeleteEndpointRequest {
|
|
1041
|
-
name?: string | undefined;
|
|
1042
|
-
}
|
|
1043
|
-
|
|
1044
|
-
export interface DeleteIpAccessList {
|
|
1045
|
-
/** The ID for the corresponding IP access list */
|
|
1046
|
-
listId?: string | undefined;
|
|
1047
|
-
}
|
|
1048
|
-
|
|
1049
|
-
/** The IP access list was successfully deleted. */
|
|
1050
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention, @typescript-eslint/no-empty-object-type -- Proto-style nested message name.
|
|
1051
|
-
export interface DeleteIpAccessList_Response {}
|
|
1052
|
-
|
|
1053
|
-
/**
|
|
1054
|
-
* Initiates deleting a private endpoint rule. If the connection state is PENDING or EXPIRED, the private endpoint is
|
|
1055
|
-
* immediately deleted. Otherwise, the private endpoint is deactivated and will be deleted after one day of
|
|
1056
|
-
* deactivation. When a private endpoint is deactivated, the deactivated field is set to true and the private endpoint
|
|
1057
|
-
* is not available to your serverless compute resources.
|
|
1058
|
-
*/
|
|
1059
|
-
export interface DeleteNccPrivateEndpointRuleRequest {
|
|
1060
|
-
/** Your <Databricks> account ID. You can find your account ID in your <Databricks> accounts console. */
|
|
1061
|
-
accountId?: string | undefined;
|
|
1062
|
-
/** Your Network Connectvity Configuration ID. */
|
|
1063
|
-
networkConnectivityConfigId?: string | undefined;
|
|
1064
|
-
/** Your private endpoint rule ID. */
|
|
1065
|
-
privateEndpointRuleId?: string | undefined;
|
|
1066
|
-
}
|
|
1067
|
-
|
|
1068
|
-
export interface DeleteNetworkConnectivityConfigRequest {
|
|
1069
|
-
/** Your <Databricks> account ID. You can find your account ID in your <Databricks> accounts console. */
|
|
1070
|
-
accountId?: string | undefined;
|
|
1071
|
-
/** Your Network Connectivity Configuration ID. */
|
|
1072
|
-
networkConnectivityConfigId?: string | undefined;
|
|
1073
|
-
}
|
|
1074
|
-
|
|
1075
|
-
export interface DeleteNetworkPolicyRequest {
|
|
1076
|
-
/** The unique identifier of the network policy to delete. */
|
|
1077
|
-
networkPolicyId?: string | undefined;
|
|
1078
|
-
/** Your <Databricks> account ID. You can find your account ID in your <Databricks> accounts console. */
|
|
1079
|
-
accountId?: string | undefined;
|
|
1080
|
-
}
|
|
1081
|
-
|
|
1082
|
-
export interface DeleteNetworkRequest {
|
|
1083
|
-
/** Databricks Account API network configuration ID. */
|
|
1084
|
-
networkId?: string | undefined;
|
|
1085
|
-
accountId?: string | undefined;
|
|
1086
|
-
}
|
|
1087
|
-
|
|
1088
|
-
export interface DeletePrivateAccessSettingsRequest {
|
|
1089
|
-
privateAccessSettingsId?: string | undefined;
|
|
1090
|
-
accountId?: string | undefined;
|
|
1091
|
-
}
|
|
1092
|
-
|
|
1093
|
-
export interface DeleteVpcEndpointRequest {
|
|
1094
|
-
vpcEndpointId?: string | undefined;
|
|
1095
|
-
accountId?: string | undefined;
|
|
1096
|
-
}
|
|
1097
|
-
|
|
1098
|
-
/**
|
|
1099
|
-
* The network policies applying for egress traffic.
|
|
1100
|
-
* This message is used by the UI/REST API. We translate this message to the format expected by the
|
|
1101
|
-
* dataplane in Lakehouse Network Manager (for the format expected by the dataplane, see networkconfig.textproto).
|
|
1102
|
-
* This policy should be consistent with [[com.databricks.api.proto.settingspolicy.EgressNetworkPolicy]].
|
|
1103
|
-
* Details see API-design: https://docs.google.com/document/d/1DKWO_FpZMCY4cF2O62LpwII1lx8gsnDGG-qgE3t3TOA/
|
|
1104
|
-
*/
|
|
1105
|
-
export interface EgressNetworkPolicy {
|
|
1106
|
-
/** The access policy enforced for egress traffic to the internet. */
|
|
1107
|
-
networkAccess?: EgressNetworkPolicy_NetworkAccessPolicy | undefined;
|
|
1108
|
-
}
|
|
1109
|
-
|
|
1110
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
1111
|
-
export interface EgressNetworkPolicy_NetworkAccessPolicy {
|
|
1112
|
-
/** The restriction mode that controls how serverless workloads can access the internet. */
|
|
1113
|
-
restrictionMode?:
|
|
1114
|
-
| EgressNetworkPolicy_NetworkAccessPolicy_RestrictionMode
|
|
1115
|
-
| undefined;
|
|
1116
|
-
/** List of internet destinations that serverless workloads are allowed to access when in RESTRICTED_ACCESS mode. */
|
|
1117
|
-
allowedInternetDestinations?:
|
|
1118
|
-
| EgressNetworkPolicy_NetworkAccessPolicy_InternetDestination[]
|
|
1119
|
-
| undefined;
|
|
1120
|
-
/** List of storage destinations that serverless workloads are allowed to access when in RESTRICTED_ACCESS mode. */
|
|
1121
|
-
allowedStorageDestinations?:
|
|
1122
|
-
| EgressNetworkPolicy_NetworkAccessPolicy_StorageDestination[]
|
|
1123
|
-
| undefined;
|
|
1124
|
-
/** Optional. When policy_enforcement is not provided, we default to ENFORCE_MODE_ALL_SERVICES */
|
|
1125
|
-
policyEnforcement?:
|
|
1126
|
-
| EgressNetworkPolicy_NetworkAccessPolicy_PolicyEnforcement
|
|
1127
|
-
| undefined;
|
|
1128
|
-
/**
|
|
1129
|
-
* List of internet destinations that serverless workloads are blocked from accessing.
|
|
1130
|
-
* These destinations are enforced when restriction mode is RESTRICTED_ACCESS or DRY_RUN.
|
|
1131
|
-
* Currently supports DNS_NAME type only; IP_RANGE support is planned.
|
|
1132
|
-
*/
|
|
1133
|
-
blockedInternetDestinations?:
|
|
1134
|
-
| EgressNetworkPolicy_NetworkAccessPolicy_InternetDestination[]
|
|
1135
|
-
| undefined;
|
|
1136
|
-
}
|
|
1137
|
-
|
|
1138
|
-
/**
|
|
1139
|
-
* Users can specify accessible internet destinations when outbound access is restricted.
|
|
1140
|
-
* We only support DNS_NAME (FQDN format) destinations for the time being.
|
|
1141
|
-
* Going forward we may extend support to host names and IP addresses.
|
|
1142
|
-
*/
|
|
1143
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
1144
|
-
export interface EgressNetworkPolicy_NetworkAccessPolicy_InternetDestination {
|
|
1145
|
-
/** The internet destination to which access will be allowed. Format dependent on the destination type. */
|
|
1146
|
-
destination?: string | undefined;
|
|
1147
|
-
/** The type of internet destination. Currently only DNS_NAME is supported. */
|
|
1148
|
-
internetDestinationType?:
|
|
1149
|
-
| EgressNetworkPolicy_NetworkAccessPolicy_InternetDestination_InternetDestinationType
|
|
1150
|
-
| undefined;
|
|
1151
|
-
}
|
|
1152
|
-
|
|
1153
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
1154
|
-
export interface EgressNetworkPolicy_NetworkAccessPolicy_PolicyEnforcement {
|
|
1155
|
-
/**
|
|
1156
|
-
* The mode of policy enforcement. ENFORCED blocks traffic that violates policy,
|
|
1157
|
-
* while DRY_RUN only logs violations without blocking. When not specified,
|
|
1158
|
-
* defaults to ENFORCED.
|
|
1159
|
-
*/
|
|
1160
|
-
enforcementMode?:
|
|
1161
|
-
| EgressNetworkPolicy_NetworkAccessPolicy_PolicyEnforcement_EnforcementMode
|
|
1162
|
-
| undefined;
|
|
1163
|
-
/**
|
|
1164
|
-
* When empty, it means dry run for all products.
|
|
1165
|
-
* When non-empty, it means dry run for specific products and for the other products, they will run in enforced mode.
|
|
1166
|
-
*/
|
|
1167
|
-
dryRunModeProductFilter?:
|
|
1168
|
-
| EgressNetworkPolicy_NetworkAccessPolicy_PolicyEnforcement_DryRunModeProductFilter[]
|
|
1169
|
-
| undefined;
|
|
1170
|
-
}
|
|
1171
|
-
|
|
1172
|
-
/** Users can specify accessible storage destinations. */
|
|
1173
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
1174
|
-
export interface EgressNetworkPolicy_NetworkAccessPolicy_StorageDestination {
|
|
1175
|
-
bucketName?: string | undefined;
|
|
1176
|
-
region?: string | undefined;
|
|
1177
|
-
/** The type of storage destination. */
|
|
1178
|
-
storageDestinationType?:
|
|
1179
|
-
| EgressNetworkPolicy_NetworkAccessPolicy_StorageDestination_StorageDestinationType
|
|
1180
|
-
| undefined;
|
|
1181
|
-
/** The Azure storage account name. */
|
|
1182
|
-
azureStorageAccount?: string | undefined;
|
|
1183
|
-
/** The Azure storage service type (blob, dfs, etc.). */
|
|
1184
|
-
azureStorageService?: string | undefined;
|
|
1185
|
-
}
|
|
1186
|
-
|
|
1187
|
-
/** Endpoint represents a cloud networking resource in a user's cloud account and binds it to the <Databricks> account. */
|
|
1188
|
-
export interface Endpoint {
|
|
1189
|
-
/** The resource name of the endpoint, which uniquely identifies the endpoint. */
|
|
1190
|
-
name?: string | undefined;
|
|
1191
|
-
/** The unique identifier for this endpoint under the account. This field is a UUID generated by <Databricks>. */
|
|
1192
|
-
endpointId?: string | undefined;
|
|
1193
|
-
/** The Databricks Account in which the endpoint object exists. */
|
|
1194
|
-
accountId?: string | undefined;
|
|
1195
|
-
/**
|
|
1196
|
-
* The human-readable display name of this endpoint.
|
|
1197
|
-
* The input should conform to RFC-1034, which restricts to letters, numbers, and hyphens,
|
|
1198
|
-
* with the first character a letter, the last a letter or a number, and a 63 character maximum.
|
|
1199
|
-
*/
|
|
1200
|
-
displayName?: string | undefined;
|
|
1201
|
-
/**
|
|
1202
|
-
* The use case that determines the type of network connectivity this endpoint provides.
|
|
1203
|
-
* This field is automatically determined based on the endpoint configuration and cloud-specific settings.
|
|
1204
|
-
*/
|
|
1205
|
-
useCase?: EndpointUseCase_EndpointUseCase | undefined;
|
|
1206
|
-
/** The cloud provider region where this endpoint is located. */
|
|
1207
|
-
region?: string | undefined;
|
|
1208
|
-
/** The state of the endpoint. The endpoint can only be used if the state is `APPROVED`. */
|
|
1209
|
-
state?: EndpointState | undefined;
|
|
1210
|
-
/**
|
|
1211
|
-
* The cloud info of this endpoint.
|
|
1212
|
-
* (-- For now it only supports Azure PL, but in future we can support other clouds and more use cases (e.g. public endpoint) --)
|
|
1213
|
-
*/
|
|
1214
|
-
endpointInfo?:
|
|
1215
|
-
| {
|
|
1216
|
-
$case: 'azurePrivateEndpointInfo';
|
|
1217
|
-
/** Info for an Azure private endpoint. */
|
|
1218
|
-
azurePrivateEndpointInfo: AzurePrivateEndpointInfo;
|
|
1219
|
-
}
|
|
1220
|
-
| undefined;
|
|
1221
|
-
/** The timestamp when the endpoint was created. The timestamp is in RFC 3339 format in UTC timezone. */
|
|
1222
|
-
createTime?: Temporal.Instant | undefined;
|
|
1223
|
-
}
|
|
1224
|
-
|
|
1225
|
-
// eslint-disable-next-line @typescript-eslint/no-empty-object-type
|
|
1226
|
-
export interface EndpointUseCase {}
|
|
1227
|
-
|
|
1228
|
-
export interface GcpEndpoint {
|
|
1229
|
-
/** Output only. The URI of the created PSC endpoint. */
|
|
1230
|
-
pscEndpointUri?: string | undefined;
|
|
1231
|
-
/** Selects which target services this private endpoint reaches. */
|
|
1232
|
-
targetServices?:
|
|
1233
|
-
| {
|
|
1234
|
-
$case: 'serviceAttachment';
|
|
1235
|
-
/**
|
|
1236
|
-
* The full url of the target service attachment.
|
|
1237
|
-
* Example:
|
|
1238
|
-
* projects/my-gcp-project/regions/us-east4/serviceAttachments/my-service-attachment
|
|
1239
|
-
*/
|
|
1240
|
-
serviceAttachment: string;
|
|
1241
|
-
}
|
|
1242
|
-
| undefined;
|
|
1243
|
-
}
|
|
1244
|
-
|
|
1245
|
-
export interface GcpNetworkInfo {
|
|
1246
|
-
/** The GCP project ID for network resources. This project is where the VPC and subnet resides. */
|
|
1247
|
-
networkProjectId?: string | undefined;
|
|
1248
|
-
/** The customer-provided VPC ID. */
|
|
1249
|
-
vpcId?: string | undefined;
|
|
1250
|
-
/**
|
|
1251
|
-
* The customer-provided Subnet ID that will be available to Clusters in Workspaces using this
|
|
1252
|
-
* Network.
|
|
1253
|
-
*/
|
|
1254
|
-
subnetId?: string | undefined;
|
|
1255
|
-
subnetRegion?: string | undefined;
|
|
1256
|
-
/**
|
|
1257
|
-
* Name of the secondary range within the subnet that will be used by GKE as Pod IP range.
|
|
1258
|
-
* This is BYO VPC specific. DB VPC uses network.getGcpManagedNetworkConfig.getGkeClusterPodIpRange
|
|
1259
|
-
*/
|
|
1260
|
-
podIpRangeName?: string | undefined;
|
|
1261
|
-
/** Name of the secondary range within the subnet that will be used by GKE as Service IP range. */
|
|
1262
|
-
serviceIpRangeName?: string | undefined;
|
|
1263
|
-
}
|
|
1264
|
-
|
|
1265
|
-
/** Next Id: 3 */
|
|
1266
|
-
export interface GetAccountIpAccessListRequest {
|
|
1267
|
-
accountId?: string | undefined;
|
|
1268
|
-
/** The ID for the corresponding IP access list */
|
|
1269
|
-
listId?: string | undefined;
|
|
1270
|
-
}
|
|
1271
|
-
|
|
1272
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
1273
|
-
export interface GetAccountIpAccessListRequest_Response {
|
|
1274
|
-
ipAccessList?: AccountIpAccessList | undefined;
|
|
1275
|
-
}
|
|
1276
|
-
|
|
1277
|
-
export interface GetEndpointRequest {
|
|
1278
|
-
name?: string | undefined;
|
|
1279
|
-
}
|
|
1280
|
-
|
|
1281
|
-
export interface GetIpAccessList {
|
|
1282
|
-
/** The ID for the corresponding IP access list */
|
|
1283
|
-
listId?: string | undefined;
|
|
1284
|
-
}
|
|
1285
|
-
|
|
1286
|
-
/** An IP access list was successfully returned. */
|
|
1287
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
1288
|
-
export interface GetIpAccessList_Response {
|
|
1289
|
-
ipAccessList?: IpAccessList | undefined;
|
|
1290
|
-
}
|
|
1291
|
-
|
|
1292
|
-
export interface GetNccPrivateEndpointRuleRequest {
|
|
1293
|
-
/** Your <Databricks> account ID. You can find your account ID in your <Databricks> accounts console. */
|
|
1294
|
-
accountId?: string | undefined;
|
|
1295
|
-
/** Your Network Connectvity Configuration ID. */
|
|
1296
|
-
networkConnectivityConfigId?: string | undefined;
|
|
1297
|
-
/** Your private endpoint rule ID. */
|
|
1298
|
-
privateEndpointRuleId?: string | undefined;
|
|
1299
|
-
}
|
|
1300
|
-
|
|
1301
|
-
/** ***************************** Public facing RPC requests and responses *****************************\// */
|
|
1302
|
-
export interface GetNetworkConnectivityConfigRequest {
|
|
1303
|
-
/** Your <Databricks> account ID. You can find your account ID in your <Databricks> accounts console. */
|
|
1304
|
-
accountId?: string | undefined;
|
|
1305
|
-
/** Your Network Connectivity Configuration ID. */
|
|
1306
|
-
networkConnectivityConfigId?: string | undefined;
|
|
1307
|
-
}
|
|
1308
|
-
|
|
1309
|
-
export interface GetNetworkPolicyRequest {
|
|
1310
|
-
/** The unique identifier of the network policy to retrieve. */
|
|
1311
|
-
networkPolicyId?: string | undefined;
|
|
1312
|
-
/** Your <Databricks> account ID. You can find your account ID in your <Databricks> accounts console. */
|
|
1313
|
-
accountId?: string | undefined;
|
|
1314
|
-
}
|
|
1315
|
-
|
|
1316
|
-
export interface GetNetworkRequest {
|
|
1317
|
-
/** Databricks Account API network configuration ID. */
|
|
1318
|
-
networkId?: string | undefined;
|
|
1319
|
-
accountId?: string | undefined;
|
|
1320
|
-
}
|
|
1321
|
-
|
|
1322
|
-
export interface GetPrivateAccessSettingsRequest {
|
|
1323
|
-
privateAccessSettingsId?: string | undefined;
|
|
1324
|
-
accountId?: string | undefined;
|
|
1325
|
-
}
|
|
1326
|
-
|
|
1327
|
-
export interface GetVpcEndpointRequest {
|
|
1328
|
-
/** Databricks VPC endpoint ID. */
|
|
1329
|
-
vpcEndpointId?: string | undefined;
|
|
1330
|
-
accountId?: string | undefined;
|
|
1331
|
-
}
|
|
1332
|
-
|
|
1333
|
-
export interface GetWorkspaceNetworkOptionRequest {
|
|
1334
|
-
/** Your <Databricks> account ID. You can find your account ID in your <Databricks> accounts console. */
|
|
1335
|
-
accountId?: string | undefined;
|
|
1336
|
-
/** The workspace ID. */
|
|
1337
|
-
workspaceId?: bigint | undefined;
|
|
1338
|
-
}
|
|
1339
|
-
|
|
1340
|
-
/** Definition of an IP Access list */
|
|
1341
|
-
export interface IpAccessList {
|
|
1342
|
-
/** Universally unique identifier (UUID) of the IP access list. */
|
|
1343
|
-
listId?: string | undefined;
|
|
1344
|
-
/** Label for the IP access list. This **cannot** be empty. */
|
|
1345
|
-
label?: string | undefined;
|
|
1346
|
-
ipAddresses?: string[] | undefined;
|
|
1347
|
-
/** Total number of IP or CIDR values. */
|
|
1348
|
-
addressCount?: number | undefined;
|
|
1349
|
-
listType?: IpAccessListType | undefined;
|
|
1350
|
-
/** Creation timestamp in milliseconds. */
|
|
1351
|
-
createdAt?: bigint | undefined;
|
|
1352
|
-
/** User ID of the user who created this list. */
|
|
1353
|
-
createdBy?: bigint | undefined;
|
|
1354
|
-
/** Update timestamp in milliseconds. */
|
|
1355
|
-
updatedAt?: bigint | undefined;
|
|
1356
|
-
/** User ID of the user who updated this list. */
|
|
1357
|
-
updatedBy?: bigint | undefined;
|
|
1358
|
-
/** Specifies whether this IP access list is enabled. */
|
|
1359
|
-
enabled?: boolean | undefined;
|
|
1360
|
-
}
|
|
1361
|
-
|
|
1362
|
-
/** Next Id: 2 */
|
|
1363
|
-
export interface ListAccountIpAccessListsRequest {
|
|
1364
|
-
accountId?: string | undefined;
|
|
1365
|
-
}
|
|
1366
|
-
|
|
1367
|
-
/** IP access lists were successfully returned. */
|
|
1368
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
1369
|
-
export interface ListAccountIpAccessListsRequest_Response {
|
|
1370
|
-
ipAccessLists?: AccountIpAccessList[] | undefined;
|
|
1371
|
-
}
|
|
1372
|
-
|
|
1373
|
-
export interface ListEndpointsRequest {
|
|
1374
|
-
/**
|
|
1375
|
-
* The parent resource name of the account to list endpoints for.
|
|
1376
|
-
* Format: `accounts/{account_id}`.
|
|
1377
|
-
*/
|
|
1378
|
-
parent?: string | undefined;
|
|
1379
|
-
pageToken?: string | undefined;
|
|
1380
|
-
pageSize?: number | undefined;
|
|
1381
|
-
}
|
|
1382
|
-
|
|
1383
|
-
export interface ListEndpointsResponse {
|
|
1384
|
-
items?: Endpoint[] | undefined;
|
|
1385
|
-
nextPageToken?: string | undefined;
|
|
1386
|
-
}
|
|
1387
|
-
|
|
1388
|
-
// eslint-disable-next-line @typescript-eslint/no-empty-object-type
|
|
1389
|
-
export interface ListIpAccessLists {}
|
|
1390
|
-
|
|
1391
|
-
/** IP access lists were successfully returned. */
|
|
1392
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
1393
|
-
export interface ListIpAccessLists_Response {
|
|
1394
|
-
ipAccessLists?: IpAccessList[] | undefined;
|
|
1395
|
-
}
|
|
1396
|
-
|
|
1397
|
-
/** Gets an array of private endpoint rules. */
|
|
1398
|
-
export interface ListNccPrivateEndpointRulesRequest {
|
|
1399
|
-
/** Your <Databricks> account ID. You can find your account ID in your <Databricks> accounts console. */
|
|
1400
|
-
accountId?: string | undefined;
|
|
1401
|
-
/** Your Network Connectvity Configuration ID. */
|
|
1402
|
-
networkConnectivityConfigId?: string | undefined;
|
|
1403
|
-
/** Pagination token to go to next page based on previous query. */
|
|
1404
|
-
pageToken?: string | undefined;
|
|
1405
|
-
}
|
|
1406
|
-
|
|
1407
|
-
/** The private endpoint rule list was successfully retrieved. */
|
|
1408
|
-
export interface ListNccPrivateEndpointRulesResponse {
|
|
1409
|
-
items?: NccPrivateEndpointRule[] | undefined;
|
|
1410
|
-
/** A token that can be used to get the next page of results. If null, there are no more results to show. */
|
|
1411
|
-
nextPageToken?: string | undefined;
|
|
1412
|
-
}
|
|
1413
|
-
|
|
1414
|
-
export interface ListNetworkConnectivityConfigsRequest {
|
|
1415
|
-
/** Your <Databricks> account ID. You can find your account ID in your <Databricks> accounts console. */
|
|
1416
|
-
accountId?: string | undefined;
|
|
1417
|
-
/** Pagination token to go to next page based on previous query. */
|
|
1418
|
-
pageToken?: string | undefined;
|
|
1419
|
-
}
|
|
1420
|
-
|
|
1421
|
-
/** The network connectivity configuration list was successfully retrieved. */
|
|
1422
|
-
export interface ListNetworkConnectivityConfigsResponse {
|
|
1423
|
-
items?: CustomerFacingNetworkConnectivityConfig[] | undefined;
|
|
1424
|
-
/** A token that can be used to get the next page of results. If null, there are no more results to show. */
|
|
1425
|
-
nextPageToken?: string | undefined;
|
|
1426
|
-
}
|
|
1427
|
-
|
|
1428
|
-
export interface ListNetworkPoliciesRequest {
|
|
1429
|
-
/** Your <Databricks> account ID. You can find your account ID in your <Databricks> accounts console. */
|
|
1430
|
-
accountId?: string | undefined;
|
|
1431
|
-
/** Pagination token to go to next page based on previous query. */
|
|
1432
|
-
pageToken?: string | undefined;
|
|
1433
|
-
}
|
|
1434
|
-
|
|
1435
|
-
export interface ListNetworkPoliciesResponse {
|
|
1436
|
-
/** List of network policies. */
|
|
1437
|
-
items?: AccountNetworkPolicy[] | undefined;
|
|
1438
|
-
/** A token that can be used to get the next page of results. If null, there are no more results to show. */
|
|
1439
|
-
nextPageToken?: string | undefined;
|
|
1440
|
-
}
|
|
1441
|
-
|
|
1442
|
-
export interface ListNetworkRequest {
|
|
1443
|
-
accountId?: string | undefined;
|
|
1444
|
-
}
|
|
1445
|
-
|
|
1446
|
-
export interface ListNetworkResponse {
|
|
1447
|
-
networks?: Network[] | undefined;
|
|
1448
|
-
}
|
|
1449
|
-
|
|
1450
|
-
export interface ListPrivateAccessSettingsRequest {
|
|
1451
|
-
accountId?: string | undefined;
|
|
1452
|
-
}
|
|
1453
|
-
|
|
1454
|
-
export interface ListPrivateAccessSettingsResponse {
|
|
1455
|
-
privateAccessSettings?: CustomerFacingPrivateAccessSettings[] | undefined;
|
|
1456
|
-
}
|
|
1457
|
-
|
|
1458
|
-
export interface ListVpcEndpointRequest {
|
|
1459
|
-
accountId?: string | undefined;
|
|
1460
|
-
}
|
|
1461
|
-
|
|
1462
|
-
export interface ListVpcEndpointResponse {
|
|
1463
|
-
vpcEndpoints?: CustomerFacingVpcEndpoint[] | undefined;
|
|
1464
|
-
}
|
|
1465
|
-
|
|
1466
|
-
/**
|
|
1467
|
-
* Properties of the new private endpoint rule.
|
|
1468
|
-
* Note that you must approve the endpoint in Azure portal after initialization.
|
|
1469
|
-
*/
|
|
1470
|
-
export interface NccPrivateEndpointRule {
|
|
1471
|
-
/** The ID of a private endpoint rule. */
|
|
1472
|
-
ruleId?: string | undefined;
|
|
1473
|
-
/** The ID of a network connectivity configuration, which is the parent resource of this private endpoint rule object. */
|
|
1474
|
-
networkConnectivityConfigId?: string | undefined;
|
|
1475
|
-
/**
|
|
1476
|
-
* The current status of this private endpoint. The private endpoint rules are effective only if the connection state
|
|
1477
|
-
* is ESTABLISHED. Remember that you must approve new endpoints on your resources in the Cloud console
|
|
1478
|
-
* before they take effect.
|
|
1479
|
-
* The possible values are:
|
|
1480
|
-
* - PENDING: The endpoint has been created and pending approval.
|
|
1481
|
-
* - ESTABLISHED: The endpoint has been approved and is ready to use in your serverless compute resources.
|
|
1482
|
-
* - REJECTED: Connection was rejected by the private link resource owner.
|
|
1483
|
-
* - DISCONNECTED: Connection was removed by the private link resource owner, the private endpoint becomes informative and should be deleted for clean-up.
|
|
1484
|
-
* - EXPIRED: If the endpoint was created but not approved in 14 days, it will be EXPIRED.
|
|
1485
|
-
* - CREATING: The endpoint creation is in progress. Once successfully created, the state will transition to PENDING.
|
|
1486
|
-
* - CREATE_FAILED: The endpoint creation failed. You can check the error_message field for more details.
|
|
1487
|
-
*/
|
|
1488
|
-
connectionState?:
|
|
1489
|
-
| NccPrivateEndpointRule_PrivateLinkConnectionState
|
|
1490
|
-
| undefined;
|
|
1491
|
-
/**
|
|
1492
|
-
* Only used by private endpoints to customer-managed private endpoint services.
|
|
1493
|
-
*
|
|
1494
|
-
* Domain names of target private link service.
|
|
1495
|
-
* When updating this field, the full list of target domain_names must be specified.
|
|
1496
|
-
*/
|
|
1497
|
-
domainNames?: string[] | undefined;
|
|
1498
|
-
/** Time in epoch milliseconds when this object was created. */
|
|
1499
|
-
creationTime?: bigint | undefined;
|
|
1500
|
-
/** Time in epoch milliseconds when this object was updated. */
|
|
1501
|
-
updatedTime?: bigint | undefined;
|
|
1502
|
-
/** Whether this private endpoint is deactivated. */
|
|
1503
|
-
deactivated?: boolean | undefined;
|
|
1504
|
-
/** Time in epoch milliseconds when this object was deactivated. */
|
|
1505
|
-
deactivatedAt?: bigint | undefined;
|
|
1506
|
-
errorMessage?: string | undefined;
|
|
1507
|
-
/** The Azure resource ID of the target resource. */
|
|
1508
|
-
resourceId?: string | undefined;
|
|
1509
|
-
/**
|
|
1510
|
-
* Not used by customer-managed private endpoint services.
|
|
1511
|
-
*
|
|
1512
|
-
* The sub-resource type (group ID) of the target resource.
|
|
1513
|
-
* Note that to connect to workspace root storage (root DBFS), you need two endpoints, one for blob and one for dfs.
|
|
1514
|
-
*/
|
|
1515
|
-
groupId?: string | undefined;
|
|
1516
|
-
/** The name of the Azure private endpoint resource. */
|
|
1517
|
-
endpointName?: string | undefined;
|
|
1518
|
-
/** <Databricks> account ID. You can find your account ID from the Accounts Console. */
|
|
1519
|
-
accountId?: string | undefined;
|
|
1520
|
-
/** The full target AWS endpoint service name that connects to the destination resources of the private endpoint. */
|
|
1521
|
-
endpointService?: string | undefined;
|
|
1522
|
-
/**
|
|
1523
|
-
* Only used by private endpoints towards AWS S3 service.
|
|
1524
|
-
*
|
|
1525
|
-
* The globally unique S3 bucket names that will be accessed via the VPC endpoint.
|
|
1526
|
-
* The bucket names must be in the same region as the NCC/endpoint service.
|
|
1527
|
-
* When updating this field, we perform full update on this field. Please ensure a full list of desired
|
|
1528
|
-
* resource_names is provided.
|
|
1529
|
-
*/
|
|
1530
|
-
resourceNames?: string[] | undefined;
|
|
1531
|
-
/** The AWS VPC endpoint ID. You can use this ID to identify the VPC endpoint created by <Databricks>. */
|
|
1532
|
-
vpcEndpointId?: string | undefined;
|
|
1533
|
-
/**
|
|
1534
|
-
* Update this field to activate/deactivate this private endpoint to allow egress access from
|
|
1535
|
-
* serverless compute resources. Only honored for first-party services on each cloud (e.g. AWS S3).
|
|
1536
|
-
*/
|
|
1537
|
-
enabled?: boolean | undefined;
|
|
1538
|
-
endpoint?: {$case: 'gcpEndpoint'; gcpEndpoint: GcpEndpoint} | undefined;
|
|
1539
|
-
}
|
|
1540
|
-
|
|
1541
|
-
export interface Network {
|
|
1542
|
-
/** The <Databricks> network configuration ID. */
|
|
1543
|
-
networkId?: string | undefined;
|
|
1544
|
-
/** The <Databricks> account ID associated with this network configuration. */
|
|
1545
|
-
accountId?: string | undefined;
|
|
1546
|
-
/** Workspace ID associated with this network configuration. */
|
|
1547
|
-
workspaceId?: bigint | undefined;
|
|
1548
|
-
/** The ID of the VPC associated with this network configuration. VPC IDs can be used in multiple networks. */
|
|
1549
|
-
vpcId?: string | undefined;
|
|
1550
|
-
/** IDs of at least two subnets associated with this network. Subnet IDs **cannot** be used in multiple network configurations. */
|
|
1551
|
-
subnetIds?: string[] | undefined;
|
|
1552
|
-
/** IDs of one to five security groups associated with this network. Security group IDs **cannot** be used in multiple network configurations. */
|
|
1553
|
-
securityGroupIds?: string[] | undefined;
|
|
1554
|
-
vpcStatus?: VpcStatus | undefined;
|
|
1555
|
-
/** Array of error messages about the network configuration. */
|
|
1556
|
-
errorMessages?: NetworkHealth[] | undefined;
|
|
1557
|
-
/** The human-readable name of the network configuration. */
|
|
1558
|
-
networkName?: string | undefined;
|
|
1559
|
-
/** Time in epoch milliseconds when the network was created. */
|
|
1560
|
-
creationTime?: bigint | undefined;
|
|
1561
|
-
/** Array of warning messages about the network configuration. */
|
|
1562
|
-
warningMessages?: NetworkWarning[] | undefined;
|
|
1563
|
-
vpcEndpoints?: NetworkVpcEndpoints | undefined;
|
|
1564
|
-
networkInfo?:
|
|
1565
|
-
| {$case: 'gcpNetworkInfo'; gcpNetworkInfo: GcpNetworkInfo}
|
|
1566
|
-
| undefined;
|
|
1567
|
-
}
|
|
1568
|
-
|
|
1569
|
-
/**
|
|
1570
|
-
* Egress network configurations. Provides network configurations for Databricks -> Customer
|
|
1571
|
-
* traffic.
|
|
1572
|
-
*/
|
|
1573
|
-
// eslint-disable-next-line @typescript-eslint/no-empty-object-type
|
|
1574
|
-
export interface NetworkConnectivityConfigEgressConfig {}
|
|
1575
|
-
|
|
1576
|
-
/** Default rules don't have specific targets. */
|
|
1577
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
1578
|
-
export interface NetworkConnectivityConfigEgressConfig_DefaultRule {
|
|
1579
|
-
azureServiceEndpointRule?:
|
|
1580
|
-
| NetworkConnectivityConfigEgressConfig_DefaultRule_AzureServiceEndpointRule
|
|
1581
|
-
| undefined;
|
|
1582
|
-
awsStableIpRule?:
|
|
1583
|
-
| NetworkConnectivityConfigEgressConfig_DefaultRule_AwsStableIpRule
|
|
1584
|
-
| undefined;
|
|
1585
|
-
}
|
|
1586
|
-
|
|
1587
|
-
/** The stable AWS IP CIDR blocks. You can use these to configure the firewall of your resources to allow traffic from your <Databricks> workspace. */
|
|
1588
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
1589
|
-
export interface NetworkConnectivityConfigEgressConfig_DefaultRule_AwsStableIpRule {
|
|
1590
|
-
/** The list of stable IP CIDR blocks from which <Databricks> network traffic originates when accessing your resources. */
|
|
1591
|
-
cidrBlocks?: string[] | undefined;
|
|
1592
|
-
}
|
|
1593
|
-
|
|
1594
|
-
/**
|
|
1595
|
-
* The stable Azure service endpoints. You can configure the firewall of your Azure resources
|
|
1596
|
-
* to allow traffic from your <Databricks> serverless compute resources.
|
|
1597
|
-
*/
|
|
1598
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
1599
|
-
export interface NetworkConnectivityConfigEgressConfig_DefaultRule_AzureServiceEndpointRule {
|
|
1600
|
-
/** The Azure region in which this service endpoint rule applies.. */
|
|
1601
|
-
targetRegion?: string | undefined;
|
|
1602
|
-
/** The Azure services to which this service endpoint rule applies to. */
|
|
1603
|
-
targetServices?: EgressResourceType[] | undefined;
|
|
1604
|
-
/** The list of subnets from which <Databricks> network traffic originates when accessing your Azure resources. */
|
|
1605
|
-
subnets?: string[] | undefined;
|
|
1606
|
-
}
|
|
1607
|
-
|
|
1608
|
-
export interface NetworkHealth {
|
|
1609
|
-
errorType?: string | undefined;
|
|
1610
|
-
/** Details of the error. */
|
|
1611
|
-
errorMessage?: string | undefined;
|
|
1612
|
-
}
|
|
1613
|
-
|
|
1614
|
-
export interface NetworkVpcEndpoints {
|
|
1615
|
-
/** The VPC endpoint ID used by this network to access the Databricks REST API. */
|
|
1616
|
-
restApi?: string[] | undefined;
|
|
1617
|
-
/** The VPC endpoint ID used by this network to access the <Databricks> secure cluster connectivity relay. */
|
|
1618
|
-
dataplaneRelay?: string[] | undefined;
|
|
1619
|
-
}
|
|
1620
|
-
|
|
1621
|
-
export interface NetworkWarning {
|
|
1622
|
-
warningType?: string | undefined;
|
|
1623
|
-
/** Details of the warning. */
|
|
1624
|
-
warningMessage?: string | undefined;
|
|
1625
|
-
}
|
|
1626
|
-
|
|
1627
|
-
/** Details required to replace an IP access list. */
|
|
1628
|
-
export interface ReplaceAccountIpAccessListRequest {
|
|
1629
|
-
accountId?: string | undefined;
|
|
1630
|
-
/** The ID for the corresponding IP access list */
|
|
1631
|
-
listId?: string | undefined;
|
|
1632
|
-
/** Label for the IP access list. This **cannot** be empty. */
|
|
1633
|
-
label?: string | undefined;
|
|
1634
|
-
listType?: AccountIpAccessListType_IpAccessListType | undefined;
|
|
1635
|
-
ipAddresses?: string[] | undefined;
|
|
1636
|
-
/** Specifies whether this IP access list is enabled. */
|
|
1637
|
-
enabled?: boolean | undefined;
|
|
1638
|
-
}
|
|
1639
|
-
|
|
1640
|
-
/** The IP access list was successfully replaced. */
|
|
1641
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
1642
|
-
export interface ReplaceAccountIpAccessListRequest_Response {
|
|
1643
|
-
ipAccessList?: AccountIpAccessList | undefined;
|
|
1644
|
-
}
|
|
1645
|
-
|
|
1646
|
-
/** Details required to replace an IP access list. */
|
|
1647
|
-
export interface ReplaceIpAccessList {
|
|
1648
|
-
/** The ID for the corresponding IP access list */
|
|
1649
|
-
listId?: string | undefined;
|
|
1650
|
-
/** Label for the IP access list. This **cannot** be empty. */
|
|
1651
|
-
label?: string | undefined;
|
|
1652
|
-
listType?: IpAccessListType | undefined;
|
|
1653
|
-
ipAddresses?: string[] | undefined;
|
|
1654
|
-
/** Specifies whether this IP access list is enabled. */
|
|
1655
|
-
enabled?: boolean | undefined;
|
|
1656
|
-
}
|
|
1657
|
-
|
|
1658
|
-
/** The IP access list was successfully replaced. */
|
|
1659
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
1660
|
-
export interface ReplaceIpAccessList_Response {
|
|
1661
|
-
ipAccessList?: IpAccessList | undefined;
|
|
1662
|
-
}
|
|
1663
|
-
|
|
1664
|
-
/** Details required to update an IP access list. */
|
|
1665
|
-
export interface UpdateAccountIpAccessListRequest {
|
|
1666
|
-
accountId?: string | undefined;
|
|
1667
|
-
/** The ID for the corresponding IP access list */
|
|
1668
|
-
listId?: string | undefined;
|
|
1669
|
-
/** Label for the IP access list. This **cannot** be empty. */
|
|
1670
|
-
label?: string | undefined;
|
|
1671
|
-
listType?: AccountIpAccessListType_IpAccessListType | undefined;
|
|
1672
|
-
ipAddresses?: string[] | undefined;
|
|
1673
|
-
/** Specifies whether this IP access list is enabled. */
|
|
1674
|
-
enabled?: boolean | undefined;
|
|
1675
|
-
}
|
|
1676
|
-
|
|
1677
|
-
/** The IP access list was successfully updated. */
|
|
1678
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
1679
|
-
export interface UpdateAccountIpAccessListRequest_Response {
|
|
1680
|
-
ipAccessList?: AccountIpAccessList | undefined;
|
|
1681
|
-
}
|
|
1682
|
-
|
|
1683
|
-
/** Details required to update an IP access list. */
|
|
1684
|
-
export interface UpdateIpAccessList {
|
|
1685
|
-
/** The ID for the corresponding IP access list */
|
|
1686
|
-
listId?: string | undefined;
|
|
1687
|
-
/** Label for the IP access list. This **cannot** be empty. */
|
|
1688
|
-
label?: string | undefined;
|
|
1689
|
-
listType?: IpAccessListType | undefined;
|
|
1690
|
-
ipAddresses?: string[] | undefined;
|
|
1691
|
-
/** Specifies whether this IP access list is enabled. */
|
|
1692
|
-
enabled?: boolean | undefined;
|
|
1693
|
-
}
|
|
1694
|
-
|
|
1695
|
-
/** The IP access list was successfully updated. */
|
|
1696
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
1697
|
-
export interface UpdateIpAccessList_Response {
|
|
1698
|
-
ipAccessList?: IpAccessList | undefined;
|
|
1699
|
-
}
|
|
1700
|
-
|
|
1701
|
-
/** Your Network Connectivity Configuration ID. */
|
|
1702
|
-
export interface UpdateNccPrivateEndpointRuleRequest {
|
|
1703
|
-
/** The ID of a network connectivity configuration, which is the parent resource of this private endpoint rule object. */
|
|
1704
|
-
networkConnectivityConfigId?: string | undefined;
|
|
1705
|
-
/** Your <Databricks> account ID. You can find your account ID in your <Databricks> accounts console. */
|
|
1706
|
-
accountId?: string | undefined;
|
|
1707
|
-
/** Your private endpoint rule ID. */
|
|
1708
|
-
privateEndpointRuleId?: string | undefined;
|
|
1709
|
-
privateEndpointRule?: UpdatePrivateEndpointRule | undefined;
|
|
1710
|
-
updateMask?: FieldMask<UpdatePrivateEndpointRule> | undefined;
|
|
1711
|
-
}
|
|
1712
|
-
|
|
1713
|
-
export interface UpdateNetworkPolicyRequest {
|
|
1714
|
-
/** The unique identifier for the network policy. */
|
|
1715
|
-
networkPolicyId?: string | undefined;
|
|
1716
|
-
/** Your <Databricks> account ID. You can find your account ID in your <Databricks> accounts console. */
|
|
1717
|
-
accountId?: string | undefined;
|
|
1718
|
-
/** Updated network policy configuration details. */
|
|
1719
|
-
networkPolicy?: AccountNetworkPolicy | undefined;
|
|
1720
|
-
}
|
|
1721
|
-
|
|
1722
|
-
export interface UpdatePrivateAccessSettingsRequest {
|
|
1723
|
-
/** Properties of the new private access settings object. */
|
|
1724
|
-
customerFacingPrivateAccessSettings?:
|
|
1725
|
-
| CustomerFacingPrivateAccessSettings
|
|
1726
|
-
| undefined;
|
|
1727
|
-
}
|
|
1728
|
-
|
|
1729
|
-
/**
|
|
1730
|
-
* Properties of the new private endpoint rule.
|
|
1731
|
-
* Note that you must approve the endpoint in Azure portal after initialization.
|
|
1732
|
-
*/
|
|
1733
|
-
export interface UpdatePrivateEndpointRule {
|
|
1734
|
-
/** The ID of a private endpoint rule. */
|
|
1735
|
-
ruleId?: string | undefined;
|
|
1736
|
-
/** The ID of a network connectivity configuration, which is the parent resource of this private endpoint rule object. */
|
|
1737
|
-
networkConnectivityConfigId?: string | undefined;
|
|
1738
|
-
/**
|
|
1739
|
-
* The current status of this private endpoint. The private endpoint rules are effective only if the connection state
|
|
1740
|
-
* is ESTABLISHED. Remember that you must approve new endpoints on your resources in the Cloud console
|
|
1741
|
-
* before they take effect.
|
|
1742
|
-
* The possible values are:
|
|
1743
|
-
* - PENDING: The endpoint has been created and pending approval.
|
|
1744
|
-
* - ESTABLISHED: The endpoint has been approved and is ready to use in your serverless compute resources.
|
|
1745
|
-
* - REJECTED: Connection was rejected by the private link resource owner.
|
|
1746
|
-
* - DISCONNECTED: Connection was removed by the private link resource owner, the private endpoint becomes informative and should be deleted for clean-up.
|
|
1747
|
-
* - EXPIRED: If the endpoint was created but not approved in 14 days, it will be EXPIRED.
|
|
1748
|
-
* - CREATING: The endpoint creation is in progress. Once successfully created, the state will transition to PENDING.
|
|
1749
|
-
* - CREATE_FAILED: The endpoint creation failed. You can check the error_message field for more details.
|
|
1750
|
-
*/
|
|
1751
|
-
connectionState?:
|
|
1752
|
-
| NccPrivateEndpointRule_PrivateLinkConnectionState
|
|
1753
|
-
| undefined;
|
|
1754
|
-
/**
|
|
1755
|
-
* Only used by private endpoints to customer-managed private endpoint services.
|
|
1756
|
-
*
|
|
1757
|
-
* Domain names of target private link service.
|
|
1758
|
-
* When updating this field, the full list of target domain_names must be specified.
|
|
1759
|
-
*/
|
|
1760
|
-
domainNames?: string[] | undefined;
|
|
1761
|
-
/** Time in epoch milliseconds when this object was created. */
|
|
1762
|
-
creationTime?: bigint | undefined;
|
|
1763
|
-
/** Time in epoch milliseconds when this object was updated. */
|
|
1764
|
-
updatedTime?: bigint | undefined;
|
|
1765
|
-
/** Whether this private endpoint is deactivated. */
|
|
1766
|
-
deactivated?: boolean | undefined;
|
|
1767
|
-
/** Time in epoch milliseconds when this object was deactivated. */
|
|
1768
|
-
deactivatedAt?: bigint | undefined;
|
|
1769
|
-
errorMessage?: string | undefined;
|
|
1770
|
-
/** The Azure resource ID of the target resource. */
|
|
1771
|
-
resourceId?: string | undefined;
|
|
1772
|
-
/**
|
|
1773
|
-
* Not used by customer-managed private endpoint services.
|
|
1774
|
-
*
|
|
1775
|
-
* The sub-resource type (group ID) of the target resource.
|
|
1776
|
-
* Note that to connect to workspace root storage (root DBFS), you need two endpoints, one for blob and one for dfs.
|
|
1777
|
-
*/
|
|
1778
|
-
groupId?: string | undefined;
|
|
1779
|
-
/** The name of the Azure private endpoint resource. */
|
|
1780
|
-
endpointName?: string | undefined;
|
|
1781
|
-
/** <Databricks> account ID. You can find your account ID from the Accounts Console. */
|
|
1782
|
-
accountId?: string | undefined;
|
|
1783
|
-
/** The full target AWS endpoint service name that connects to the destination resources of the private endpoint. */
|
|
1784
|
-
endpointService?: string | undefined;
|
|
1785
|
-
/**
|
|
1786
|
-
* Only used by private endpoints towards AWS S3 service.
|
|
1787
|
-
*
|
|
1788
|
-
* The globally unique S3 bucket names that will be accessed via the VPC endpoint.
|
|
1789
|
-
* The bucket names must be in the same region as the NCC/endpoint service.
|
|
1790
|
-
* When updating this field, we perform full update on this field. Please ensure a full list of desired
|
|
1791
|
-
* resource_names is provided.
|
|
1792
|
-
*/
|
|
1793
|
-
resourceNames?: string[] | undefined;
|
|
1794
|
-
/** The AWS VPC endpoint ID. You can use this ID to identify the VPC endpoint created by <Databricks>. */
|
|
1795
|
-
vpcEndpointId?: string | undefined;
|
|
1796
|
-
/**
|
|
1797
|
-
* Update this field to activate/deactivate this private endpoint to allow egress access from
|
|
1798
|
-
* serverless compute resources. Only honored for first-party services on each cloud (e.g. AWS S3).
|
|
1799
|
-
*/
|
|
1800
|
-
enabled?: boolean | undefined;
|
|
1801
|
-
endpoint?: {$case: 'gcpEndpoint'; gcpEndpoint: GcpEndpoint} | undefined;
|
|
1802
|
-
}
|
|
1803
|
-
|
|
1804
|
-
export interface UpdateWorkspaceNetworkOptionRequest {
|
|
1805
|
-
/** Your <Databricks> account ID. You can find your account ID in your <Databricks> accounts console. */
|
|
1806
|
-
accountId?: string | undefined;
|
|
1807
|
-
/** The workspace ID. */
|
|
1808
|
-
workspaceId?: bigint | undefined;
|
|
1809
|
-
/** The network option details for the workspace. */
|
|
1810
|
-
workspaceNetworkOption?: WorkspaceNetworkOption | undefined;
|
|
1811
|
-
}
|
|
1812
|
-
|
|
1813
|
-
export interface WorkspaceNetworkOption {
|
|
1814
|
-
/**
|
|
1815
|
-
* The network policy ID to apply to the workspace. This controls the network access rules
|
|
1816
|
-
* for all serverless compute resources in the workspace. Each workspace can only be
|
|
1817
|
-
* linked to one policy at a time. If no policy is explicitly assigned,
|
|
1818
|
-
* the workspace will use 'default-policy'.
|
|
1819
|
-
*/
|
|
1820
|
-
networkPolicyId?: string | undefined;
|
|
1821
|
-
/** The workspace ID. */
|
|
1822
|
-
workspaceId?: bigint | undefined;
|
|
1823
|
-
}
|
|
1824
|
-
|
|
1825
|
-
export const unmarshalAccountIpAccessListSchema: z.ZodType<AccountIpAccessList> =
|
|
1826
|
-
z
|
|
1827
|
-
.object({
|
|
1828
|
-
list_id: z.string().optional(),
|
|
1829
|
-
label: z.string().optional(),
|
|
1830
|
-
ip_addresses: z.array(z.string()).optional(),
|
|
1831
|
-
address_count: z.number().optional(),
|
|
1832
|
-
list_type: z.enum(AccountIpAccessListType_IpAccessListType).optional(),
|
|
1833
|
-
created_at: z
|
|
1834
|
-
.union([z.number(), z.bigint()])
|
|
1835
|
-
.transform(v => BigInt(v))
|
|
1836
|
-
.optional(),
|
|
1837
|
-
created_by: z
|
|
1838
|
-
.union([z.number(), z.bigint()])
|
|
1839
|
-
.transform(v => BigInt(v))
|
|
1840
|
-
.optional(),
|
|
1841
|
-
updated_at: z
|
|
1842
|
-
.union([z.number(), z.bigint()])
|
|
1843
|
-
.transform(v => BigInt(v))
|
|
1844
|
-
.optional(),
|
|
1845
|
-
updated_by: z
|
|
1846
|
-
.union([z.number(), z.bigint()])
|
|
1847
|
-
.transform(v => BigInt(v))
|
|
1848
|
-
.optional(),
|
|
1849
|
-
enabled: z.boolean().optional(),
|
|
1850
|
-
})
|
|
1851
|
-
.transform(d => ({
|
|
1852
|
-
listId: d.list_id,
|
|
1853
|
-
label: d.label,
|
|
1854
|
-
ipAddresses: d.ip_addresses,
|
|
1855
|
-
addressCount: d.address_count,
|
|
1856
|
-
listType: d.list_type,
|
|
1857
|
-
createdAt: d.created_at,
|
|
1858
|
-
createdBy: d.created_by,
|
|
1859
|
-
updatedAt: d.updated_at,
|
|
1860
|
-
updatedBy: d.updated_by,
|
|
1861
|
-
enabled: d.enabled,
|
|
1862
|
-
}));
|
|
1863
|
-
|
|
1864
|
-
export const unmarshalAccountNetworkPolicySchema: z.ZodType<AccountNetworkPolicy> =
|
|
1865
|
-
z
|
|
1866
|
-
.object({
|
|
1867
|
-
network_policy_id: z.string().optional(),
|
|
1868
|
-
account_id: z.string().optional(),
|
|
1869
|
-
egress: z.lazy(() => unmarshalEgressNetworkPolicySchema).optional(),
|
|
1870
|
-
ingress: z
|
|
1871
|
-
.lazy(() => unmarshalCustomerFacingIngressNetworkPolicySchema)
|
|
1872
|
-
.optional(),
|
|
1873
|
-
ingress_dry_run: z
|
|
1874
|
-
.lazy(() => unmarshalCustomerFacingIngressNetworkPolicySchema)
|
|
1875
|
-
.optional(),
|
|
1876
|
-
})
|
|
1877
|
-
.transform(d => ({
|
|
1878
|
-
networkPolicyId: d.network_policy_id,
|
|
1879
|
-
accountId: d.account_id,
|
|
1880
|
-
egress: d.egress,
|
|
1881
|
-
ingress: d.ingress,
|
|
1882
|
-
ingressDryRun: d.ingress_dry_run,
|
|
1883
|
-
}));
|
|
1884
|
-
|
|
1885
|
-
export const unmarshalAzurePrivateEndpointInfoSchema: z.ZodType<AzurePrivateEndpointInfo> =
|
|
1886
|
-
z
|
|
1887
|
-
.object({
|
|
1888
|
-
private_endpoint_name: z.string().optional(),
|
|
1889
|
-
private_endpoint_resource_guid: z.string().optional(),
|
|
1890
|
-
private_endpoint_resource_id: z.string().optional(),
|
|
1891
|
-
private_link_service_id: z.string().optional(),
|
|
1892
|
-
})
|
|
1893
|
-
.transform(d => ({
|
|
1894
|
-
privateEndpointName: d.private_endpoint_name,
|
|
1895
|
-
privateEndpointResourceGuid: d.private_endpoint_resource_guid,
|
|
1896
|
-
privateEndpointResourceId: d.private_endpoint_resource_id,
|
|
1897
|
-
privateLinkServiceId: d.private_link_service_id,
|
|
1898
|
-
}));
|
|
1899
|
-
|
|
1900
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
1901
|
-
export const unmarshalCreateAccountIpAccessListRequest_ResponseSchema: z.ZodType<CreateAccountIpAccessListRequest_Response> =
|
|
1902
|
-
z
|
|
1903
|
-
.object({
|
|
1904
|
-
ip_access_list: z
|
|
1905
|
-
.lazy(() => unmarshalAccountIpAccessListSchema)
|
|
1906
|
-
.optional(),
|
|
1907
|
-
})
|
|
1908
|
-
.transform(d => ({
|
|
1909
|
-
ipAccessList: d.ip_access_list,
|
|
1910
|
-
}));
|
|
1911
|
-
|
|
1912
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
1913
|
-
export const unmarshalCreateIpAccessList_ResponseSchema: z.ZodType<CreateIpAccessList_Response> =
|
|
1914
|
-
z
|
|
1915
|
-
.object({
|
|
1916
|
-
ip_access_list: z.lazy(() => unmarshalIpAccessListSchema).optional(),
|
|
1917
|
-
})
|
|
1918
|
-
.transform(d => ({
|
|
1919
|
-
ipAccessList: d.ip_access_list,
|
|
1920
|
-
}));
|
|
1921
|
-
|
|
1922
|
-
export const unmarshalCustomerFacingGcpVpcEndpointInfoSchema: z.ZodType<CustomerFacingGcpVpcEndpointInfo> =
|
|
1923
|
-
z
|
|
1924
|
-
.object({
|
|
1925
|
-
psc_connection_id: z.string().optional(),
|
|
1926
|
-
project_id: z.string().optional(),
|
|
1927
|
-
psc_endpoint_name: z.string().optional(),
|
|
1928
|
-
endpoint_region: z.string().optional(),
|
|
1929
|
-
service_attachment_id: z.string().optional(),
|
|
1930
|
-
})
|
|
1931
|
-
.transform(d => ({
|
|
1932
|
-
pscConnectionId: d.psc_connection_id,
|
|
1933
|
-
projectId: d.project_id,
|
|
1934
|
-
pscEndpointName: d.psc_endpoint_name,
|
|
1935
|
-
endpointRegion: d.endpoint_region,
|
|
1936
|
-
serviceAttachmentId: d.service_attachment_id,
|
|
1937
|
-
}));
|
|
1938
|
-
|
|
1939
|
-
export const unmarshalCustomerFacingIngressNetworkPolicySchema: z.ZodType<CustomerFacingIngressNetworkPolicy> =
|
|
1940
|
-
z
|
|
1941
|
-
.object({
|
|
1942
|
-
public_access: z
|
|
1943
|
-
.lazy(
|
|
1944
|
-
() => unmarshalCustomerFacingIngressNetworkPolicy_PublicAccessSchema
|
|
1945
|
-
)
|
|
1946
|
-
.optional(),
|
|
1947
|
-
private_access: z
|
|
1948
|
-
.lazy(
|
|
1949
|
-
() => unmarshalCustomerFacingIngressNetworkPolicy_PrivateAccessSchema
|
|
1950
|
-
)
|
|
1951
|
-
.optional(),
|
|
1952
|
-
cross_workspace_access: z
|
|
1953
|
-
.lazy(
|
|
1954
|
-
() =>
|
|
1955
|
-
unmarshalCustomerFacingIngressNetworkPolicy_CrossWorkspaceAccessSchema
|
|
1956
|
-
)
|
|
1957
|
-
.optional(),
|
|
1958
|
-
})
|
|
1959
|
-
.transform(d => ({
|
|
1960
|
-
publicAccess: d.public_access,
|
|
1961
|
-
privateAccess: d.private_access,
|
|
1962
|
-
crossWorkspaceAccess: d.cross_workspace_access,
|
|
1963
|
-
}));
|
|
1964
|
-
|
|
1965
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
1966
|
-
export const unmarshalCustomerFacingIngressNetworkPolicy_AccountApiDestinationSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_AccountApiDestination> =
|
|
1967
|
-
z
|
|
1968
|
-
.object({
|
|
1969
|
-
scopes: z.array(z.string()).optional(),
|
|
1970
|
-
scope_qualifier: z
|
|
1971
|
-
.enum(CustomerFacingIngressNetworkPolicy_ApiScopeQualifier)
|
|
1972
|
-
.optional(),
|
|
1973
|
-
})
|
|
1974
|
-
.transform(d => ({
|
|
1975
|
-
scopes: d.scopes,
|
|
1976
|
-
scopeQualifier: d.scope_qualifier,
|
|
1977
|
-
}));
|
|
1978
|
-
|
|
1979
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
1980
|
-
export const unmarshalCustomerFacingIngressNetworkPolicy_AccountDatabricksOneDestinationSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_AccountDatabricksOneDestination> =
|
|
1981
|
-
z
|
|
1982
|
-
.object({
|
|
1983
|
-
all_destinations: z.boolean().optional(),
|
|
1984
|
-
})
|
|
1985
|
-
.transform(d => ({
|
|
1986
|
-
allDestinations: d.all_destinations,
|
|
1987
|
-
}));
|
|
1988
|
-
|
|
1989
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
1990
|
-
export const unmarshalCustomerFacingIngressNetworkPolicy_AccountUiDestinationSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_AccountUiDestination> =
|
|
1991
|
-
z
|
|
1992
|
-
.object({
|
|
1993
|
-
all_destinations: z.boolean().optional(),
|
|
1994
|
-
})
|
|
1995
|
-
.transform(d => ({
|
|
1996
|
-
allDestinations: d.all_destinations,
|
|
1997
|
-
}));
|
|
1998
|
-
|
|
1999
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
2000
|
-
export const unmarshalCustomerFacingIngressNetworkPolicy_AppsRuntimeDestinationSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_AppsRuntimeDestination> =
|
|
2001
|
-
z
|
|
2002
|
-
.object({
|
|
2003
|
-
all_destinations: z.boolean().optional(),
|
|
2004
|
-
})
|
|
2005
|
-
.transform(d => ({
|
|
2006
|
-
allDestinations: d.all_destinations,
|
|
2007
|
-
}));
|
|
2008
|
-
|
|
2009
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
2010
|
-
export const unmarshalCustomerFacingIngressNetworkPolicy_AuthenticationSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_Authentication> =
|
|
2011
|
-
z
|
|
2012
|
-
.object({
|
|
2013
|
-
identity_type: z
|
|
2014
|
-
.enum(CustomerFacingIngressNetworkPolicy_Authentication_IdentityType)
|
|
2015
|
-
.optional(),
|
|
2016
|
-
identities: z
|
|
2017
|
-
.array(
|
|
2018
|
-
z.lazy(
|
|
2019
|
-
() =>
|
|
2020
|
-
unmarshalCustomerFacingIngressNetworkPolicy_AuthenticationIdentitySchema
|
|
2021
|
-
)
|
|
2022
|
-
)
|
|
2023
|
-
.optional(),
|
|
2024
|
-
})
|
|
2025
|
-
.transform(d => ({
|
|
2026
|
-
identityType: d.identity_type,
|
|
2027
|
-
identities: d.identities,
|
|
2028
|
-
}));
|
|
2029
|
-
|
|
2030
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
2031
|
-
export const unmarshalCustomerFacingIngressNetworkPolicy_AuthenticationIdentitySchema: z.ZodType<CustomerFacingIngressNetworkPolicy_AuthenticationIdentity> =
|
|
2032
|
-
z
|
|
2033
|
-
.object({
|
|
2034
|
-
principal_type: z
|
|
2035
|
-
.enum(
|
|
2036
|
-
CustomerFacingIngressNetworkPolicy_AuthenticationIdentity_PrincipalType
|
|
2037
|
-
)
|
|
2038
|
-
.optional(),
|
|
2039
|
-
principal_id: z
|
|
2040
|
-
.union([z.number(), z.bigint()])
|
|
2041
|
-
.transform(v => BigInt(v))
|
|
2042
|
-
.optional(),
|
|
2043
|
-
})
|
|
2044
|
-
.transform(d => ({
|
|
2045
|
-
principalType: d.principal_type,
|
|
2046
|
-
principalId: d.principal_id,
|
|
2047
|
-
}));
|
|
2048
|
-
|
|
2049
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
2050
|
-
export const unmarshalCustomerFacingIngressNetworkPolicy_CrossWorkspaceAccessSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_CrossWorkspaceAccess> =
|
|
2051
|
-
z
|
|
2052
|
-
.object({
|
|
2053
|
-
restriction_mode: z
|
|
2054
|
-
.enum(
|
|
2055
|
-
CustomerFacingIngressNetworkPolicy_CrossWorkspaceAccess_RestrictionMode
|
|
2056
|
-
)
|
|
2057
|
-
.optional(),
|
|
2058
|
-
deny_rules: z
|
|
2059
|
-
.array(
|
|
2060
|
-
z.lazy(
|
|
2061
|
-
() =>
|
|
2062
|
-
unmarshalCustomerFacingIngressNetworkPolicy_CrossWorkspaceIngressRuleSchema
|
|
2063
|
-
)
|
|
2064
|
-
)
|
|
2065
|
-
.optional(),
|
|
2066
|
-
allow_rules: z
|
|
2067
|
-
.array(
|
|
2068
|
-
z.lazy(
|
|
2069
|
-
() =>
|
|
2070
|
-
unmarshalCustomerFacingIngressNetworkPolicy_CrossWorkspaceIngressRuleSchema
|
|
2071
|
-
)
|
|
2072
|
-
)
|
|
2073
|
-
.optional(),
|
|
2074
|
-
})
|
|
2075
|
-
.transform(d => ({
|
|
2076
|
-
restrictionMode: d.restriction_mode,
|
|
2077
|
-
denyRules: d.deny_rules,
|
|
2078
|
-
allowRules: d.allow_rules,
|
|
2079
|
-
}));
|
|
2080
|
-
|
|
2081
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
2082
|
-
export const unmarshalCustomerFacingIngressNetworkPolicy_CrossWorkspaceIngressRuleSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_CrossWorkspaceIngressRule> =
|
|
2083
|
-
z
|
|
2084
|
-
.object({
|
|
2085
|
-
origin: z
|
|
2086
|
-
.lazy(
|
|
2087
|
-
() =>
|
|
2088
|
-
unmarshalCustomerFacingIngressNetworkPolicy_CrossWorkspaceRequestOriginSchema
|
|
2089
|
-
)
|
|
2090
|
-
.optional(),
|
|
2091
|
-
destination: z
|
|
2092
|
-
.lazy(
|
|
2093
|
-
() =>
|
|
2094
|
-
unmarshalCustomerFacingIngressNetworkPolicy_RequestDestinationSchema
|
|
2095
|
-
)
|
|
2096
|
-
.optional(),
|
|
2097
|
-
authentication: z
|
|
2098
|
-
.lazy(
|
|
2099
|
-
() => unmarshalCustomerFacingIngressNetworkPolicy_AuthenticationSchema
|
|
2100
|
-
)
|
|
2101
|
-
.optional(),
|
|
2102
|
-
label: z.string().optional(),
|
|
2103
|
-
})
|
|
2104
|
-
.transform(d => ({
|
|
2105
|
-
origin: d.origin,
|
|
2106
|
-
destination: d.destination,
|
|
2107
|
-
authentication: d.authentication,
|
|
2108
|
-
label: d.label,
|
|
2109
|
-
}));
|
|
2110
|
-
|
|
2111
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
2112
|
-
export const unmarshalCustomerFacingIngressNetworkPolicy_CrossWorkspaceRequestOriginSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_CrossWorkspaceRequestOrigin> =
|
|
2113
|
-
z
|
|
2114
|
-
.object({
|
|
2115
|
-
all_source_workspaces: z.boolean().optional(),
|
|
2116
|
-
selected_workspaces: z
|
|
2117
|
-
.lazy(
|
|
2118
|
-
() =>
|
|
2119
|
-
unmarshalCustomerFacingIngressNetworkPolicy_WorkspaceIdListSchema
|
|
2120
|
-
)
|
|
2121
|
-
.optional(),
|
|
2122
|
-
})
|
|
2123
|
-
.transform(d => ({
|
|
2124
|
-
source:
|
|
2125
|
-
d.all_source_workspaces !== undefined
|
|
2126
|
-
? {
|
|
2127
|
-
$case: 'allSourceWorkspaces' as const,
|
|
2128
|
-
allSourceWorkspaces: d.all_source_workspaces,
|
|
2129
|
-
}
|
|
2130
|
-
: d.selected_workspaces !== undefined
|
|
2131
|
-
? {
|
|
2132
|
-
$case: 'selectedWorkspaces' as const,
|
|
2133
|
-
selectedWorkspaces: d.selected_workspaces,
|
|
2134
|
-
}
|
|
2135
|
-
: undefined,
|
|
2136
|
-
}));
|
|
2137
|
-
|
|
2138
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
2139
|
-
export const unmarshalCustomerFacingIngressNetworkPolicy_EndpointsSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_Endpoints> =
|
|
2140
|
-
z
|
|
2141
|
-
.object({
|
|
2142
|
-
endpoint_ids: z.array(z.string()).optional(),
|
|
2143
|
-
})
|
|
2144
|
-
.transform(d => ({
|
|
2145
|
-
endpointIds: d.endpoint_ids,
|
|
2146
|
-
}));
|
|
2147
|
-
|
|
2148
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
2149
|
-
export const unmarshalCustomerFacingIngressNetworkPolicy_IpRangesSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_IpRanges> =
|
|
2150
|
-
z
|
|
2151
|
-
.object({
|
|
2152
|
-
ip_ranges: z.array(z.string()).optional(),
|
|
2153
|
-
})
|
|
2154
|
-
.transform(d => ({
|
|
2155
|
-
ipRanges: d.ip_ranges,
|
|
2156
|
-
}));
|
|
2157
|
-
|
|
2158
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
2159
|
-
export const unmarshalCustomerFacingIngressNetworkPolicy_LakebaseRuntimeDestinationSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_LakebaseRuntimeDestination> =
|
|
2160
|
-
z
|
|
2161
|
-
.object({
|
|
2162
|
-
all_destinations: z.boolean().optional(),
|
|
2163
|
-
})
|
|
2164
|
-
.transform(d => ({
|
|
2165
|
-
allDestinations: d.all_destinations,
|
|
2166
|
-
}));
|
|
2167
|
-
|
|
2168
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
2169
|
-
export const unmarshalCustomerFacingIngressNetworkPolicy_PrivateAccessSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_PrivateAccess> =
|
|
2170
|
-
z
|
|
2171
|
-
.object({
|
|
2172
|
-
restriction_mode: z
|
|
2173
|
-
.enum(CustomerFacingIngressNetworkPolicy_PrivateAccess_RestrictionMode)
|
|
2174
|
-
.optional(),
|
|
2175
|
-
deny_rules: z
|
|
2176
|
-
.array(
|
|
2177
|
-
z.lazy(
|
|
2178
|
-
() =>
|
|
2179
|
-
unmarshalCustomerFacingIngressNetworkPolicy_PrivateIngressRuleSchema
|
|
2180
|
-
)
|
|
2181
|
-
)
|
|
2182
|
-
.optional(),
|
|
2183
|
-
allow_rules: z
|
|
2184
|
-
.array(
|
|
2185
|
-
z.lazy(
|
|
2186
|
-
() =>
|
|
2187
|
-
unmarshalCustomerFacingIngressNetworkPolicy_PrivateIngressRuleSchema
|
|
2188
|
-
)
|
|
2189
|
-
)
|
|
2190
|
-
.optional(),
|
|
2191
|
-
})
|
|
2192
|
-
.transform(d => ({
|
|
2193
|
-
restrictionMode: d.restriction_mode,
|
|
2194
|
-
denyRules: d.deny_rules,
|
|
2195
|
-
allowRules: d.allow_rules,
|
|
2196
|
-
}));
|
|
2197
|
-
|
|
2198
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
2199
|
-
export const unmarshalCustomerFacingIngressNetworkPolicy_PrivateIngressRuleSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_PrivateIngressRule> =
|
|
2200
|
-
z
|
|
2201
|
-
.object({
|
|
2202
|
-
origin: z
|
|
2203
|
-
.lazy(
|
|
2204
|
-
() =>
|
|
2205
|
-
unmarshalCustomerFacingIngressNetworkPolicy_PrivateRequestOriginSchema
|
|
2206
|
-
)
|
|
2207
|
-
.optional(),
|
|
2208
|
-
destination: z
|
|
2209
|
-
.lazy(
|
|
2210
|
-
() =>
|
|
2211
|
-
unmarshalCustomerFacingIngressNetworkPolicy_RequestDestinationSchema
|
|
2212
|
-
)
|
|
2213
|
-
.optional(),
|
|
2214
|
-
authentication: z
|
|
2215
|
-
.lazy(
|
|
2216
|
-
() => unmarshalCustomerFacingIngressNetworkPolicy_AuthenticationSchema
|
|
2217
|
-
)
|
|
2218
|
-
.optional(),
|
|
2219
|
-
label: z.string().optional(),
|
|
2220
|
-
})
|
|
2221
|
-
.transform(d => ({
|
|
2222
|
-
origin: d.origin,
|
|
2223
|
-
destination: d.destination,
|
|
2224
|
-
authentication: d.authentication,
|
|
2225
|
-
label: d.label,
|
|
2226
|
-
}));
|
|
2227
|
-
|
|
2228
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
2229
|
-
export const unmarshalCustomerFacingIngressNetworkPolicy_PrivateRequestOriginSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_PrivateRequestOrigin> =
|
|
2230
|
-
z
|
|
2231
|
-
.object({
|
|
2232
|
-
endpoints: z
|
|
2233
|
-
.lazy(() => unmarshalCustomerFacingIngressNetworkPolicy_EndpointsSchema)
|
|
2234
|
-
.optional(),
|
|
2235
|
-
all_registered_endpoints: z.boolean().optional(),
|
|
2236
|
-
azure_workspace_private_link: z.boolean().optional(),
|
|
2237
|
-
all_private_access: z.boolean().optional(),
|
|
2238
|
-
})
|
|
2239
|
-
.transform(d => ({
|
|
2240
|
-
source:
|
|
2241
|
-
d.endpoints !== undefined
|
|
2242
|
-
? {$case: 'endpoints' as const, endpoints: d.endpoints}
|
|
2243
|
-
: d.all_registered_endpoints !== undefined
|
|
2244
|
-
? {
|
|
2245
|
-
$case: 'allRegisteredEndpoints' as const,
|
|
2246
|
-
allRegisteredEndpoints: d.all_registered_endpoints,
|
|
2247
|
-
}
|
|
2248
|
-
: d.azure_workspace_private_link !== undefined
|
|
2249
|
-
? {
|
|
2250
|
-
$case: 'azureWorkspacePrivateLink' as const,
|
|
2251
|
-
azureWorkspacePrivateLink: d.azure_workspace_private_link,
|
|
2252
|
-
}
|
|
2253
|
-
: d.all_private_access !== undefined
|
|
2254
|
-
? {
|
|
2255
|
-
$case: 'allPrivateAccess' as const,
|
|
2256
|
-
allPrivateAccess: d.all_private_access,
|
|
2257
|
-
}
|
|
2258
|
-
: undefined,
|
|
2259
|
-
}));
|
|
2260
|
-
|
|
2261
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
2262
|
-
export const unmarshalCustomerFacingIngressNetworkPolicy_PublicAccessSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_PublicAccess> =
|
|
2263
|
-
z
|
|
2264
|
-
.object({
|
|
2265
|
-
restriction_mode: z
|
|
2266
|
-
.enum(CustomerFacingIngressNetworkPolicy_PublicAccess_RestrictionMode)
|
|
2267
|
-
.optional(),
|
|
2268
|
-
deny_rules: z
|
|
2269
|
-
.array(
|
|
2270
|
-
z.lazy(
|
|
2271
|
-
() =>
|
|
2272
|
-
unmarshalCustomerFacingIngressNetworkPolicy_PublicIngressRuleSchema
|
|
2273
|
-
)
|
|
2274
|
-
)
|
|
2275
|
-
.optional(),
|
|
2276
|
-
allow_rules: z
|
|
2277
|
-
.array(
|
|
2278
|
-
z.lazy(
|
|
2279
|
-
() =>
|
|
2280
|
-
unmarshalCustomerFacingIngressNetworkPolicy_PublicIngressRuleSchema
|
|
2281
|
-
)
|
|
2282
|
-
)
|
|
2283
|
-
.optional(),
|
|
2284
|
-
})
|
|
2285
|
-
.transform(d => ({
|
|
2286
|
-
restrictionMode: d.restriction_mode,
|
|
2287
|
-
denyRules: d.deny_rules,
|
|
2288
|
-
allowRules: d.allow_rules,
|
|
2289
|
-
}));
|
|
2290
|
-
|
|
2291
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
2292
|
-
export const unmarshalCustomerFacingIngressNetworkPolicy_PublicIngressRuleSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_PublicIngressRule> =
|
|
2293
|
-
z
|
|
2294
|
-
.object({
|
|
2295
|
-
origin: z
|
|
2296
|
-
.lazy(
|
|
2297
|
-
() =>
|
|
2298
|
-
unmarshalCustomerFacingIngressNetworkPolicy_PublicRequestOriginSchema
|
|
2299
|
-
)
|
|
2300
|
-
.optional(),
|
|
2301
|
-
destination: z
|
|
2302
|
-
.lazy(
|
|
2303
|
-
() =>
|
|
2304
|
-
unmarshalCustomerFacingIngressNetworkPolicy_RequestDestinationSchema
|
|
2305
|
-
)
|
|
2306
|
-
.optional(),
|
|
2307
|
-
authentication: z
|
|
2308
|
-
.lazy(
|
|
2309
|
-
() => unmarshalCustomerFacingIngressNetworkPolicy_AuthenticationSchema
|
|
2310
|
-
)
|
|
2311
|
-
.optional(),
|
|
2312
|
-
label: z.string().optional(),
|
|
2313
|
-
})
|
|
2314
|
-
.transform(d => ({
|
|
2315
|
-
origin: d.origin,
|
|
2316
|
-
destination: d.destination,
|
|
2317
|
-
authentication: d.authentication,
|
|
2318
|
-
label: d.label,
|
|
2319
|
-
}));
|
|
2320
|
-
|
|
2321
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
2322
|
-
export const unmarshalCustomerFacingIngressNetworkPolicy_PublicRequestOriginSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_PublicRequestOrigin> =
|
|
2323
|
-
z
|
|
2324
|
-
.object({
|
|
2325
|
-
all_ip_ranges: z.boolean().optional(),
|
|
2326
|
-
included_ip_ranges: z
|
|
2327
|
-
.lazy(() => unmarshalCustomerFacingIngressNetworkPolicy_IpRangesSchema)
|
|
2328
|
-
.optional(),
|
|
2329
|
-
excluded_ip_ranges: z
|
|
2330
|
-
.lazy(() => unmarshalCustomerFacingIngressNetworkPolicy_IpRangesSchema)
|
|
2331
|
-
.optional(),
|
|
2332
|
-
})
|
|
2333
|
-
.transform(d => ({
|
|
2334
|
-
source:
|
|
2335
|
-
d.all_ip_ranges !== undefined
|
|
2336
|
-
? {$case: 'allIpRanges' as const, allIpRanges: d.all_ip_ranges}
|
|
2337
|
-
: d.included_ip_ranges !== undefined
|
|
2338
|
-
? {
|
|
2339
|
-
$case: 'includedIpRanges' as const,
|
|
2340
|
-
includedIpRanges: d.included_ip_ranges,
|
|
2341
|
-
}
|
|
2342
|
-
: d.excluded_ip_ranges !== undefined
|
|
2343
|
-
? {
|
|
2344
|
-
$case: 'excludedIpRanges' as const,
|
|
2345
|
-
excludedIpRanges: d.excluded_ip_ranges,
|
|
2346
|
-
}
|
|
2347
|
-
: undefined,
|
|
2348
|
-
}));
|
|
2349
|
-
|
|
2350
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
2351
|
-
export const unmarshalCustomerFacingIngressNetworkPolicy_RequestDestinationSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_RequestDestination> =
|
|
2352
|
-
z
|
|
2353
|
-
.object({
|
|
2354
|
-
all_destinations: z.boolean().optional(),
|
|
2355
|
-
workspace_ui: z
|
|
2356
|
-
.lazy(
|
|
2357
|
-
() =>
|
|
2358
|
-
unmarshalCustomerFacingIngressNetworkPolicy_WorkspaceUiDestinationSchema
|
|
2359
|
-
)
|
|
2360
|
-
.optional(),
|
|
2361
|
-
workspace_api: z
|
|
2362
|
-
.lazy(
|
|
2363
|
-
() =>
|
|
2364
|
-
unmarshalCustomerFacingIngressNetworkPolicy_WorkspaceApiDestinationSchema
|
|
2365
|
-
)
|
|
2366
|
-
.optional(),
|
|
2367
|
-
apps_runtime: z
|
|
2368
|
-
.lazy(
|
|
2369
|
-
() =>
|
|
2370
|
-
unmarshalCustomerFacingIngressNetworkPolicy_AppsRuntimeDestinationSchema
|
|
2371
|
-
)
|
|
2372
|
-
.optional(),
|
|
2373
|
-
lakebase_runtime: z
|
|
2374
|
-
.lazy(
|
|
2375
|
-
() =>
|
|
2376
|
-
unmarshalCustomerFacingIngressNetworkPolicy_LakebaseRuntimeDestinationSchema
|
|
2377
|
-
)
|
|
2378
|
-
.optional(),
|
|
2379
|
-
account_ui: z
|
|
2380
|
-
.lazy(
|
|
2381
|
-
() =>
|
|
2382
|
-
unmarshalCustomerFacingIngressNetworkPolicy_AccountUiDestinationSchema
|
|
2383
|
-
)
|
|
2384
|
-
.optional(),
|
|
2385
|
-
account_api: z
|
|
2386
|
-
.lazy(
|
|
2387
|
-
() =>
|
|
2388
|
-
unmarshalCustomerFacingIngressNetworkPolicy_AccountApiDestinationSchema
|
|
2389
|
-
)
|
|
2390
|
-
.optional(),
|
|
2391
|
-
account_databricks_one: z
|
|
2392
|
-
.lazy(
|
|
2393
|
-
() =>
|
|
2394
|
-
unmarshalCustomerFacingIngressNetworkPolicy_AccountDatabricksOneDestinationSchema
|
|
2395
|
-
)
|
|
2396
|
-
.optional(),
|
|
2397
|
-
})
|
|
2398
|
-
.transform(d => ({
|
|
2399
|
-
allDestinations: d.all_destinations,
|
|
2400
|
-
workspaceUi: d.workspace_ui,
|
|
2401
|
-
workspaceApi: d.workspace_api,
|
|
2402
|
-
appsRuntime: d.apps_runtime,
|
|
2403
|
-
lakebaseRuntime: d.lakebase_runtime,
|
|
2404
|
-
accountUi: d.account_ui,
|
|
2405
|
-
accountApi: d.account_api,
|
|
2406
|
-
accountDatabricksOne: d.account_databricks_one,
|
|
2407
|
-
}));
|
|
2408
|
-
|
|
2409
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
2410
|
-
export const unmarshalCustomerFacingIngressNetworkPolicy_WorkspaceApiDestinationSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_WorkspaceApiDestination> =
|
|
2411
|
-
z
|
|
2412
|
-
.object({
|
|
2413
|
-
scopes: z.array(z.string()).optional(),
|
|
2414
|
-
scope_qualifier: z
|
|
2415
|
-
.enum(CustomerFacingIngressNetworkPolicy_ApiScopeQualifier)
|
|
2416
|
-
.optional(),
|
|
2417
|
-
})
|
|
2418
|
-
.transform(d => ({
|
|
2419
|
-
scopes: d.scopes,
|
|
2420
|
-
scopeQualifier: d.scope_qualifier,
|
|
2421
|
-
}));
|
|
2422
|
-
|
|
2423
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
2424
|
-
export const unmarshalCustomerFacingIngressNetworkPolicy_WorkspaceIdListSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_WorkspaceIdList> =
|
|
2425
|
-
z
|
|
2426
|
-
.object({
|
|
2427
|
-
workspace_ids: z
|
|
2428
|
-
.array(z.union([z.number(), z.bigint()]).transform(v => BigInt(v)))
|
|
2429
|
-
.optional(),
|
|
2430
|
-
})
|
|
2431
|
-
.transform(d => ({
|
|
2432
|
-
workspaceIds: d.workspace_ids,
|
|
2433
|
-
}));
|
|
2434
|
-
|
|
2435
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
2436
|
-
export const unmarshalCustomerFacingIngressNetworkPolicy_WorkspaceUiDestinationSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_WorkspaceUiDestination> =
|
|
2437
|
-
z
|
|
2438
|
-
.object({
|
|
2439
|
-
all_destinations: z.boolean().optional(),
|
|
2440
|
-
})
|
|
2441
|
-
.transform(d => ({
|
|
2442
|
-
allDestinations: d.all_destinations,
|
|
2443
|
-
}));
|
|
2444
|
-
|
|
2445
|
-
export const unmarshalCustomerFacingNetworkConnectivityConfigSchema: z.ZodType<CustomerFacingNetworkConnectivityConfig> =
|
|
2446
|
-
z
|
|
2447
|
-
.object({
|
|
2448
|
-
network_connectivity_config_id: z.string().optional(),
|
|
2449
|
-
account_id: z.string().optional(),
|
|
2450
|
-
name: z.string().optional(),
|
|
2451
|
-
region: z.string().optional(),
|
|
2452
|
-
egress_config: z
|
|
2453
|
-
.lazy(
|
|
2454
|
-
() =>
|
|
2455
|
-
unmarshalCustomerFacingNetworkConnectivityConfigEgressConfigSchema
|
|
2456
|
-
)
|
|
2457
|
-
.optional(),
|
|
2458
|
-
updated_time: z
|
|
2459
|
-
.union([z.number(), z.bigint()])
|
|
2460
|
-
.transform(v => BigInt(v))
|
|
2461
|
-
.optional(),
|
|
2462
|
-
creation_time: z
|
|
2463
|
-
.union([z.number(), z.bigint()])
|
|
2464
|
-
.transform(v => BigInt(v))
|
|
2465
|
-
.optional(),
|
|
2466
|
-
})
|
|
2467
|
-
.transform(d => ({
|
|
2468
|
-
networkConnectivityConfigId: d.network_connectivity_config_id,
|
|
2469
|
-
accountId: d.account_id,
|
|
2470
|
-
name: d.name,
|
|
2471
|
-
region: d.region,
|
|
2472
|
-
egressConfig: d.egress_config,
|
|
2473
|
-
updatedTime: d.updated_time,
|
|
2474
|
-
creationTime: d.creation_time,
|
|
2475
|
-
}));
|
|
2476
|
-
|
|
2477
|
-
export const unmarshalCustomerFacingNetworkConnectivityConfigAwsPrivateEndpointRuleSchema: z.ZodType<CustomerFacingNetworkConnectivityConfigAwsPrivateEndpointRule> =
|
|
2478
|
-
z
|
|
2479
|
-
.object({
|
|
2480
|
-
rule_id: z.string().optional(),
|
|
2481
|
-
network_connectivity_config_id: z.string().optional(),
|
|
2482
|
-
account_id: z.string().optional(),
|
|
2483
|
-
endpoint_service: z.string().optional(),
|
|
2484
|
-
domain_names: z.array(z.string()).optional(),
|
|
2485
|
-
resource_names: z.array(z.string()).optional(),
|
|
2486
|
-
vpc_endpoint_id: z.string().optional(),
|
|
2487
|
-
connection_state: z
|
|
2488
|
-
.enum(
|
|
2489
|
-
CustomerFacingNetworkConnectivityConfigAwsPrivateEndpointRule_PrivateLinkConnectionState
|
|
2490
|
-
)
|
|
2491
|
-
.optional(),
|
|
2492
|
-
creation_time: z
|
|
2493
|
-
.union([z.number(), z.bigint()])
|
|
2494
|
-
.transform(v => BigInt(v))
|
|
2495
|
-
.optional(),
|
|
2496
|
-
updated_time: z
|
|
2497
|
-
.union([z.number(), z.bigint()])
|
|
2498
|
-
.transform(v => BigInt(v))
|
|
2499
|
-
.optional(),
|
|
2500
|
-
deactivated: z.boolean().optional(),
|
|
2501
|
-
deactivated_at: z
|
|
2502
|
-
.union([z.number(), z.bigint()])
|
|
2503
|
-
.transform(v => BigInt(v))
|
|
2504
|
-
.optional(),
|
|
2505
|
-
enabled: z.boolean().optional(),
|
|
2506
|
-
error_message: z.string().optional(),
|
|
2507
|
-
})
|
|
2508
|
-
.transform(d => ({
|
|
2509
|
-
ruleId: d.rule_id,
|
|
2510
|
-
networkConnectivityConfigId: d.network_connectivity_config_id,
|
|
2511
|
-
accountId: d.account_id,
|
|
2512
|
-
endpointService: d.endpoint_service,
|
|
2513
|
-
domainNames: d.domain_names,
|
|
2514
|
-
resourceNames: d.resource_names,
|
|
2515
|
-
vpcEndpointId: d.vpc_endpoint_id,
|
|
2516
|
-
connectionState: d.connection_state,
|
|
2517
|
-
creationTime: d.creation_time,
|
|
2518
|
-
updatedTime: d.updated_time,
|
|
2519
|
-
deactivated: d.deactivated,
|
|
2520
|
-
deactivatedAt: d.deactivated_at,
|
|
2521
|
-
enabled: d.enabled,
|
|
2522
|
-
errorMessage: d.error_message,
|
|
2523
|
-
}));
|
|
2524
|
-
|
|
2525
|
-
export const unmarshalCustomerFacingNetworkConnectivityConfigAzurePrivateEndpointRuleSchema: z.ZodType<CustomerFacingNetworkConnectivityConfigAzurePrivateEndpointRule> =
|
|
2526
|
-
z
|
|
2527
|
-
.object({
|
|
2528
|
-
rule_id: z.string().optional(),
|
|
2529
|
-
network_connectivity_config_id: z.string().optional(),
|
|
2530
|
-
resource_id: z.string().optional(),
|
|
2531
|
-
group_id: z.string().optional(),
|
|
2532
|
-
endpoint_name: z.string().optional(),
|
|
2533
|
-
connection_state: z
|
|
2534
|
-
.enum(
|
|
2535
|
-
CustomerFacingNetworkConnectivityConfigAzurePrivateEndpointRule_PrivateLinkConnectionState
|
|
2536
|
-
)
|
|
2537
|
-
.optional(),
|
|
2538
|
-
creation_time: z
|
|
2539
|
-
.union([z.number(), z.bigint()])
|
|
2540
|
-
.transform(v => BigInt(v))
|
|
2541
|
-
.optional(),
|
|
2542
|
-
updated_time: z
|
|
2543
|
-
.union([z.number(), z.bigint()])
|
|
2544
|
-
.transform(v => BigInt(v))
|
|
2545
|
-
.optional(),
|
|
2546
|
-
deactivated: z.boolean().optional(),
|
|
2547
|
-
deactivated_at: z
|
|
2548
|
-
.union([z.number(), z.bigint()])
|
|
2549
|
-
.transform(v => BigInt(v))
|
|
2550
|
-
.optional(),
|
|
2551
|
-
domain_names: z.array(z.string()).optional(),
|
|
2552
|
-
error_message: z.string().optional(),
|
|
2553
|
-
})
|
|
2554
|
-
.transform(d => ({
|
|
2555
|
-
ruleId: d.rule_id,
|
|
2556
|
-
networkConnectivityConfigId: d.network_connectivity_config_id,
|
|
2557
|
-
resourceId: d.resource_id,
|
|
2558
|
-
groupId: d.group_id,
|
|
2559
|
-
endpointName: d.endpoint_name,
|
|
2560
|
-
connectionState: d.connection_state,
|
|
2561
|
-
creationTime: d.creation_time,
|
|
2562
|
-
updatedTime: d.updated_time,
|
|
2563
|
-
deactivated: d.deactivated,
|
|
2564
|
-
deactivatedAt: d.deactivated_at,
|
|
2565
|
-
domainNames: d.domain_names,
|
|
2566
|
-
errorMessage: d.error_message,
|
|
2567
|
-
}));
|
|
2568
|
-
|
|
2569
|
-
export const unmarshalCustomerFacingNetworkConnectivityConfigEgressConfigSchema: z.ZodType<CustomerFacingNetworkConnectivityConfigEgressConfig> =
|
|
2570
|
-
z
|
|
2571
|
-
.object({
|
|
2572
|
-
default_rules: z
|
|
2573
|
-
.lazy(
|
|
2574
|
-
() => unmarshalNetworkConnectivityConfigEgressConfig_DefaultRuleSchema
|
|
2575
|
-
)
|
|
2576
|
-
.optional(),
|
|
2577
|
-
target_rules: z
|
|
2578
|
-
.lazy(
|
|
2579
|
-
() =>
|
|
2580
|
-
unmarshalCustomerFacingNetworkConnectivityConfigEgressConfig_CustomerFacingTargetRuleSchema
|
|
2581
|
-
)
|
|
2582
|
-
.optional(),
|
|
2583
|
-
})
|
|
2584
|
-
.transform(d => ({
|
|
2585
|
-
defaultRules: d.default_rules,
|
|
2586
|
-
targetRules: d.target_rules,
|
|
2587
|
-
}));
|
|
2588
|
-
|
|
2589
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
2590
|
-
export const unmarshalCustomerFacingNetworkConnectivityConfigEgressConfig_CustomerFacingTargetRuleSchema: z.ZodType<CustomerFacingNetworkConnectivityConfigEgressConfig_CustomerFacingTargetRule> =
|
|
2591
|
-
z
|
|
2592
|
-
.object({
|
|
2593
|
-
azure_private_endpoint_rules: z
|
|
2594
|
-
.array(
|
|
2595
|
-
z.lazy(
|
|
2596
|
-
() =>
|
|
2597
|
-
unmarshalCustomerFacingNetworkConnectivityConfigAzurePrivateEndpointRuleSchema
|
|
2598
|
-
)
|
|
2599
|
-
)
|
|
2600
|
-
.optional(),
|
|
2601
|
-
aws_private_endpoint_rules: z
|
|
2602
|
-
.array(
|
|
2603
|
-
z.lazy(
|
|
2604
|
-
() =>
|
|
2605
|
-
unmarshalCustomerFacingNetworkConnectivityConfigAwsPrivateEndpointRuleSchema
|
|
2606
|
-
)
|
|
2607
|
-
)
|
|
2608
|
-
.optional(),
|
|
2609
|
-
})
|
|
2610
|
-
.transform(d => ({
|
|
2611
|
-
azurePrivateEndpointRules: d.azure_private_endpoint_rules,
|
|
2612
|
-
awsPrivateEndpointRules: d.aws_private_endpoint_rules,
|
|
2613
|
-
}));
|
|
2614
|
-
|
|
2615
|
-
export const unmarshalCustomerFacingPrivateAccessSettingsSchema: z.ZodType<CustomerFacingPrivateAccessSettings> =
|
|
2616
|
-
z
|
|
2617
|
-
.object({
|
|
2618
|
-
private_access_settings_id: z.string().optional(),
|
|
2619
|
-
account_id: z.string().optional(),
|
|
2620
|
-
private_access_settings_name: z.string().optional(),
|
|
2621
|
-
region: z.string().optional(),
|
|
2622
|
-
public_access_enabled: z.boolean().optional(),
|
|
2623
|
-
private_access_level: z.enum(PrivateAccessLevel).optional(),
|
|
2624
|
-
allowed_vpc_endpoint_ids: z.array(z.string()).optional(),
|
|
2625
|
-
})
|
|
2626
|
-
.transform(d => ({
|
|
2627
|
-
privateAccessSettingsId: d.private_access_settings_id,
|
|
2628
|
-
accountId: d.account_id,
|
|
2629
|
-
privateAccessSettingsName: d.private_access_settings_name,
|
|
2630
|
-
region: d.region,
|
|
2631
|
-
publicAccessEnabled: d.public_access_enabled,
|
|
2632
|
-
privateAccessLevel: d.private_access_level,
|
|
2633
|
-
allowedVpcEndpointIds: d.allowed_vpc_endpoint_ids,
|
|
2634
|
-
}));
|
|
2635
|
-
|
|
2636
|
-
export const unmarshalCustomerFacingVpcEndpointSchema: z.ZodType<CustomerFacingVpcEndpoint> =
|
|
2637
|
-
z
|
|
2638
|
-
.object({
|
|
2639
|
-
vpc_endpoint_id: z.string().optional(),
|
|
2640
|
-
account_id: z.string().optional(),
|
|
2641
|
-
vpc_endpoint_name: z.string().optional(),
|
|
2642
|
-
aws_vpc_endpoint_id: z.string().optional(),
|
|
2643
|
-
aws_endpoint_service_id: z.string().optional(),
|
|
2644
|
-
use_case: z.enum(CustomerFacingVpcEndpointUseCase).optional(),
|
|
2645
|
-
region: z.string().optional(),
|
|
2646
|
-
aws_account_id: z.string().optional(),
|
|
2647
|
-
state: z.string().optional(),
|
|
2648
|
-
gcp_vpc_endpoint_info: z
|
|
2649
|
-
.lazy(() => unmarshalCustomerFacingGcpVpcEndpointInfoSchema)
|
|
2650
|
-
.optional(),
|
|
2651
|
-
})
|
|
2652
|
-
.transform(d => ({
|
|
2653
|
-
vpcEndpointId: d.vpc_endpoint_id,
|
|
2654
|
-
accountId: d.account_id,
|
|
2655
|
-
vpcEndpointName: d.vpc_endpoint_name,
|
|
2656
|
-
awsVpcEndpointId: d.aws_vpc_endpoint_id,
|
|
2657
|
-
awsEndpointServiceId: d.aws_endpoint_service_id,
|
|
2658
|
-
useCase: d.use_case,
|
|
2659
|
-
region: d.region,
|
|
2660
|
-
awsAccountId: d.aws_account_id,
|
|
2661
|
-
state: d.state,
|
|
2662
|
-
vpcEndpointInfo:
|
|
2663
|
-
d.gcp_vpc_endpoint_info !== undefined
|
|
2664
|
-
? {
|
|
2665
|
-
$case: 'gcpVpcEndpointInfo' as const,
|
|
2666
|
-
gcpVpcEndpointInfo: d.gcp_vpc_endpoint_info,
|
|
2667
|
-
}
|
|
2668
|
-
: undefined,
|
|
2669
|
-
}));
|
|
2670
|
-
|
|
2671
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
2672
|
-
export const unmarshalDeleteAccountIpAccessListRequest_ResponseSchema: z.ZodType<DeleteAccountIpAccessListRequest_Response> =
|
|
2673
|
-
z.object({});
|
|
2674
|
-
|
|
2675
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
2676
|
-
export const unmarshalDeleteIpAccessList_ResponseSchema: z.ZodType<DeleteIpAccessList_Response> =
|
|
2677
|
-
z.object({});
|
|
2678
|
-
|
|
2679
|
-
export const unmarshalEgressNetworkPolicySchema: z.ZodType<EgressNetworkPolicy> =
|
|
2680
|
-
z
|
|
2681
|
-
.object({
|
|
2682
|
-
network_access: z
|
|
2683
|
-
.lazy(() => unmarshalEgressNetworkPolicy_NetworkAccessPolicySchema)
|
|
2684
|
-
.optional(),
|
|
2685
|
-
})
|
|
2686
|
-
.transform(d => ({
|
|
2687
|
-
networkAccess: d.network_access,
|
|
2688
|
-
}));
|
|
2689
|
-
|
|
2690
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
2691
|
-
export const unmarshalEgressNetworkPolicy_NetworkAccessPolicySchema: z.ZodType<EgressNetworkPolicy_NetworkAccessPolicy> =
|
|
2692
|
-
z
|
|
2693
|
-
.object({
|
|
2694
|
-
restriction_mode: z
|
|
2695
|
-
.enum(EgressNetworkPolicy_NetworkAccessPolicy_RestrictionMode)
|
|
2696
|
-
.optional(),
|
|
2697
|
-
allowed_internet_destinations: z
|
|
2698
|
-
.array(
|
|
2699
|
-
z.lazy(
|
|
2700
|
-
() =>
|
|
2701
|
-
unmarshalEgressNetworkPolicy_NetworkAccessPolicy_InternetDestinationSchema
|
|
2702
|
-
)
|
|
2703
|
-
)
|
|
2704
|
-
.optional(),
|
|
2705
|
-
allowed_storage_destinations: z
|
|
2706
|
-
.array(
|
|
2707
|
-
z.lazy(
|
|
2708
|
-
() =>
|
|
2709
|
-
unmarshalEgressNetworkPolicy_NetworkAccessPolicy_StorageDestinationSchema
|
|
2710
|
-
)
|
|
2711
|
-
)
|
|
2712
|
-
.optional(),
|
|
2713
|
-
policy_enforcement: z
|
|
2714
|
-
.lazy(
|
|
2715
|
-
() =>
|
|
2716
|
-
unmarshalEgressNetworkPolicy_NetworkAccessPolicy_PolicyEnforcementSchema
|
|
2717
|
-
)
|
|
2718
|
-
.optional(),
|
|
2719
|
-
blocked_internet_destinations: z
|
|
2720
|
-
.array(
|
|
2721
|
-
z.lazy(
|
|
2722
|
-
() =>
|
|
2723
|
-
unmarshalEgressNetworkPolicy_NetworkAccessPolicy_InternetDestinationSchema
|
|
2724
|
-
)
|
|
2725
|
-
)
|
|
2726
|
-
.optional(),
|
|
2727
|
-
})
|
|
2728
|
-
.transform(d => ({
|
|
2729
|
-
restrictionMode: d.restriction_mode,
|
|
2730
|
-
allowedInternetDestinations: d.allowed_internet_destinations,
|
|
2731
|
-
allowedStorageDestinations: d.allowed_storage_destinations,
|
|
2732
|
-
policyEnforcement: d.policy_enforcement,
|
|
2733
|
-
blockedInternetDestinations: d.blocked_internet_destinations,
|
|
2734
|
-
}));
|
|
2735
|
-
|
|
2736
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
2737
|
-
export const unmarshalEgressNetworkPolicy_NetworkAccessPolicy_InternetDestinationSchema: z.ZodType<EgressNetworkPolicy_NetworkAccessPolicy_InternetDestination> =
|
|
2738
|
-
z
|
|
2739
|
-
.object({
|
|
2740
|
-
destination: z.string().optional(),
|
|
2741
|
-
internet_destination_type: z
|
|
2742
|
-
.enum(
|
|
2743
|
-
EgressNetworkPolicy_NetworkAccessPolicy_InternetDestination_InternetDestinationType
|
|
2744
|
-
)
|
|
2745
|
-
.optional(),
|
|
2746
|
-
})
|
|
2747
|
-
.transform(d => ({
|
|
2748
|
-
destination: d.destination,
|
|
2749
|
-
internetDestinationType: d.internet_destination_type,
|
|
2750
|
-
}));
|
|
2751
|
-
|
|
2752
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
2753
|
-
export const unmarshalEgressNetworkPolicy_NetworkAccessPolicy_PolicyEnforcementSchema: z.ZodType<EgressNetworkPolicy_NetworkAccessPolicy_PolicyEnforcement> =
|
|
2754
|
-
z
|
|
2755
|
-
.object({
|
|
2756
|
-
enforcement_mode: z
|
|
2757
|
-
.enum(
|
|
2758
|
-
EgressNetworkPolicy_NetworkAccessPolicy_PolicyEnforcement_EnforcementMode
|
|
2759
|
-
)
|
|
2760
|
-
.optional(),
|
|
2761
|
-
dry_run_mode_product_filter: z
|
|
2762
|
-
.array(
|
|
2763
|
-
z.enum(
|
|
2764
|
-
EgressNetworkPolicy_NetworkAccessPolicy_PolicyEnforcement_DryRunModeProductFilter
|
|
2765
|
-
)
|
|
2766
|
-
)
|
|
2767
|
-
.optional(),
|
|
2768
|
-
})
|
|
2769
|
-
.transform(d => ({
|
|
2770
|
-
enforcementMode: d.enforcement_mode,
|
|
2771
|
-
dryRunModeProductFilter: d.dry_run_mode_product_filter,
|
|
2772
|
-
}));
|
|
2773
|
-
|
|
2774
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
2775
|
-
export const unmarshalEgressNetworkPolicy_NetworkAccessPolicy_StorageDestinationSchema: z.ZodType<EgressNetworkPolicy_NetworkAccessPolicy_StorageDestination> =
|
|
2776
|
-
z
|
|
2777
|
-
.object({
|
|
2778
|
-
bucket_name: z.string().optional(),
|
|
2779
|
-
region: z.string().optional(),
|
|
2780
|
-
storage_destination_type: z
|
|
2781
|
-
.enum(
|
|
2782
|
-
EgressNetworkPolicy_NetworkAccessPolicy_StorageDestination_StorageDestinationType
|
|
2783
|
-
)
|
|
2784
|
-
.optional(),
|
|
2785
|
-
azure_storage_account: z.string().optional(),
|
|
2786
|
-
azure_storage_service: z.string().optional(),
|
|
2787
|
-
})
|
|
2788
|
-
.transform(d => ({
|
|
2789
|
-
bucketName: d.bucket_name,
|
|
2790
|
-
region: d.region,
|
|
2791
|
-
storageDestinationType: d.storage_destination_type,
|
|
2792
|
-
azureStorageAccount: d.azure_storage_account,
|
|
2793
|
-
azureStorageService: d.azure_storage_service,
|
|
2794
|
-
}));
|
|
2795
|
-
|
|
2796
|
-
export const unmarshalEndpointSchema: z.ZodType<Endpoint> = z
|
|
2797
|
-
.object({
|
|
2798
|
-
name: z.string().optional(),
|
|
2799
|
-
endpoint_id: z.string().optional(),
|
|
2800
|
-
account_id: z.string().optional(),
|
|
2801
|
-
display_name: z.string().optional(),
|
|
2802
|
-
use_case: z.enum(EndpointUseCase_EndpointUseCase).optional(),
|
|
2803
|
-
region: z.string().optional(),
|
|
2804
|
-
state: z.enum(EndpointState).optional(),
|
|
2805
|
-
azure_private_endpoint_info: z
|
|
2806
|
-
.lazy(() => unmarshalAzurePrivateEndpointInfoSchema)
|
|
2807
|
-
.optional(),
|
|
2808
|
-
create_time: z
|
|
2809
|
-
.string()
|
|
2810
|
-
.transform(s => Temporal.Instant.from(s))
|
|
2811
|
-
.optional(),
|
|
2812
|
-
})
|
|
2813
|
-
.transform(d => ({
|
|
2814
|
-
name: d.name,
|
|
2815
|
-
endpointId: d.endpoint_id,
|
|
2816
|
-
accountId: d.account_id,
|
|
2817
|
-
displayName: d.display_name,
|
|
2818
|
-
useCase: d.use_case,
|
|
2819
|
-
region: d.region,
|
|
2820
|
-
state: d.state,
|
|
2821
|
-
endpointInfo:
|
|
2822
|
-
d.azure_private_endpoint_info !== undefined
|
|
2823
|
-
? {
|
|
2824
|
-
$case: 'azurePrivateEndpointInfo' as const,
|
|
2825
|
-
azurePrivateEndpointInfo: d.azure_private_endpoint_info,
|
|
2826
|
-
}
|
|
2827
|
-
: undefined,
|
|
2828
|
-
createTime: d.create_time,
|
|
2829
|
-
}));
|
|
2830
|
-
|
|
2831
|
-
export const unmarshalGcpEndpointSchema: z.ZodType<GcpEndpoint> = z
|
|
2832
|
-
.object({
|
|
2833
|
-
psc_endpoint_uri: z.string().optional(),
|
|
2834
|
-
service_attachment: z.string().optional(),
|
|
2835
|
-
})
|
|
2836
|
-
.transform(d => ({
|
|
2837
|
-
pscEndpointUri: d.psc_endpoint_uri,
|
|
2838
|
-
targetServices:
|
|
2839
|
-
d.service_attachment !== undefined
|
|
2840
|
-
? {
|
|
2841
|
-
$case: 'serviceAttachment' as const,
|
|
2842
|
-
serviceAttachment: d.service_attachment,
|
|
2843
|
-
}
|
|
2844
|
-
: undefined,
|
|
2845
|
-
}));
|
|
2846
|
-
|
|
2847
|
-
export const unmarshalGcpNetworkInfoSchema: z.ZodType<GcpNetworkInfo> = z
|
|
2848
|
-
.object({
|
|
2849
|
-
network_project_id: z.string().optional(),
|
|
2850
|
-
vpc_id: z.string().optional(),
|
|
2851
|
-
subnet_id: z.string().optional(),
|
|
2852
|
-
subnet_region: z.string().optional(),
|
|
2853
|
-
pod_ip_range_name: z.string().optional(),
|
|
2854
|
-
service_ip_range_name: z.string().optional(),
|
|
2855
|
-
})
|
|
2856
|
-
.transform(d => ({
|
|
2857
|
-
networkProjectId: d.network_project_id,
|
|
2858
|
-
vpcId: d.vpc_id,
|
|
2859
|
-
subnetId: d.subnet_id,
|
|
2860
|
-
subnetRegion: d.subnet_region,
|
|
2861
|
-
podIpRangeName: d.pod_ip_range_name,
|
|
2862
|
-
serviceIpRangeName: d.service_ip_range_name,
|
|
2863
|
-
}));
|
|
2864
|
-
|
|
2865
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
2866
|
-
export const unmarshalGetAccountIpAccessListRequest_ResponseSchema: z.ZodType<GetAccountIpAccessListRequest_Response> =
|
|
2867
|
-
z
|
|
2868
|
-
.object({
|
|
2869
|
-
ip_access_list: z
|
|
2870
|
-
.lazy(() => unmarshalAccountIpAccessListSchema)
|
|
2871
|
-
.optional(),
|
|
2872
|
-
})
|
|
2873
|
-
.transform(d => ({
|
|
2874
|
-
ipAccessList: d.ip_access_list,
|
|
2875
|
-
}));
|
|
2876
|
-
|
|
2877
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
2878
|
-
export const unmarshalGetIpAccessList_ResponseSchema: z.ZodType<GetIpAccessList_Response> =
|
|
2879
|
-
z
|
|
2880
|
-
.object({
|
|
2881
|
-
ip_access_list: z.lazy(() => unmarshalIpAccessListSchema).optional(),
|
|
2882
|
-
})
|
|
2883
|
-
.transform(d => ({
|
|
2884
|
-
ipAccessList: d.ip_access_list,
|
|
2885
|
-
}));
|
|
2886
|
-
|
|
2887
|
-
export const unmarshalIpAccessListSchema: z.ZodType<IpAccessList> = z
|
|
2888
|
-
.object({
|
|
2889
|
-
list_id: z.string().optional(),
|
|
2890
|
-
label: z.string().optional(),
|
|
2891
|
-
ip_addresses: z.array(z.string()).optional(),
|
|
2892
|
-
address_count: z.number().optional(),
|
|
2893
|
-
list_type: z.enum(IpAccessListType).optional(),
|
|
2894
|
-
created_at: z
|
|
2895
|
-
.union([z.number(), z.bigint()])
|
|
2896
|
-
.transform(v => BigInt(v))
|
|
2897
|
-
.optional(),
|
|
2898
|
-
created_by: z
|
|
2899
|
-
.union([z.number(), z.bigint()])
|
|
2900
|
-
.transform(v => BigInt(v))
|
|
2901
|
-
.optional(),
|
|
2902
|
-
updated_at: z
|
|
2903
|
-
.union([z.number(), z.bigint()])
|
|
2904
|
-
.transform(v => BigInt(v))
|
|
2905
|
-
.optional(),
|
|
2906
|
-
updated_by: z
|
|
2907
|
-
.union([z.number(), z.bigint()])
|
|
2908
|
-
.transform(v => BigInt(v))
|
|
2909
|
-
.optional(),
|
|
2910
|
-
enabled: z.boolean().optional(),
|
|
2911
|
-
})
|
|
2912
|
-
.transform(d => ({
|
|
2913
|
-
listId: d.list_id,
|
|
2914
|
-
label: d.label,
|
|
2915
|
-
ipAddresses: d.ip_addresses,
|
|
2916
|
-
addressCount: d.address_count,
|
|
2917
|
-
listType: d.list_type,
|
|
2918
|
-
createdAt: d.created_at,
|
|
2919
|
-
createdBy: d.created_by,
|
|
2920
|
-
updatedAt: d.updated_at,
|
|
2921
|
-
updatedBy: d.updated_by,
|
|
2922
|
-
enabled: d.enabled,
|
|
2923
|
-
}));
|
|
2924
|
-
|
|
2925
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
2926
|
-
export const unmarshalListAccountIpAccessListsRequest_ResponseSchema: z.ZodType<ListAccountIpAccessListsRequest_Response> =
|
|
2927
|
-
z
|
|
2928
|
-
.object({
|
|
2929
|
-
ip_access_lists: z
|
|
2930
|
-
.array(z.lazy(() => unmarshalAccountIpAccessListSchema))
|
|
2931
|
-
.optional(),
|
|
2932
|
-
})
|
|
2933
|
-
.transform(d => ({
|
|
2934
|
-
ipAccessLists: d.ip_access_lists,
|
|
2935
|
-
}));
|
|
2936
|
-
|
|
2937
|
-
export const unmarshalListEndpointsResponseSchema: z.ZodType<ListEndpointsResponse> =
|
|
2938
|
-
z
|
|
2939
|
-
.object({
|
|
2940
|
-
items: z.array(z.lazy(() => unmarshalEndpointSchema)).optional(),
|
|
2941
|
-
next_page_token: z.string().optional(),
|
|
2942
|
-
})
|
|
2943
|
-
.transform(d => ({
|
|
2944
|
-
items: d.items,
|
|
2945
|
-
nextPageToken: d.next_page_token,
|
|
2946
|
-
}));
|
|
2947
|
-
|
|
2948
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
2949
|
-
export const unmarshalListIpAccessLists_ResponseSchema: z.ZodType<ListIpAccessLists_Response> =
|
|
2950
|
-
z
|
|
2951
|
-
.object({
|
|
2952
|
-
ip_access_lists: z
|
|
2953
|
-
.array(z.lazy(() => unmarshalIpAccessListSchema))
|
|
2954
|
-
.optional(),
|
|
2955
|
-
})
|
|
2956
|
-
.transform(d => ({
|
|
2957
|
-
ipAccessLists: d.ip_access_lists,
|
|
2958
|
-
}));
|
|
2959
|
-
|
|
2960
|
-
export const unmarshalListNccPrivateEndpointRulesResponseSchema: z.ZodType<ListNccPrivateEndpointRulesResponse> =
|
|
2961
|
-
z
|
|
2962
|
-
.object({
|
|
2963
|
-
items: z
|
|
2964
|
-
.array(z.lazy(() => unmarshalNccPrivateEndpointRuleSchema))
|
|
2965
|
-
.optional(),
|
|
2966
|
-
next_page_token: z.string().optional(),
|
|
2967
|
-
})
|
|
2968
|
-
.transform(d => ({
|
|
2969
|
-
items: d.items,
|
|
2970
|
-
nextPageToken: d.next_page_token,
|
|
2971
|
-
}));
|
|
2972
|
-
|
|
2973
|
-
export const unmarshalListNetworkConnectivityConfigsResponseSchema: z.ZodType<ListNetworkConnectivityConfigsResponse> =
|
|
2974
|
-
z
|
|
2975
|
-
.object({
|
|
2976
|
-
items: z
|
|
2977
|
-
.array(
|
|
2978
|
-
z.lazy(() => unmarshalCustomerFacingNetworkConnectivityConfigSchema)
|
|
2979
|
-
)
|
|
2980
|
-
.optional(),
|
|
2981
|
-
next_page_token: z.string().optional(),
|
|
2982
|
-
})
|
|
2983
|
-
.transform(d => ({
|
|
2984
|
-
items: d.items,
|
|
2985
|
-
nextPageToken: d.next_page_token,
|
|
2986
|
-
}));
|
|
2987
|
-
|
|
2988
|
-
export const unmarshalListNetworkPoliciesResponseSchema: z.ZodType<ListNetworkPoliciesResponse> =
|
|
2989
|
-
z
|
|
2990
|
-
.object({
|
|
2991
|
-
items: z
|
|
2992
|
-
.array(z.lazy(() => unmarshalAccountNetworkPolicySchema))
|
|
2993
|
-
.optional(),
|
|
2994
|
-
next_page_token: z.string().optional(),
|
|
2995
|
-
})
|
|
2996
|
-
.transform(d => ({
|
|
2997
|
-
items: d.items,
|
|
2998
|
-
nextPageToken: d.next_page_token,
|
|
2999
|
-
}));
|
|
3000
|
-
|
|
3001
|
-
export const unmarshalNccPrivateEndpointRuleSchema: z.ZodType<NccPrivateEndpointRule> =
|
|
3002
|
-
z
|
|
3003
|
-
.object({
|
|
3004
|
-
rule_id: z.string().optional(),
|
|
3005
|
-
network_connectivity_config_id: z.string().optional(),
|
|
3006
|
-
connection_state: z
|
|
3007
|
-
.enum(NccPrivateEndpointRule_PrivateLinkConnectionState)
|
|
3008
|
-
.optional(),
|
|
3009
|
-
domain_names: z.array(z.string()).optional(),
|
|
3010
|
-
creation_time: z
|
|
3011
|
-
.union([z.number(), z.bigint()])
|
|
3012
|
-
.transform(v => BigInt(v))
|
|
3013
|
-
.optional(),
|
|
3014
|
-
updated_time: z
|
|
3015
|
-
.union([z.number(), z.bigint()])
|
|
3016
|
-
.transform(v => BigInt(v))
|
|
3017
|
-
.optional(),
|
|
3018
|
-
deactivated: z.boolean().optional(),
|
|
3019
|
-
deactivated_at: z
|
|
3020
|
-
.union([z.number(), z.bigint()])
|
|
3021
|
-
.transform(v => BigInt(v))
|
|
3022
|
-
.optional(),
|
|
3023
|
-
error_message: z.string().optional(),
|
|
3024
|
-
resource_id: z.string().optional(),
|
|
3025
|
-
group_id: z.string().optional(),
|
|
3026
|
-
endpoint_name: z.string().optional(),
|
|
3027
|
-
account_id: z.string().optional(),
|
|
3028
|
-
endpoint_service: z.string().optional(),
|
|
3029
|
-
resource_names: z.array(z.string()).optional(),
|
|
3030
|
-
vpc_endpoint_id: z.string().optional(),
|
|
3031
|
-
enabled: z.boolean().optional(),
|
|
3032
|
-
gcp_endpoint: z.lazy(() => unmarshalGcpEndpointSchema).optional(),
|
|
3033
|
-
})
|
|
3034
|
-
.transform(d => ({
|
|
3035
|
-
ruleId: d.rule_id,
|
|
3036
|
-
networkConnectivityConfigId: d.network_connectivity_config_id,
|
|
3037
|
-
connectionState: d.connection_state,
|
|
3038
|
-
domainNames: d.domain_names,
|
|
3039
|
-
creationTime: d.creation_time,
|
|
3040
|
-
updatedTime: d.updated_time,
|
|
3041
|
-
deactivated: d.deactivated,
|
|
3042
|
-
deactivatedAt: d.deactivated_at,
|
|
3043
|
-
errorMessage: d.error_message,
|
|
3044
|
-
resourceId: d.resource_id,
|
|
3045
|
-
groupId: d.group_id,
|
|
3046
|
-
endpointName: d.endpoint_name,
|
|
3047
|
-
accountId: d.account_id,
|
|
3048
|
-
endpointService: d.endpoint_service,
|
|
3049
|
-
resourceNames: d.resource_names,
|
|
3050
|
-
vpcEndpointId: d.vpc_endpoint_id,
|
|
3051
|
-
enabled: d.enabled,
|
|
3052
|
-
endpoint:
|
|
3053
|
-
d.gcp_endpoint !== undefined
|
|
3054
|
-
? {$case: 'gcpEndpoint' as const, gcpEndpoint: d.gcp_endpoint}
|
|
3055
|
-
: undefined,
|
|
3056
|
-
}));
|
|
3057
|
-
|
|
3058
|
-
export const unmarshalNetworkSchema: z.ZodType<Network> = z
|
|
3059
|
-
.object({
|
|
3060
|
-
network_id: z.string().optional(),
|
|
3061
|
-
account_id: z.string().optional(),
|
|
3062
|
-
workspace_id: z
|
|
3063
|
-
.union([z.number(), z.bigint()])
|
|
3064
|
-
.transform(v => BigInt(v))
|
|
3065
|
-
.optional(),
|
|
3066
|
-
vpc_id: z.string().optional(),
|
|
3067
|
-
subnet_ids: z.array(z.string()).optional(),
|
|
3068
|
-
security_group_ids: z.array(z.string()).optional(),
|
|
3069
|
-
vpc_status: z.enum(VpcStatus).optional(),
|
|
3070
|
-
error_messages: z
|
|
3071
|
-
.array(z.lazy(() => unmarshalNetworkHealthSchema))
|
|
3072
|
-
.optional(),
|
|
3073
|
-
network_name: z.string().optional(),
|
|
3074
|
-
creation_time: z
|
|
3075
|
-
.union([z.number(), z.bigint()])
|
|
3076
|
-
.transform(v => BigInt(v))
|
|
3077
|
-
.optional(),
|
|
3078
|
-
warning_messages: z
|
|
3079
|
-
.array(z.lazy(() => unmarshalNetworkWarningSchema))
|
|
3080
|
-
.optional(),
|
|
3081
|
-
vpc_endpoints: z.lazy(() => unmarshalNetworkVpcEndpointsSchema).optional(),
|
|
3082
|
-
gcp_network_info: z.lazy(() => unmarshalGcpNetworkInfoSchema).optional(),
|
|
3083
|
-
})
|
|
3084
|
-
.transform(d => ({
|
|
3085
|
-
networkId: d.network_id,
|
|
3086
|
-
accountId: d.account_id,
|
|
3087
|
-
workspaceId: d.workspace_id,
|
|
3088
|
-
vpcId: d.vpc_id,
|
|
3089
|
-
subnetIds: d.subnet_ids,
|
|
3090
|
-
securityGroupIds: d.security_group_ids,
|
|
3091
|
-
vpcStatus: d.vpc_status,
|
|
3092
|
-
errorMessages: d.error_messages,
|
|
3093
|
-
networkName: d.network_name,
|
|
3094
|
-
creationTime: d.creation_time,
|
|
3095
|
-
warningMessages: d.warning_messages,
|
|
3096
|
-
vpcEndpoints: d.vpc_endpoints,
|
|
3097
|
-
networkInfo:
|
|
3098
|
-
d.gcp_network_info !== undefined
|
|
3099
|
-
? {$case: 'gcpNetworkInfo' as const, gcpNetworkInfo: d.gcp_network_info}
|
|
3100
|
-
: undefined,
|
|
3101
|
-
}));
|
|
3102
|
-
|
|
3103
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
3104
|
-
export const unmarshalNetworkConnectivityConfigEgressConfig_DefaultRuleSchema: z.ZodType<NetworkConnectivityConfigEgressConfig_DefaultRule> =
|
|
3105
|
-
z
|
|
3106
|
-
.object({
|
|
3107
|
-
azure_service_endpoint_rule: z
|
|
3108
|
-
.lazy(
|
|
3109
|
-
() =>
|
|
3110
|
-
unmarshalNetworkConnectivityConfigEgressConfig_DefaultRule_AzureServiceEndpointRuleSchema
|
|
3111
|
-
)
|
|
3112
|
-
.optional(),
|
|
3113
|
-
aws_stable_ip_rule: z
|
|
3114
|
-
.lazy(
|
|
3115
|
-
() =>
|
|
3116
|
-
unmarshalNetworkConnectivityConfigEgressConfig_DefaultRule_AwsStableIpRuleSchema
|
|
3117
|
-
)
|
|
3118
|
-
.optional(),
|
|
3119
|
-
})
|
|
3120
|
-
.transform(d => ({
|
|
3121
|
-
azureServiceEndpointRule: d.azure_service_endpoint_rule,
|
|
3122
|
-
awsStableIpRule: d.aws_stable_ip_rule,
|
|
3123
|
-
}));
|
|
3124
|
-
|
|
3125
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
3126
|
-
export const unmarshalNetworkConnectivityConfigEgressConfig_DefaultRule_AwsStableIpRuleSchema: z.ZodType<NetworkConnectivityConfigEgressConfig_DefaultRule_AwsStableIpRule> =
|
|
3127
|
-
z
|
|
3128
|
-
.object({
|
|
3129
|
-
cidr_blocks: z.array(z.string()).optional(),
|
|
3130
|
-
})
|
|
3131
|
-
.transform(d => ({
|
|
3132
|
-
cidrBlocks: d.cidr_blocks,
|
|
3133
|
-
}));
|
|
3134
|
-
|
|
3135
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
3136
|
-
export const unmarshalNetworkConnectivityConfigEgressConfig_DefaultRule_AzureServiceEndpointRuleSchema: z.ZodType<NetworkConnectivityConfigEgressConfig_DefaultRule_AzureServiceEndpointRule> =
|
|
3137
|
-
z
|
|
3138
|
-
.object({
|
|
3139
|
-
target_region: z.string().optional(),
|
|
3140
|
-
target_services: z.array(z.enum(EgressResourceType)).optional(),
|
|
3141
|
-
subnets: z.array(z.string()).optional(),
|
|
3142
|
-
})
|
|
3143
|
-
.transform(d => ({
|
|
3144
|
-
targetRegion: d.target_region,
|
|
3145
|
-
targetServices: d.target_services,
|
|
3146
|
-
subnets: d.subnets,
|
|
3147
|
-
}));
|
|
3148
|
-
|
|
3149
|
-
export const unmarshalNetworkHealthSchema: z.ZodType<NetworkHealth> = z
|
|
3150
|
-
.object({
|
|
3151
|
-
error_type: z.string().optional(),
|
|
3152
|
-
error_message: z.string().optional(),
|
|
3153
|
-
})
|
|
3154
|
-
.transform(d => ({
|
|
3155
|
-
errorType: d.error_type,
|
|
3156
|
-
errorMessage: d.error_message,
|
|
3157
|
-
}));
|
|
3158
|
-
|
|
3159
|
-
export const unmarshalNetworkVpcEndpointsSchema: z.ZodType<NetworkVpcEndpoints> =
|
|
3160
|
-
z
|
|
3161
|
-
.object({
|
|
3162
|
-
rest_api: z.array(z.string()).optional(),
|
|
3163
|
-
dataplane_relay: z.array(z.string()).optional(),
|
|
3164
|
-
})
|
|
3165
|
-
.transform(d => ({
|
|
3166
|
-
restApi: d.rest_api,
|
|
3167
|
-
dataplaneRelay: d.dataplane_relay,
|
|
3168
|
-
}));
|
|
3169
|
-
|
|
3170
|
-
export const unmarshalNetworkWarningSchema: z.ZodType<NetworkWarning> = z
|
|
3171
|
-
.object({
|
|
3172
|
-
warning_type: z.string().optional(),
|
|
3173
|
-
warning_message: z.string().optional(),
|
|
3174
|
-
})
|
|
3175
|
-
.transform(d => ({
|
|
3176
|
-
warningType: d.warning_type,
|
|
3177
|
-
warningMessage: d.warning_message,
|
|
3178
|
-
}));
|
|
3179
|
-
|
|
3180
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
3181
|
-
export const unmarshalReplaceAccountIpAccessListRequest_ResponseSchema: z.ZodType<ReplaceAccountIpAccessListRequest_Response> =
|
|
3182
|
-
z
|
|
3183
|
-
.object({
|
|
3184
|
-
ip_access_list: z
|
|
3185
|
-
.lazy(() => unmarshalAccountIpAccessListSchema)
|
|
3186
|
-
.optional(),
|
|
3187
|
-
})
|
|
3188
|
-
.transform(d => ({
|
|
3189
|
-
ipAccessList: d.ip_access_list,
|
|
3190
|
-
}));
|
|
3191
|
-
|
|
3192
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
3193
|
-
export const unmarshalReplaceIpAccessList_ResponseSchema: z.ZodType<ReplaceIpAccessList_Response> =
|
|
3194
|
-
z
|
|
3195
|
-
.object({
|
|
3196
|
-
ip_access_list: z.lazy(() => unmarshalIpAccessListSchema).optional(),
|
|
3197
|
-
})
|
|
3198
|
-
.transform(d => ({
|
|
3199
|
-
ipAccessList: d.ip_access_list,
|
|
3200
|
-
}));
|
|
3201
|
-
|
|
3202
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
3203
|
-
export const unmarshalUpdateAccountIpAccessListRequest_ResponseSchema: z.ZodType<UpdateAccountIpAccessListRequest_Response> =
|
|
3204
|
-
z
|
|
3205
|
-
.object({
|
|
3206
|
-
ip_access_list: z
|
|
3207
|
-
.lazy(() => unmarshalAccountIpAccessListSchema)
|
|
3208
|
-
.optional(),
|
|
3209
|
-
})
|
|
3210
|
-
.transform(d => ({
|
|
3211
|
-
ipAccessList: d.ip_access_list,
|
|
3212
|
-
}));
|
|
3213
|
-
|
|
3214
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
3215
|
-
export const unmarshalUpdateIpAccessList_ResponseSchema: z.ZodType<UpdateIpAccessList_Response> =
|
|
3216
|
-
z
|
|
3217
|
-
.object({
|
|
3218
|
-
ip_access_list: z.lazy(() => unmarshalIpAccessListSchema).optional(),
|
|
3219
|
-
})
|
|
3220
|
-
.transform(d => ({
|
|
3221
|
-
ipAccessList: d.ip_access_list,
|
|
3222
|
-
}));
|
|
3223
|
-
|
|
3224
|
-
export const unmarshalWorkspaceNetworkOptionSchema: z.ZodType<WorkspaceNetworkOption> =
|
|
3225
|
-
z
|
|
3226
|
-
.object({
|
|
3227
|
-
network_policy_id: z.string().optional(),
|
|
3228
|
-
workspace_id: z
|
|
3229
|
-
.union([z.number(), z.bigint()])
|
|
3230
|
-
.transform(v => BigInt(v))
|
|
3231
|
-
.optional(),
|
|
3232
|
-
})
|
|
3233
|
-
.transform(d => ({
|
|
3234
|
-
networkPolicyId: d.network_policy_id,
|
|
3235
|
-
workspaceId: d.workspace_id,
|
|
3236
|
-
}));
|
|
3237
|
-
|
|
3238
|
-
export const marshalAccountNetworkPolicySchema: z.ZodType = z
|
|
3239
|
-
.object({
|
|
3240
|
-
networkPolicyId: z.string().optional(),
|
|
3241
|
-
accountId: z.string().optional(),
|
|
3242
|
-
egress: z.lazy(() => marshalEgressNetworkPolicySchema).optional(),
|
|
3243
|
-
ingress: z
|
|
3244
|
-
.lazy(() => marshalCustomerFacingIngressNetworkPolicySchema)
|
|
3245
|
-
.optional(),
|
|
3246
|
-
ingressDryRun: z
|
|
3247
|
-
.lazy(() => marshalCustomerFacingIngressNetworkPolicySchema)
|
|
3248
|
-
.optional(),
|
|
3249
|
-
})
|
|
3250
|
-
.transform(d => ({
|
|
3251
|
-
network_policy_id: d.networkPolicyId,
|
|
3252
|
-
account_id: d.accountId,
|
|
3253
|
-
egress: d.egress,
|
|
3254
|
-
ingress: d.ingress,
|
|
3255
|
-
ingress_dry_run: d.ingressDryRun,
|
|
3256
|
-
}));
|
|
3257
|
-
|
|
3258
|
-
export const marshalAzurePrivateEndpointInfoSchema: z.ZodType = z
|
|
3259
|
-
.object({
|
|
3260
|
-
privateEndpointName: z.string().optional(),
|
|
3261
|
-
privateEndpointResourceGuid: z.string().optional(),
|
|
3262
|
-
privateEndpointResourceId: z.string().optional(),
|
|
3263
|
-
privateLinkServiceId: z.string().optional(),
|
|
3264
|
-
})
|
|
3265
|
-
.transform(d => ({
|
|
3266
|
-
private_endpoint_name: d.privateEndpointName,
|
|
3267
|
-
private_endpoint_resource_guid: d.privateEndpointResourceGuid,
|
|
3268
|
-
private_endpoint_resource_id: d.privateEndpointResourceId,
|
|
3269
|
-
private_link_service_id: d.privateLinkServiceId,
|
|
3270
|
-
}));
|
|
3271
|
-
|
|
3272
|
-
export const marshalCreateAccountIpAccessListRequestSchema: z.ZodType = z
|
|
3273
|
-
.object({
|
|
3274
|
-
accountId: z.string().optional(),
|
|
3275
|
-
label: z.string().optional(),
|
|
3276
|
-
listType: z.enum(AccountIpAccessListType_IpAccessListType).optional(),
|
|
3277
|
-
ipAddresses: z.array(z.string()).optional(),
|
|
3278
|
-
})
|
|
3279
|
-
.transform(d => ({
|
|
3280
|
-
account_id: d.accountId,
|
|
3281
|
-
label: d.label,
|
|
3282
|
-
list_type: d.listType,
|
|
3283
|
-
ip_addresses: d.ipAddresses,
|
|
3284
|
-
}));
|
|
3285
|
-
|
|
3286
|
-
export const marshalCreateIpAccessListSchema: z.ZodType = z
|
|
3287
|
-
.object({
|
|
3288
|
-
label: z.string().optional(),
|
|
3289
|
-
listType: z.enum(IpAccessListType).optional(),
|
|
3290
|
-
ipAddresses: z.array(z.string()).optional(),
|
|
3291
|
-
})
|
|
3292
|
-
.transform(d => ({
|
|
3293
|
-
label: d.label,
|
|
3294
|
-
list_type: d.listType,
|
|
3295
|
-
ip_addresses: d.ipAddresses,
|
|
3296
|
-
}));
|
|
3297
|
-
|
|
3298
|
-
export const marshalCreateNetworkConnectivityConfigurationSchema: z.ZodType = z
|
|
3299
|
-
.object({
|
|
3300
|
-
networkConnectivityConfigId: z.string().optional(),
|
|
3301
|
-
accountId: z.string().optional(),
|
|
3302
|
-
name: z.string().optional(),
|
|
3303
|
-
region: z.string().optional(),
|
|
3304
|
-
egressConfig: z
|
|
3305
|
-
.lazy(
|
|
3306
|
-
() => marshalCustomerFacingNetworkConnectivityConfigEgressConfigSchema
|
|
3307
|
-
)
|
|
3308
|
-
.optional(),
|
|
3309
|
-
updatedTime: z.bigint().optional(),
|
|
3310
|
-
creationTime: z.bigint().optional(),
|
|
3311
|
-
})
|
|
3312
|
-
.transform(d => ({
|
|
3313
|
-
network_connectivity_config_id: d.networkConnectivityConfigId,
|
|
3314
|
-
account_id: d.accountId,
|
|
3315
|
-
name: d.name,
|
|
3316
|
-
region: d.region,
|
|
3317
|
-
egress_config: d.egressConfig,
|
|
3318
|
-
updated_time: d.updatedTime,
|
|
3319
|
-
creation_time: d.creationTime,
|
|
3320
|
-
}));
|
|
3321
|
-
|
|
3322
|
-
export const marshalCreateNetworkRequestSchema: z.ZodType = z
|
|
3323
|
-
.object({
|
|
3324
|
-
accountId: z.string().optional(),
|
|
3325
|
-
networkName: z.string().optional(),
|
|
3326
|
-
vpcId: z.string().optional(),
|
|
3327
|
-
subnetIds: z.array(z.string()).optional(),
|
|
3328
|
-
securityGroupIds: z.array(z.string()).optional(),
|
|
3329
|
-
vpcEndpoints: z.lazy(() => marshalNetworkVpcEndpointsSchema).optional(),
|
|
3330
|
-
gcpNetworkInfo: z.lazy(() => marshalGcpNetworkInfoSchema).optional(),
|
|
3331
|
-
})
|
|
3332
|
-
.transform(d => ({
|
|
3333
|
-
account_id: d.accountId,
|
|
3334
|
-
network_name: d.networkName,
|
|
3335
|
-
vpc_id: d.vpcId,
|
|
3336
|
-
subnet_ids: d.subnetIds,
|
|
3337
|
-
security_group_ids: d.securityGroupIds,
|
|
3338
|
-
vpc_endpoints: d.vpcEndpoints,
|
|
3339
|
-
gcp_network_info: d.gcpNetworkInfo,
|
|
3340
|
-
}));
|
|
3341
|
-
|
|
3342
|
-
export const marshalCreatePrivateAccessSettingsRequestSchema: z.ZodType = z
|
|
3343
|
-
.object({
|
|
3344
|
-
accountId: z.string().optional(),
|
|
3345
|
-
privateAccessSettingsName: z.string().optional(),
|
|
3346
|
-
region: z.string().optional(),
|
|
3347
|
-
publicAccessEnabled: z.boolean().optional(),
|
|
3348
|
-
privateAccessLevel: z.enum(PrivateAccessLevel).optional(),
|
|
3349
|
-
allowedVpcEndpointIds: z.array(z.string()).optional(),
|
|
3350
|
-
})
|
|
3351
|
-
.transform(d => ({
|
|
3352
|
-
account_id: d.accountId,
|
|
3353
|
-
private_access_settings_name: d.privateAccessSettingsName,
|
|
3354
|
-
region: d.region,
|
|
3355
|
-
public_access_enabled: d.publicAccessEnabled,
|
|
3356
|
-
private_access_level: d.privateAccessLevel,
|
|
3357
|
-
allowed_vpc_endpoint_ids: d.allowedVpcEndpointIds,
|
|
3358
|
-
}));
|
|
3359
|
-
|
|
3360
|
-
export const marshalCreatePrivateEndpointRuleSchema: z.ZodType = z
|
|
3361
|
-
.object({
|
|
3362
|
-
ruleId: z.string().optional(),
|
|
3363
|
-
networkConnectivityConfigId: z.string().optional(),
|
|
3364
|
-
connectionState: z
|
|
3365
|
-
.enum(NccPrivateEndpointRule_PrivateLinkConnectionState)
|
|
3366
|
-
.optional(),
|
|
3367
|
-
domainNames: z.array(z.string()).optional(),
|
|
3368
|
-
creationTime: z.bigint().optional(),
|
|
3369
|
-
updatedTime: z.bigint().optional(),
|
|
3370
|
-
deactivated: z.boolean().optional(),
|
|
3371
|
-
deactivatedAt: z.bigint().optional(),
|
|
3372
|
-
errorMessage: z.string().optional(),
|
|
3373
|
-
resourceId: z.string().optional(),
|
|
3374
|
-
groupId: z.string().optional(),
|
|
3375
|
-
endpointName: z.string().optional(),
|
|
3376
|
-
accountId: z.string().optional(),
|
|
3377
|
-
endpointService: z.string().optional(),
|
|
3378
|
-
resourceNames: z.array(z.string()).optional(),
|
|
3379
|
-
vpcEndpointId: z.string().optional(),
|
|
3380
|
-
enabled: z.boolean().optional(),
|
|
3381
|
-
endpoint: z
|
|
3382
|
-
.discriminatedUnion('$case', [
|
|
3383
|
-
z.object({
|
|
3384
|
-
$case: z.literal('gcpEndpoint'),
|
|
3385
|
-
gcpEndpoint: z.lazy(() => marshalGcpEndpointSchema),
|
|
3386
|
-
}),
|
|
3387
|
-
])
|
|
3388
|
-
.optional(),
|
|
3389
|
-
})
|
|
3390
|
-
.transform(d => ({
|
|
3391
|
-
rule_id: d.ruleId,
|
|
3392
|
-
network_connectivity_config_id: d.networkConnectivityConfigId,
|
|
3393
|
-
connection_state: d.connectionState,
|
|
3394
|
-
domain_names: d.domainNames,
|
|
3395
|
-
creation_time: d.creationTime,
|
|
3396
|
-
updated_time: d.updatedTime,
|
|
3397
|
-
deactivated: d.deactivated,
|
|
3398
|
-
deactivated_at: d.deactivatedAt,
|
|
3399
|
-
error_message: d.errorMessage,
|
|
3400
|
-
resource_id: d.resourceId,
|
|
3401
|
-
group_id: d.groupId,
|
|
3402
|
-
endpoint_name: d.endpointName,
|
|
3403
|
-
account_id: d.accountId,
|
|
3404
|
-
endpoint_service: d.endpointService,
|
|
3405
|
-
resource_names: d.resourceNames,
|
|
3406
|
-
vpc_endpoint_id: d.vpcEndpointId,
|
|
3407
|
-
enabled: d.enabled,
|
|
3408
|
-
...(d.endpoint?.$case === 'gcpEndpoint' && {
|
|
3409
|
-
gcp_endpoint: d.endpoint.gcpEndpoint,
|
|
3410
|
-
}),
|
|
3411
|
-
}));
|
|
3412
|
-
|
|
3413
|
-
export const marshalCreateVpcEndpointRequestSchema: z.ZodType = z
|
|
3414
|
-
.object({
|
|
3415
|
-
accountId: z.string().optional(),
|
|
3416
|
-
vpcEndpointName: z.string().optional(),
|
|
3417
|
-
region: z.string().optional(),
|
|
3418
|
-
awsVpcEndpointId: z.string().optional(),
|
|
3419
|
-
vpcEndpointInfo: z
|
|
3420
|
-
.discriminatedUnion('$case', [
|
|
3421
|
-
z.object({
|
|
3422
|
-
$case: z.literal('gcpVpcEndpointInfo'),
|
|
3423
|
-
gcpVpcEndpointInfo: z.lazy(
|
|
3424
|
-
() => marshalCustomerFacingGcpVpcEndpointInfoSchema
|
|
3425
|
-
),
|
|
3426
|
-
}),
|
|
3427
|
-
])
|
|
3428
|
-
.optional(),
|
|
3429
|
-
})
|
|
3430
|
-
.transform(d => ({
|
|
3431
|
-
account_id: d.accountId,
|
|
3432
|
-
vpc_endpoint_name: d.vpcEndpointName,
|
|
3433
|
-
region: d.region,
|
|
3434
|
-
aws_vpc_endpoint_id: d.awsVpcEndpointId,
|
|
3435
|
-
...(d.vpcEndpointInfo?.$case === 'gcpVpcEndpointInfo' && {
|
|
3436
|
-
gcp_vpc_endpoint_info: d.vpcEndpointInfo.gcpVpcEndpointInfo,
|
|
3437
|
-
}),
|
|
3438
|
-
}));
|
|
3439
|
-
|
|
3440
|
-
export const marshalCustomerFacingGcpVpcEndpointInfoSchema: z.ZodType = z
|
|
3441
|
-
.object({
|
|
3442
|
-
pscConnectionId: z.string().optional(),
|
|
3443
|
-
projectId: z.string().optional(),
|
|
3444
|
-
pscEndpointName: z.string().optional(),
|
|
3445
|
-
endpointRegion: z.string().optional(),
|
|
3446
|
-
serviceAttachmentId: z.string().optional(),
|
|
3447
|
-
})
|
|
3448
|
-
.transform(d => ({
|
|
3449
|
-
psc_connection_id: d.pscConnectionId,
|
|
3450
|
-
project_id: d.projectId,
|
|
3451
|
-
psc_endpoint_name: d.pscEndpointName,
|
|
3452
|
-
endpoint_region: d.endpointRegion,
|
|
3453
|
-
service_attachment_id: d.serviceAttachmentId,
|
|
3454
|
-
}));
|
|
3455
|
-
|
|
3456
|
-
export const marshalCustomerFacingIngressNetworkPolicySchema: z.ZodType = z
|
|
3457
|
-
.object({
|
|
3458
|
-
publicAccess: z
|
|
3459
|
-
.lazy(() => marshalCustomerFacingIngressNetworkPolicy_PublicAccessSchema)
|
|
3460
|
-
.optional(),
|
|
3461
|
-
privateAccess: z
|
|
3462
|
-
.lazy(() => marshalCustomerFacingIngressNetworkPolicy_PrivateAccessSchema)
|
|
3463
|
-
.optional(),
|
|
3464
|
-
crossWorkspaceAccess: z
|
|
3465
|
-
.lazy(
|
|
3466
|
-
() =>
|
|
3467
|
-
marshalCustomerFacingIngressNetworkPolicy_CrossWorkspaceAccessSchema
|
|
3468
|
-
)
|
|
3469
|
-
.optional(),
|
|
3470
|
-
})
|
|
3471
|
-
.transform(d => ({
|
|
3472
|
-
public_access: d.publicAccess,
|
|
3473
|
-
private_access: d.privateAccess,
|
|
3474
|
-
cross_workspace_access: d.crossWorkspaceAccess,
|
|
3475
|
-
}));
|
|
3476
|
-
|
|
3477
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
3478
|
-
export const marshalCustomerFacingIngressNetworkPolicy_AccountApiDestinationSchema: z.ZodType =
|
|
3479
|
-
z
|
|
3480
|
-
.object({
|
|
3481
|
-
scopes: z.array(z.string()).optional(),
|
|
3482
|
-
scopeQualifier: z
|
|
3483
|
-
.enum(CustomerFacingIngressNetworkPolicy_ApiScopeQualifier)
|
|
3484
|
-
.optional(),
|
|
3485
|
-
})
|
|
3486
|
-
.transform(d => ({
|
|
3487
|
-
scopes: d.scopes,
|
|
3488
|
-
scope_qualifier: d.scopeQualifier,
|
|
3489
|
-
}));
|
|
3490
|
-
|
|
3491
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
3492
|
-
export const marshalCustomerFacingIngressNetworkPolicy_AccountDatabricksOneDestinationSchema: z.ZodType =
|
|
3493
|
-
z
|
|
3494
|
-
.object({
|
|
3495
|
-
allDestinations: z.boolean().optional(),
|
|
3496
|
-
})
|
|
3497
|
-
.transform(d => ({
|
|
3498
|
-
all_destinations: d.allDestinations,
|
|
3499
|
-
}));
|
|
3500
|
-
|
|
3501
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
3502
|
-
export const marshalCustomerFacingIngressNetworkPolicy_AccountUiDestinationSchema: z.ZodType =
|
|
3503
|
-
z
|
|
3504
|
-
.object({
|
|
3505
|
-
allDestinations: z.boolean().optional(),
|
|
3506
|
-
})
|
|
3507
|
-
.transform(d => ({
|
|
3508
|
-
all_destinations: d.allDestinations,
|
|
3509
|
-
}));
|
|
3510
|
-
|
|
3511
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
3512
|
-
export const marshalCustomerFacingIngressNetworkPolicy_AppsRuntimeDestinationSchema: z.ZodType =
|
|
3513
|
-
z
|
|
3514
|
-
.object({
|
|
3515
|
-
allDestinations: z.boolean().optional(),
|
|
3516
|
-
})
|
|
3517
|
-
.transform(d => ({
|
|
3518
|
-
all_destinations: d.allDestinations,
|
|
3519
|
-
}));
|
|
3520
|
-
|
|
3521
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
3522
|
-
export const marshalCustomerFacingIngressNetworkPolicy_AuthenticationSchema: z.ZodType =
|
|
3523
|
-
z
|
|
3524
|
-
.object({
|
|
3525
|
-
identityType: z
|
|
3526
|
-
.enum(CustomerFacingIngressNetworkPolicy_Authentication_IdentityType)
|
|
3527
|
-
.optional(),
|
|
3528
|
-
identities: z
|
|
3529
|
-
.array(
|
|
3530
|
-
z.lazy(
|
|
3531
|
-
() =>
|
|
3532
|
-
marshalCustomerFacingIngressNetworkPolicy_AuthenticationIdentitySchema
|
|
3533
|
-
)
|
|
3534
|
-
)
|
|
3535
|
-
.optional(),
|
|
3536
|
-
})
|
|
3537
|
-
.transform(d => ({
|
|
3538
|
-
identity_type: d.identityType,
|
|
3539
|
-
identities: d.identities,
|
|
3540
|
-
}));
|
|
3541
|
-
|
|
3542
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
3543
|
-
export const marshalCustomerFacingIngressNetworkPolicy_AuthenticationIdentitySchema: z.ZodType =
|
|
3544
|
-
z
|
|
3545
|
-
.object({
|
|
3546
|
-
principalType: z
|
|
3547
|
-
.enum(
|
|
3548
|
-
CustomerFacingIngressNetworkPolicy_AuthenticationIdentity_PrincipalType
|
|
3549
|
-
)
|
|
3550
|
-
.optional(),
|
|
3551
|
-
principalId: z.bigint().optional(),
|
|
3552
|
-
})
|
|
3553
|
-
.transform(d => ({
|
|
3554
|
-
principal_type: d.principalType,
|
|
3555
|
-
principal_id: d.principalId,
|
|
3556
|
-
}));
|
|
3557
|
-
|
|
3558
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
3559
|
-
export const marshalCustomerFacingIngressNetworkPolicy_CrossWorkspaceAccessSchema: z.ZodType =
|
|
3560
|
-
z
|
|
3561
|
-
.object({
|
|
3562
|
-
restrictionMode: z
|
|
3563
|
-
.enum(
|
|
3564
|
-
CustomerFacingIngressNetworkPolicy_CrossWorkspaceAccess_RestrictionMode
|
|
3565
|
-
)
|
|
3566
|
-
.optional(),
|
|
3567
|
-
denyRules: z
|
|
3568
|
-
.array(
|
|
3569
|
-
z.lazy(
|
|
3570
|
-
() =>
|
|
3571
|
-
marshalCustomerFacingIngressNetworkPolicy_CrossWorkspaceIngressRuleSchema
|
|
3572
|
-
)
|
|
3573
|
-
)
|
|
3574
|
-
.optional(),
|
|
3575
|
-
allowRules: z
|
|
3576
|
-
.array(
|
|
3577
|
-
z.lazy(
|
|
3578
|
-
() =>
|
|
3579
|
-
marshalCustomerFacingIngressNetworkPolicy_CrossWorkspaceIngressRuleSchema
|
|
3580
|
-
)
|
|
3581
|
-
)
|
|
3582
|
-
.optional(),
|
|
3583
|
-
})
|
|
3584
|
-
.transform(d => ({
|
|
3585
|
-
restriction_mode: d.restrictionMode,
|
|
3586
|
-
deny_rules: d.denyRules,
|
|
3587
|
-
allow_rules: d.allowRules,
|
|
3588
|
-
}));
|
|
3589
|
-
|
|
3590
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
3591
|
-
export const marshalCustomerFacingIngressNetworkPolicy_CrossWorkspaceIngressRuleSchema: z.ZodType =
|
|
3592
|
-
z
|
|
3593
|
-
.object({
|
|
3594
|
-
origin: z
|
|
3595
|
-
.lazy(
|
|
3596
|
-
() =>
|
|
3597
|
-
marshalCustomerFacingIngressNetworkPolicy_CrossWorkspaceRequestOriginSchema
|
|
3598
|
-
)
|
|
3599
|
-
.optional(),
|
|
3600
|
-
destination: z
|
|
3601
|
-
.lazy(
|
|
3602
|
-
() =>
|
|
3603
|
-
marshalCustomerFacingIngressNetworkPolicy_RequestDestinationSchema
|
|
3604
|
-
)
|
|
3605
|
-
.optional(),
|
|
3606
|
-
authentication: z
|
|
3607
|
-
.lazy(
|
|
3608
|
-
() => marshalCustomerFacingIngressNetworkPolicy_AuthenticationSchema
|
|
3609
|
-
)
|
|
3610
|
-
.optional(),
|
|
3611
|
-
label: z.string().optional(),
|
|
3612
|
-
})
|
|
3613
|
-
.transform(d => ({
|
|
3614
|
-
origin: d.origin,
|
|
3615
|
-
destination: d.destination,
|
|
3616
|
-
authentication: d.authentication,
|
|
3617
|
-
label: d.label,
|
|
3618
|
-
}));
|
|
3619
|
-
|
|
3620
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
3621
|
-
export const marshalCustomerFacingIngressNetworkPolicy_CrossWorkspaceRequestOriginSchema: z.ZodType =
|
|
3622
|
-
z
|
|
3623
|
-
.object({
|
|
3624
|
-
source: z
|
|
3625
|
-
.discriminatedUnion('$case', [
|
|
3626
|
-
z.object({
|
|
3627
|
-
$case: z.literal('allSourceWorkspaces'),
|
|
3628
|
-
allSourceWorkspaces: z.boolean(),
|
|
3629
|
-
}),
|
|
3630
|
-
z.object({
|
|
3631
|
-
$case: z.literal('selectedWorkspaces'),
|
|
3632
|
-
selectedWorkspaces: z.lazy(
|
|
3633
|
-
() =>
|
|
3634
|
-
marshalCustomerFacingIngressNetworkPolicy_WorkspaceIdListSchema
|
|
3635
|
-
),
|
|
3636
|
-
}),
|
|
3637
|
-
])
|
|
3638
|
-
.optional(),
|
|
3639
|
-
})
|
|
3640
|
-
.transform(d => ({
|
|
3641
|
-
...(d.source?.$case === 'allSourceWorkspaces' && {
|
|
3642
|
-
all_source_workspaces: d.source.allSourceWorkspaces,
|
|
3643
|
-
}),
|
|
3644
|
-
...(d.source?.$case === 'selectedWorkspaces' && {
|
|
3645
|
-
selected_workspaces: d.source.selectedWorkspaces,
|
|
3646
|
-
}),
|
|
3647
|
-
}));
|
|
3648
|
-
|
|
3649
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
3650
|
-
export const marshalCustomerFacingIngressNetworkPolicy_EndpointsSchema: z.ZodType =
|
|
3651
|
-
z
|
|
3652
|
-
.object({
|
|
3653
|
-
endpointIds: z.array(z.string()).optional(),
|
|
3654
|
-
})
|
|
3655
|
-
.transform(d => ({
|
|
3656
|
-
endpoint_ids: d.endpointIds,
|
|
3657
|
-
}));
|
|
3658
|
-
|
|
3659
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
3660
|
-
export const marshalCustomerFacingIngressNetworkPolicy_IpRangesSchema: z.ZodType =
|
|
3661
|
-
z
|
|
3662
|
-
.object({
|
|
3663
|
-
ipRanges: z.array(z.string()).optional(),
|
|
3664
|
-
})
|
|
3665
|
-
.transform(d => ({
|
|
3666
|
-
ip_ranges: d.ipRanges,
|
|
3667
|
-
}));
|
|
3668
|
-
|
|
3669
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
3670
|
-
export const marshalCustomerFacingIngressNetworkPolicy_LakebaseRuntimeDestinationSchema: z.ZodType =
|
|
3671
|
-
z
|
|
3672
|
-
.object({
|
|
3673
|
-
allDestinations: z.boolean().optional(),
|
|
3674
|
-
})
|
|
3675
|
-
.transform(d => ({
|
|
3676
|
-
all_destinations: d.allDestinations,
|
|
3677
|
-
}));
|
|
3678
|
-
|
|
3679
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
3680
|
-
export const marshalCustomerFacingIngressNetworkPolicy_PrivateAccessSchema: z.ZodType =
|
|
3681
|
-
z
|
|
3682
|
-
.object({
|
|
3683
|
-
restrictionMode: z
|
|
3684
|
-
.enum(CustomerFacingIngressNetworkPolicy_PrivateAccess_RestrictionMode)
|
|
3685
|
-
.optional(),
|
|
3686
|
-
denyRules: z
|
|
3687
|
-
.array(
|
|
3688
|
-
z.lazy(
|
|
3689
|
-
() =>
|
|
3690
|
-
marshalCustomerFacingIngressNetworkPolicy_PrivateIngressRuleSchema
|
|
3691
|
-
)
|
|
3692
|
-
)
|
|
3693
|
-
.optional(),
|
|
3694
|
-
allowRules: z
|
|
3695
|
-
.array(
|
|
3696
|
-
z.lazy(
|
|
3697
|
-
() =>
|
|
3698
|
-
marshalCustomerFacingIngressNetworkPolicy_PrivateIngressRuleSchema
|
|
3699
|
-
)
|
|
3700
|
-
)
|
|
3701
|
-
.optional(),
|
|
3702
|
-
})
|
|
3703
|
-
.transform(d => ({
|
|
3704
|
-
restriction_mode: d.restrictionMode,
|
|
3705
|
-
deny_rules: d.denyRules,
|
|
3706
|
-
allow_rules: d.allowRules,
|
|
3707
|
-
}));
|
|
3708
|
-
|
|
3709
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
3710
|
-
export const marshalCustomerFacingIngressNetworkPolicy_PrivateIngressRuleSchema: z.ZodType =
|
|
3711
|
-
z
|
|
3712
|
-
.object({
|
|
3713
|
-
origin: z
|
|
3714
|
-
.lazy(
|
|
3715
|
-
() =>
|
|
3716
|
-
marshalCustomerFacingIngressNetworkPolicy_PrivateRequestOriginSchema
|
|
3717
|
-
)
|
|
3718
|
-
.optional(),
|
|
3719
|
-
destination: z
|
|
3720
|
-
.lazy(
|
|
3721
|
-
() =>
|
|
3722
|
-
marshalCustomerFacingIngressNetworkPolicy_RequestDestinationSchema
|
|
3723
|
-
)
|
|
3724
|
-
.optional(),
|
|
3725
|
-
authentication: z
|
|
3726
|
-
.lazy(
|
|
3727
|
-
() => marshalCustomerFacingIngressNetworkPolicy_AuthenticationSchema
|
|
3728
|
-
)
|
|
3729
|
-
.optional(),
|
|
3730
|
-
label: z.string().optional(),
|
|
3731
|
-
})
|
|
3732
|
-
.transform(d => ({
|
|
3733
|
-
origin: d.origin,
|
|
3734
|
-
destination: d.destination,
|
|
3735
|
-
authentication: d.authentication,
|
|
3736
|
-
label: d.label,
|
|
3737
|
-
}));
|
|
3738
|
-
|
|
3739
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
3740
|
-
export const marshalCustomerFacingIngressNetworkPolicy_PrivateRequestOriginSchema: z.ZodType =
|
|
3741
|
-
z
|
|
3742
|
-
.object({
|
|
3743
|
-
source: z
|
|
3744
|
-
.discriminatedUnion('$case', [
|
|
3745
|
-
z.object({
|
|
3746
|
-
$case: z.literal('endpoints'),
|
|
3747
|
-
endpoints: z.lazy(
|
|
3748
|
-
() => marshalCustomerFacingIngressNetworkPolicy_EndpointsSchema
|
|
3749
|
-
),
|
|
3750
|
-
}),
|
|
3751
|
-
z.object({
|
|
3752
|
-
$case: z.literal('allRegisteredEndpoints'),
|
|
3753
|
-
allRegisteredEndpoints: z.boolean(),
|
|
3754
|
-
}),
|
|
3755
|
-
z.object({
|
|
3756
|
-
$case: z.literal('azureWorkspacePrivateLink'),
|
|
3757
|
-
azureWorkspacePrivateLink: z.boolean(),
|
|
3758
|
-
}),
|
|
3759
|
-
z.object({
|
|
3760
|
-
$case: z.literal('allPrivateAccess'),
|
|
3761
|
-
allPrivateAccess: z.boolean(),
|
|
3762
|
-
}),
|
|
3763
|
-
])
|
|
3764
|
-
.optional(),
|
|
3765
|
-
})
|
|
3766
|
-
.transform(d => ({
|
|
3767
|
-
...(d.source?.$case === 'endpoints' && {endpoints: d.source.endpoints}),
|
|
3768
|
-
...(d.source?.$case === 'allRegisteredEndpoints' && {
|
|
3769
|
-
all_registered_endpoints: d.source.allRegisteredEndpoints,
|
|
3770
|
-
}),
|
|
3771
|
-
...(d.source?.$case === 'azureWorkspacePrivateLink' && {
|
|
3772
|
-
azure_workspace_private_link: d.source.azureWorkspacePrivateLink,
|
|
3773
|
-
}),
|
|
3774
|
-
...(d.source?.$case === 'allPrivateAccess' && {
|
|
3775
|
-
all_private_access: d.source.allPrivateAccess,
|
|
3776
|
-
}),
|
|
3777
|
-
}));
|
|
3778
|
-
|
|
3779
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
3780
|
-
export const marshalCustomerFacingIngressNetworkPolicy_PublicAccessSchema: z.ZodType =
|
|
3781
|
-
z
|
|
3782
|
-
.object({
|
|
3783
|
-
restrictionMode: z
|
|
3784
|
-
.enum(CustomerFacingIngressNetworkPolicy_PublicAccess_RestrictionMode)
|
|
3785
|
-
.optional(),
|
|
3786
|
-
denyRules: z
|
|
3787
|
-
.array(
|
|
3788
|
-
z.lazy(
|
|
3789
|
-
() =>
|
|
3790
|
-
marshalCustomerFacingIngressNetworkPolicy_PublicIngressRuleSchema
|
|
3791
|
-
)
|
|
3792
|
-
)
|
|
3793
|
-
.optional(),
|
|
3794
|
-
allowRules: z
|
|
3795
|
-
.array(
|
|
3796
|
-
z.lazy(
|
|
3797
|
-
() =>
|
|
3798
|
-
marshalCustomerFacingIngressNetworkPolicy_PublicIngressRuleSchema
|
|
3799
|
-
)
|
|
3800
|
-
)
|
|
3801
|
-
.optional(),
|
|
3802
|
-
})
|
|
3803
|
-
.transform(d => ({
|
|
3804
|
-
restriction_mode: d.restrictionMode,
|
|
3805
|
-
deny_rules: d.denyRules,
|
|
3806
|
-
allow_rules: d.allowRules,
|
|
3807
|
-
}));
|
|
3808
|
-
|
|
3809
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
3810
|
-
export const marshalCustomerFacingIngressNetworkPolicy_PublicIngressRuleSchema: z.ZodType =
|
|
3811
|
-
z
|
|
3812
|
-
.object({
|
|
3813
|
-
origin: z
|
|
3814
|
-
.lazy(
|
|
3815
|
-
() =>
|
|
3816
|
-
marshalCustomerFacingIngressNetworkPolicy_PublicRequestOriginSchema
|
|
3817
|
-
)
|
|
3818
|
-
.optional(),
|
|
3819
|
-
destination: z
|
|
3820
|
-
.lazy(
|
|
3821
|
-
() =>
|
|
3822
|
-
marshalCustomerFacingIngressNetworkPolicy_RequestDestinationSchema
|
|
3823
|
-
)
|
|
3824
|
-
.optional(),
|
|
3825
|
-
authentication: z
|
|
3826
|
-
.lazy(
|
|
3827
|
-
() => marshalCustomerFacingIngressNetworkPolicy_AuthenticationSchema
|
|
3828
|
-
)
|
|
3829
|
-
.optional(),
|
|
3830
|
-
label: z.string().optional(),
|
|
3831
|
-
})
|
|
3832
|
-
.transform(d => ({
|
|
3833
|
-
origin: d.origin,
|
|
3834
|
-
destination: d.destination,
|
|
3835
|
-
authentication: d.authentication,
|
|
3836
|
-
label: d.label,
|
|
3837
|
-
}));
|
|
3838
|
-
|
|
3839
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
3840
|
-
export const marshalCustomerFacingIngressNetworkPolicy_PublicRequestOriginSchema: z.ZodType =
|
|
3841
|
-
z
|
|
3842
|
-
.object({
|
|
3843
|
-
source: z
|
|
3844
|
-
.discriminatedUnion('$case', [
|
|
3845
|
-
z.object({$case: z.literal('allIpRanges'), allIpRanges: z.boolean()}),
|
|
3846
|
-
z.object({
|
|
3847
|
-
$case: z.literal('includedIpRanges'),
|
|
3848
|
-
includedIpRanges: z.lazy(
|
|
3849
|
-
() => marshalCustomerFacingIngressNetworkPolicy_IpRangesSchema
|
|
3850
|
-
),
|
|
3851
|
-
}),
|
|
3852
|
-
z.object({
|
|
3853
|
-
$case: z.literal('excludedIpRanges'),
|
|
3854
|
-
excludedIpRanges: z.lazy(
|
|
3855
|
-
() => marshalCustomerFacingIngressNetworkPolicy_IpRangesSchema
|
|
3856
|
-
),
|
|
3857
|
-
}),
|
|
3858
|
-
])
|
|
3859
|
-
.optional(),
|
|
3860
|
-
})
|
|
3861
|
-
.transform(d => ({
|
|
3862
|
-
...(d.source?.$case === 'allIpRanges' && {
|
|
3863
|
-
all_ip_ranges: d.source.allIpRanges,
|
|
3864
|
-
}),
|
|
3865
|
-
...(d.source?.$case === 'includedIpRanges' && {
|
|
3866
|
-
included_ip_ranges: d.source.includedIpRanges,
|
|
3867
|
-
}),
|
|
3868
|
-
...(d.source?.$case === 'excludedIpRanges' && {
|
|
3869
|
-
excluded_ip_ranges: d.source.excludedIpRanges,
|
|
3870
|
-
}),
|
|
3871
|
-
}));
|
|
3872
|
-
|
|
3873
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
3874
|
-
export const marshalCustomerFacingIngressNetworkPolicy_RequestDestinationSchema: z.ZodType =
|
|
3875
|
-
z
|
|
3876
|
-
.object({
|
|
3877
|
-
allDestinations: z.boolean().optional(),
|
|
3878
|
-
workspaceUi: z
|
|
3879
|
-
.lazy(
|
|
3880
|
-
() =>
|
|
3881
|
-
marshalCustomerFacingIngressNetworkPolicy_WorkspaceUiDestinationSchema
|
|
3882
|
-
)
|
|
3883
|
-
.optional(),
|
|
3884
|
-
workspaceApi: z
|
|
3885
|
-
.lazy(
|
|
3886
|
-
() =>
|
|
3887
|
-
marshalCustomerFacingIngressNetworkPolicy_WorkspaceApiDestinationSchema
|
|
3888
|
-
)
|
|
3889
|
-
.optional(),
|
|
3890
|
-
appsRuntime: z
|
|
3891
|
-
.lazy(
|
|
3892
|
-
() =>
|
|
3893
|
-
marshalCustomerFacingIngressNetworkPolicy_AppsRuntimeDestinationSchema
|
|
3894
|
-
)
|
|
3895
|
-
.optional(),
|
|
3896
|
-
lakebaseRuntime: z
|
|
3897
|
-
.lazy(
|
|
3898
|
-
() =>
|
|
3899
|
-
marshalCustomerFacingIngressNetworkPolicy_LakebaseRuntimeDestinationSchema
|
|
3900
|
-
)
|
|
3901
|
-
.optional(),
|
|
3902
|
-
accountUi: z
|
|
3903
|
-
.lazy(
|
|
3904
|
-
() =>
|
|
3905
|
-
marshalCustomerFacingIngressNetworkPolicy_AccountUiDestinationSchema
|
|
3906
|
-
)
|
|
3907
|
-
.optional(),
|
|
3908
|
-
accountApi: z
|
|
3909
|
-
.lazy(
|
|
3910
|
-
() =>
|
|
3911
|
-
marshalCustomerFacingIngressNetworkPolicy_AccountApiDestinationSchema
|
|
3912
|
-
)
|
|
3913
|
-
.optional(),
|
|
3914
|
-
accountDatabricksOne: z
|
|
3915
|
-
.lazy(
|
|
3916
|
-
() =>
|
|
3917
|
-
marshalCustomerFacingIngressNetworkPolicy_AccountDatabricksOneDestinationSchema
|
|
3918
|
-
)
|
|
3919
|
-
.optional(),
|
|
3920
|
-
})
|
|
3921
|
-
.transform(d => ({
|
|
3922
|
-
all_destinations: d.allDestinations,
|
|
3923
|
-
workspace_ui: d.workspaceUi,
|
|
3924
|
-
workspace_api: d.workspaceApi,
|
|
3925
|
-
apps_runtime: d.appsRuntime,
|
|
3926
|
-
lakebase_runtime: d.lakebaseRuntime,
|
|
3927
|
-
account_ui: d.accountUi,
|
|
3928
|
-
account_api: d.accountApi,
|
|
3929
|
-
account_databricks_one: d.accountDatabricksOne,
|
|
3930
|
-
}));
|
|
3931
|
-
|
|
3932
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
3933
|
-
export const marshalCustomerFacingIngressNetworkPolicy_WorkspaceApiDestinationSchema: z.ZodType =
|
|
3934
|
-
z
|
|
3935
|
-
.object({
|
|
3936
|
-
scopes: z.array(z.string()).optional(),
|
|
3937
|
-
scopeQualifier: z
|
|
3938
|
-
.enum(CustomerFacingIngressNetworkPolicy_ApiScopeQualifier)
|
|
3939
|
-
.optional(),
|
|
3940
|
-
})
|
|
3941
|
-
.transform(d => ({
|
|
3942
|
-
scopes: d.scopes,
|
|
3943
|
-
scope_qualifier: d.scopeQualifier,
|
|
3944
|
-
}));
|
|
3945
|
-
|
|
3946
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
3947
|
-
export const marshalCustomerFacingIngressNetworkPolicy_WorkspaceIdListSchema: z.ZodType =
|
|
3948
|
-
z
|
|
3949
|
-
.object({
|
|
3950
|
-
workspaceIds: z.array(z.bigint()).optional(),
|
|
3951
|
-
})
|
|
3952
|
-
.transform(d => ({
|
|
3953
|
-
workspace_ids: d.workspaceIds,
|
|
3954
|
-
}));
|
|
3955
|
-
|
|
3956
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
3957
|
-
export const marshalCustomerFacingIngressNetworkPolicy_WorkspaceUiDestinationSchema: z.ZodType =
|
|
3958
|
-
z
|
|
3959
|
-
.object({
|
|
3960
|
-
allDestinations: z.boolean().optional(),
|
|
3961
|
-
})
|
|
3962
|
-
.transform(d => ({
|
|
3963
|
-
all_destinations: d.allDestinations,
|
|
3964
|
-
}));
|
|
3965
|
-
|
|
3966
|
-
export const marshalCustomerFacingNetworkConnectivityConfigAwsPrivateEndpointRuleSchema: z.ZodType =
|
|
3967
|
-
z
|
|
3968
|
-
.object({
|
|
3969
|
-
ruleId: z.string().optional(),
|
|
3970
|
-
networkConnectivityConfigId: z.string().optional(),
|
|
3971
|
-
accountId: z.string().optional(),
|
|
3972
|
-
endpointService: z.string().optional(),
|
|
3973
|
-
domainNames: z.array(z.string()).optional(),
|
|
3974
|
-
resourceNames: z.array(z.string()).optional(),
|
|
3975
|
-
vpcEndpointId: z.string().optional(),
|
|
3976
|
-
connectionState: z
|
|
3977
|
-
.enum(
|
|
3978
|
-
CustomerFacingNetworkConnectivityConfigAwsPrivateEndpointRule_PrivateLinkConnectionState
|
|
3979
|
-
)
|
|
3980
|
-
.optional(),
|
|
3981
|
-
creationTime: z.bigint().optional(),
|
|
3982
|
-
updatedTime: z.bigint().optional(),
|
|
3983
|
-
deactivated: z.boolean().optional(),
|
|
3984
|
-
deactivatedAt: z.bigint().optional(),
|
|
3985
|
-
enabled: z.boolean().optional(),
|
|
3986
|
-
errorMessage: z.string().optional(),
|
|
3987
|
-
})
|
|
3988
|
-
.transform(d => ({
|
|
3989
|
-
rule_id: d.ruleId,
|
|
3990
|
-
network_connectivity_config_id: d.networkConnectivityConfigId,
|
|
3991
|
-
account_id: d.accountId,
|
|
3992
|
-
endpoint_service: d.endpointService,
|
|
3993
|
-
domain_names: d.domainNames,
|
|
3994
|
-
resource_names: d.resourceNames,
|
|
3995
|
-
vpc_endpoint_id: d.vpcEndpointId,
|
|
3996
|
-
connection_state: d.connectionState,
|
|
3997
|
-
creation_time: d.creationTime,
|
|
3998
|
-
updated_time: d.updatedTime,
|
|
3999
|
-
deactivated: d.deactivated,
|
|
4000
|
-
deactivated_at: d.deactivatedAt,
|
|
4001
|
-
enabled: d.enabled,
|
|
4002
|
-
error_message: d.errorMessage,
|
|
4003
|
-
}));
|
|
4004
|
-
|
|
4005
|
-
export const marshalCustomerFacingNetworkConnectivityConfigAzurePrivateEndpointRuleSchema: z.ZodType =
|
|
4006
|
-
z
|
|
4007
|
-
.object({
|
|
4008
|
-
ruleId: z.string().optional(),
|
|
4009
|
-
networkConnectivityConfigId: z.string().optional(),
|
|
4010
|
-
resourceId: z.string().optional(),
|
|
4011
|
-
groupId: z.string().optional(),
|
|
4012
|
-
endpointName: z.string().optional(),
|
|
4013
|
-
connectionState: z
|
|
4014
|
-
.enum(
|
|
4015
|
-
CustomerFacingNetworkConnectivityConfigAzurePrivateEndpointRule_PrivateLinkConnectionState
|
|
4016
|
-
)
|
|
4017
|
-
.optional(),
|
|
4018
|
-
creationTime: z.bigint().optional(),
|
|
4019
|
-
updatedTime: z.bigint().optional(),
|
|
4020
|
-
deactivated: z.boolean().optional(),
|
|
4021
|
-
deactivatedAt: z.bigint().optional(),
|
|
4022
|
-
domainNames: z.array(z.string()).optional(),
|
|
4023
|
-
errorMessage: z.string().optional(),
|
|
4024
|
-
})
|
|
4025
|
-
.transform(d => ({
|
|
4026
|
-
rule_id: d.ruleId,
|
|
4027
|
-
network_connectivity_config_id: d.networkConnectivityConfigId,
|
|
4028
|
-
resource_id: d.resourceId,
|
|
4029
|
-
group_id: d.groupId,
|
|
4030
|
-
endpoint_name: d.endpointName,
|
|
4031
|
-
connection_state: d.connectionState,
|
|
4032
|
-
creation_time: d.creationTime,
|
|
4033
|
-
updated_time: d.updatedTime,
|
|
4034
|
-
deactivated: d.deactivated,
|
|
4035
|
-
deactivated_at: d.deactivatedAt,
|
|
4036
|
-
domain_names: d.domainNames,
|
|
4037
|
-
error_message: d.errorMessage,
|
|
4038
|
-
}));
|
|
4039
|
-
|
|
4040
|
-
export const marshalCustomerFacingNetworkConnectivityConfigEgressConfigSchema: z.ZodType =
|
|
4041
|
-
z
|
|
4042
|
-
.object({
|
|
4043
|
-
defaultRules: z
|
|
4044
|
-
.lazy(
|
|
4045
|
-
() => marshalNetworkConnectivityConfigEgressConfig_DefaultRuleSchema
|
|
4046
|
-
)
|
|
4047
|
-
.optional(),
|
|
4048
|
-
targetRules: z
|
|
4049
|
-
.lazy(
|
|
4050
|
-
() =>
|
|
4051
|
-
marshalCustomerFacingNetworkConnectivityConfigEgressConfig_CustomerFacingTargetRuleSchema
|
|
4052
|
-
)
|
|
4053
|
-
.optional(),
|
|
4054
|
-
})
|
|
4055
|
-
.transform(d => ({
|
|
4056
|
-
default_rules: d.defaultRules,
|
|
4057
|
-
target_rules: d.targetRules,
|
|
4058
|
-
}));
|
|
4059
|
-
|
|
4060
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
4061
|
-
export const marshalCustomerFacingNetworkConnectivityConfigEgressConfig_CustomerFacingTargetRuleSchema: z.ZodType =
|
|
4062
|
-
z
|
|
4063
|
-
.object({
|
|
4064
|
-
azurePrivateEndpointRules: z
|
|
4065
|
-
.array(
|
|
4066
|
-
z.lazy(
|
|
4067
|
-
() =>
|
|
4068
|
-
marshalCustomerFacingNetworkConnectivityConfigAzurePrivateEndpointRuleSchema
|
|
4069
|
-
)
|
|
4070
|
-
)
|
|
4071
|
-
.optional(),
|
|
4072
|
-
awsPrivateEndpointRules: z
|
|
4073
|
-
.array(
|
|
4074
|
-
z.lazy(
|
|
4075
|
-
() =>
|
|
4076
|
-
marshalCustomerFacingNetworkConnectivityConfigAwsPrivateEndpointRuleSchema
|
|
4077
|
-
)
|
|
4078
|
-
)
|
|
4079
|
-
.optional(),
|
|
4080
|
-
})
|
|
4081
|
-
.transform(d => ({
|
|
4082
|
-
azure_private_endpoint_rules: d.azurePrivateEndpointRules,
|
|
4083
|
-
aws_private_endpoint_rules: d.awsPrivateEndpointRules,
|
|
4084
|
-
}));
|
|
4085
|
-
|
|
4086
|
-
export const marshalCustomerFacingPrivateAccessSettingsSchema: z.ZodType = z
|
|
4087
|
-
.object({
|
|
4088
|
-
privateAccessSettingsId: z.string().optional(),
|
|
4089
|
-
accountId: z.string().optional(),
|
|
4090
|
-
privateAccessSettingsName: z.string().optional(),
|
|
4091
|
-
region: z.string().optional(),
|
|
4092
|
-
publicAccessEnabled: z.boolean().optional(),
|
|
4093
|
-
privateAccessLevel: z.enum(PrivateAccessLevel).optional(),
|
|
4094
|
-
allowedVpcEndpointIds: z.array(z.string()).optional(),
|
|
4095
|
-
})
|
|
4096
|
-
.transform(d => ({
|
|
4097
|
-
private_access_settings_id: d.privateAccessSettingsId,
|
|
4098
|
-
account_id: d.accountId,
|
|
4099
|
-
private_access_settings_name: d.privateAccessSettingsName,
|
|
4100
|
-
region: d.region,
|
|
4101
|
-
public_access_enabled: d.publicAccessEnabled,
|
|
4102
|
-
private_access_level: d.privateAccessLevel,
|
|
4103
|
-
allowed_vpc_endpoint_ids: d.allowedVpcEndpointIds,
|
|
4104
|
-
}));
|
|
4105
|
-
|
|
4106
|
-
export const marshalEgressNetworkPolicySchema: z.ZodType = z
|
|
4107
|
-
.object({
|
|
4108
|
-
networkAccess: z
|
|
4109
|
-
.lazy(() => marshalEgressNetworkPolicy_NetworkAccessPolicySchema)
|
|
4110
|
-
.optional(),
|
|
4111
|
-
})
|
|
4112
|
-
.transform(d => ({
|
|
4113
|
-
network_access: d.networkAccess,
|
|
4114
|
-
}));
|
|
4115
|
-
|
|
4116
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
4117
|
-
export const marshalEgressNetworkPolicy_NetworkAccessPolicySchema: z.ZodType = z
|
|
4118
|
-
.object({
|
|
4119
|
-
restrictionMode: z
|
|
4120
|
-
.enum(EgressNetworkPolicy_NetworkAccessPolicy_RestrictionMode)
|
|
4121
|
-
.optional(),
|
|
4122
|
-
allowedInternetDestinations: z
|
|
4123
|
-
.array(
|
|
4124
|
-
z.lazy(
|
|
4125
|
-
() =>
|
|
4126
|
-
marshalEgressNetworkPolicy_NetworkAccessPolicy_InternetDestinationSchema
|
|
4127
|
-
)
|
|
4128
|
-
)
|
|
4129
|
-
.optional(),
|
|
4130
|
-
allowedStorageDestinations: z
|
|
4131
|
-
.array(
|
|
4132
|
-
z.lazy(
|
|
4133
|
-
() =>
|
|
4134
|
-
marshalEgressNetworkPolicy_NetworkAccessPolicy_StorageDestinationSchema
|
|
4135
|
-
)
|
|
4136
|
-
)
|
|
4137
|
-
.optional(),
|
|
4138
|
-
policyEnforcement: z
|
|
4139
|
-
.lazy(
|
|
4140
|
-
() =>
|
|
4141
|
-
marshalEgressNetworkPolicy_NetworkAccessPolicy_PolicyEnforcementSchema
|
|
4142
|
-
)
|
|
4143
|
-
.optional(),
|
|
4144
|
-
blockedInternetDestinations: z
|
|
4145
|
-
.array(
|
|
4146
|
-
z.lazy(
|
|
4147
|
-
() =>
|
|
4148
|
-
marshalEgressNetworkPolicy_NetworkAccessPolicy_InternetDestinationSchema
|
|
4149
|
-
)
|
|
4150
|
-
)
|
|
4151
|
-
.optional(),
|
|
4152
|
-
})
|
|
4153
|
-
.transform(d => ({
|
|
4154
|
-
restriction_mode: d.restrictionMode,
|
|
4155
|
-
allowed_internet_destinations: d.allowedInternetDestinations,
|
|
4156
|
-
allowed_storage_destinations: d.allowedStorageDestinations,
|
|
4157
|
-
policy_enforcement: d.policyEnforcement,
|
|
4158
|
-
blocked_internet_destinations: d.blockedInternetDestinations,
|
|
4159
|
-
}));
|
|
4160
|
-
|
|
4161
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
4162
|
-
export const marshalEgressNetworkPolicy_NetworkAccessPolicy_InternetDestinationSchema: z.ZodType =
|
|
4163
|
-
z
|
|
4164
|
-
.object({
|
|
4165
|
-
destination: z.string().optional(),
|
|
4166
|
-
internetDestinationType: z
|
|
4167
|
-
.enum(
|
|
4168
|
-
EgressNetworkPolicy_NetworkAccessPolicy_InternetDestination_InternetDestinationType
|
|
4169
|
-
)
|
|
4170
|
-
.optional(),
|
|
4171
|
-
})
|
|
4172
|
-
.transform(d => ({
|
|
4173
|
-
destination: d.destination,
|
|
4174
|
-
internet_destination_type: d.internetDestinationType,
|
|
4175
|
-
}));
|
|
4176
|
-
|
|
4177
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
4178
|
-
export const marshalEgressNetworkPolicy_NetworkAccessPolicy_PolicyEnforcementSchema: z.ZodType =
|
|
4179
|
-
z
|
|
4180
|
-
.object({
|
|
4181
|
-
enforcementMode: z
|
|
4182
|
-
.enum(
|
|
4183
|
-
EgressNetworkPolicy_NetworkAccessPolicy_PolicyEnforcement_EnforcementMode
|
|
4184
|
-
)
|
|
4185
|
-
.optional(),
|
|
4186
|
-
dryRunModeProductFilter: z
|
|
4187
|
-
.array(
|
|
4188
|
-
z.enum(
|
|
4189
|
-
EgressNetworkPolicy_NetworkAccessPolicy_PolicyEnforcement_DryRunModeProductFilter
|
|
4190
|
-
)
|
|
4191
|
-
)
|
|
4192
|
-
.optional(),
|
|
4193
|
-
})
|
|
4194
|
-
.transform(d => ({
|
|
4195
|
-
enforcement_mode: d.enforcementMode,
|
|
4196
|
-
dry_run_mode_product_filter: d.dryRunModeProductFilter,
|
|
4197
|
-
}));
|
|
4198
|
-
|
|
4199
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
4200
|
-
export const marshalEgressNetworkPolicy_NetworkAccessPolicy_StorageDestinationSchema: z.ZodType =
|
|
4201
|
-
z
|
|
4202
|
-
.object({
|
|
4203
|
-
bucketName: z.string().optional(),
|
|
4204
|
-
region: z.string().optional(),
|
|
4205
|
-
storageDestinationType: z
|
|
4206
|
-
.enum(
|
|
4207
|
-
EgressNetworkPolicy_NetworkAccessPolicy_StorageDestination_StorageDestinationType
|
|
4208
|
-
)
|
|
4209
|
-
.optional(),
|
|
4210
|
-
azureStorageAccount: z.string().optional(),
|
|
4211
|
-
azureStorageService: z.string().optional(),
|
|
4212
|
-
})
|
|
4213
|
-
.transform(d => ({
|
|
4214
|
-
bucket_name: d.bucketName,
|
|
4215
|
-
region: d.region,
|
|
4216
|
-
storage_destination_type: d.storageDestinationType,
|
|
4217
|
-
azure_storage_account: d.azureStorageAccount,
|
|
4218
|
-
azure_storage_service: d.azureStorageService,
|
|
4219
|
-
}));
|
|
4220
|
-
|
|
4221
|
-
export const marshalEndpointSchema: z.ZodType = z
|
|
4222
|
-
.object({
|
|
4223
|
-
name: z.string().optional(),
|
|
4224
|
-
endpointId: z.string().optional(),
|
|
4225
|
-
accountId: z.string().optional(),
|
|
4226
|
-
displayName: z.string().optional(),
|
|
4227
|
-
useCase: z.enum(EndpointUseCase_EndpointUseCase).optional(),
|
|
4228
|
-
region: z.string().optional(),
|
|
4229
|
-
state: z.enum(EndpointState).optional(),
|
|
4230
|
-
endpointInfo: z
|
|
4231
|
-
.discriminatedUnion('$case', [
|
|
4232
|
-
z.object({
|
|
4233
|
-
$case: z.literal('azurePrivateEndpointInfo'),
|
|
4234
|
-
azurePrivateEndpointInfo: z.lazy(
|
|
4235
|
-
() => marshalAzurePrivateEndpointInfoSchema
|
|
4236
|
-
),
|
|
4237
|
-
}),
|
|
4238
|
-
])
|
|
4239
|
-
.optional(),
|
|
4240
|
-
createTime: z
|
|
4241
|
-
.any()
|
|
4242
|
-
.transform((d: Temporal.Instant) => d.toString())
|
|
4243
|
-
.optional(),
|
|
4244
|
-
})
|
|
4245
|
-
.transform(d => ({
|
|
4246
|
-
name: d.name,
|
|
4247
|
-
endpoint_id: d.endpointId,
|
|
4248
|
-
account_id: d.accountId,
|
|
4249
|
-
display_name: d.displayName,
|
|
4250
|
-
use_case: d.useCase,
|
|
4251
|
-
region: d.region,
|
|
4252
|
-
state: d.state,
|
|
4253
|
-
...(d.endpointInfo?.$case === 'azurePrivateEndpointInfo' && {
|
|
4254
|
-
azure_private_endpoint_info: d.endpointInfo.azurePrivateEndpointInfo,
|
|
4255
|
-
}),
|
|
4256
|
-
create_time: d.createTime,
|
|
4257
|
-
}));
|
|
4258
|
-
|
|
4259
|
-
export const marshalGcpEndpointSchema: z.ZodType = z
|
|
4260
|
-
.object({
|
|
4261
|
-
pscEndpointUri: z.string().optional(),
|
|
4262
|
-
targetServices: z
|
|
4263
|
-
.discriminatedUnion('$case', [
|
|
4264
|
-
z.object({
|
|
4265
|
-
$case: z.literal('serviceAttachment'),
|
|
4266
|
-
serviceAttachment: z.string(),
|
|
4267
|
-
}),
|
|
4268
|
-
])
|
|
4269
|
-
.optional(),
|
|
4270
|
-
})
|
|
4271
|
-
.transform(d => ({
|
|
4272
|
-
psc_endpoint_uri: d.pscEndpointUri,
|
|
4273
|
-
...(d.targetServices?.$case === 'serviceAttachment' && {
|
|
4274
|
-
service_attachment: d.targetServices.serviceAttachment,
|
|
4275
|
-
}),
|
|
4276
|
-
}));
|
|
4277
|
-
|
|
4278
|
-
export const marshalGcpNetworkInfoSchema: z.ZodType = z
|
|
4279
|
-
.object({
|
|
4280
|
-
networkProjectId: z.string().optional(),
|
|
4281
|
-
vpcId: z.string().optional(),
|
|
4282
|
-
subnetId: z.string().optional(),
|
|
4283
|
-
subnetRegion: z.string().optional(),
|
|
4284
|
-
podIpRangeName: z.string().optional(),
|
|
4285
|
-
serviceIpRangeName: z.string().optional(),
|
|
4286
|
-
})
|
|
4287
|
-
.transform(d => ({
|
|
4288
|
-
network_project_id: d.networkProjectId,
|
|
4289
|
-
vpc_id: d.vpcId,
|
|
4290
|
-
subnet_id: d.subnetId,
|
|
4291
|
-
subnet_region: d.subnetRegion,
|
|
4292
|
-
pod_ip_range_name: d.podIpRangeName,
|
|
4293
|
-
service_ip_range_name: d.serviceIpRangeName,
|
|
4294
|
-
}));
|
|
4295
|
-
|
|
4296
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
4297
|
-
export const marshalNetworkConnectivityConfigEgressConfig_DefaultRuleSchema: z.ZodType =
|
|
4298
|
-
z
|
|
4299
|
-
.object({
|
|
4300
|
-
azureServiceEndpointRule: z
|
|
4301
|
-
.lazy(
|
|
4302
|
-
() =>
|
|
4303
|
-
marshalNetworkConnectivityConfigEgressConfig_DefaultRule_AzureServiceEndpointRuleSchema
|
|
4304
|
-
)
|
|
4305
|
-
.optional(),
|
|
4306
|
-
awsStableIpRule: z
|
|
4307
|
-
.lazy(
|
|
4308
|
-
() =>
|
|
4309
|
-
marshalNetworkConnectivityConfigEgressConfig_DefaultRule_AwsStableIpRuleSchema
|
|
4310
|
-
)
|
|
4311
|
-
.optional(),
|
|
4312
|
-
})
|
|
4313
|
-
.transform(d => ({
|
|
4314
|
-
azure_service_endpoint_rule: d.azureServiceEndpointRule,
|
|
4315
|
-
aws_stable_ip_rule: d.awsStableIpRule,
|
|
4316
|
-
}));
|
|
4317
|
-
|
|
4318
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
4319
|
-
export const marshalNetworkConnectivityConfigEgressConfig_DefaultRule_AwsStableIpRuleSchema: z.ZodType =
|
|
4320
|
-
z
|
|
4321
|
-
.object({
|
|
4322
|
-
cidrBlocks: z.array(z.string()).optional(),
|
|
4323
|
-
})
|
|
4324
|
-
.transform(d => ({
|
|
4325
|
-
cidr_blocks: d.cidrBlocks,
|
|
4326
|
-
}));
|
|
4327
|
-
|
|
4328
|
-
// eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
|
|
4329
|
-
export const marshalNetworkConnectivityConfigEgressConfig_DefaultRule_AzureServiceEndpointRuleSchema: z.ZodType =
|
|
4330
|
-
z
|
|
4331
|
-
.object({
|
|
4332
|
-
targetRegion: z.string().optional(),
|
|
4333
|
-
targetServices: z.array(z.enum(EgressResourceType)).optional(),
|
|
4334
|
-
subnets: z.array(z.string()).optional(),
|
|
4335
|
-
})
|
|
4336
|
-
.transform(d => ({
|
|
4337
|
-
target_region: d.targetRegion,
|
|
4338
|
-
target_services: d.targetServices,
|
|
4339
|
-
subnets: d.subnets,
|
|
4340
|
-
}));
|
|
4341
|
-
|
|
4342
|
-
export const marshalNetworkVpcEndpointsSchema: z.ZodType = z
|
|
4343
|
-
.object({
|
|
4344
|
-
restApi: z.array(z.string()).optional(),
|
|
4345
|
-
dataplaneRelay: z.array(z.string()).optional(),
|
|
4346
|
-
})
|
|
4347
|
-
.transform(d => ({
|
|
4348
|
-
rest_api: d.restApi,
|
|
4349
|
-
dataplane_relay: d.dataplaneRelay,
|
|
4350
|
-
}));
|
|
4351
|
-
|
|
4352
|
-
export const marshalReplaceAccountIpAccessListRequestSchema: z.ZodType = z
|
|
4353
|
-
.object({
|
|
4354
|
-
accountId: z.string().optional(),
|
|
4355
|
-
listId: z.string().optional(),
|
|
4356
|
-
label: z.string().optional(),
|
|
4357
|
-
listType: z.enum(AccountIpAccessListType_IpAccessListType).optional(),
|
|
4358
|
-
ipAddresses: z.array(z.string()).optional(),
|
|
4359
|
-
enabled: z.boolean().optional(),
|
|
4360
|
-
})
|
|
4361
|
-
.transform(d => ({
|
|
4362
|
-
account_id: d.accountId,
|
|
4363
|
-
list_id: d.listId,
|
|
4364
|
-
label: d.label,
|
|
4365
|
-
list_type: d.listType,
|
|
4366
|
-
ip_addresses: d.ipAddresses,
|
|
4367
|
-
enabled: d.enabled,
|
|
4368
|
-
}));
|
|
4369
|
-
|
|
4370
|
-
export const marshalReplaceIpAccessListSchema: z.ZodType = z
|
|
4371
|
-
.object({
|
|
4372
|
-
listId: z.string().optional(),
|
|
4373
|
-
label: z.string().optional(),
|
|
4374
|
-
listType: z.enum(IpAccessListType).optional(),
|
|
4375
|
-
ipAddresses: z.array(z.string()).optional(),
|
|
4376
|
-
enabled: z.boolean().optional(),
|
|
4377
|
-
})
|
|
4378
|
-
.transform(d => ({
|
|
4379
|
-
list_id: d.listId,
|
|
4380
|
-
label: d.label,
|
|
4381
|
-
list_type: d.listType,
|
|
4382
|
-
ip_addresses: d.ipAddresses,
|
|
4383
|
-
enabled: d.enabled,
|
|
4384
|
-
}));
|
|
4385
|
-
|
|
4386
|
-
export const marshalUpdateAccountIpAccessListRequestSchema: z.ZodType = z
|
|
4387
|
-
.object({
|
|
4388
|
-
accountId: z.string().optional(),
|
|
4389
|
-
listId: z.string().optional(),
|
|
4390
|
-
label: z.string().optional(),
|
|
4391
|
-
listType: z.enum(AccountIpAccessListType_IpAccessListType).optional(),
|
|
4392
|
-
ipAddresses: z.array(z.string()).optional(),
|
|
4393
|
-
enabled: z.boolean().optional(),
|
|
4394
|
-
})
|
|
4395
|
-
.transform(d => ({
|
|
4396
|
-
account_id: d.accountId,
|
|
4397
|
-
list_id: d.listId,
|
|
4398
|
-
label: d.label,
|
|
4399
|
-
list_type: d.listType,
|
|
4400
|
-
ip_addresses: d.ipAddresses,
|
|
4401
|
-
enabled: d.enabled,
|
|
4402
|
-
}));
|
|
4403
|
-
|
|
4404
|
-
export const marshalUpdateIpAccessListSchema: z.ZodType = z
|
|
4405
|
-
.object({
|
|
4406
|
-
listId: z.string().optional(),
|
|
4407
|
-
label: z.string().optional(),
|
|
4408
|
-
listType: z.enum(IpAccessListType).optional(),
|
|
4409
|
-
ipAddresses: z.array(z.string()).optional(),
|
|
4410
|
-
enabled: z.boolean().optional(),
|
|
4411
|
-
})
|
|
4412
|
-
.transform(d => ({
|
|
4413
|
-
list_id: d.listId,
|
|
4414
|
-
label: d.label,
|
|
4415
|
-
list_type: d.listType,
|
|
4416
|
-
ip_addresses: d.ipAddresses,
|
|
4417
|
-
enabled: d.enabled,
|
|
4418
|
-
}));
|
|
4419
|
-
|
|
4420
|
-
export const marshalUpdatePrivateEndpointRuleSchema: z.ZodType = z
|
|
4421
|
-
.object({
|
|
4422
|
-
ruleId: z.string().optional(),
|
|
4423
|
-
networkConnectivityConfigId: z.string().optional(),
|
|
4424
|
-
connectionState: z
|
|
4425
|
-
.enum(NccPrivateEndpointRule_PrivateLinkConnectionState)
|
|
4426
|
-
.optional(),
|
|
4427
|
-
domainNames: z.array(z.string()).optional(),
|
|
4428
|
-
creationTime: z.bigint().optional(),
|
|
4429
|
-
updatedTime: z.bigint().optional(),
|
|
4430
|
-
deactivated: z.boolean().optional(),
|
|
4431
|
-
deactivatedAt: z.bigint().optional(),
|
|
4432
|
-
errorMessage: z.string().optional(),
|
|
4433
|
-
resourceId: z.string().optional(),
|
|
4434
|
-
groupId: z.string().optional(),
|
|
4435
|
-
endpointName: z.string().optional(),
|
|
4436
|
-
accountId: z.string().optional(),
|
|
4437
|
-
endpointService: z.string().optional(),
|
|
4438
|
-
resourceNames: z.array(z.string()).optional(),
|
|
4439
|
-
vpcEndpointId: z.string().optional(),
|
|
4440
|
-
enabled: z.boolean().optional(),
|
|
4441
|
-
endpoint: z
|
|
4442
|
-
.discriminatedUnion('$case', [
|
|
4443
|
-
z.object({
|
|
4444
|
-
$case: z.literal('gcpEndpoint'),
|
|
4445
|
-
gcpEndpoint: z.lazy(() => marshalGcpEndpointSchema),
|
|
4446
|
-
}),
|
|
4447
|
-
])
|
|
4448
|
-
.optional(),
|
|
4449
|
-
})
|
|
4450
|
-
.transform(d => ({
|
|
4451
|
-
rule_id: d.ruleId,
|
|
4452
|
-
network_connectivity_config_id: d.networkConnectivityConfigId,
|
|
4453
|
-
connection_state: d.connectionState,
|
|
4454
|
-
domain_names: d.domainNames,
|
|
4455
|
-
creation_time: d.creationTime,
|
|
4456
|
-
updated_time: d.updatedTime,
|
|
4457
|
-
deactivated: d.deactivated,
|
|
4458
|
-
deactivated_at: d.deactivatedAt,
|
|
4459
|
-
error_message: d.errorMessage,
|
|
4460
|
-
resource_id: d.resourceId,
|
|
4461
|
-
group_id: d.groupId,
|
|
4462
|
-
endpoint_name: d.endpointName,
|
|
4463
|
-
account_id: d.accountId,
|
|
4464
|
-
endpoint_service: d.endpointService,
|
|
4465
|
-
resource_names: d.resourceNames,
|
|
4466
|
-
vpc_endpoint_id: d.vpcEndpointId,
|
|
4467
|
-
enabled: d.enabled,
|
|
4468
|
-
...(d.endpoint?.$case === 'gcpEndpoint' && {
|
|
4469
|
-
gcp_endpoint: d.endpoint.gcpEndpoint,
|
|
4470
|
-
}),
|
|
4471
|
-
}));
|
|
4472
|
-
|
|
4473
|
-
export const marshalWorkspaceNetworkOptionSchema: z.ZodType = z
|
|
4474
|
-
.object({
|
|
4475
|
-
networkPolicyId: z.string().optional(),
|
|
4476
|
-
workspaceId: z.bigint().optional(),
|
|
4477
|
-
})
|
|
4478
|
-
.transform(d => ({
|
|
4479
|
-
network_policy_id: d.networkPolicyId,
|
|
4480
|
-
workspace_id: d.workspaceId,
|
|
4481
|
-
}));
|
|
4482
|
-
|
|
4483
|
-
const gcpEndpointFieldMaskSchema: FieldMaskSchema = {
|
|
4484
|
-
pscEndpointUri: {wire: 'psc_endpoint_uri'},
|
|
4485
|
-
serviceAttachment: {wire: 'service_attachment'},
|
|
4486
|
-
};
|
|
4487
|
-
|
|
4488
|
-
const updatePrivateEndpointRuleFieldMaskSchema: FieldMaskSchema = {
|
|
4489
|
-
accountId: {wire: 'account_id'},
|
|
4490
|
-
connectionState: {wire: 'connection_state'},
|
|
4491
|
-
creationTime: {wire: 'creation_time'},
|
|
4492
|
-
deactivated: {wire: 'deactivated'},
|
|
4493
|
-
deactivatedAt: {wire: 'deactivated_at'},
|
|
4494
|
-
domainNames: {wire: 'domain_names'},
|
|
4495
|
-
enabled: {wire: 'enabled'},
|
|
4496
|
-
endpointName: {wire: 'endpoint_name'},
|
|
4497
|
-
endpointService: {wire: 'endpoint_service'},
|
|
4498
|
-
errorMessage: {wire: 'error_message'},
|
|
4499
|
-
gcpEndpoint: {
|
|
4500
|
-
wire: 'gcp_endpoint',
|
|
4501
|
-
children: () => gcpEndpointFieldMaskSchema,
|
|
4502
|
-
},
|
|
4503
|
-
groupId: {wire: 'group_id'},
|
|
4504
|
-
networkConnectivityConfigId: {wire: 'network_connectivity_config_id'},
|
|
4505
|
-
resourceId: {wire: 'resource_id'},
|
|
4506
|
-
resourceNames: {wire: 'resource_names'},
|
|
4507
|
-
ruleId: {wire: 'rule_id'},
|
|
4508
|
-
updatedTime: {wire: 'updated_time'},
|
|
4509
|
-
vpcEndpointId: {wire: 'vpc_endpoint_id'},
|
|
4510
|
-
};
|
|
4511
|
-
|
|
4512
|
-
export function updatePrivateEndpointRuleFieldMask(
|
|
4513
|
-
...paths: string[]
|
|
4514
|
-
): FieldMask<UpdatePrivateEndpointRule> {
|
|
4515
|
-
return FieldMask.build<UpdatePrivateEndpointRule>(
|
|
4516
|
-
paths,
|
|
4517
|
-
updatePrivateEndpointRuleFieldMaskSchema
|
|
4518
|
-
);
|
|
4519
|
-
}
|