@databricks/sdk-networking 0.1.0-dev.5 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +3 -8
- package/dist/v1/client.d.ts +16 -16
- package/dist/v1/client.d.ts.map +1 -1
- package/dist/v1/client.js +16 -16
- package/dist/v1/client.js.map +1 -1
- package/dist/v1/index.d.ts +2 -2
- package/dist/v1/index.d.ts.map +1 -1
- package/dist/v1/index.js +1 -1
- package/dist/v1/index.js.map +1 -1
- package/dist/v1/model.d.ts +631 -640
- package/dist/v1/model.d.ts.map +1 -1
- package/dist/v1/model.js +846 -852
- package/dist/v1/model.js.map +1 -1
- package/package.json +4 -4
package/dist/v1/model.d.ts
CHANGED
|
@@ -1,13 +1,6 @@
|
|
|
1
1
|
import { Temporal } from '@js-temporal/polyfill';
|
|
2
2
|
import { FieldMask } from '@databricks/sdk-core/wkt';
|
|
3
3
|
import { z } from 'zod';
|
|
4
|
-
export declare const CustomerFacingVpcEndpointUseCase: {
|
|
5
|
-
readonly WORKSPACE_ACCESS: "WORKSPACE_ACCESS";
|
|
6
|
-
readonly DATAPLANE_RELAY_ACCESS: "DATAPLANE_RELAY_ACCESS";
|
|
7
|
-
/** General access, replaces WORKSPACE_ACCESS in customer-facing API. */
|
|
8
|
-
readonly GENERAL_ACCESS: "GENERAL_ACCESS";
|
|
9
|
-
};
|
|
10
|
-
export type CustomerFacingVpcEndpointUseCase = (typeof CustomerFacingVpcEndpointUseCase)[keyof typeof CustomerFacingVpcEndpointUseCase] | (string & {});
|
|
11
4
|
/**
|
|
12
5
|
* The target resources that are supported by Network Connectivity Config.
|
|
13
6
|
* Note: some egress types can support general types that are not defined in EgressResourceType.
|
|
@@ -48,6 +41,13 @@ export declare const PrivateAccessLevel: {
|
|
|
48
41
|
readonly ACCOUNT: "ACCOUNT";
|
|
49
42
|
};
|
|
50
43
|
export type PrivateAccessLevel = (typeof PrivateAccessLevel)[keyof typeof PrivateAccessLevel] | (string & {});
|
|
44
|
+
export declare const VpcEndpointUseCase: {
|
|
45
|
+
readonly WORKSPACE_ACCESS: "WORKSPACE_ACCESS";
|
|
46
|
+
readonly DATAPLANE_RELAY_ACCESS: "DATAPLANE_RELAY_ACCESS";
|
|
47
|
+
/** General access, replaces WORKSPACE_ACCESS in customer-facing API. */
|
|
48
|
+
readonly GENERAL_ACCESS: "GENERAL_ACCESS";
|
|
49
|
+
};
|
|
50
|
+
export type VpcEndpointUseCase = (typeof VpcEndpointUseCase)[keyof typeof VpcEndpointUseCase] | (string & {});
|
|
51
51
|
export declare const VpcStatus: {
|
|
52
52
|
readonly VALID: "VALID";
|
|
53
53
|
readonly BROKEN: "BROKEN";
|
|
@@ -69,47 +69,98 @@ export declare const AccountIpAccessListType_IpAccessListType: {
|
|
|
69
69
|
readonly BLOCK: "BLOCK";
|
|
70
70
|
};
|
|
71
71
|
export type AccountIpAccessListType_IpAccessListType = (typeof AccountIpAccessListType_IpAccessListType)[keyof typeof AccountIpAccessListType_IpAccessListType] | (string & {});
|
|
72
|
+
export declare const EgressNetworkPolicy_NetworkAccessPolicy_InternetDestination_InternetDestinationType: {
|
|
73
|
+
readonly INTERNET_DESTINATION_TYPE_UNSPECIFIED: "INTERNET_DESTINATION_TYPE_UNSPECIFIED";
|
|
74
|
+
/** This is defined as `FQDN` in settings-policy/api/proto/messages.proto. Translation is done in accounts-lake-net-manager/src/util/NetworkPolicySettingUtil.scala. */
|
|
75
|
+
readonly DNS_NAME: "DNS_NAME";
|
|
76
|
+
};
|
|
77
|
+
export type EgressNetworkPolicy_NetworkAccessPolicy_InternetDestination_InternetDestinationType = (typeof EgressNetworkPolicy_NetworkAccessPolicy_InternetDestination_InternetDestinationType)[keyof typeof EgressNetworkPolicy_NetworkAccessPolicy_InternetDestination_InternetDestinationType] | (string & {});
|
|
78
|
+
/** The values should match the list of workloads used in networkconfig.proto */
|
|
79
|
+
export declare const EgressNetworkPolicy_NetworkAccessPolicy_PolicyEnforcement_DryRunModeProductFilter: {
|
|
80
|
+
readonly DRY_RUN_MODE_PRODUCT_FILTER_UNSPECIFIED: "DRY_RUN_MODE_PRODUCT_FILTER_UNSPECIFIED";
|
|
81
|
+
/** SQL Warehouse product */
|
|
82
|
+
readonly DBSQL: "DBSQL";
|
|
83
|
+
/** Machine Learning serving product */
|
|
84
|
+
readonly ML_SERVING: "ML_SERVING";
|
|
85
|
+
};
|
|
86
|
+
export type EgressNetworkPolicy_NetworkAccessPolicy_PolicyEnforcement_DryRunModeProductFilter = (typeof EgressNetworkPolicy_NetworkAccessPolicy_PolicyEnforcement_DryRunModeProductFilter)[keyof typeof EgressNetworkPolicy_NetworkAccessPolicy_PolicyEnforcement_DryRunModeProductFilter] | (string & {});
|
|
87
|
+
export declare const EgressNetworkPolicy_NetworkAccessPolicy_PolicyEnforcement_EnforcementMode: {
|
|
88
|
+
readonly ENFORCEMENT_MODE_UNSPECIFIED: "ENFORCEMENT_MODE_UNSPECIFIED";
|
|
89
|
+
/** Blocks traffic that violates network policy. This is the default mode. */
|
|
90
|
+
readonly ENFORCED: "ENFORCED";
|
|
91
|
+
/** Logs violations without blocking traffic. Useful for testing policies before enforcement. */
|
|
92
|
+
readonly DRY_RUN: "DRY_RUN";
|
|
93
|
+
};
|
|
94
|
+
export type EgressNetworkPolicy_NetworkAccessPolicy_PolicyEnforcement_EnforcementMode = (typeof EgressNetworkPolicy_NetworkAccessPolicy_PolicyEnforcement_EnforcementMode)[keyof typeof EgressNetworkPolicy_NetworkAccessPolicy_PolicyEnforcement_EnforcementMode] | (string & {});
|
|
95
|
+
/**
|
|
96
|
+
* At which level can <Databricks> and <Databricks> managed compute access Internet.
|
|
97
|
+
* FULL_ACCESS: <Databricks> can access Internet. No blocking rules will apply.
|
|
98
|
+
* RESTRICTED_ACCESS: <Databricks> can only access explicitly allowed internet and storage destinations,
|
|
99
|
+
* as well as UC connections and external locations.
|
|
100
|
+
*/
|
|
101
|
+
export declare const EgressNetworkPolicy_NetworkAccessPolicy_RestrictionMode: {
|
|
102
|
+
readonly RESTRICTION_MODE_UNSPECIFIED: "RESTRICTION_MODE_UNSPECIFIED";
|
|
103
|
+
readonly FULL_ACCESS: "FULL_ACCESS";
|
|
104
|
+
readonly RESTRICTED_ACCESS: "RESTRICTED_ACCESS";
|
|
105
|
+
};
|
|
106
|
+
export type EgressNetworkPolicy_NetworkAccessPolicy_RestrictionMode = (typeof EgressNetworkPolicy_NetworkAccessPolicy_RestrictionMode)[keyof typeof EgressNetworkPolicy_NetworkAccessPolicy_RestrictionMode] | (string & {});
|
|
107
|
+
export declare const EgressNetworkPolicy_NetworkAccessPolicy_StorageDestination_StorageDestinationType: {
|
|
108
|
+
readonly STORAGE_DESTINATION_TYPE_UNSPECIFIED: "STORAGE_DESTINATION_TYPE_UNSPECIFIED";
|
|
109
|
+
/**
|
|
110
|
+
* AWS_S3 can be used both for direct AWS S3 access and for cross-cloud access from Azure and GCP
|
|
111
|
+
* When used in an Azure/GCP context, this indicates cross-cloud access from Azure/GCP to the specified S3 bucket
|
|
112
|
+
*/
|
|
113
|
+
readonly AWS_S3: "AWS_S3";
|
|
114
|
+
readonly AZURE_STORAGE: "AZURE_STORAGE";
|
|
115
|
+
readonly GOOGLE_CLOUD_STORAGE: "GOOGLE_CLOUD_STORAGE";
|
|
116
|
+
};
|
|
117
|
+
export type EgressNetworkPolicy_NetworkAccessPolicy_StorageDestination_StorageDestinationType = (typeof EgressNetworkPolicy_NetworkAccessPolicy_StorageDestination_StorageDestinationType)[keyof typeof EgressNetworkPolicy_NetworkAccessPolicy_StorageDestination_StorageDestinationType] | (string & {});
|
|
118
|
+
export declare const EndpointUseCase_EndpointUseCase: {
|
|
119
|
+
/** service-direct frontend private link connectivity. */
|
|
120
|
+
readonly SERVICE_DIRECT: "SERVICE_DIRECT";
|
|
121
|
+
};
|
|
122
|
+
export type EndpointUseCase_EndpointUseCase = (typeof EndpointUseCase_EndpointUseCase)[keyof typeof EndpointUseCase_EndpointUseCase] | (string & {});
|
|
72
123
|
/**
|
|
73
124
|
* Qualifies the breadth of API access permitted by an ingress network policy rule.
|
|
74
125
|
* API_SCOPE_QUALIFIER_READ narrows matching to read-only variants of the listed scopes;
|
|
75
126
|
* API_SCOPE_QUALIFIER_ALL matches any scope. When unset, scopes match exactly as listed.
|
|
76
127
|
*/
|
|
77
|
-
export declare const
|
|
128
|
+
export declare const IngressNetworkPolicy_ApiScopeQualifier: {
|
|
78
129
|
/** Narrows matching to read-only variants of the listed scopes (e.g. GET/HEAD requests). */
|
|
79
130
|
readonly API_SCOPE_QUALIFIER_READ: "API_SCOPE_QUALIFIER_READ";
|
|
80
131
|
/** Matches any scope regardless of access level. */
|
|
81
132
|
readonly API_SCOPE_QUALIFIER_ALL: "API_SCOPE_QUALIFIER_ALL";
|
|
82
133
|
};
|
|
83
|
-
export type
|
|
84
|
-
export declare const
|
|
134
|
+
export type IngressNetworkPolicy_ApiScopeQualifier = (typeof IngressNetworkPolicy_ApiScopeQualifier)[keyof typeof IngressNetworkPolicy_ApiScopeQualifier] | (string & {});
|
|
135
|
+
export declare const IngressNetworkPolicy_Authentication_IdentityType: {
|
|
85
136
|
readonly IDENTITY_TYPE_UNSPECIFIED: "IDENTITY_TYPE_UNSPECIFIED";
|
|
86
137
|
readonly IDENTITY_TYPE_ALL_USERS: "IDENTITY_TYPE_ALL_USERS";
|
|
87
138
|
readonly IDENTITY_TYPE_ALL_SERVICE_PRINCIPALS: "IDENTITY_TYPE_ALL_SERVICE_PRINCIPALS";
|
|
88
139
|
readonly IDENTITY_TYPE_SELECTED_IDENTITIES: "IDENTITY_TYPE_SELECTED_IDENTITIES";
|
|
89
140
|
};
|
|
90
|
-
export type
|
|
91
|
-
export declare const
|
|
141
|
+
export type IngressNetworkPolicy_Authentication_IdentityType = (typeof IngressNetworkPolicy_Authentication_IdentityType)[keyof typeof IngressNetworkPolicy_Authentication_IdentityType] | (string & {});
|
|
142
|
+
export declare const IngressNetworkPolicy_AuthenticationIdentity_PrincipalType: {
|
|
92
143
|
readonly PRINCIPAL_TYPE_UNSPECIFIED: "PRINCIPAL_TYPE_UNSPECIFIED";
|
|
93
144
|
readonly PRINCIPAL_TYPE_USER: "PRINCIPAL_TYPE_USER";
|
|
94
145
|
readonly PRINCIPAL_TYPE_SERVICE_PRINCIPAL: "PRINCIPAL_TYPE_SERVICE_PRINCIPAL";
|
|
95
146
|
};
|
|
96
|
-
export type
|
|
97
|
-
export declare const
|
|
147
|
+
export type IngressNetworkPolicy_AuthenticationIdentity_PrincipalType = (typeof IngressNetworkPolicy_AuthenticationIdentity_PrincipalType)[keyof typeof IngressNetworkPolicy_AuthenticationIdentity_PrincipalType] | (string & {});
|
|
148
|
+
export declare const IngressNetworkPolicy_CrossWorkspaceAccess_RestrictionMode: {
|
|
98
149
|
readonly FULL_ACCESS: "FULL_ACCESS";
|
|
99
150
|
readonly RESTRICTED_ACCESS: "RESTRICTED_ACCESS";
|
|
100
151
|
};
|
|
101
|
-
export type
|
|
102
|
-
export declare const
|
|
152
|
+
export type IngressNetworkPolicy_CrossWorkspaceAccess_RestrictionMode = (typeof IngressNetworkPolicy_CrossWorkspaceAccess_RestrictionMode)[keyof typeof IngressNetworkPolicy_CrossWorkspaceAccess_RestrictionMode] | (string & {});
|
|
153
|
+
export declare const IngressNetworkPolicy_PrivateAccess_RestrictionMode: {
|
|
103
154
|
readonly ALLOW_ALL_REGISTERED_ENDPOINTS: "ALLOW_ALL_REGISTERED_ENDPOINTS";
|
|
104
155
|
readonly RESTRICTED_ACCESS: "RESTRICTED_ACCESS";
|
|
105
156
|
};
|
|
106
|
-
export type
|
|
107
|
-
export declare const
|
|
157
|
+
export type IngressNetworkPolicy_PrivateAccess_RestrictionMode = (typeof IngressNetworkPolicy_PrivateAccess_RestrictionMode)[keyof typeof IngressNetworkPolicy_PrivateAccess_RestrictionMode] | (string & {});
|
|
158
|
+
export declare const IngressNetworkPolicy_PublicAccess_RestrictionMode: {
|
|
108
159
|
readonly FULL_ACCESS: "FULL_ACCESS";
|
|
109
160
|
readonly RESTRICTED_ACCESS: "RESTRICTED_ACCESS";
|
|
110
161
|
};
|
|
111
|
-
export type
|
|
112
|
-
export declare const
|
|
162
|
+
export type IngressNetworkPolicy_PublicAccess_RestrictionMode = (typeof IngressNetworkPolicy_PublicAccess_RestrictionMode)[keyof typeof IngressNetworkPolicy_PublicAccess_RestrictionMode] | (string & {});
|
|
163
|
+
export declare const NccPrivateEndpointRule_PrivateLinkConnectionState: {
|
|
113
164
|
readonly PRIVATE_LINK_CONNECTION_STATE_UNSPECIFIED: "PRIVATE_LINK_CONNECTION_STATE_UNSPECIFIED";
|
|
114
165
|
/** The endpoint has been approved and is ready to use in your serverless compute resources. */
|
|
115
166
|
readonly ESTABLISHED: "ESTABLISHED";
|
|
@@ -120,7 +171,7 @@ export declare const CustomerFacingNetworkConnectivityConfigAwsPrivateEndpointRu
|
|
|
120
171
|
* be deleted for clean-up.
|
|
121
172
|
*/
|
|
122
173
|
readonly DISCONNECTED: "DISCONNECTED";
|
|
123
|
-
/** If the endpoint
|
|
174
|
+
/** If the endpoint was created but not approved in 14 days, it will be EXPIRED. */
|
|
124
175
|
readonly EXPIRED: "EXPIRED";
|
|
125
176
|
/** The endpoint has been created and pending approval. */
|
|
126
177
|
readonly PENDING: "PENDING";
|
|
@@ -129,11 +180,9 @@ export declare const CustomerFacingNetworkConnectivityConfigAwsPrivateEndpointRu
|
|
|
129
180
|
/** The endpoint creation failed. */
|
|
130
181
|
readonly CREATE_FAILED: "CREATE_FAILED";
|
|
131
182
|
};
|
|
132
|
-
export type
|
|
133
|
-
export declare const
|
|
183
|
+
export type NccPrivateEndpointRule_PrivateLinkConnectionState = (typeof NccPrivateEndpointRule_PrivateLinkConnectionState)[keyof typeof NccPrivateEndpointRule_PrivateLinkConnectionState] | (string & {});
|
|
184
|
+
export declare const NetworkConnectivityConfigAwsPrivateEndpointRule_PrivateLinkConnectionState: {
|
|
134
185
|
readonly PRIVATE_LINK_CONNECTION_STATE_UNSPECIFIED: "PRIVATE_LINK_CONNECTION_STATE_UNSPECIFIED";
|
|
135
|
-
/** The endpoint has been created and pending approval. */
|
|
136
|
-
readonly INIT: "INIT";
|
|
137
186
|
/** The endpoint has been approved and is ready to use in your serverless compute resources. */
|
|
138
187
|
readonly ESTABLISHED: "ESTABLISHED";
|
|
139
188
|
/** Connection was rejected by the private link resource owner. */
|
|
@@ -143,7 +192,7 @@ export declare const CustomerFacingNetworkConnectivityConfigAzurePrivateEndpoint
|
|
|
143
192
|
* be deleted for clean-up.
|
|
144
193
|
*/
|
|
145
194
|
readonly DISCONNECTED: "DISCONNECTED";
|
|
146
|
-
/** If the endpoint
|
|
195
|
+
/** If the endpoint is created but not approved in 14 days, it is EXPIRED. */
|
|
147
196
|
readonly EXPIRED: "EXPIRED";
|
|
148
197
|
/** The endpoint has been created and pending approval. */
|
|
149
198
|
readonly PENDING: "PENDING";
|
|
@@ -152,60 +201,11 @@ export declare const CustomerFacingNetworkConnectivityConfigAzurePrivateEndpoint
|
|
|
152
201
|
/** The endpoint creation failed. */
|
|
153
202
|
readonly CREATE_FAILED: "CREATE_FAILED";
|
|
154
203
|
};
|
|
155
|
-
export type
|
|
156
|
-
export declare const
|
|
157
|
-
readonly INTERNET_DESTINATION_TYPE_UNSPECIFIED: "INTERNET_DESTINATION_TYPE_UNSPECIFIED";
|
|
158
|
-
/** This is defined as `FQDN` in settings-policy/api/proto/messages.proto. Translation is done in accounts-lake-net-manager/src/util/NetworkPolicySettingUtil.scala. */
|
|
159
|
-
readonly DNS_NAME: "DNS_NAME";
|
|
160
|
-
};
|
|
161
|
-
export type EgressNetworkPolicy_NetworkAccessPolicy_InternetDestination_InternetDestinationType = (typeof EgressNetworkPolicy_NetworkAccessPolicy_InternetDestination_InternetDestinationType)[keyof typeof EgressNetworkPolicy_NetworkAccessPolicy_InternetDestination_InternetDestinationType] | (string & {});
|
|
162
|
-
/** The values should match the list of workloads used in networkconfig.proto */
|
|
163
|
-
export declare const EgressNetworkPolicy_NetworkAccessPolicy_PolicyEnforcement_DryRunModeProductFilter: {
|
|
164
|
-
readonly DRY_RUN_MODE_PRODUCT_FILTER_UNSPECIFIED: "DRY_RUN_MODE_PRODUCT_FILTER_UNSPECIFIED";
|
|
165
|
-
/** SQL Warehouse product */
|
|
166
|
-
readonly DBSQL: "DBSQL";
|
|
167
|
-
/** Machine Learning serving product */
|
|
168
|
-
readonly ML_SERVING: "ML_SERVING";
|
|
169
|
-
};
|
|
170
|
-
export type EgressNetworkPolicy_NetworkAccessPolicy_PolicyEnforcement_DryRunModeProductFilter = (typeof EgressNetworkPolicy_NetworkAccessPolicy_PolicyEnforcement_DryRunModeProductFilter)[keyof typeof EgressNetworkPolicy_NetworkAccessPolicy_PolicyEnforcement_DryRunModeProductFilter] | (string & {});
|
|
171
|
-
export declare const EgressNetworkPolicy_NetworkAccessPolicy_PolicyEnforcement_EnforcementMode: {
|
|
172
|
-
readonly ENFORCEMENT_MODE_UNSPECIFIED: "ENFORCEMENT_MODE_UNSPECIFIED";
|
|
173
|
-
/** Blocks traffic that violates network policy. This is the default mode. */
|
|
174
|
-
readonly ENFORCED: "ENFORCED";
|
|
175
|
-
/** Logs violations without blocking traffic. Useful for testing policies before enforcement. */
|
|
176
|
-
readonly DRY_RUN: "DRY_RUN";
|
|
177
|
-
};
|
|
178
|
-
export type EgressNetworkPolicy_NetworkAccessPolicy_PolicyEnforcement_EnforcementMode = (typeof EgressNetworkPolicy_NetworkAccessPolicy_PolicyEnforcement_EnforcementMode)[keyof typeof EgressNetworkPolicy_NetworkAccessPolicy_PolicyEnforcement_EnforcementMode] | (string & {});
|
|
179
|
-
/**
|
|
180
|
-
* At which level can <Databricks> and <Databricks> managed compute access Internet.
|
|
181
|
-
* FULL_ACCESS: <Databricks> can access Internet. No blocking rules will apply.
|
|
182
|
-
* RESTRICTED_ACCESS: <Databricks> can only access explicitly allowed internet and storage destinations,
|
|
183
|
-
* as well as UC connections and external locations.
|
|
184
|
-
*/
|
|
185
|
-
export declare const EgressNetworkPolicy_NetworkAccessPolicy_RestrictionMode: {
|
|
186
|
-
readonly RESTRICTION_MODE_UNSPECIFIED: "RESTRICTION_MODE_UNSPECIFIED";
|
|
187
|
-
readonly FULL_ACCESS: "FULL_ACCESS";
|
|
188
|
-
readonly RESTRICTED_ACCESS: "RESTRICTED_ACCESS";
|
|
189
|
-
};
|
|
190
|
-
export type EgressNetworkPolicy_NetworkAccessPolicy_RestrictionMode = (typeof EgressNetworkPolicy_NetworkAccessPolicy_RestrictionMode)[keyof typeof EgressNetworkPolicy_NetworkAccessPolicy_RestrictionMode] | (string & {});
|
|
191
|
-
export declare const EgressNetworkPolicy_NetworkAccessPolicy_StorageDestination_StorageDestinationType: {
|
|
192
|
-
readonly STORAGE_DESTINATION_TYPE_UNSPECIFIED: "STORAGE_DESTINATION_TYPE_UNSPECIFIED";
|
|
193
|
-
/**
|
|
194
|
-
* AWS_S3 can be used both for direct AWS S3 access and for cross-cloud access from Azure and GCP
|
|
195
|
-
* When used in an Azure/GCP context, this indicates cross-cloud access from Azure/GCP to the specified S3 bucket
|
|
196
|
-
*/
|
|
197
|
-
readonly AWS_S3: "AWS_S3";
|
|
198
|
-
readonly AZURE_STORAGE: "AZURE_STORAGE";
|
|
199
|
-
readonly GOOGLE_CLOUD_STORAGE: "GOOGLE_CLOUD_STORAGE";
|
|
200
|
-
};
|
|
201
|
-
export type EgressNetworkPolicy_NetworkAccessPolicy_StorageDestination_StorageDestinationType = (typeof EgressNetworkPolicy_NetworkAccessPolicy_StorageDestination_StorageDestinationType)[keyof typeof EgressNetworkPolicy_NetworkAccessPolicy_StorageDestination_StorageDestinationType] | (string & {});
|
|
202
|
-
export declare const EndpointUseCase_EndpointUseCase: {
|
|
203
|
-
/** service-direct frontend private link connectivity. */
|
|
204
|
-
readonly SERVICE_DIRECT: "SERVICE_DIRECT";
|
|
205
|
-
};
|
|
206
|
-
export type EndpointUseCase_EndpointUseCase = (typeof EndpointUseCase_EndpointUseCase)[keyof typeof EndpointUseCase_EndpointUseCase] | (string & {});
|
|
207
|
-
export declare const NccPrivateEndpointRule_PrivateLinkConnectionState: {
|
|
204
|
+
export type NetworkConnectivityConfigAwsPrivateEndpointRule_PrivateLinkConnectionState = (typeof NetworkConnectivityConfigAwsPrivateEndpointRule_PrivateLinkConnectionState)[keyof typeof NetworkConnectivityConfigAwsPrivateEndpointRule_PrivateLinkConnectionState] | (string & {});
|
|
205
|
+
export declare const NetworkConnectivityConfigAzurePrivateEndpointRule_PrivateLinkConnectionState: {
|
|
208
206
|
readonly PRIVATE_LINK_CONNECTION_STATE_UNSPECIFIED: "PRIVATE_LINK_CONNECTION_STATE_UNSPECIFIED";
|
|
207
|
+
/** The endpoint has been created and pending approval. */
|
|
208
|
+
readonly INIT: "INIT";
|
|
209
209
|
/** The endpoint has been approved and is ready to use in your serverless compute resources. */
|
|
210
210
|
readonly ESTABLISHED: "ESTABLISHED";
|
|
211
211
|
/** Connection was rejected by the private link resource owner. */
|
|
@@ -224,7 +224,7 @@ export declare const NccPrivateEndpointRule_PrivateLinkConnectionState: {
|
|
|
224
224
|
/** The endpoint creation failed. */
|
|
225
225
|
readonly CREATE_FAILED: "CREATE_FAILED";
|
|
226
226
|
};
|
|
227
|
-
export type
|
|
227
|
+
export type NetworkConnectivityConfigAzurePrivateEndpointRule_PrivateLinkConnectionState = (typeof NetworkConnectivityConfigAzurePrivateEndpointRule_PrivateLinkConnectionState)[keyof typeof NetworkConnectivityConfigAzurePrivateEndpointRule_PrivateLinkConnectionState] | (string & {});
|
|
228
228
|
/** Definition of an IP Access list */
|
|
229
229
|
export interface AccountIpAccessList {
|
|
230
230
|
/** Universally unique identifier (UUID) of the IP access list. */
|
|
@@ -256,13 +256,13 @@ export interface AccountNetworkPolicy {
|
|
|
256
256
|
/** The network policies applying for egress traffic. */
|
|
257
257
|
egress?: EgressNetworkPolicy | undefined;
|
|
258
258
|
/** The network policies applying for ingress traffic. */
|
|
259
|
-
ingress?:
|
|
259
|
+
ingress?: IngressNetworkPolicy | undefined;
|
|
260
260
|
/**
|
|
261
261
|
* The ingress policy for dry run mode. Dry run will always run even if the request
|
|
262
262
|
* is allowed by the ingress policy. When this field is set, the policy will be evaluated
|
|
263
263
|
* and emit logs only without blocking requests.
|
|
264
264
|
*/
|
|
265
|
-
ingressDryRun?:
|
|
265
|
+
ingressDryRun?: IngressNetworkPolicy | undefined;
|
|
266
266
|
}
|
|
267
267
|
export interface AzurePrivateEndpointInfo {
|
|
268
268
|
/** The name of the Private Endpoint in the Azure subscription. */
|
|
@@ -297,7 +297,7 @@ export interface CreateEndpointRequest {
|
|
|
297
297
|
endpoint?: Endpoint | undefined;
|
|
298
298
|
}
|
|
299
299
|
/** Details required to configure a block list or allow list. */
|
|
300
|
-
export interface
|
|
300
|
+
export interface CreateIpAccessListRequest {
|
|
301
301
|
/** Label for the IP access list. This **cannot** be empty. */
|
|
302
302
|
label?: string | undefined;
|
|
303
303
|
listType?: IpAccessListType | undefined;
|
|
@@ -471,481 +471,107 @@ export interface CreateVpcEndpointRequest {
|
|
|
471
471
|
vpcEndpointInfo?: {
|
|
472
472
|
$case: 'gcpVpcEndpointInfo';
|
|
473
473
|
/** The cloud info of this vpc endpoint. */
|
|
474
|
-
gcpVpcEndpointInfo:
|
|
474
|
+
gcpVpcEndpointInfo: GcpVpcEndpointInfo;
|
|
475
475
|
} | undefined;
|
|
476
476
|
}
|
|
477
|
-
export interface
|
|
478
|
-
pscConnectionId?: string | undefined;
|
|
479
|
-
projectId?: string | undefined;
|
|
480
|
-
pscEndpointName?: string | undefined;
|
|
481
|
-
endpointRegion?: string | undefined;
|
|
482
|
-
serviceAttachmentId?: string | undefined;
|
|
483
|
-
}
|
|
484
|
-
/**
|
|
485
|
-
* This proto is under development.
|
|
486
|
-
* The network policies applying for ingress traffic.
|
|
487
|
-
* Any changes here should also be synced to estore/namespaces/lakehousenetworkmanager/latest.proto.
|
|
488
|
-
*/
|
|
489
|
-
export interface CustomerFacingIngressNetworkPolicy {
|
|
490
|
-
/**
|
|
491
|
-
* The network policy restrictions for public access to the workspace.
|
|
492
|
-
* Configures how public internet traffic is allowed or denied access.
|
|
493
|
-
*/
|
|
494
|
-
publicAccess?: CustomerFacingIngressNetworkPolicy_PublicAccess | undefined;
|
|
477
|
+
export interface CustomerFacingNetworkConnectivityConfigEgressConfig {
|
|
495
478
|
/**
|
|
496
|
-
* The network
|
|
497
|
-
*
|
|
479
|
+
* The network connectivity rules that are applied by default without resource specific configurations.
|
|
480
|
+
* You can find the stable network information of your serverless compute resources here.
|
|
498
481
|
*/
|
|
499
|
-
|
|
500
|
-
|
|
482
|
+
defaultRules?: NetworkConnectivityConfigEgressConfig_DefaultRule | undefined;
|
|
483
|
+
/** The network connectivity rules that configured for each destinations. These rules override default rules. */
|
|
484
|
+
targetRules?: CustomerFacingNetworkConnectivityConfigEgressConfig_CustomerFacingTargetRule | undefined;
|
|
501
485
|
}
|
|
502
|
-
|
|
503
|
-
|
|
504
|
-
|
|
505
|
-
|
|
486
|
+
/** Target rule controls the egress rules that are dedicated to specific resources. */
|
|
487
|
+
export interface CustomerFacingNetworkConnectivityConfigEgressConfig_CustomerFacingTargetRule {
|
|
488
|
+
azurePrivateEndpointRules?: NetworkConnectivityConfigAzurePrivateEndpointRule[] | undefined;
|
|
489
|
+
/** AWS private endpoint rule controls the AWS private endpoint based egress rules. */
|
|
490
|
+
awsPrivateEndpointRules?: NetworkConnectivityConfigAwsPrivateEndpointRule[] | undefined;
|
|
506
491
|
}
|
|
507
|
-
|
|
508
|
-
|
|
509
|
-
|
|
492
|
+
/** Next Id: 3 */
|
|
493
|
+
export interface DeleteAccountIpAccessListRequest {
|
|
494
|
+
accountId?: string | undefined;
|
|
495
|
+
/** The ID for the corresponding IP access list */
|
|
496
|
+
listId?: string | undefined;
|
|
510
497
|
}
|
|
511
|
-
|
|
512
|
-
|
|
513
|
-
allDestinations?: boolean | undefined;
|
|
498
|
+
/** The IP access list was successfully deleted. */
|
|
499
|
+
export interface DeleteAccountIpAccessListResponse {
|
|
514
500
|
}
|
|
515
|
-
export interface
|
|
516
|
-
|
|
517
|
-
allDestinations?: boolean | undefined;
|
|
501
|
+
export interface DeleteEndpointRequest {
|
|
502
|
+
name?: string | undefined;
|
|
518
503
|
}
|
|
519
|
-
export interface
|
|
520
|
-
|
|
521
|
-
|
|
522
|
-
identities?: CustomerFacingIngressNetworkPolicy_AuthenticationIdentity[] | undefined;
|
|
504
|
+
export interface DeleteIpAccessListRequest {
|
|
505
|
+
/** The ID for the corresponding IP access list */
|
|
506
|
+
listId?: string | undefined;
|
|
523
507
|
}
|
|
524
|
-
|
|
525
|
-
|
|
526
|
-
principalId?: bigint | undefined;
|
|
508
|
+
/** The IP access list was successfully deleted. */
|
|
509
|
+
export interface DeleteIpAccessListResponse {
|
|
527
510
|
}
|
|
528
|
-
|
|
529
|
-
|
|
530
|
-
|
|
531
|
-
|
|
511
|
+
/**
|
|
512
|
+
* Initiates deleting a private endpoint rule. If the connection state is PENDING or EXPIRED, the private endpoint is
|
|
513
|
+
* immediately deleted. Otherwise, the private endpoint is deactivated and will be deleted after one day of
|
|
514
|
+
* deactivation. When a private endpoint is deactivated, the deactivated field is set to true and the private endpoint
|
|
515
|
+
* is not available to your serverless compute resources.
|
|
516
|
+
*/
|
|
517
|
+
export interface DeleteNccPrivateEndpointRuleRequest {
|
|
518
|
+
/** Your <Databricks> account ID. You can find your account ID in your <Databricks> accounts console. */
|
|
519
|
+
accountId?: string | undefined;
|
|
520
|
+
/** Your Network Connectvity Configuration ID. */
|
|
521
|
+
networkConnectivityConfigId?: string | undefined;
|
|
522
|
+
/** Your private endpoint rule ID. */
|
|
523
|
+
privateEndpointRuleId?: string | undefined;
|
|
532
524
|
}
|
|
533
|
-
export interface
|
|
534
|
-
|
|
535
|
-
|
|
536
|
-
|
|
537
|
-
|
|
538
|
-
label?: string | undefined;
|
|
525
|
+
export interface DeleteNetworkConnectivityConfigRequest {
|
|
526
|
+
/** Your <Databricks> account ID. You can find your account ID in your <Databricks> accounts console. */
|
|
527
|
+
accountId?: string | undefined;
|
|
528
|
+
/** Your Network Connectivity Configuration ID. */
|
|
529
|
+
networkConnectivityConfigId?: string | undefined;
|
|
539
530
|
}
|
|
540
|
-
export interface
|
|
541
|
-
|
|
542
|
-
|
|
543
|
-
|
|
544
|
-
|
|
545
|
-
} | {
|
|
546
|
-
$case: 'selectedWorkspaces';
|
|
547
|
-
/** Specific source workspace IDs to match. */
|
|
548
|
-
selectedWorkspaces: CustomerFacingIngressNetworkPolicy_WorkspaceIdList;
|
|
549
|
-
} | undefined;
|
|
531
|
+
export interface DeleteNetworkPolicyRequest {
|
|
532
|
+
/** The unique identifier of the network policy to delete. */
|
|
533
|
+
networkPolicyId?: string | undefined;
|
|
534
|
+
/** Your <Databricks> account ID. You can find your account ID in your <Databricks> accounts console. */
|
|
535
|
+
accountId?: string | undefined;
|
|
550
536
|
}
|
|
551
|
-
export interface
|
|
552
|
-
|
|
537
|
+
export interface DeleteNetworkRequest {
|
|
538
|
+
/** Databricks Account API network configuration ID. */
|
|
539
|
+
networkId?: string | undefined;
|
|
540
|
+
accountId?: string | undefined;
|
|
553
541
|
}
|
|
554
|
-
export interface
|
|
555
|
-
|
|
556
|
-
|
|
542
|
+
export interface DeletePrivateAccessSettingsRequest {
|
|
543
|
+
privateAccessSettingsId?: string | undefined;
|
|
544
|
+
accountId?: string | undefined;
|
|
557
545
|
}
|
|
558
|
-
export interface
|
|
559
|
-
|
|
560
|
-
|
|
546
|
+
export interface DeleteVpcEndpointRequest {
|
|
547
|
+
vpcEndpointId?: string | undefined;
|
|
548
|
+
accountId?: string | undefined;
|
|
561
549
|
}
|
|
562
|
-
|
|
563
|
-
|
|
564
|
-
|
|
565
|
-
|
|
550
|
+
/** The network policies applying for egress traffic. */
|
|
551
|
+
export interface EgressNetworkPolicy {
|
|
552
|
+
/** The access policy enforced for egress traffic to the internet. */
|
|
553
|
+
networkAccess?: EgressNetworkPolicy_NetworkAccessPolicy | undefined;
|
|
566
554
|
}
|
|
567
|
-
export interface
|
|
568
|
-
|
|
569
|
-
|
|
570
|
-
|
|
571
|
-
|
|
572
|
-
|
|
573
|
-
|
|
574
|
-
|
|
575
|
-
|
|
576
|
-
|
|
577
|
-
|
|
578
|
-
|
|
579
|
-
|
|
580
|
-
|
|
581
|
-
|
|
582
|
-
|
|
583
|
-
|
|
584
|
-
|
|
585
|
-
|
|
586
|
-
|
|
587
|
-
} | undefined;
|
|
588
|
-
}
|
|
589
|
-
export interface CustomerFacingIngressNetworkPolicy_PublicAccess {
|
|
590
|
-
restrictionMode?: CustomerFacingIngressNetworkPolicy_PublicAccess_RestrictionMode | undefined;
|
|
591
|
-
denyRules?: CustomerFacingIngressNetworkPolicy_PublicIngressRule[] | undefined;
|
|
592
|
-
allowRules?: CustomerFacingIngressNetworkPolicy_PublicIngressRule[] | undefined;
|
|
593
|
-
}
|
|
594
|
-
/**
|
|
595
|
-
* An ingress rule is enforced when a request satisfies all
|
|
596
|
-
* specified attributes — including request origin, destination, and authentication.
|
|
597
|
-
*/
|
|
598
|
-
export interface CustomerFacingIngressNetworkPolicy_PublicIngressRule {
|
|
599
|
-
origin?: CustomerFacingIngressNetworkPolicy_PublicRequestOrigin | undefined;
|
|
600
|
-
destination?: CustomerFacingIngressNetworkPolicy_RequestDestination | undefined;
|
|
601
|
-
authentication?: CustomerFacingIngressNetworkPolicy_Authentication | undefined;
|
|
602
|
-
/** The label for this ingress rule. */
|
|
603
|
-
label?: string | undefined;
|
|
604
|
-
}
|
|
605
|
-
export interface CustomerFacingIngressNetworkPolicy_PublicRequestOrigin {
|
|
606
|
-
source?: {
|
|
607
|
-
$case: 'allIpRanges';
|
|
608
|
-
/** Matches all IPv4 and IPv6 ranges (both public and private). */
|
|
609
|
-
allIpRanges: boolean;
|
|
610
|
-
} | {
|
|
611
|
-
$case: 'includedIpRanges';
|
|
612
|
-
/** Will not allow IP ranges with private IPs. */
|
|
613
|
-
includedIpRanges: CustomerFacingIngressNetworkPolicy_IpRanges;
|
|
614
|
-
} | {
|
|
615
|
-
$case: 'excludedIpRanges';
|
|
616
|
-
/** Excluded means: all public IP ranges except this one. */
|
|
617
|
-
excludedIpRanges: CustomerFacingIngressNetworkPolicy_IpRanges;
|
|
618
|
-
} | undefined;
|
|
619
|
-
}
|
|
620
|
-
export interface CustomerFacingIngressNetworkPolicy_RequestDestination {
|
|
621
|
-
/**
|
|
622
|
-
* When true, match all destinations, no other destination fields can be set.
|
|
623
|
-
* When not set or false, at least one specific destination must be provided.
|
|
624
|
-
*/
|
|
625
|
-
allDestinations?: boolean | undefined;
|
|
626
|
-
workspaceUi?: CustomerFacingIngressNetworkPolicy_WorkspaceUiDestination | undefined;
|
|
627
|
-
workspaceApi?: CustomerFacingIngressNetworkPolicy_WorkspaceApiDestination | undefined;
|
|
628
|
-
appsRuntime?: CustomerFacingIngressNetworkPolicy_AppsRuntimeDestination | undefined;
|
|
629
|
-
lakebaseRuntime?: CustomerFacingIngressNetworkPolicy_LakebaseRuntimeDestination | undefined;
|
|
630
|
-
accountUi?: CustomerFacingIngressNetworkPolicy_AccountUiDestination | undefined;
|
|
631
|
-
accountApi?: CustomerFacingIngressNetworkPolicy_AccountApiDestination | undefined;
|
|
632
|
-
/**
|
|
633
|
-
* Account DatabricksOne destination is not supported.
|
|
634
|
-
* DO NOT change the stage of this destination past PRIVATE_PREVIEW.
|
|
635
|
-
*/
|
|
636
|
-
accountDatabricksOne?: CustomerFacingIngressNetworkPolicy_AccountDatabricksOneDestination | undefined;
|
|
637
|
-
}
|
|
638
|
-
export interface CustomerFacingIngressNetworkPolicy_WorkspaceApiDestination {
|
|
639
|
-
scopes?: string[] | undefined;
|
|
640
|
-
/** Qualifies the breadth of API access for the listed scopes. See ApiScopeQualifier. */
|
|
641
|
-
scopeQualifier?: CustomerFacingIngressNetworkPolicy_ApiScopeQualifier | undefined;
|
|
642
|
-
}
|
|
643
|
-
export interface CustomerFacingIngressNetworkPolicy_WorkspaceIdList {
|
|
644
|
-
workspaceIds?: bigint[] | undefined;
|
|
645
|
-
}
|
|
646
|
-
export interface CustomerFacingIngressNetworkPolicy_WorkspaceUiDestination {
|
|
647
|
-
/** Must be set to true. */
|
|
648
|
-
allDestinations?: boolean | undefined;
|
|
649
|
-
}
|
|
650
|
-
/** Properties of the new network connectivity configuration. */
|
|
651
|
-
export interface CustomerFacingNetworkConnectivityConfig {
|
|
652
|
-
/** <Databricks> network connectivity configuration ID. */
|
|
653
|
-
networkConnectivityConfigId?: string | undefined;
|
|
654
|
-
/** Your <Databricks> account ID. You can find your account ID in your <Databricks> accounts console. */
|
|
655
|
-
accountId?: string | undefined;
|
|
656
|
-
/**
|
|
657
|
-
* The name of the network connectivity configuration. The name can contain alphanumeric characters, hyphens,
|
|
658
|
-
* and underscores. The length must be between 3 and 30 characters. The name must match the regular
|
|
659
|
-
* expression ^[0-9a-zA-Z-_]{3,30}$
|
|
660
|
-
*/
|
|
661
|
-
name?: string | undefined;
|
|
662
|
-
/**
|
|
663
|
-
* The region for the network connectivity configuration.
|
|
664
|
-
* Only workspaces in the same region can be attached to the network connectivity configuration.
|
|
665
|
-
*/
|
|
666
|
-
region?: string | undefined;
|
|
667
|
-
/** The network connectivity rules that apply to network traffic from your serverless compute resources. */
|
|
668
|
-
egressConfig?: CustomerFacingNetworkConnectivityConfigEgressConfig | undefined;
|
|
669
|
-
/** Time in epoch milliseconds when this object was updated. */
|
|
670
|
-
updatedTime?: bigint | undefined;
|
|
671
|
-
/** Time in epoch milliseconds when this object was created. */
|
|
672
|
-
creationTime?: bigint | undefined;
|
|
673
|
-
}
|
|
674
|
-
/**
|
|
675
|
-
* Properties of the new private endpoint rule.
|
|
676
|
-
* Note that for private endpoints towards a VPC endpoint service behind a customer-managed NLB,
|
|
677
|
-
* you must approve the endpoint in AWS console after initialization.
|
|
678
|
-
*/
|
|
679
|
-
export interface CustomerFacingNetworkConnectivityConfigAwsPrivateEndpointRule {
|
|
680
|
-
/** The ID of a private endpoint rule. */
|
|
681
|
-
ruleId?: string | undefined;
|
|
682
|
-
/** The ID of a network connectivity configuration, which is the parent resource of this private endpoint rule object. */
|
|
683
|
-
networkConnectivityConfigId?: string | undefined;
|
|
684
|
-
/** <Databricks> account ID. You can find your account ID from the Accounts Console. */
|
|
685
|
-
accountId?: string | undefined;
|
|
686
|
-
/** The full target AWS endpoint service name that connects to the destination resources of the private endpoint. */
|
|
687
|
-
endpointService?: string | undefined;
|
|
688
|
-
/**
|
|
689
|
-
* Only used by private endpoints towards a VPC endpoint service for customer-managed VPC endpoint service.
|
|
690
|
-
*
|
|
691
|
-
* The target AWS resource FQDNs accessible via the VPC endpoint service.
|
|
692
|
-
* When updating this field, we perform full update on this field. Please ensure a full list of desired domain_names is provided.
|
|
693
|
-
*/
|
|
694
|
-
domainNames?: string[] | undefined;
|
|
695
|
-
/**
|
|
696
|
-
* Only used by private endpoints towards AWS S3 service.
|
|
697
|
-
*
|
|
698
|
-
* The globally unique S3 bucket names that will be accessed via the VPC endpoint.
|
|
699
|
-
* The bucket names must be in the same region as the NCC/endpoint service.
|
|
700
|
-
* When updating this field, we perform full update on this field.
|
|
701
|
-
* Please ensure a full list of desired resource_names is provided.
|
|
702
|
-
*/
|
|
703
|
-
resourceNames?: string[] | undefined;
|
|
704
|
-
/** The AWS VPC endpoint ID. You can use this ID to identify VPC endpoint created by <Databricks>. */
|
|
705
|
-
vpcEndpointId?: string | undefined;
|
|
706
|
-
/**
|
|
707
|
-
* The current status of this private endpoint. The private endpoint rules are effective only if the connection state
|
|
708
|
-
* is ESTABLISHED. Remember that you must approve new endpoints on your resources in the AWS console
|
|
709
|
-
* before they take effect.
|
|
710
|
-
* The possible values are:
|
|
711
|
-
* - PENDING: The endpoint has been created and pending approval.
|
|
712
|
-
* - ESTABLISHED: The endpoint has been approved and is ready to use in your serverless compute resources.
|
|
713
|
-
* - REJECTED: Connection was rejected by the private link resource owner.
|
|
714
|
-
* - DISCONNECTED: Connection was removed by the private link resource owner, the private endpoint becomes informative and should be deleted for clean-up.
|
|
715
|
-
* - EXPIRED: If the endpoint is created but not approved in 14 days, it is EXPIRED.
|
|
716
|
-
*/
|
|
717
|
-
connectionState?: CustomerFacingNetworkConnectivityConfigAwsPrivateEndpointRule_PrivateLinkConnectionState | undefined;
|
|
718
|
-
/** Time in epoch milliseconds when this object was created. */
|
|
719
|
-
creationTime?: bigint | undefined;
|
|
720
|
-
/** Time in epoch milliseconds when this object was updated. */
|
|
721
|
-
updatedTime?: bigint | undefined;
|
|
722
|
-
/** Whether this private endpoint is deactivated. */
|
|
723
|
-
deactivated?: boolean | undefined;
|
|
724
|
-
/** Time in epoch milliseconds when this object was deactivated. */
|
|
725
|
-
deactivatedAt?: bigint | undefined;
|
|
726
|
-
/**
|
|
727
|
-
* Only used by private endpoints towards an AWS S3 service.
|
|
728
|
-
*
|
|
729
|
-
* Update this field to activate/deactivate this private endpoint to allow egress access from serverless compute resources.
|
|
730
|
-
*/
|
|
731
|
-
enabled?: boolean | undefined;
|
|
732
|
-
errorMessage?: string | undefined;
|
|
733
|
-
}
|
|
734
|
-
/**
|
|
735
|
-
* Properties of the new private endpoint rule.
|
|
736
|
-
* Note that you must approve the endpoint in Azure portal after initialization.
|
|
737
|
-
*/
|
|
738
|
-
export interface CustomerFacingNetworkConnectivityConfigAzurePrivateEndpointRule {
|
|
739
|
-
/** The ID of a private endpoint rule. */
|
|
740
|
-
ruleId?: string | undefined;
|
|
741
|
-
/** The ID of a network connectivity configuration, which is the parent resource of this private endpoint rule object. */
|
|
742
|
-
networkConnectivityConfigId?: string | undefined;
|
|
743
|
-
/** The Azure resource ID of the target resource. */
|
|
744
|
-
resourceId?: string | undefined;
|
|
745
|
-
/**
|
|
746
|
-
* Only used by private endpoints to Azure first-party services.
|
|
747
|
-
*
|
|
748
|
-
* The sub-resource type (group ID) of the target resource.
|
|
749
|
-
* Note that to connect to workspace root storage (root DBFS), you need two endpoints, one for blob and one for dfs.
|
|
750
|
-
*/
|
|
751
|
-
groupId?: string | undefined;
|
|
752
|
-
/** The name of the Azure private endpoint resource. */
|
|
753
|
-
endpointName?: string | undefined;
|
|
754
|
-
/**
|
|
755
|
-
* The current status of this private endpoint. The private endpoint rules are effective only if the connection state
|
|
756
|
-
* is ESTABLISHED. Remember that you must approve new endpoints on your resources in the Azure portal
|
|
757
|
-
* before they take effect.
|
|
758
|
-
* The possible values are:
|
|
759
|
-
* - INIT: (deprecated) The endpoint has been created and pending approval.
|
|
760
|
-
* - PENDING: The endpoint has been created and pending approval.
|
|
761
|
-
* - ESTABLISHED: The endpoint has been approved and is ready to use in your serverless compute resources.
|
|
762
|
-
* - REJECTED: Connection was rejected by the private link resource owner.
|
|
763
|
-
* - DISCONNECTED: Connection was removed by the private link resource owner, the private endpoint becomes informative and should be deleted for clean-up.
|
|
764
|
-
* - EXPIRED: If the endpoint was created but not approved in 14 days, it will be EXPIRED.
|
|
765
|
-
*/
|
|
766
|
-
connectionState?: CustomerFacingNetworkConnectivityConfigAzurePrivateEndpointRule_PrivateLinkConnectionState | undefined;
|
|
767
|
-
/** Time in epoch milliseconds when this object was created. */
|
|
768
|
-
creationTime?: bigint | undefined;
|
|
769
|
-
/** Time in epoch milliseconds when this object was updated. */
|
|
770
|
-
updatedTime?: bigint | undefined;
|
|
771
|
-
/** Whether this private endpoint is deactivated. */
|
|
772
|
-
deactivated?: boolean | undefined;
|
|
773
|
-
/** Time in epoch milliseconds when this object was deactivated. */
|
|
774
|
-
deactivatedAt?: bigint | undefined;
|
|
775
|
-
/**
|
|
776
|
-
* Not used by customer-managed private endpoint services.
|
|
777
|
-
*
|
|
778
|
-
* Domain names of target private link service.
|
|
779
|
-
* When updating this field, the full list of target domain_names must be specified.
|
|
780
|
-
*/
|
|
781
|
-
domainNames?: string[] | undefined;
|
|
782
|
-
errorMessage?: string | undefined;
|
|
783
|
-
}
|
|
784
|
-
export interface CustomerFacingNetworkConnectivityConfigEgressConfig {
|
|
785
|
-
/**
|
|
786
|
-
* The network connectivity rules that are applied by default without resource specific configurations.
|
|
787
|
-
* You can find the stable network information of your serverless compute resources here.
|
|
788
|
-
*/
|
|
789
|
-
defaultRules?: NetworkConnectivityConfigEgressConfig_DefaultRule | undefined;
|
|
790
|
-
/** The network connectivity rules that configured for each destinations. These rules override default rules. */
|
|
791
|
-
targetRules?: CustomerFacingNetworkConnectivityConfigEgressConfig_CustomerFacingTargetRule | undefined;
|
|
792
|
-
}
|
|
793
|
-
/** Target rule controls the egress rules that are dedicated to specific resources. */
|
|
794
|
-
export interface CustomerFacingNetworkConnectivityConfigEgressConfig_CustomerFacingTargetRule {
|
|
795
|
-
azurePrivateEndpointRules?: CustomerFacingNetworkConnectivityConfigAzurePrivateEndpointRule[] | undefined;
|
|
796
|
-
/** AWS private endpoint rule controls the AWS private endpoint based egress rules. */
|
|
797
|
-
awsPrivateEndpointRules?: CustomerFacingNetworkConnectivityConfigAwsPrivateEndpointRule[] | undefined;
|
|
798
|
-
}
|
|
799
|
-
/** * */
|
|
800
|
-
export interface CustomerFacingPrivateAccessSettings {
|
|
801
|
-
/** <Databricks> private access settings ID. */
|
|
802
|
-
privateAccessSettingsId?: string | undefined;
|
|
803
|
-
/** The <Databricks> account ID that hosts the private access settings. */
|
|
804
|
-
accountId?: string | undefined;
|
|
805
|
-
/** The human-readable name of the private access settings object. */
|
|
806
|
-
privateAccessSettingsName?: string | undefined;
|
|
807
|
-
/** The AWS region for workspaces attached to this private access settings object. */
|
|
808
|
-
region?: string | undefined;
|
|
809
|
-
/** Determines if the workspace can be accessed over public internet. For fully private workspaces, you can optionally specify false, but only if you implement both the front-end and the back-end PrivateLink connections. Otherwise, specify true, which means that public access is enabled. */
|
|
810
|
-
publicAccessEnabled?: boolean | undefined;
|
|
811
|
-
/**
|
|
812
|
-
* The private access level controls which VPC endpoints can connect to the UI or API of any workspace that attaches this private access settings object.
|
|
813
|
-
* `ACCOUNT` level access (the default) allows only VPC endpoints that are registered in your <Databricks> account connect to your workspace.
|
|
814
|
-
* `ENDPOINT` level access allows only specified VPC endpoints connect to your workspace. For details, see allowed_vpc_endpoint_ids.
|
|
815
|
-
*/
|
|
816
|
-
privateAccessLevel?: PrivateAccessLevel | undefined;
|
|
817
|
-
/**
|
|
818
|
-
* An array of Databricks VPC endpoint IDs. This is the <Databricks> ID that is returned when registering the VPC endpoint configuration in your <Databricks> account. This is not the ID of the VPC endpoint in AWS.
|
|
819
|
-
* Only used when private_access_level is set to ENDPOINT. This is an allow list of VPC endpoints that in your account that can connect to your workspace over AWS PrivateLink.
|
|
820
|
-
* If hybrid access to your workspace is enabled by setting public_access_enabled to true, this control only works for PrivateLink connections. To control how your workspace is accessed via public internet, see IP access lists.
|
|
821
|
-
*/
|
|
822
|
-
allowedVpcEndpointIds?: string[] | undefined;
|
|
823
|
-
}
|
|
824
|
-
/** * */
|
|
825
|
-
export interface CustomerFacingVpcEndpoint {
|
|
826
|
-
/** Databricks VPC endpoint ID. This is the <Databricks>-specific name of the VPC endpoint. Do not confuse this with the `aws_vpc_endpoint_id`, which is the ID within AWS of the VPC endpoint. */
|
|
827
|
-
vpcEndpointId?: string | undefined;
|
|
828
|
-
/**
|
|
829
|
-
* The <Databricks> account ID that hosts the VPC endpoint configuration.
|
|
830
|
-
* TODO - This may signal an OpenAPI diff; it does not show up in the generated spec
|
|
831
|
-
*/
|
|
832
|
-
accountId?: string | undefined;
|
|
833
|
-
/** The human-readable name of the storage configuration. */
|
|
834
|
-
vpcEndpointName?: string | undefined;
|
|
835
|
-
/** The ID of the VPC endpoint object in AWS. */
|
|
836
|
-
awsVpcEndpointId?: string | undefined;
|
|
837
|
-
/** The ID of the <Databricks> [endpoint service](https://docs.aws.amazon.com/vpc/latest/privatelink/endpoint-service.html) that this VPC endpoint is connected to. For a list of endpoint service IDs for each supported AWS region, see the [Databricks PrivateLink documentation](https://docs.databricks.com/administration-guide/cloud-configurations/aws/privatelink.html). */
|
|
838
|
-
awsEndpointServiceId?: string | undefined;
|
|
839
|
-
/**
|
|
840
|
-
* This enumeration represents the type of Databricks VPC endpoint service that was used when creating this VPC endpoint.
|
|
841
|
-
* If the VPC endpoint connects to the <Databricks> control plane for either the front-end connection or the back-end REST API connection, the value is GENERAL_ACCESS.
|
|
842
|
-
* If the VPC endpoint connects to the <Databricks> workspace for the back-end secure cluster connectivity relay, the value is DATAPLANE_RELAY_ACCESS.
|
|
843
|
-
*/
|
|
844
|
-
useCase?: CustomerFacingVpcEndpointUseCase | undefined;
|
|
845
|
-
/** The AWS region in which this VPC endpoint object exists. */
|
|
846
|
-
region?: string | undefined;
|
|
847
|
-
/** The AWS Account in which the VPC endpoint object exists. */
|
|
848
|
-
awsAccountId?: string | undefined;
|
|
849
|
-
/** The current state (such as `available` or `rejected`) of the VPC endpoint. Derived from AWS. For the full set of values, see [AWS DescribeVpcEndpoint documentation](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html). */
|
|
850
|
-
state?: string | undefined;
|
|
851
|
-
vpcEndpointInfo?: {
|
|
852
|
-
$case: 'gcpVpcEndpointInfo';
|
|
853
|
-
/**
|
|
854
|
-
* The cloud info of this vpc endpoint.
|
|
855
|
-
* Info for a GCP vpc endpoint.
|
|
856
|
-
*/
|
|
857
|
-
gcpVpcEndpointInfo: CustomerFacingGcpVpcEndpointInfo;
|
|
858
|
-
} | undefined;
|
|
859
|
-
}
|
|
860
|
-
/** Next Id: 3 */
|
|
861
|
-
export interface DeleteAccountIpAccessListRequest {
|
|
862
|
-
accountId?: string | undefined;
|
|
863
|
-
/** The ID for the corresponding IP access list */
|
|
864
|
-
listId?: string | undefined;
|
|
865
|
-
}
|
|
866
|
-
/** The IP access list was successfully deleted. */
|
|
867
|
-
export interface DeleteAccountIpAccessListResponse {
|
|
868
|
-
}
|
|
869
|
-
export interface DeleteEndpointRequest {
|
|
870
|
-
name?: string | undefined;
|
|
871
|
-
}
|
|
872
|
-
export interface DeleteIpAccessList {
|
|
873
|
-
/** The ID for the corresponding IP access list */
|
|
874
|
-
listId?: string | undefined;
|
|
875
|
-
}
|
|
876
|
-
/** The IP access list was successfully deleted. */
|
|
877
|
-
export interface DeleteIpAccessListResponse {
|
|
878
|
-
}
|
|
879
|
-
/**
|
|
880
|
-
* Initiates deleting a private endpoint rule. If the connection state is PENDING or EXPIRED, the private endpoint is
|
|
881
|
-
* immediately deleted. Otherwise, the private endpoint is deactivated and will be deleted after one day of
|
|
882
|
-
* deactivation. When a private endpoint is deactivated, the deactivated field is set to true and the private endpoint
|
|
883
|
-
* is not available to your serverless compute resources.
|
|
884
|
-
*/
|
|
885
|
-
export interface DeleteNccPrivateEndpointRuleRequest {
|
|
886
|
-
/** Your <Databricks> account ID. You can find your account ID in your <Databricks> accounts console. */
|
|
887
|
-
accountId?: string | undefined;
|
|
888
|
-
/** Your Network Connectvity Configuration ID. */
|
|
889
|
-
networkConnectivityConfigId?: string | undefined;
|
|
890
|
-
/** Your private endpoint rule ID. */
|
|
891
|
-
privateEndpointRuleId?: string | undefined;
|
|
892
|
-
}
|
|
893
|
-
export interface DeleteNetworkConnectivityConfigRequest {
|
|
894
|
-
/** Your <Databricks> account ID. You can find your account ID in your <Databricks> accounts console. */
|
|
895
|
-
accountId?: string | undefined;
|
|
896
|
-
/** Your Network Connectivity Configuration ID. */
|
|
897
|
-
networkConnectivityConfigId?: string | undefined;
|
|
898
|
-
}
|
|
899
|
-
export interface DeleteNetworkPolicyRequest {
|
|
900
|
-
/** The unique identifier of the network policy to delete. */
|
|
901
|
-
networkPolicyId?: string | undefined;
|
|
902
|
-
/** Your <Databricks> account ID. You can find your account ID in your <Databricks> accounts console. */
|
|
903
|
-
accountId?: string | undefined;
|
|
904
|
-
}
|
|
905
|
-
export interface DeleteNetworkRequest {
|
|
906
|
-
/** Databricks Account API network configuration ID. */
|
|
907
|
-
networkId?: string | undefined;
|
|
908
|
-
accountId?: string | undefined;
|
|
909
|
-
}
|
|
910
|
-
export interface DeletePrivateAccessSettingsRequest {
|
|
911
|
-
privateAccessSettingsId?: string | undefined;
|
|
912
|
-
accountId?: string | undefined;
|
|
913
|
-
}
|
|
914
|
-
export interface DeleteVpcEndpointRequest {
|
|
915
|
-
vpcEndpointId?: string | undefined;
|
|
916
|
-
accountId?: string | undefined;
|
|
917
|
-
}
|
|
918
|
-
/**
|
|
919
|
-
* The network policies applying for egress traffic.
|
|
920
|
-
* This message is used by the UI/REST API. We translate this message to the format expected by the
|
|
921
|
-
* dataplane in Lakehouse Network Manager (for the format expected by the dataplane, see networkconfig.textproto).
|
|
922
|
-
* This policy should be consistent with [[com.databricks.api.proto.settingspolicy.EgressNetworkPolicy]].
|
|
923
|
-
* Details see API-design: https://docs.google.com/document/d/1DKWO_FpZMCY4cF2O62LpwII1lx8gsnDGG-qgE3t3TOA/
|
|
924
|
-
*/
|
|
925
|
-
export interface EgressNetworkPolicy {
|
|
926
|
-
/** The access policy enforced for egress traffic to the internet. */
|
|
927
|
-
networkAccess?: EgressNetworkPolicy_NetworkAccessPolicy | undefined;
|
|
928
|
-
}
|
|
929
|
-
export interface EgressNetworkPolicy_NetworkAccessPolicy {
|
|
930
|
-
/** The restriction mode that controls how serverless workloads can access the internet. */
|
|
931
|
-
restrictionMode?: EgressNetworkPolicy_NetworkAccessPolicy_RestrictionMode | undefined;
|
|
932
|
-
/** List of internet destinations that serverless workloads are allowed to access when in RESTRICTED_ACCESS mode. */
|
|
933
|
-
allowedInternetDestinations?: EgressNetworkPolicy_NetworkAccessPolicy_InternetDestination[] | undefined;
|
|
934
|
-
/** List of storage destinations that serverless workloads are allowed to access when in RESTRICTED_ACCESS mode. */
|
|
935
|
-
allowedStorageDestinations?: EgressNetworkPolicy_NetworkAccessPolicy_StorageDestination[] | undefined;
|
|
936
|
-
/** Optional. When policy_enforcement is not provided, we default to ENFORCE_MODE_ALL_SERVICES */
|
|
937
|
-
policyEnforcement?: EgressNetworkPolicy_NetworkAccessPolicy_PolicyEnforcement | undefined;
|
|
938
|
-
/**
|
|
939
|
-
* List of internet destinations that serverless workloads are blocked from accessing.
|
|
940
|
-
* These destinations are enforced when restriction mode is RESTRICTED_ACCESS or DRY_RUN.
|
|
941
|
-
* Currently supports DNS_NAME type only; IP_RANGE support is planned.
|
|
942
|
-
*/
|
|
943
|
-
blockedInternetDestinations?: EgressNetworkPolicy_NetworkAccessPolicy_InternetDestination[] | undefined;
|
|
944
|
-
/**
|
|
945
|
-
* List of <Databricks> workspace destinations that serverless workloads are
|
|
946
|
-
* allowed to access when in RESTRICTED_ACCESS mode.
|
|
947
|
-
*/
|
|
948
|
-
allowedDatabricksDestinations?: EgressNetworkPolicy_NetworkAccessPolicy_DatabricksDestination[] | undefined;
|
|
555
|
+
export interface EgressNetworkPolicy_NetworkAccessPolicy {
|
|
556
|
+
/** The restriction mode that controls how serverless workloads can access the internet. */
|
|
557
|
+
restrictionMode?: EgressNetworkPolicy_NetworkAccessPolicy_RestrictionMode | undefined;
|
|
558
|
+
/** List of internet destinations that serverless workloads are allowed to access when in RESTRICTED_ACCESS mode. */
|
|
559
|
+
allowedInternetDestinations?: EgressNetworkPolicy_NetworkAccessPolicy_InternetDestination[] | undefined;
|
|
560
|
+
/** List of storage destinations that serverless workloads are allowed to access when in RESTRICTED_ACCESS mode. */
|
|
561
|
+
allowedStorageDestinations?: EgressNetworkPolicy_NetworkAccessPolicy_StorageDestination[] | undefined;
|
|
562
|
+
/** Optional. When policy_enforcement is not provided, we default to ENFORCE_MODE_ALL_SERVICES */
|
|
563
|
+
policyEnforcement?: EgressNetworkPolicy_NetworkAccessPolicy_PolicyEnforcement | undefined;
|
|
564
|
+
/**
|
|
565
|
+
* List of internet destinations that serverless workloads are blocked from accessing.
|
|
566
|
+
* These destinations are enforced when restriction mode is RESTRICTED_ACCESS or DRY_RUN.
|
|
567
|
+
* Currently supports DNS_NAME type only; IP_RANGE support is planned.
|
|
568
|
+
*/
|
|
569
|
+
blockedInternetDestinations?: EgressNetworkPolicy_NetworkAccessPolicy_InternetDestination[] | undefined;
|
|
570
|
+
/**
|
|
571
|
+
* List of <Databricks> workspace destinations that serverless workloads are
|
|
572
|
+
* allowed to access when in RESTRICTED_ACCESS mode.
|
|
573
|
+
*/
|
|
574
|
+
allowedDatabricksDestinations?: EgressNetworkPolicy_NetworkAccessPolicy_DatabricksDestination[] | undefined;
|
|
949
575
|
}
|
|
950
576
|
export interface EgressNetworkPolicy_NetworkAccessPolicy_DatabricksDestination {
|
|
951
577
|
/** The workspace IDs to allow egress traffic to. */
|
|
@@ -1056,6 +682,13 @@ export interface GcpNetworkInfo {
|
|
|
1056
682
|
/** Name of the secondary range within the subnet that will be used by GKE as Service IP range. */
|
|
1057
683
|
serviceIpRangeName?: string | undefined;
|
|
1058
684
|
}
|
|
685
|
+
export interface GcpVpcEndpointInfo {
|
|
686
|
+
pscConnectionId?: string | undefined;
|
|
687
|
+
projectId?: string | undefined;
|
|
688
|
+
pscEndpointName?: string | undefined;
|
|
689
|
+
endpointRegion?: string | undefined;
|
|
690
|
+
serviceAttachmentId?: string | undefined;
|
|
691
|
+
}
|
|
1059
692
|
/** Next Id: 3 */
|
|
1060
693
|
export interface GetAccountIpAccessListRequest {
|
|
1061
694
|
accountId?: string | undefined;
|
|
@@ -1068,7 +701,7 @@ export interface GetAccountIpAccessListResponse {
|
|
|
1068
701
|
export interface GetEndpointRequest {
|
|
1069
702
|
name?: string | undefined;
|
|
1070
703
|
}
|
|
1071
|
-
export interface
|
|
704
|
+
export interface GetIpAccessListRequest {
|
|
1072
705
|
/** The ID for the corresponding IP access list */
|
|
1073
706
|
listId?: string | undefined;
|
|
1074
707
|
}
|
|
@@ -1076,46 +709,212 @@ export interface GetIpAccessList {
|
|
|
1076
709
|
export interface GetIpAccessListResponse {
|
|
1077
710
|
ipAccessList?: IpAccessList | undefined;
|
|
1078
711
|
}
|
|
1079
|
-
export interface GetNccPrivateEndpointRuleRequest {
|
|
1080
|
-
/** Your <Databricks> account ID. You can find your account ID in your <Databricks> accounts console. */
|
|
1081
|
-
accountId?: string | undefined;
|
|
1082
|
-
/** Your Network Connectvity Configuration ID. */
|
|
1083
|
-
networkConnectivityConfigId?: string | undefined;
|
|
1084
|
-
/** Your private endpoint rule ID. */
|
|
1085
|
-
privateEndpointRuleId?: string | undefined;
|
|
712
|
+
export interface GetNccPrivateEndpointRuleRequest {
|
|
713
|
+
/** Your <Databricks> account ID. You can find your account ID in your <Databricks> accounts console. */
|
|
714
|
+
accountId?: string | undefined;
|
|
715
|
+
/** Your Network Connectvity Configuration ID. */
|
|
716
|
+
networkConnectivityConfigId?: string | undefined;
|
|
717
|
+
/** Your private endpoint rule ID. */
|
|
718
|
+
privateEndpointRuleId?: string | undefined;
|
|
719
|
+
}
|
|
720
|
+
/** ***************************** Public facing RPC requests and responses *****************************\// */
|
|
721
|
+
export interface GetNetworkConnectivityConfigRequest {
|
|
722
|
+
/** Your <Databricks> account ID. You can find your account ID in your <Databricks> accounts console. */
|
|
723
|
+
accountId?: string | undefined;
|
|
724
|
+
/** Your Network Connectivity Configuration ID. */
|
|
725
|
+
networkConnectivityConfigId?: string | undefined;
|
|
726
|
+
}
|
|
727
|
+
export interface GetNetworkPolicyRequest {
|
|
728
|
+
/** The unique identifier of the network policy to retrieve. */
|
|
729
|
+
networkPolicyId?: string | undefined;
|
|
730
|
+
/** Your <Databricks> account ID. You can find your account ID in your <Databricks> accounts console. */
|
|
731
|
+
accountId?: string | undefined;
|
|
732
|
+
}
|
|
733
|
+
export interface GetNetworkRequest {
|
|
734
|
+
/** Databricks Account API network configuration ID. */
|
|
735
|
+
networkId?: string | undefined;
|
|
736
|
+
accountId?: string | undefined;
|
|
737
|
+
}
|
|
738
|
+
export interface GetPrivateAccessSettingsRequest {
|
|
739
|
+
privateAccessSettingsId?: string | undefined;
|
|
740
|
+
accountId?: string | undefined;
|
|
741
|
+
}
|
|
742
|
+
export interface GetVpcEndpointRequest {
|
|
743
|
+
/** Databricks VPC endpoint ID. */
|
|
744
|
+
vpcEndpointId?: string | undefined;
|
|
745
|
+
accountId?: string | undefined;
|
|
746
|
+
}
|
|
747
|
+
export interface GetWorkspaceNetworkOptionRequest {
|
|
748
|
+
/** Your <Databricks> account ID. You can find your account ID in your <Databricks> accounts console. */
|
|
749
|
+
accountId?: string | undefined;
|
|
750
|
+
/** The workspace ID. */
|
|
751
|
+
workspaceId?: bigint | undefined;
|
|
752
|
+
}
|
|
753
|
+
/**
|
|
754
|
+
* This proto is under development.
|
|
755
|
+
* The network policies applying for ingress traffic.
|
|
756
|
+
* Any changes here should also be synced to estore/namespaces/lakehousenetworkmanager/latest.proto.
|
|
757
|
+
*/
|
|
758
|
+
export interface IngressNetworkPolicy {
|
|
759
|
+
/**
|
|
760
|
+
* The network policy restrictions for public access to the workspace.
|
|
761
|
+
* Configures how public internet traffic is allowed or denied access.
|
|
762
|
+
*/
|
|
763
|
+
publicAccess?: IngressNetworkPolicy_PublicAccess | undefined;
|
|
764
|
+
/**
|
|
765
|
+
* The network policy restrictions for private access to the workspace.
|
|
766
|
+
* Configures how registered private endpoints are allowed or denied access.
|
|
767
|
+
*/
|
|
768
|
+
privateAccess?: IngressNetworkPolicy_PrivateAccess | undefined;
|
|
769
|
+
crossWorkspaceAccess?: IngressNetworkPolicy_CrossWorkspaceAccess | undefined;
|
|
770
|
+
}
|
|
771
|
+
export interface IngressNetworkPolicy_AccountApiDestination {
|
|
772
|
+
scopes?: string[] | undefined;
|
|
773
|
+
/** Qualifies the breadth of API access for the listed scopes. See ApiScopeQualifier. */
|
|
774
|
+
scopeQualifier?: IngressNetworkPolicy_ApiScopeQualifier | undefined;
|
|
775
|
+
}
|
|
776
|
+
export interface IngressNetworkPolicy_AccountDatabricksOneDestination {
|
|
777
|
+
/** Must be set to true. */
|
|
778
|
+
allDestinations?: boolean | undefined;
|
|
779
|
+
}
|
|
780
|
+
export interface IngressNetworkPolicy_AccountUiDestination {
|
|
781
|
+
/** Must be set to true. */
|
|
782
|
+
allDestinations?: boolean | undefined;
|
|
783
|
+
}
|
|
784
|
+
export interface IngressNetworkPolicy_AppsRuntimeDestination {
|
|
785
|
+
/** Must be set to true. */
|
|
786
|
+
allDestinations?: boolean | undefined;
|
|
787
|
+
}
|
|
788
|
+
export interface IngressNetworkPolicy_Authentication {
|
|
789
|
+
identityType?: IngressNetworkPolicy_Authentication_IdentityType | undefined;
|
|
790
|
+
/** Valid only when IdentityType is IDENTITY_TYPE_SELECTED_IDENTITIES. */
|
|
791
|
+
identities?: IngressNetworkPolicy_AuthenticationIdentity[] | undefined;
|
|
792
|
+
}
|
|
793
|
+
export interface IngressNetworkPolicy_AuthenticationIdentity {
|
|
794
|
+
principalType?: IngressNetworkPolicy_AuthenticationIdentity_PrincipalType | undefined;
|
|
795
|
+
principalId?: bigint | undefined;
|
|
796
|
+
}
|
|
797
|
+
export interface IngressNetworkPolicy_CrossWorkspaceAccess {
|
|
798
|
+
restrictionMode?: IngressNetworkPolicy_CrossWorkspaceAccess_RestrictionMode | undefined;
|
|
799
|
+
denyRules?: IngressNetworkPolicy_CrossWorkspaceIngressRule[] | undefined;
|
|
800
|
+
allowRules?: IngressNetworkPolicy_CrossWorkspaceIngressRule[] | undefined;
|
|
801
|
+
}
|
|
802
|
+
export interface IngressNetworkPolicy_CrossWorkspaceIngressRule {
|
|
803
|
+
origin?: IngressNetworkPolicy_CrossWorkspaceRequestOrigin | undefined;
|
|
804
|
+
destination?: IngressNetworkPolicy_RequestDestination | undefined;
|
|
805
|
+
authentication?: IngressNetworkPolicy_Authentication | undefined;
|
|
806
|
+
/** The label for this ingress rule. */
|
|
807
|
+
label?: string | undefined;
|
|
808
|
+
}
|
|
809
|
+
export interface IngressNetworkPolicy_CrossWorkspaceRequestOrigin {
|
|
810
|
+
source?: {
|
|
811
|
+
$case: 'allSourceWorkspaces';
|
|
812
|
+
/** Matches all source workspaces. */
|
|
813
|
+
allSourceWorkspaces: boolean;
|
|
814
|
+
} | {
|
|
815
|
+
$case: 'selectedWorkspaces';
|
|
816
|
+
/** Specific source workspace IDs to match. */
|
|
817
|
+
selectedWorkspaces: IngressNetworkPolicy_WorkspaceIdList;
|
|
818
|
+
} | undefined;
|
|
819
|
+
}
|
|
820
|
+
export interface IngressNetworkPolicy_Endpoints {
|
|
821
|
+
endpointIds?: string[] | undefined;
|
|
822
|
+
}
|
|
823
|
+
export interface IngressNetworkPolicy_IpRanges {
|
|
824
|
+
/** We only support IPv4 and IPv4 CIDR notation for now. */
|
|
825
|
+
ipRanges?: string[] | undefined;
|
|
826
|
+
}
|
|
827
|
+
export interface IngressNetworkPolicy_LakebaseRuntimeDestination {
|
|
828
|
+
/** Must be set to true. */
|
|
829
|
+
allDestinations?: boolean | undefined;
|
|
830
|
+
}
|
|
831
|
+
export interface IngressNetworkPolicy_PrivateAccess {
|
|
832
|
+
restrictionMode?: IngressNetworkPolicy_PrivateAccess_RestrictionMode | undefined;
|
|
833
|
+
denyRules?: IngressNetworkPolicy_PrivateIngressRule[] | undefined;
|
|
834
|
+
allowRules?: IngressNetworkPolicy_PrivateIngressRule[] | undefined;
|
|
835
|
+
}
|
|
836
|
+
export interface IngressNetworkPolicy_PrivateIngressRule {
|
|
837
|
+
origin?: IngressNetworkPolicy_PrivateRequestOrigin | undefined;
|
|
838
|
+
destination?: IngressNetworkPolicy_RequestDestination | undefined;
|
|
839
|
+
authentication?: IngressNetworkPolicy_Authentication | undefined;
|
|
840
|
+
/** The label for this ingress rule. */
|
|
841
|
+
label?: string | undefined;
|
|
842
|
+
}
|
|
843
|
+
export interface IngressNetworkPolicy_PrivateRequestOrigin {
|
|
844
|
+
source?: {
|
|
845
|
+
$case: 'endpoints';
|
|
846
|
+
endpoints: IngressNetworkPolicy_Endpoints;
|
|
847
|
+
} | {
|
|
848
|
+
$case: 'allRegisteredEndpoints';
|
|
849
|
+
allRegisteredEndpoints: boolean;
|
|
850
|
+
} | {
|
|
851
|
+
$case: 'azureWorkspacePrivateLink';
|
|
852
|
+
azureWorkspacePrivateLink: boolean;
|
|
853
|
+
} | {
|
|
854
|
+
$case: 'allPrivateAccess';
|
|
855
|
+
allPrivateAccess: boolean;
|
|
856
|
+
} | undefined;
|
|
857
|
+
}
|
|
858
|
+
export interface IngressNetworkPolicy_PublicAccess {
|
|
859
|
+
restrictionMode?: IngressNetworkPolicy_PublicAccess_RestrictionMode | undefined;
|
|
860
|
+
denyRules?: IngressNetworkPolicy_PublicIngressRule[] | undefined;
|
|
861
|
+
allowRules?: IngressNetworkPolicy_PublicIngressRule[] | undefined;
|
|
1086
862
|
}
|
|
1087
|
-
/**
|
|
1088
|
-
|
|
1089
|
-
|
|
1090
|
-
|
|
1091
|
-
|
|
1092
|
-
|
|
863
|
+
/**
|
|
864
|
+
* An ingress rule is enforced when a request satisfies all
|
|
865
|
+
* specified attributes — including request origin, destination, and authentication.
|
|
866
|
+
*/
|
|
867
|
+
export interface IngressNetworkPolicy_PublicIngressRule {
|
|
868
|
+
origin?: IngressNetworkPolicy_PublicRequestOrigin | undefined;
|
|
869
|
+
destination?: IngressNetworkPolicy_RequestDestination | undefined;
|
|
870
|
+
authentication?: IngressNetworkPolicy_Authentication | undefined;
|
|
871
|
+
/** The label for this ingress rule. */
|
|
872
|
+
label?: string | undefined;
|
|
1093
873
|
}
|
|
1094
|
-
export interface
|
|
1095
|
-
|
|
1096
|
-
|
|
1097
|
-
|
|
1098
|
-
|
|
874
|
+
export interface IngressNetworkPolicy_PublicRequestOrigin {
|
|
875
|
+
source?: {
|
|
876
|
+
$case: 'allIpRanges';
|
|
877
|
+
/** Matches all IPv4 and IPv6 ranges (both public and private). */
|
|
878
|
+
allIpRanges: boolean;
|
|
879
|
+
} | {
|
|
880
|
+
$case: 'includedIpRanges';
|
|
881
|
+
/** Will not allow IP ranges with private IPs. */
|
|
882
|
+
includedIpRanges: IngressNetworkPolicy_IpRanges;
|
|
883
|
+
} | {
|
|
884
|
+
$case: 'excludedIpRanges';
|
|
885
|
+
/** Excluded means: all public IP ranges except this one. */
|
|
886
|
+
excludedIpRanges: IngressNetworkPolicy_IpRanges;
|
|
887
|
+
} | undefined;
|
|
1099
888
|
}
|
|
1100
|
-
export interface
|
|
1101
|
-
/**
|
|
1102
|
-
|
|
1103
|
-
|
|
889
|
+
export interface IngressNetworkPolicy_RequestDestination {
|
|
890
|
+
/**
|
|
891
|
+
* When true, match all destinations, no other destination fields can be set.
|
|
892
|
+
* When not set or false, at least one specific destination must be provided.
|
|
893
|
+
*/
|
|
894
|
+
allDestinations?: boolean | undefined;
|
|
895
|
+
workspaceUi?: IngressNetworkPolicy_WorkspaceUiDestination | undefined;
|
|
896
|
+
workspaceApi?: IngressNetworkPolicy_WorkspaceApiDestination | undefined;
|
|
897
|
+
appsRuntime?: IngressNetworkPolicy_AppsRuntimeDestination | undefined;
|
|
898
|
+
lakebaseRuntime?: IngressNetworkPolicy_LakebaseRuntimeDestination | undefined;
|
|
899
|
+
accountUi?: IngressNetworkPolicy_AccountUiDestination | undefined;
|
|
900
|
+
accountApi?: IngressNetworkPolicy_AccountApiDestination | undefined;
|
|
901
|
+
/**
|
|
902
|
+
* Account DatabricksOne destination is not supported.
|
|
903
|
+
* DO NOT change the stage of this destination past PRIVATE_PREVIEW.
|
|
904
|
+
*/
|
|
905
|
+
accountDatabricksOne?: IngressNetworkPolicy_AccountDatabricksOneDestination | undefined;
|
|
1104
906
|
}
|
|
1105
|
-
export interface
|
|
1106
|
-
|
|
1107
|
-
|
|
907
|
+
export interface IngressNetworkPolicy_WorkspaceApiDestination {
|
|
908
|
+
scopes?: string[] | undefined;
|
|
909
|
+
/** Qualifies the breadth of API access for the listed scopes. See ApiScopeQualifier. */
|
|
910
|
+
scopeQualifier?: IngressNetworkPolicy_ApiScopeQualifier | undefined;
|
|
1108
911
|
}
|
|
1109
|
-
export interface
|
|
1110
|
-
|
|
1111
|
-
vpcEndpointId?: string | undefined;
|
|
1112
|
-
accountId?: string | undefined;
|
|
912
|
+
export interface IngressNetworkPolicy_WorkspaceIdList {
|
|
913
|
+
workspaceIds?: bigint[] | undefined;
|
|
1113
914
|
}
|
|
1114
|
-
export interface
|
|
1115
|
-
/**
|
|
1116
|
-
|
|
1117
|
-
/** The workspace ID. */
|
|
1118
|
-
workspaceId?: bigint | undefined;
|
|
915
|
+
export interface IngressNetworkPolicy_WorkspaceUiDestination {
|
|
916
|
+
/** Must be set to true. */
|
|
917
|
+
allDestinations?: boolean | undefined;
|
|
1119
918
|
}
|
|
1120
919
|
/** Definition of an IP Access list */
|
|
1121
920
|
export interface IpAccessList {
|
|
@@ -1188,7 +987,7 @@ export interface ListNetworkConnectivityConfigsRequest {
|
|
|
1188
987
|
}
|
|
1189
988
|
/** The network connectivity configuration list was successfully retrieved. */
|
|
1190
989
|
export interface ListNetworkConnectivityConfigsResponse {
|
|
1191
|
-
items?:
|
|
990
|
+
items?: NetworkConnectivityConfig[] | undefined;
|
|
1192
991
|
/** A token that can be used to get the next page of results. If null, there are no more results to show. */
|
|
1193
992
|
nextPageToken?: string | undefined;
|
|
1194
993
|
}
|
|
@@ -1214,13 +1013,13 @@ export interface ListPrivateAccessSettingsRequest {
|
|
|
1214
1013
|
accountId?: string | undefined;
|
|
1215
1014
|
}
|
|
1216
1015
|
export interface ListPrivateAccessSettingsResponse {
|
|
1217
|
-
privateAccessSettings?:
|
|
1016
|
+
privateAccessSettings?: PrivateAccessSettings[] | undefined;
|
|
1218
1017
|
}
|
|
1219
1018
|
export interface ListVpcEndpointRequest {
|
|
1220
1019
|
accountId?: string | undefined;
|
|
1221
1020
|
}
|
|
1222
1021
|
export interface ListVpcEndpointResponse {
|
|
1223
|
-
vpcEndpoints?:
|
|
1022
|
+
vpcEndpoints?: VpcEndpoint[] | undefined;
|
|
1224
1023
|
}
|
|
1225
1024
|
/**
|
|
1226
1025
|
* Properties of the new private endpoint rule.
|
|
@@ -1325,6 +1124,140 @@ export interface Network {
|
|
|
1325
1124
|
gcpNetworkInfo: GcpNetworkInfo;
|
|
1326
1125
|
} | undefined;
|
|
1327
1126
|
}
|
|
1127
|
+
/** Properties of the new network connectivity configuration. */
|
|
1128
|
+
export interface NetworkConnectivityConfig {
|
|
1129
|
+
/** <Databricks> network connectivity configuration ID. */
|
|
1130
|
+
networkConnectivityConfigId?: string | undefined;
|
|
1131
|
+
/** Your <Databricks> account ID. You can find your account ID in your <Databricks> accounts console. */
|
|
1132
|
+
accountId?: string | undefined;
|
|
1133
|
+
/**
|
|
1134
|
+
* The name of the network connectivity configuration. The name can contain alphanumeric characters, hyphens,
|
|
1135
|
+
* and underscores. The length must be between 3 and 30 characters. The name must match the regular
|
|
1136
|
+
* expression ^[0-9a-zA-Z-_]{3,30}$
|
|
1137
|
+
*/
|
|
1138
|
+
name?: string | undefined;
|
|
1139
|
+
/**
|
|
1140
|
+
* The region for the network connectivity configuration.
|
|
1141
|
+
* Only workspaces in the same region can be attached to the network connectivity configuration.
|
|
1142
|
+
*/
|
|
1143
|
+
region?: string | undefined;
|
|
1144
|
+
/** The network connectivity rules that apply to network traffic from your serverless compute resources. */
|
|
1145
|
+
egressConfig?: CustomerFacingNetworkConnectivityConfigEgressConfig | undefined;
|
|
1146
|
+
/** Time in epoch milliseconds when this object was updated. */
|
|
1147
|
+
updatedTime?: bigint | undefined;
|
|
1148
|
+
/** Time in epoch milliseconds when this object was created. */
|
|
1149
|
+
creationTime?: bigint | undefined;
|
|
1150
|
+
}
|
|
1151
|
+
/**
|
|
1152
|
+
* Properties of the new private endpoint rule.
|
|
1153
|
+
* Note that for private endpoints towards a VPC endpoint service behind a customer-managed NLB,
|
|
1154
|
+
* you must approve the endpoint in AWS console after initialization.
|
|
1155
|
+
*/
|
|
1156
|
+
export interface NetworkConnectivityConfigAwsPrivateEndpointRule {
|
|
1157
|
+
/** The ID of a private endpoint rule. */
|
|
1158
|
+
ruleId?: string | undefined;
|
|
1159
|
+
/** The ID of a network connectivity configuration, which is the parent resource of this private endpoint rule object. */
|
|
1160
|
+
networkConnectivityConfigId?: string | undefined;
|
|
1161
|
+
/** <Databricks> account ID. You can find your account ID from the Accounts Console. */
|
|
1162
|
+
accountId?: string | undefined;
|
|
1163
|
+
/** The full target AWS endpoint service name that connects to the destination resources of the private endpoint. */
|
|
1164
|
+
endpointService?: string | undefined;
|
|
1165
|
+
/**
|
|
1166
|
+
* Only used by private endpoints towards a VPC endpoint service for customer-managed VPC endpoint service.
|
|
1167
|
+
*
|
|
1168
|
+
* The target AWS resource FQDNs accessible via the VPC endpoint service.
|
|
1169
|
+
* When updating this field, we perform full update on this field. Please ensure a full list of desired domain_names is provided.
|
|
1170
|
+
*/
|
|
1171
|
+
domainNames?: string[] | undefined;
|
|
1172
|
+
/**
|
|
1173
|
+
* Only used by private endpoints towards AWS S3 service.
|
|
1174
|
+
*
|
|
1175
|
+
* The globally unique S3 bucket names that will be accessed via the VPC endpoint.
|
|
1176
|
+
* The bucket names must be in the same region as the NCC/endpoint service.
|
|
1177
|
+
* When updating this field, we perform full update on this field.
|
|
1178
|
+
* Please ensure a full list of desired resource_names is provided.
|
|
1179
|
+
*/
|
|
1180
|
+
resourceNames?: string[] | undefined;
|
|
1181
|
+
/** The AWS VPC endpoint ID. You can use this ID to identify VPC endpoint created by <Databricks>. */
|
|
1182
|
+
vpcEndpointId?: string | undefined;
|
|
1183
|
+
/**
|
|
1184
|
+
* The current status of this private endpoint. The private endpoint rules are effective only if the connection state
|
|
1185
|
+
* is ESTABLISHED. Remember that you must approve new endpoints on your resources in the AWS console
|
|
1186
|
+
* before they take effect.
|
|
1187
|
+
* The possible values are:
|
|
1188
|
+
* - PENDING: The endpoint has been created and pending approval.
|
|
1189
|
+
* - ESTABLISHED: The endpoint has been approved and is ready to use in your serverless compute resources.
|
|
1190
|
+
* - REJECTED: Connection was rejected by the private link resource owner.
|
|
1191
|
+
* - DISCONNECTED: Connection was removed by the private link resource owner, the private endpoint becomes informative and should be deleted for clean-up.
|
|
1192
|
+
* - EXPIRED: If the endpoint is created but not approved in 14 days, it is EXPIRED.
|
|
1193
|
+
*/
|
|
1194
|
+
connectionState?: NetworkConnectivityConfigAwsPrivateEndpointRule_PrivateLinkConnectionState | undefined;
|
|
1195
|
+
/** Time in epoch milliseconds when this object was created. */
|
|
1196
|
+
creationTime?: bigint | undefined;
|
|
1197
|
+
/** Time in epoch milliseconds when this object was updated. */
|
|
1198
|
+
updatedTime?: bigint | undefined;
|
|
1199
|
+
/** Whether this private endpoint is deactivated. */
|
|
1200
|
+
deactivated?: boolean | undefined;
|
|
1201
|
+
/** Time in epoch milliseconds when this object was deactivated. */
|
|
1202
|
+
deactivatedAt?: bigint | undefined;
|
|
1203
|
+
/**
|
|
1204
|
+
* Only used by private endpoints towards an AWS S3 service.
|
|
1205
|
+
*
|
|
1206
|
+
* Update this field to activate/deactivate this private endpoint to allow egress access from serverless compute resources.
|
|
1207
|
+
*/
|
|
1208
|
+
enabled?: boolean | undefined;
|
|
1209
|
+
errorMessage?: string | undefined;
|
|
1210
|
+
}
|
|
1211
|
+
/**
|
|
1212
|
+
* Properties of the new private endpoint rule.
|
|
1213
|
+
* Note that you must approve the endpoint in Azure portal after initialization.
|
|
1214
|
+
*/
|
|
1215
|
+
export interface NetworkConnectivityConfigAzurePrivateEndpointRule {
|
|
1216
|
+
/** The ID of a private endpoint rule. */
|
|
1217
|
+
ruleId?: string | undefined;
|
|
1218
|
+
/** The ID of a network connectivity configuration, which is the parent resource of this private endpoint rule object. */
|
|
1219
|
+
networkConnectivityConfigId?: string | undefined;
|
|
1220
|
+
/** The Azure resource ID of the target resource. */
|
|
1221
|
+
resourceId?: string | undefined;
|
|
1222
|
+
/**
|
|
1223
|
+
* Only used by private endpoints to Azure first-party services.
|
|
1224
|
+
*
|
|
1225
|
+
* The sub-resource type (group ID) of the target resource.
|
|
1226
|
+
* Note that to connect to workspace root storage (root DBFS), you need two endpoints, one for blob and one for dfs.
|
|
1227
|
+
*/
|
|
1228
|
+
groupId?: string | undefined;
|
|
1229
|
+
/** The name of the Azure private endpoint resource. */
|
|
1230
|
+
endpointName?: string | undefined;
|
|
1231
|
+
/**
|
|
1232
|
+
* The current status of this private endpoint. The private endpoint rules are effective only if the connection state
|
|
1233
|
+
* is ESTABLISHED. Remember that you must approve new endpoints on your resources in the Azure portal
|
|
1234
|
+
* before they take effect.
|
|
1235
|
+
* The possible values are:
|
|
1236
|
+
* - INIT: (deprecated) The endpoint has been created and pending approval.
|
|
1237
|
+
* - PENDING: The endpoint has been created and pending approval.
|
|
1238
|
+
* - ESTABLISHED: The endpoint has been approved and is ready to use in your serverless compute resources.
|
|
1239
|
+
* - REJECTED: Connection was rejected by the private link resource owner.
|
|
1240
|
+
* - DISCONNECTED: Connection was removed by the private link resource owner, the private endpoint becomes informative and should be deleted for clean-up.
|
|
1241
|
+
* - EXPIRED: If the endpoint was created but not approved in 14 days, it will be EXPIRED.
|
|
1242
|
+
*/
|
|
1243
|
+
connectionState?: NetworkConnectivityConfigAzurePrivateEndpointRule_PrivateLinkConnectionState | undefined;
|
|
1244
|
+
/** Time in epoch milliseconds when this object was created. */
|
|
1245
|
+
creationTime?: bigint | undefined;
|
|
1246
|
+
/** Time in epoch milliseconds when this object was updated. */
|
|
1247
|
+
updatedTime?: bigint | undefined;
|
|
1248
|
+
/** Whether this private endpoint is deactivated. */
|
|
1249
|
+
deactivated?: boolean | undefined;
|
|
1250
|
+
/** Time in epoch milliseconds when this object was deactivated. */
|
|
1251
|
+
deactivatedAt?: bigint | undefined;
|
|
1252
|
+
/**
|
|
1253
|
+
* Not used by customer-managed private endpoint services.
|
|
1254
|
+
*
|
|
1255
|
+
* Domain names of target private link service.
|
|
1256
|
+
* When updating this field, the full list of target domain_names must be specified.
|
|
1257
|
+
*/
|
|
1258
|
+
domainNames?: string[] | undefined;
|
|
1259
|
+
errorMessage?: string | undefined;
|
|
1260
|
+
}
|
|
1328
1261
|
/**
|
|
1329
1262
|
* Egress network configurations. Provides network configurations for Databricks -> Customer
|
|
1330
1263
|
* traffic.
|
|
@@ -1369,6 +1302,31 @@ export interface NetworkWarning {
|
|
|
1369
1302
|
/** Details of the warning. */
|
|
1370
1303
|
warningMessage?: string | undefined;
|
|
1371
1304
|
}
|
|
1305
|
+
/** * */
|
|
1306
|
+
export interface PrivateAccessSettings {
|
|
1307
|
+
/** <Databricks> private access settings ID. */
|
|
1308
|
+
privateAccessSettingsId?: string | undefined;
|
|
1309
|
+
/** The <Databricks> account ID that hosts the private access settings. */
|
|
1310
|
+
accountId?: string | undefined;
|
|
1311
|
+
/** The human-readable name of the private access settings object. */
|
|
1312
|
+
privateAccessSettingsName?: string | undefined;
|
|
1313
|
+
/** The AWS region for workspaces attached to this private access settings object. */
|
|
1314
|
+
region?: string | undefined;
|
|
1315
|
+
/** Determines if the workspace can be accessed over public internet. For fully private workspaces, you can optionally specify false, but only if you implement both the front-end and the back-end PrivateLink connections. Otherwise, specify true, which means that public access is enabled. */
|
|
1316
|
+
publicAccessEnabled?: boolean | undefined;
|
|
1317
|
+
/**
|
|
1318
|
+
* The private access level controls which VPC endpoints can connect to the UI or API of any workspace that attaches this private access settings object.
|
|
1319
|
+
* `ACCOUNT` level access (the default) allows only VPC endpoints that are registered in your <Databricks> account connect to your workspace.
|
|
1320
|
+
* `ENDPOINT` level access allows only specified VPC endpoints connect to your workspace. For details, see allowed_vpc_endpoint_ids.
|
|
1321
|
+
*/
|
|
1322
|
+
privateAccessLevel?: PrivateAccessLevel | undefined;
|
|
1323
|
+
/**
|
|
1324
|
+
* An array of Databricks VPC endpoint IDs. This is the <Databricks> ID that is returned when registering the VPC endpoint configuration in your <Databricks> account. This is not the ID of the VPC endpoint in AWS.
|
|
1325
|
+
* Only used when private_access_level is set to ENDPOINT. This is an allow list of VPC endpoints that in your account that can connect to your workspace over AWS PrivateLink.
|
|
1326
|
+
* If hybrid access to your workspace is enabled by setting public_access_enabled to true, this control only works for PrivateLink connections. To control how your workspace is accessed via public internet, see IP access lists.
|
|
1327
|
+
*/
|
|
1328
|
+
allowedVpcEndpointIds?: string[] | undefined;
|
|
1329
|
+
}
|
|
1372
1330
|
/** Details required to replace an IP access list. */
|
|
1373
1331
|
export interface ReplaceAccountIpAccessListRequest {
|
|
1374
1332
|
accountId?: string | undefined;
|
|
@@ -1386,7 +1344,7 @@ export interface ReplaceAccountIpAccessListResponse {
|
|
|
1386
1344
|
ipAccessList?: AccountIpAccessList | undefined;
|
|
1387
1345
|
}
|
|
1388
1346
|
/** Details required to replace an IP access list. */
|
|
1389
|
-
export interface
|
|
1347
|
+
export interface ReplaceIpAccessListRequest {
|
|
1390
1348
|
/** The ID for the corresponding IP access list */
|
|
1391
1349
|
listId?: string | undefined;
|
|
1392
1350
|
/** Label for the IP access list. This **cannot** be empty. */
|
|
@@ -1417,7 +1375,7 @@ export interface UpdateAccountIpAccessListResponse {
|
|
|
1417
1375
|
ipAccessList?: AccountIpAccessList | undefined;
|
|
1418
1376
|
}
|
|
1419
1377
|
/** Details required to update an IP access list. */
|
|
1420
|
-
export interface
|
|
1378
|
+
export interface UpdateIpAccessListRequest {
|
|
1421
1379
|
/** The ID for the corresponding IP access list */
|
|
1422
1380
|
listId?: string | undefined;
|
|
1423
1381
|
/** Label for the IP access list. This **cannot** be empty. */
|
|
@@ -1452,7 +1410,7 @@ export interface UpdateNetworkPolicyRequest {
|
|
|
1452
1410
|
}
|
|
1453
1411
|
export interface UpdatePrivateAccessSettingsRequest {
|
|
1454
1412
|
/** Properties of the new private access settings object. */
|
|
1455
|
-
customerFacingPrivateAccessSettings?:
|
|
1413
|
+
customerFacingPrivateAccessSettings?: PrivateAccessSettings | undefined;
|
|
1456
1414
|
}
|
|
1457
1415
|
/**
|
|
1458
1416
|
* Properties of the new private endpoint rule.
|
|
@@ -1537,6 +1495,39 @@ export interface UpdateWorkspaceNetworkOptionRequest {
|
|
|
1537
1495
|
/** The network option details for the workspace. */
|
|
1538
1496
|
workspaceNetworkOption?: WorkspaceNetworkOption | undefined;
|
|
1539
1497
|
}
|
|
1498
|
+
/** * */
|
|
1499
|
+
export interface VpcEndpoint {
|
|
1500
|
+
/** Databricks VPC endpoint ID. This is the <Databricks>-specific name of the VPC endpoint. Do not confuse this with the `aws_vpc_endpoint_id`, which is the ID within AWS of the VPC endpoint. */
|
|
1501
|
+
vpcEndpointId?: string | undefined;
|
|
1502
|
+
/** The <Databricks> account ID that hosts the VPC endpoint configuration. */
|
|
1503
|
+
accountId?: string | undefined;
|
|
1504
|
+
/** The human-readable name of the storage configuration. */
|
|
1505
|
+
vpcEndpointName?: string | undefined;
|
|
1506
|
+
/** The ID of the VPC endpoint object in AWS. */
|
|
1507
|
+
awsVpcEndpointId?: string | undefined;
|
|
1508
|
+
/** The ID of the <Databricks> [endpoint service](https://docs.aws.amazon.com/vpc/latest/privatelink/endpoint-service.html) that this VPC endpoint is connected to. For a list of endpoint service IDs for each supported AWS region, see the [Databricks PrivateLink documentation](https://docs.databricks.com/administration-guide/cloud-configurations/aws/privatelink.html). */
|
|
1509
|
+
awsEndpointServiceId?: string | undefined;
|
|
1510
|
+
/**
|
|
1511
|
+
* This enumeration represents the type of Databricks VPC endpoint service that was used when creating this VPC endpoint.
|
|
1512
|
+
* If the VPC endpoint connects to the <Databricks> control plane for either the front-end connection or the back-end REST API connection, the value is GENERAL_ACCESS.
|
|
1513
|
+
* If the VPC endpoint connects to the <Databricks> workspace for the back-end secure cluster connectivity relay, the value is DATAPLANE_RELAY_ACCESS.
|
|
1514
|
+
*/
|
|
1515
|
+
useCase?: VpcEndpointUseCase | undefined;
|
|
1516
|
+
/** The AWS region in which this VPC endpoint object exists. */
|
|
1517
|
+
region?: string | undefined;
|
|
1518
|
+
/** The AWS Account in which the VPC endpoint object exists. */
|
|
1519
|
+
awsAccountId?: string | undefined;
|
|
1520
|
+
/** The current state (such as `available` or `rejected`) of the VPC endpoint. Derived from AWS. For the full set of values, see [AWS DescribeVpcEndpoint documentation](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html). */
|
|
1521
|
+
state?: string | undefined;
|
|
1522
|
+
vpcEndpointInfo?: {
|
|
1523
|
+
$case: 'gcpVpcEndpointInfo';
|
|
1524
|
+
/**
|
|
1525
|
+
* The cloud info of this vpc endpoint.
|
|
1526
|
+
* Info for a GCP vpc endpoint.
|
|
1527
|
+
*/
|
|
1528
|
+
gcpVpcEndpointInfo: GcpVpcEndpointInfo;
|
|
1529
|
+
} | undefined;
|
|
1530
|
+
}
|
|
1540
1531
|
export interface WorkspaceNetworkOption {
|
|
1541
1532
|
/**
|
|
1542
1533
|
* The network policy ID to apply to the workspace. This controls the network access rules
|
|
@@ -1553,37 +1544,8 @@ export declare const unmarshalAccountNetworkPolicySchema: z.ZodType<AccountNetwo
|
|
|
1553
1544
|
export declare const unmarshalAzurePrivateEndpointInfoSchema: z.ZodType<AzurePrivateEndpointInfo>;
|
|
1554
1545
|
export declare const unmarshalCreateAccountIpAccessListResponseSchema: z.ZodType<CreateAccountIpAccessListResponse>;
|
|
1555
1546
|
export declare const unmarshalCreateIpAccessListResponseSchema: z.ZodType<CreateIpAccessListResponse>;
|
|
1556
|
-
export declare const unmarshalCustomerFacingGcpVpcEndpointInfoSchema: z.ZodType<CustomerFacingGcpVpcEndpointInfo>;
|
|
1557
|
-
export declare const unmarshalCustomerFacingIngressNetworkPolicySchema: z.ZodType<CustomerFacingIngressNetworkPolicy>;
|
|
1558
|
-
export declare const unmarshalCustomerFacingIngressNetworkPolicy_AccountApiDestinationSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_AccountApiDestination>;
|
|
1559
|
-
export declare const unmarshalCustomerFacingIngressNetworkPolicy_AccountDatabricksOneDestinationSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_AccountDatabricksOneDestination>;
|
|
1560
|
-
export declare const unmarshalCustomerFacingIngressNetworkPolicy_AccountUiDestinationSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_AccountUiDestination>;
|
|
1561
|
-
export declare const unmarshalCustomerFacingIngressNetworkPolicy_AppsRuntimeDestinationSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_AppsRuntimeDestination>;
|
|
1562
|
-
export declare const unmarshalCustomerFacingIngressNetworkPolicy_AuthenticationSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_Authentication>;
|
|
1563
|
-
export declare const unmarshalCustomerFacingIngressNetworkPolicy_AuthenticationIdentitySchema: z.ZodType<CustomerFacingIngressNetworkPolicy_AuthenticationIdentity>;
|
|
1564
|
-
export declare const unmarshalCustomerFacingIngressNetworkPolicy_CrossWorkspaceAccessSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_CrossWorkspaceAccess>;
|
|
1565
|
-
export declare const unmarshalCustomerFacingIngressNetworkPolicy_CrossWorkspaceIngressRuleSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_CrossWorkspaceIngressRule>;
|
|
1566
|
-
export declare const unmarshalCustomerFacingIngressNetworkPolicy_CrossWorkspaceRequestOriginSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_CrossWorkspaceRequestOrigin>;
|
|
1567
|
-
export declare const unmarshalCustomerFacingIngressNetworkPolicy_EndpointsSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_Endpoints>;
|
|
1568
|
-
export declare const unmarshalCustomerFacingIngressNetworkPolicy_IpRangesSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_IpRanges>;
|
|
1569
|
-
export declare const unmarshalCustomerFacingIngressNetworkPolicy_LakebaseRuntimeDestinationSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_LakebaseRuntimeDestination>;
|
|
1570
|
-
export declare const unmarshalCustomerFacingIngressNetworkPolicy_PrivateAccessSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_PrivateAccess>;
|
|
1571
|
-
export declare const unmarshalCustomerFacingIngressNetworkPolicy_PrivateIngressRuleSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_PrivateIngressRule>;
|
|
1572
|
-
export declare const unmarshalCustomerFacingIngressNetworkPolicy_PrivateRequestOriginSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_PrivateRequestOrigin>;
|
|
1573
|
-
export declare const unmarshalCustomerFacingIngressNetworkPolicy_PublicAccessSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_PublicAccess>;
|
|
1574
|
-
export declare const unmarshalCustomerFacingIngressNetworkPolicy_PublicIngressRuleSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_PublicIngressRule>;
|
|
1575
|
-
export declare const unmarshalCustomerFacingIngressNetworkPolicy_PublicRequestOriginSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_PublicRequestOrigin>;
|
|
1576
|
-
export declare const unmarshalCustomerFacingIngressNetworkPolicy_RequestDestinationSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_RequestDestination>;
|
|
1577
|
-
export declare const unmarshalCustomerFacingIngressNetworkPolicy_WorkspaceApiDestinationSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_WorkspaceApiDestination>;
|
|
1578
|
-
export declare const unmarshalCustomerFacingIngressNetworkPolicy_WorkspaceIdListSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_WorkspaceIdList>;
|
|
1579
|
-
export declare const unmarshalCustomerFacingIngressNetworkPolicy_WorkspaceUiDestinationSchema: z.ZodType<CustomerFacingIngressNetworkPolicy_WorkspaceUiDestination>;
|
|
1580
|
-
export declare const unmarshalCustomerFacingNetworkConnectivityConfigSchema: z.ZodType<CustomerFacingNetworkConnectivityConfig>;
|
|
1581
|
-
export declare const unmarshalCustomerFacingNetworkConnectivityConfigAwsPrivateEndpointRuleSchema: z.ZodType<CustomerFacingNetworkConnectivityConfigAwsPrivateEndpointRule>;
|
|
1582
|
-
export declare const unmarshalCustomerFacingNetworkConnectivityConfigAzurePrivateEndpointRuleSchema: z.ZodType<CustomerFacingNetworkConnectivityConfigAzurePrivateEndpointRule>;
|
|
1583
1547
|
export declare const unmarshalCustomerFacingNetworkConnectivityConfigEgressConfigSchema: z.ZodType<CustomerFacingNetworkConnectivityConfigEgressConfig>;
|
|
1584
1548
|
export declare const unmarshalCustomerFacingNetworkConnectivityConfigEgressConfig_CustomerFacingTargetRuleSchema: z.ZodType<CustomerFacingNetworkConnectivityConfigEgressConfig_CustomerFacingTargetRule>;
|
|
1585
|
-
export declare const unmarshalCustomerFacingPrivateAccessSettingsSchema: z.ZodType<CustomerFacingPrivateAccessSettings>;
|
|
1586
|
-
export declare const unmarshalCustomerFacingVpcEndpointSchema: z.ZodType<CustomerFacingVpcEndpoint>;
|
|
1587
1549
|
export declare const unmarshalDeleteAccountIpAccessListResponseSchema: z.ZodType<DeleteAccountIpAccessListResponse>;
|
|
1588
1550
|
export declare const unmarshalDeleteIpAccessListResponseSchema: z.ZodType<DeleteIpAccessListResponse>;
|
|
1589
1551
|
export declare const unmarshalEgressNetworkPolicySchema: z.ZodType<EgressNetworkPolicy>;
|
|
@@ -1595,8 +1557,32 @@ export declare const unmarshalEgressNetworkPolicy_NetworkAccessPolicy_StorageDes
|
|
|
1595
1557
|
export declare const unmarshalEndpointSchema: z.ZodType<Endpoint>;
|
|
1596
1558
|
export declare const unmarshalGcpEndpointSchema: z.ZodType<GcpEndpoint>;
|
|
1597
1559
|
export declare const unmarshalGcpNetworkInfoSchema: z.ZodType<GcpNetworkInfo>;
|
|
1560
|
+
export declare const unmarshalGcpVpcEndpointInfoSchema: z.ZodType<GcpVpcEndpointInfo>;
|
|
1598
1561
|
export declare const unmarshalGetAccountIpAccessListResponseSchema: z.ZodType<GetAccountIpAccessListResponse>;
|
|
1599
1562
|
export declare const unmarshalGetIpAccessListResponseSchema: z.ZodType<GetIpAccessListResponse>;
|
|
1563
|
+
export declare const unmarshalIngressNetworkPolicySchema: z.ZodType<IngressNetworkPolicy>;
|
|
1564
|
+
export declare const unmarshalIngressNetworkPolicy_AccountApiDestinationSchema: z.ZodType<IngressNetworkPolicy_AccountApiDestination>;
|
|
1565
|
+
export declare const unmarshalIngressNetworkPolicy_AccountDatabricksOneDestinationSchema: z.ZodType<IngressNetworkPolicy_AccountDatabricksOneDestination>;
|
|
1566
|
+
export declare const unmarshalIngressNetworkPolicy_AccountUiDestinationSchema: z.ZodType<IngressNetworkPolicy_AccountUiDestination>;
|
|
1567
|
+
export declare const unmarshalIngressNetworkPolicy_AppsRuntimeDestinationSchema: z.ZodType<IngressNetworkPolicy_AppsRuntimeDestination>;
|
|
1568
|
+
export declare const unmarshalIngressNetworkPolicy_AuthenticationSchema: z.ZodType<IngressNetworkPolicy_Authentication>;
|
|
1569
|
+
export declare const unmarshalIngressNetworkPolicy_AuthenticationIdentitySchema: z.ZodType<IngressNetworkPolicy_AuthenticationIdentity>;
|
|
1570
|
+
export declare const unmarshalIngressNetworkPolicy_CrossWorkspaceAccessSchema: z.ZodType<IngressNetworkPolicy_CrossWorkspaceAccess>;
|
|
1571
|
+
export declare const unmarshalIngressNetworkPolicy_CrossWorkspaceIngressRuleSchema: z.ZodType<IngressNetworkPolicy_CrossWorkspaceIngressRule>;
|
|
1572
|
+
export declare const unmarshalIngressNetworkPolicy_CrossWorkspaceRequestOriginSchema: z.ZodType<IngressNetworkPolicy_CrossWorkspaceRequestOrigin>;
|
|
1573
|
+
export declare const unmarshalIngressNetworkPolicy_EndpointsSchema: z.ZodType<IngressNetworkPolicy_Endpoints>;
|
|
1574
|
+
export declare const unmarshalIngressNetworkPolicy_IpRangesSchema: z.ZodType<IngressNetworkPolicy_IpRanges>;
|
|
1575
|
+
export declare const unmarshalIngressNetworkPolicy_LakebaseRuntimeDestinationSchema: z.ZodType<IngressNetworkPolicy_LakebaseRuntimeDestination>;
|
|
1576
|
+
export declare const unmarshalIngressNetworkPolicy_PrivateAccessSchema: z.ZodType<IngressNetworkPolicy_PrivateAccess>;
|
|
1577
|
+
export declare const unmarshalIngressNetworkPolicy_PrivateIngressRuleSchema: z.ZodType<IngressNetworkPolicy_PrivateIngressRule>;
|
|
1578
|
+
export declare const unmarshalIngressNetworkPolicy_PrivateRequestOriginSchema: z.ZodType<IngressNetworkPolicy_PrivateRequestOrigin>;
|
|
1579
|
+
export declare const unmarshalIngressNetworkPolicy_PublicAccessSchema: z.ZodType<IngressNetworkPolicy_PublicAccess>;
|
|
1580
|
+
export declare const unmarshalIngressNetworkPolicy_PublicIngressRuleSchema: z.ZodType<IngressNetworkPolicy_PublicIngressRule>;
|
|
1581
|
+
export declare const unmarshalIngressNetworkPolicy_PublicRequestOriginSchema: z.ZodType<IngressNetworkPolicy_PublicRequestOrigin>;
|
|
1582
|
+
export declare const unmarshalIngressNetworkPolicy_RequestDestinationSchema: z.ZodType<IngressNetworkPolicy_RequestDestination>;
|
|
1583
|
+
export declare const unmarshalIngressNetworkPolicy_WorkspaceApiDestinationSchema: z.ZodType<IngressNetworkPolicy_WorkspaceApiDestination>;
|
|
1584
|
+
export declare const unmarshalIngressNetworkPolicy_WorkspaceIdListSchema: z.ZodType<IngressNetworkPolicy_WorkspaceIdList>;
|
|
1585
|
+
export declare const unmarshalIngressNetworkPolicy_WorkspaceUiDestinationSchema: z.ZodType<IngressNetworkPolicy_WorkspaceUiDestination>;
|
|
1600
1586
|
export declare const unmarshalIpAccessListSchema: z.ZodType<IpAccessList>;
|
|
1601
1587
|
export declare const unmarshalListAccountIpAccessListsResponseSchema: z.ZodType<ListAccountIpAccessListsResponse>;
|
|
1602
1588
|
export declare const unmarshalListEndpointsResponseSchema: z.ZodType<ListEndpointsResponse>;
|
|
@@ -1606,55 +1592,33 @@ export declare const unmarshalListNetworkConnectivityConfigsResponseSchema: z.Zo
|
|
|
1606
1592
|
export declare const unmarshalListNetworkPoliciesResponseSchema: z.ZodType<ListNetworkPoliciesResponse>;
|
|
1607
1593
|
export declare const unmarshalNccPrivateEndpointRuleSchema: z.ZodType<NccPrivateEndpointRule>;
|
|
1608
1594
|
export declare const unmarshalNetworkSchema: z.ZodType<Network>;
|
|
1595
|
+
export declare const unmarshalNetworkConnectivityConfigSchema: z.ZodType<NetworkConnectivityConfig>;
|
|
1596
|
+
export declare const unmarshalNetworkConnectivityConfigAwsPrivateEndpointRuleSchema: z.ZodType<NetworkConnectivityConfigAwsPrivateEndpointRule>;
|
|
1597
|
+
export declare const unmarshalNetworkConnectivityConfigAzurePrivateEndpointRuleSchema: z.ZodType<NetworkConnectivityConfigAzurePrivateEndpointRule>;
|
|
1609
1598
|
export declare const unmarshalNetworkConnectivityConfigEgressConfig_DefaultRuleSchema: z.ZodType<NetworkConnectivityConfigEgressConfig_DefaultRule>;
|
|
1610
1599
|
export declare const unmarshalNetworkConnectivityConfigEgressConfig_DefaultRule_AwsStableIpRuleSchema: z.ZodType<NetworkConnectivityConfigEgressConfig_DefaultRule_AwsStableIpRule>;
|
|
1611
1600
|
export declare const unmarshalNetworkConnectivityConfigEgressConfig_DefaultRule_AzureServiceEndpointRuleSchema: z.ZodType<NetworkConnectivityConfigEgressConfig_DefaultRule_AzureServiceEndpointRule>;
|
|
1612
1601
|
export declare const unmarshalNetworkHealthSchema: z.ZodType<NetworkHealth>;
|
|
1613
1602
|
export declare const unmarshalNetworkVpcEndpointsSchema: z.ZodType<NetworkVpcEndpoints>;
|
|
1614
1603
|
export declare const unmarshalNetworkWarningSchema: z.ZodType<NetworkWarning>;
|
|
1604
|
+
export declare const unmarshalPrivateAccessSettingsSchema: z.ZodType<PrivateAccessSettings>;
|
|
1615
1605
|
export declare const unmarshalReplaceAccountIpAccessListResponseSchema: z.ZodType<ReplaceAccountIpAccessListResponse>;
|
|
1616
1606
|
export declare const unmarshalReplaceIpAccessListResponseSchema: z.ZodType<ReplaceIpAccessListResponse>;
|
|
1617
1607
|
export declare const unmarshalUpdateAccountIpAccessListResponseSchema: z.ZodType<UpdateAccountIpAccessListResponse>;
|
|
1618
1608
|
export declare const unmarshalUpdateIpAccessListResponseSchema: z.ZodType<UpdateIpAccessListResponse>;
|
|
1609
|
+
export declare const unmarshalVpcEndpointSchema: z.ZodType<VpcEndpoint>;
|
|
1619
1610
|
export declare const unmarshalWorkspaceNetworkOptionSchema: z.ZodType<WorkspaceNetworkOption>;
|
|
1620
1611
|
export declare const marshalAccountNetworkPolicySchema: z.ZodType;
|
|
1621
1612
|
export declare const marshalAzurePrivateEndpointInfoSchema: z.ZodType;
|
|
1622
1613
|
export declare const marshalCreateAccountIpAccessListRequestSchema: z.ZodType;
|
|
1623
|
-
export declare const
|
|
1614
|
+
export declare const marshalCreateIpAccessListRequestSchema: z.ZodType;
|
|
1624
1615
|
export declare const marshalCreateNetworkConnectivityConfigurationSchema: z.ZodType;
|
|
1625
1616
|
export declare const marshalCreateNetworkRequestSchema: z.ZodType;
|
|
1626
1617
|
export declare const marshalCreatePrivateAccessSettingsRequestSchema: z.ZodType;
|
|
1627
1618
|
export declare const marshalCreatePrivateEndpointRuleSchema: z.ZodType;
|
|
1628
1619
|
export declare const marshalCreateVpcEndpointRequestSchema: z.ZodType;
|
|
1629
|
-
export declare const marshalCustomerFacingGcpVpcEndpointInfoSchema: z.ZodType;
|
|
1630
|
-
export declare const marshalCustomerFacingIngressNetworkPolicySchema: z.ZodType;
|
|
1631
|
-
export declare const marshalCustomerFacingIngressNetworkPolicy_AccountApiDestinationSchema: z.ZodType;
|
|
1632
|
-
export declare const marshalCustomerFacingIngressNetworkPolicy_AccountDatabricksOneDestinationSchema: z.ZodType;
|
|
1633
|
-
export declare const marshalCustomerFacingIngressNetworkPolicy_AccountUiDestinationSchema: z.ZodType;
|
|
1634
|
-
export declare const marshalCustomerFacingIngressNetworkPolicy_AppsRuntimeDestinationSchema: z.ZodType;
|
|
1635
|
-
export declare const marshalCustomerFacingIngressNetworkPolicy_AuthenticationSchema: z.ZodType;
|
|
1636
|
-
export declare const marshalCustomerFacingIngressNetworkPolicy_AuthenticationIdentitySchema: z.ZodType;
|
|
1637
|
-
export declare const marshalCustomerFacingIngressNetworkPolicy_CrossWorkspaceAccessSchema: z.ZodType;
|
|
1638
|
-
export declare const marshalCustomerFacingIngressNetworkPolicy_CrossWorkspaceIngressRuleSchema: z.ZodType;
|
|
1639
|
-
export declare const marshalCustomerFacingIngressNetworkPolicy_CrossWorkspaceRequestOriginSchema: z.ZodType;
|
|
1640
|
-
export declare const marshalCustomerFacingIngressNetworkPolicy_EndpointsSchema: z.ZodType;
|
|
1641
|
-
export declare const marshalCustomerFacingIngressNetworkPolicy_IpRangesSchema: z.ZodType;
|
|
1642
|
-
export declare const marshalCustomerFacingIngressNetworkPolicy_LakebaseRuntimeDestinationSchema: z.ZodType;
|
|
1643
|
-
export declare const marshalCustomerFacingIngressNetworkPolicy_PrivateAccessSchema: z.ZodType;
|
|
1644
|
-
export declare const marshalCustomerFacingIngressNetworkPolicy_PrivateIngressRuleSchema: z.ZodType;
|
|
1645
|
-
export declare const marshalCustomerFacingIngressNetworkPolicy_PrivateRequestOriginSchema: z.ZodType;
|
|
1646
|
-
export declare const marshalCustomerFacingIngressNetworkPolicy_PublicAccessSchema: z.ZodType;
|
|
1647
|
-
export declare const marshalCustomerFacingIngressNetworkPolicy_PublicIngressRuleSchema: z.ZodType;
|
|
1648
|
-
export declare const marshalCustomerFacingIngressNetworkPolicy_PublicRequestOriginSchema: z.ZodType;
|
|
1649
|
-
export declare const marshalCustomerFacingIngressNetworkPolicy_RequestDestinationSchema: z.ZodType;
|
|
1650
|
-
export declare const marshalCustomerFacingIngressNetworkPolicy_WorkspaceApiDestinationSchema: z.ZodType;
|
|
1651
|
-
export declare const marshalCustomerFacingIngressNetworkPolicy_WorkspaceIdListSchema: z.ZodType;
|
|
1652
|
-
export declare const marshalCustomerFacingIngressNetworkPolicy_WorkspaceUiDestinationSchema: z.ZodType;
|
|
1653
|
-
export declare const marshalCustomerFacingNetworkConnectivityConfigAwsPrivateEndpointRuleSchema: z.ZodType;
|
|
1654
|
-
export declare const marshalCustomerFacingNetworkConnectivityConfigAzurePrivateEndpointRuleSchema: z.ZodType;
|
|
1655
1620
|
export declare const marshalCustomerFacingNetworkConnectivityConfigEgressConfigSchema: z.ZodType;
|
|
1656
1621
|
export declare const marshalCustomerFacingNetworkConnectivityConfigEgressConfig_CustomerFacingTargetRuleSchema: z.ZodType;
|
|
1657
|
-
export declare const marshalCustomerFacingPrivateAccessSettingsSchema: z.ZodType;
|
|
1658
1622
|
export declare const marshalEgressNetworkPolicySchema: z.ZodType;
|
|
1659
1623
|
export declare const marshalEgressNetworkPolicy_NetworkAccessPolicySchema: z.ZodType;
|
|
1660
1624
|
export declare const marshalEgressNetworkPolicy_NetworkAccessPolicy_DatabricksDestinationSchema: z.ZodType;
|
|
@@ -1664,14 +1628,41 @@ export declare const marshalEgressNetworkPolicy_NetworkAccessPolicy_StorageDesti
|
|
|
1664
1628
|
export declare const marshalEndpointSchema: z.ZodType;
|
|
1665
1629
|
export declare const marshalGcpEndpointSchema: z.ZodType;
|
|
1666
1630
|
export declare const marshalGcpNetworkInfoSchema: z.ZodType;
|
|
1631
|
+
export declare const marshalGcpVpcEndpointInfoSchema: z.ZodType;
|
|
1632
|
+
export declare const marshalIngressNetworkPolicySchema: z.ZodType;
|
|
1633
|
+
export declare const marshalIngressNetworkPolicy_AccountApiDestinationSchema: z.ZodType;
|
|
1634
|
+
export declare const marshalIngressNetworkPolicy_AccountDatabricksOneDestinationSchema: z.ZodType;
|
|
1635
|
+
export declare const marshalIngressNetworkPolicy_AccountUiDestinationSchema: z.ZodType;
|
|
1636
|
+
export declare const marshalIngressNetworkPolicy_AppsRuntimeDestinationSchema: z.ZodType;
|
|
1637
|
+
export declare const marshalIngressNetworkPolicy_AuthenticationSchema: z.ZodType;
|
|
1638
|
+
export declare const marshalIngressNetworkPolicy_AuthenticationIdentitySchema: z.ZodType;
|
|
1639
|
+
export declare const marshalIngressNetworkPolicy_CrossWorkspaceAccessSchema: z.ZodType;
|
|
1640
|
+
export declare const marshalIngressNetworkPolicy_CrossWorkspaceIngressRuleSchema: z.ZodType;
|
|
1641
|
+
export declare const marshalIngressNetworkPolicy_CrossWorkspaceRequestOriginSchema: z.ZodType;
|
|
1642
|
+
export declare const marshalIngressNetworkPolicy_EndpointsSchema: z.ZodType;
|
|
1643
|
+
export declare const marshalIngressNetworkPolicy_IpRangesSchema: z.ZodType;
|
|
1644
|
+
export declare const marshalIngressNetworkPolicy_LakebaseRuntimeDestinationSchema: z.ZodType;
|
|
1645
|
+
export declare const marshalIngressNetworkPolicy_PrivateAccessSchema: z.ZodType;
|
|
1646
|
+
export declare const marshalIngressNetworkPolicy_PrivateIngressRuleSchema: z.ZodType;
|
|
1647
|
+
export declare const marshalIngressNetworkPolicy_PrivateRequestOriginSchema: z.ZodType;
|
|
1648
|
+
export declare const marshalIngressNetworkPolicy_PublicAccessSchema: z.ZodType;
|
|
1649
|
+
export declare const marshalIngressNetworkPolicy_PublicIngressRuleSchema: z.ZodType;
|
|
1650
|
+
export declare const marshalIngressNetworkPolicy_PublicRequestOriginSchema: z.ZodType;
|
|
1651
|
+
export declare const marshalIngressNetworkPolicy_RequestDestinationSchema: z.ZodType;
|
|
1652
|
+
export declare const marshalIngressNetworkPolicy_WorkspaceApiDestinationSchema: z.ZodType;
|
|
1653
|
+
export declare const marshalIngressNetworkPolicy_WorkspaceIdListSchema: z.ZodType;
|
|
1654
|
+
export declare const marshalIngressNetworkPolicy_WorkspaceUiDestinationSchema: z.ZodType;
|
|
1655
|
+
export declare const marshalNetworkConnectivityConfigAwsPrivateEndpointRuleSchema: z.ZodType;
|
|
1656
|
+
export declare const marshalNetworkConnectivityConfigAzurePrivateEndpointRuleSchema: z.ZodType;
|
|
1667
1657
|
export declare const marshalNetworkConnectivityConfigEgressConfig_DefaultRuleSchema: z.ZodType;
|
|
1668
1658
|
export declare const marshalNetworkConnectivityConfigEgressConfig_DefaultRule_AwsStableIpRuleSchema: z.ZodType;
|
|
1669
1659
|
export declare const marshalNetworkConnectivityConfigEgressConfig_DefaultRule_AzureServiceEndpointRuleSchema: z.ZodType;
|
|
1670
1660
|
export declare const marshalNetworkVpcEndpointsSchema: z.ZodType;
|
|
1661
|
+
export declare const marshalPrivateAccessSettingsSchema: z.ZodType;
|
|
1671
1662
|
export declare const marshalReplaceAccountIpAccessListRequestSchema: z.ZodType;
|
|
1672
|
-
export declare const
|
|
1663
|
+
export declare const marshalReplaceIpAccessListRequestSchema: z.ZodType;
|
|
1673
1664
|
export declare const marshalUpdateAccountIpAccessListRequestSchema: z.ZodType;
|
|
1674
|
-
export declare const
|
|
1665
|
+
export declare const marshalUpdateIpAccessListRequestSchema: z.ZodType;
|
|
1675
1666
|
export declare const marshalUpdatePrivateEndpointRuleSchema: z.ZodType;
|
|
1676
1667
|
export declare const marshalWorkspaceNetworkOptionSchema: z.ZodType;
|
|
1677
1668
|
export declare function updatePrivateEndpointRuleFieldMask(...paths: string[]): FieldMask<UpdatePrivateEndpointRule>;
|