google-api-python-client 2.160.0__py2.py3-none-any.whl → 2.162.0__py2.py3-none-any.whl

googleapiclient/discovery_cache/documents/networksecurity.v1.json

@@ -2740,122 +2740,181 @@
 }
 }
 },
-"operations": {
+"mirroringDeploymentGroups": {
 "methods": {
-"cancel": {
-"description": "Starts asynchronous cancellation on a long-running operation. The server makes a best effort to cancel the operation, but success is not guaranteed. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation or other methods to check whether the cancellation succeeded or whether the operation completed despite cancellation. On successful cancellation, the operation is not deleted; instead, it becomes an operation with an Operation.error value with a google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`.",
-"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel",
+"create": {
+"description": "Creates a new MirroringDeploymentGroup in a given project and location.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/mirroringDeploymentGroups",
 "httpMethod": "POST",
-"id": "networksecurity.projects.locations.operations.cancel",
+"id": "networksecurity.projects.locations.mirroringDeploymentGroups.create",
 "parameterOrder": [
-"name"
+"parent"
 ],
 "parameters": {
-"name": {
-"description": "The name of the operation resource to be cancelled.",
+"mirroringDeploymentGroupId": {
+"description": "Required. Id of the requesting object If auto-generating Id server-side, remove this field and mirroring_deployment_group_id from the method_signature of Create RPC",
+"location": "query",
+"type": "string"
+},
+"parent": {
+"description": "Required. Value for parent.",
 "location": "path",
-"pattern": "^projects/[^/]+/locations/[^/]+/operations/[^/]+$",
+"pattern": "^projects/[^/]+/locations/[^/]+$",
 "required": true,
 "type": "string"
+},
+"requestId": {
+"description": "Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+"location": "query",
+"type": "string"
 }
 },
-"path": "v1/{+name}:cancel",
+"path": "v1/{+parent}/mirroringDeploymentGroups",
 "request": {
-"$ref": "CancelOperationRequest"
+"$ref": "MirroringDeploymentGroup"
 },
 "response": {
-"$ref": "Empty"
+"$ref": "Operation"
 },
 "scopes": [
 "https://www.googleapis.com/auth/cloud-platform"
 ]
 },
 "delete": {
-"description": "Deletes a long-running operation. This method indicates that the client is no longer interested in the operation result. It does not cancel the operation. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`.",
-"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}",
+"description": "Deletes a single MirroringDeploymentGroup.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/mirroringDeploymentGroups/{mirroringDeploymentGroupsId}",
 "httpMethod": "DELETE",
-"id": "networksecurity.projects.locations.operations.delete",
+"id": "networksecurity.projects.locations.mirroringDeploymentGroups.delete",
 "parameterOrder": [
 "name"
 ],
 "parameters": {
 "name": {
-"description": "The name of the operation resource to be deleted.",
+"description": "Required. Name of the resource",
 "location": "path",
-"pattern": "^projects/[^/]+/locations/[^/]+/operations/[^/]+$",
+"pattern": "^projects/[^/]+/locations/[^/]+/mirroringDeploymentGroups/[^/]+$",
 "required": true,
 "type": "string"
+},
+"requestId": {
+"description": "Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+"location": "query",
+"type": "string"
 }
 },
 "path": "v1/{+name}",
 "response": {
-"$ref": "Empty"
+"$ref": "Operation"
 },
 "scopes": [
 "https://www.googleapis.com/auth/cloud-platform"
 ]
 },
 "get": {
-"description": "Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.",
-"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}",
+"description": "Gets details of a single MirroringDeploymentGroup.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/mirroringDeploymentGroups/{mirroringDeploymentGroupsId}",
 "httpMethod": "GET",
-"id": "networksecurity.projects.locations.operations.get",
+"id": "networksecurity.projects.locations.mirroringDeploymentGroups.get",
 "parameterOrder": [
 "name"
 ],
 "parameters": {
 "name": {
-"description": "The name of the operation resource.",
+"description": "Required. Name of the resource",
 "location": "path",
-"pattern": "^projects/[^/]+/locations/[^/]+/operations/[^/]+$",
+"pattern": "^projects/[^/]+/locations/[^/]+/mirroringDeploymentGroups/[^/]+$",
 "required": true,
 "type": "string"
 }
 },
 "path": "v1/{+name}",
 "response": {
-"$ref": "Operation"
+"$ref": "MirroringDeploymentGroup"
 },
 "scopes": [
 "https://www.googleapis.com/auth/cloud-platform"
 ]
 },
 "list": {
-"description": "Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns `UNIMPLEMENTED`.",
-"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/operations",
+"description": "Lists MirroringDeploymentGroups in a given project and location.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/mirroringDeploymentGroups",
 "httpMethod": "GET",
-"id": "networksecurity.projects.locations.operations.list",
+"id": "networksecurity.projects.locations.mirroringDeploymentGroups.list",
 "parameterOrder": [
-"name"
+"parent"
 ],
 "parameters": {
 "filter": {
-"description": "The standard list filter.",
+"description": "Optional. Filtering results",
 "location": "query",
 "type": "string"
 },
-"name": {
-"description": "The name of the operation's parent resource.",
-"location": "path",
-"pattern": "^projects/[^/]+/locations/[^/]+$",
-"required": true,
+"orderBy": {
+"description": "Optional. Hint for how to order the results",
+"location": "query",
 "type": "string"
 },
 "pageSize": {
-"description": "The standard list page size.",
+"description": "Optional. Requested page size. Server may return fewer items than requested. If unspecified, server will pick an appropriate default.",
 "format": "int32",
 "location": "query",
 "type": "integer"
 },
 "pageToken": {
-"description": "The standard list page token.",
+"description": "Optional. A token identifying a page of results the server should return.",
+"location": "query",
+"type": "string"
+},
+"parent": {
+"description": "Required. Parent value for ListMirroringDeploymentGroupsRequest",
+"location": "path",
+"pattern": "^projects/[^/]+/locations/[^/]+$",
+"required": true,
+"type": "string"
+}
+},
+"path": "v1/{+parent}/mirroringDeploymentGroups",
+"response": {
+"$ref": "ListMirroringDeploymentGroupsResponse"
+},
+"scopes": [
+"https://www.googleapis.com/auth/cloud-platform"
+]
+},
+"patch": {
+"description": "Updates a single MirroringDeploymentGroup.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/mirroringDeploymentGroups/{mirroringDeploymentGroupsId}",
+"httpMethod": "PATCH",
+"id": "networksecurity.projects.locations.mirroringDeploymentGroups.patch",
+"parameterOrder": [
+"name"
+],
+"parameters": {
+"name": {
+"description": "Immutable. Identifier. The resource name of this deployment group, for example: `projects/123456789/locations/global/mirroringDeploymentGroups/my-dg`. See https://google.aip.dev/122 for more details.",
+"location": "path",
+"pattern": "^projects/[^/]+/locations/[^/]+/mirroringDeploymentGroups/[^/]+$",
+"required": true,
+"type": "string"
+},
+"requestId": {
+"description": "Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+"location": "query",
+"type": "string"
+},
+"updateMask": {
+"description": "Required. Field mask is used to specify the fields to be overwritten in the MirroringDeploymentGroup resource by the update. The fields specified in the update_mask are relative to the resource, not the full request. A field will be overwritten if it is in the mask. If the user does not provide a mask then all fields will be overwritten.",
+"format": "google-fieldmask",
 "location": "query",
 "type": "string"
 }
 },
-"path": "v1/{+name}/operations",
+"path": "v1/{+name}",
+"request": {
+"$ref": "MirroringDeploymentGroup"
+},
 "response": {
-"$ref": "ListOperationsResponse"
+"$ref": "Operation"
 },
 "scopes": [
 "https://www.googleapis.com/auth/cloud-platform"
@@ -2863,33 +2922,38 @@
 }
 }
 },
-"serverTlsPolicies": {
+"mirroringDeployments": {
 "methods": {
 "create": {
-"description": "Creates a new ServerTlsPolicy in a given project and location.",
-"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/serverTlsPolicies",
+"description": "Creates a deployment in a given project and location. See https://google.aip.dev/133.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/mirroringDeployments",
 "httpMethod": "POST",
-"id": "networksecurity.projects.locations.serverTlsPolicies.create",
+"id": "networksecurity.projects.locations.mirroringDeployments.create",
 "parameterOrder": [
 "parent"
 ],
 "parameters": {
+"mirroringDeploymentId": {
+"description": "Required. Id of the requesting object If auto-generating Id server-side, remove this field and mirroring_deployment_id from the method_signature of Create RPC",
+"location": "query",
+"type": "string"
+},
 "parent": {
-"description": "Required. The parent resource of the ServerTlsPolicy. Must be in the format `projects/*/locations/{location}`.",
+"description": "Required. Value for parent.",
 "location": "path",
 "pattern": "^projects/[^/]+/locations/[^/]+$",
 "required": true,
 "type": "string"
 },
-"serverTlsPolicyId": {
-"description": "Required. Short name of the ServerTlsPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. \"server_mtls_policy\".",
+"requestId": {
+"description": "Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
 "location": "query",
 "type": "string"
 }
 },
-"path": "v1/{+parent}/serverTlsPolicies",
+"path": "v1/{+parent}/mirroringDeployments",
 "request": {
-"$ref": "ServerTlsPolicy"
+"$ref": "MirroringDeployment"
 },
 "response": {
 "$ref": "Operation"
@@ -2899,20 +2963,25 @@
 ]
 },
 "delete": {
-"description": "Deletes a single ServerTlsPolicy.",
-"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/serverTlsPolicies/{serverTlsPoliciesId}",
+"description": "Deletes a deployment. See https://google.aip.dev/135.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/mirroringDeployments/{mirroringDeploymentsId}",
 "httpMethod": "DELETE",
-"id": "networksecurity.projects.locations.serverTlsPolicies.delete",
+"id": "networksecurity.projects.locations.mirroringDeployments.delete",
 "parameterOrder": [
 "name"
 ],
 "parameters": {
 "name": {
-"description": "Required. A name of the ServerTlsPolicy to delete. Must be in the format `projects/*/locations/{location}/serverTlsPolicies/*`.",
+"description": "Required. Name of the resource",
 "location": "path",
-"pattern": "^projects/[^/]+/locations/[^/]+/serverTlsPolicies/[^/]+$",
+"pattern": "^projects/[^/]+/locations/[^/]+/mirroringDeployments/[^/]+$",
 "required": true,
 "type": "string"
+},
+"requestId": {
+"description": "Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+"location": "query",
+"type": "string"
 }
 },
 "path": "v1/{+name}",
@@ -2924,115 +2993,99 @@
 ]
 },
 "get": {
-"description": "Gets details of a single ServerTlsPolicy.",
-"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/serverTlsPolicies/{serverTlsPoliciesId}",
+"description": "Gets a specific deployment. See https://google.aip.dev/131.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/mirroringDeployments/{mirroringDeploymentsId}",
 "httpMethod": "GET",
-"id": "networksecurity.projects.locations.serverTlsPolicies.get",
+"id": "networksecurity.projects.locations.mirroringDeployments.get",
 "parameterOrder": [
 "name"
 ],
 "parameters": {
 "name": {
-"description": "Required. A name of the ServerTlsPolicy to get. Must be in the format `projects/*/locations/{location}/serverTlsPolicies/*`.",
+"description": "Required. Name of the resource",
 "location": "path",
-"pattern": "^projects/[^/]+/locations/[^/]+/serverTlsPolicies/[^/]+$",
+"pattern": "^projects/[^/]+/locations/[^/]+/mirroringDeployments/[^/]+$",
 "required": true,
 "type": "string"
 }
 },
 "path": "v1/{+name}",
 "response": {
-"$ref": "ServerTlsPolicy"
+"$ref": "MirroringDeployment"
 },
 "scopes": [
 "https://www.googleapis.com/auth/cloud-platform"
 ]
 },
-"getIamPolicy": {
-"description": "Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.",
-"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/serverTlsPolicies/{serverTlsPoliciesId}:getIamPolicy",
+"list": {
+"description": "Lists deployments in a given project and location. See https://google.aip.dev/132.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/mirroringDeployments",
 "httpMethod": "GET",
-"id": "networksecurity.projects.locations.serverTlsPolicies.getIamPolicy",
+"id": "networksecurity.projects.locations.mirroringDeployments.list",
 "parameterOrder": [
-"resource"
+"parent"
 ],
 "parameters": {
-"options.requestedPolicyVersion": {
-"description": "Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).",
-"format": "int32",
+"filter": {
+"description": "Optional. Filtering results",
 "location": "query",
-"type": "integer"
-},
-"resource": {
-"description": "REQUIRED: The resource for which the policy is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.",
-"location": "path",
-"pattern": "^projects/[^/]+/locations/[^/]+/serverTlsPolicies/[^/]+$",
-"required": true,
 "type": "string"
-}
-},
-"path": "v1/{+resource}:getIamPolicy",
-"response": {
-"$ref": "GoogleIamV1Policy"
 },
-"scopes": [
-"https://www.googleapis.com/auth/cloud-platform"
-]
+"orderBy": {
+"description": "Optional. Hint for how to order the results",
+"location": "query",
+"type": "string"
 },
-"list": {
-"description": "Lists ServerTlsPolicies in a given project and location.",
-"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/serverTlsPolicies",
-"httpMethod": "GET",
-"id": "networksecurity.projects.locations.serverTlsPolicies.list",
-"parameterOrder": [
-"parent"
-],
-"parameters": {
 "pageSize": {
-"description": "Maximum number of ServerTlsPolicies to return per call.",
+"description": "Optional. Requested page size. Server may return fewer items than requested. If unspecified, server will pick an appropriate default.",
 "format": "int32",
 "location": "query",
 "type": "integer"
 },
 "pageToken": {
-"description": "The value returned by the last `ListServerTlsPoliciesResponse` Indicates that this is a continuation of a prior `ListServerTlsPolicies` call, and that the system should return the next page of data.",
+"description": "Optional. A token identifying a page of results the server should return.",
 "location": "query",
 "type": "string"
 },
 "parent": {
-"description": "Required. The project and location from which the ServerTlsPolicies should be listed, specified in the format `projects/*/locations/{location}`.",
+"description": "Required. Parent value for ListMirroringDeploymentsRequest",
 "location": "path",
 "pattern": "^projects/[^/]+/locations/[^/]+$",
 "required": true,
 "type": "string"
 }
 },
-"path": "v1/{+parent}/serverTlsPolicies",
+"path": "v1/{+parent}/mirroringDeployments",
 "response": {
-"$ref": "ListServerTlsPoliciesResponse"
+"$ref": "ListMirroringDeploymentsResponse"
 },
 "scopes": [
 "https://www.googleapis.com/auth/cloud-platform"
 ]
 },
 "patch": {
-"description": "Updates the parameters of a single ServerTlsPolicy.",
-"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/serverTlsPolicies/{serverTlsPoliciesId}",
+"description": "Updates a deployment. See https://google.aip.dev/134.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/mirroringDeployments/{mirroringDeploymentsId}",
 "httpMethod": "PATCH",
-"id": "networksecurity.projects.locations.serverTlsPolicies.patch",
+"id": "networksecurity.projects.locations.mirroringDeployments.patch",
 "parameterOrder": [
 "name"
 ],
 "parameters": {
 "name": {
-"description": "Required. Name of the ServerTlsPolicy resource. It matches the pattern `projects/*/locations/{location}/serverTlsPolicies/{server_tls_policy}`",
+"description": "Immutable. Identifier. The resource name of this deployment, for example: `projects/123456789/locations/us-central1-a/mirroringDeployments/my-dep`. See https://google.aip.dev/122 for more details.",
 "location": "path",
-"pattern": "^projects/[^/]+/locations/[^/]+/serverTlsPolicies/[^/]+$",
+"pattern": "^projects/[^/]+/locations/[^/]+/mirroringDeployments/[^/]+$",
 "required": true,
 "type": "string"
 },
+"requestId": {
+"description": "Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+"location": "query",
+"type": "string"
+},
 "updateMask": {
-"description": "Optional. Field mask is used to specify the fields to be overwritten in the ServerTlsPolicy resource by the update. The fields specified in the update_mask are relative to the resource, not the full request. A field will be overwritten if it is in the mask. If the user does not provide a mask then all fields will be overwritten.",
+"description": "Required. Field mask is used to specify the fields to be overwritten in the MirroringDeployment resource by the update. The fields specified in the update_mask are relative to the resource, not the full request. A field will be overwritten if it is in the mask. If the user does not provide a mask then all fields will be overwritten.",
 "format": "google-fieldmask",
 "location": "query",
 "type": "string"
@@ -3040,7 +3093,7 @@
 },
 "path": "v1/{+name}",
 "request": {
-"$ref": "ServerTlsPolicy"
+"$ref": "MirroringDeployment"
 },
 "response": {
 "$ref": "Operation"
@@ -3048,209 +3101,173 @@
 "scopes": [
 "https://www.googleapis.com/auth/cloud-platform"
 ]
+}
+}
 },
-"setIamPolicy": {
-"description": "Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.",
-"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/serverTlsPolicies/{serverTlsPoliciesId}:setIamPolicy",
+"mirroringEndpointGroupAssociations": {
+"methods": {
+"create": {
+"description": "Creates an association in a given project and location. See https://google.aip.dev/133.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/mirroringEndpointGroupAssociations",
 "httpMethod": "POST",
-"id": "networksecurity.projects.locations.serverTlsPolicies.setIamPolicy",
+"id": "networksecurity.projects.locations.mirroringEndpointGroupAssociations.create",
 "parameterOrder": [
-"resource"
+"parent"
 ],
 "parameters": {
-"resource": {
-"description": "REQUIRED: The resource for which the policy is being specified. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.",
+"mirroringEndpointGroupAssociationId": {
+"description": "Optional. ID for the new association. If not provided, the server will generate a unique ID. The ID must be a valid RFC 1035 resource name. The ID must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a",
+"location": "query",
+"type": "string"
+},
+"parent": {
+"description": "Required. Container (project and location) where the association will be created, e.g. `projects/123456789/locations/global`.",
 "location": "path",
-"pattern": "^projects/[^/]+/locations/[^/]+/serverTlsPolicies/[^/]+$",
+"pattern": "^projects/[^/]+/locations/[^/]+$",
 "required": true,
 "type": "string"
+},
+"requestId": {
+"description": "Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+"location": "query",
+"type": "string"
 }
 },
-"path": "v1/{+resource}:setIamPolicy",
+"path": "v1/{+parent}/mirroringEndpointGroupAssociations",
 "request": {
-"$ref": "GoogleIamV1SetIamPolicyRequest"
+"$ref": "MirroringEndpointGroupAssociation"
 },
 "response": {
-"$ref": "GoogleIamV1Policy"
+"$ref": "Operation"
 },
 "scopes": [
 "https://www.googleapis.com/auth/cloud-platform"
 ]
 },
-"testIamPermissions": {
-"description": "Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may \"fail open\" without warning.",
-"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/serverTlsPolicies/{serverTlsPoliciesId}:testIamPermissions",
-"httpMethod": "POST",
-"id": "networksecurity.projects.locations.serverTlsPolicies.testIamPermissions",
+"delete": {
+"description": "Deletes a single association. See https://google.aip.dev/135.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/mirroringEndpointGroupAssociations/{mirroringEndpointGroupAssociationsId}",
+"httpMethod": "DELETE",
+"id": "networksecurity.projects.locations.mirroringEndpointGroupAssociations.delete",
 "parameterOrder": [
-"resource"
+"name"
 ],
 "parameters": {
-"resource": {
-"description": "REQUIRED: The resource for which the policy detail is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.",
+"name": {
+"description": "Required. Full resource name of the association to delete, e.g. projects/123456789/locations/global/mirroringEndpointGroupAssociations/my-eg-association.",
 "location": "path",
-"pattern": "^projects/[^/]+/locations/[^/]+/serverTlsPolicies/[^/]+$",
+"pattern": "^projects/[^/]+/locations/[^/]+/mirroringEndpointGroupAssociations/[^/]+$",
 "required": true,
 "type": "string"
-}
 },
-"path": "v1/{+resource}:testIamPermissions",
-"request": {
-"$ref": "GoogleIamV1TestIamPermissionsRequest"
+"requestId": {
+"description": "Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+"location": "query",
+"type": "string"
+}
 },
+"path": "v1/{+name}",
 "response": {
-"$ref": "GoogleIamV1TestIamPermissionsResponse"
+"$ref": "Operation"
 },
 "scopes": [
 "https://www.googleapis.com/auth/cloud-platform"
 ]
-}
-}
 },
-"tlsInspectionPolicies": {
-"methods": {
-"create": {
-"description": "Creates a new TlsInspectionPolicy in a given project and location.",
-"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/tlsInspectionPolicies",
-"httpMethod": "POST",
-"id": "networksecurity.projects.locations.tlsInspectionPolicies.create",
-"parameterOrder": [
-"parent"
-],
-"parameters": {
-"parent": {
-"description": "Required. The parent resource of the TlsInspectionPolicy. Must be in the format `projects/{project}/locations/{location}`.",
-"location": "path",
-"pattern": "^projects/[^/]+/locations/[^/]+$",
-"required": true,
-"type": "string"
-},
-"tlsInspectionPolicyId": {
-"description": "Required. Short name of the TlsInspectionPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. \"tls_inspection_policy1\".",
-"location": "query",
-"type": "string"
-}
-},
-"path": "v1/{+parent}/tlsInspectionPolicies",
-"request": {
-"$ref": "TlsInspectionPolicy"
-},
-"response": {
-"$ref": "Operation"
-},
-"scopes": [
-"https://www.googleapis.com/auth/cloud-platform"
-]
-},
-"delete": {
-"description": "Deletes a single TlsInspectionPolicy.",
-"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/tlsInspectionPolicies/{tlsInspectionPoliciesId}",
-"httpMethod": "DELETE",
-"id": "networksecurity.projects.locations.tlsInspectionPolicies.delete",
+"get": {
+"description": "Gets a specific association. See https://google.aip.dev/131.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/mirroringEndpointGroupAssociations/{mirroringEndpointGroupAssociationsId}",
+"httpMethod": "GET",
+"id": "networksecurity.projects.locations.mirroringEndpointGroupAssociations.get",
 "parameterOrder": [
 "name"
 ],
 "parameters": {
-"force": {
-"description": "If set to true, any rules for this TlsInspectionPolicy will also be deleted. (Otherwise, the request will only work if the TlsInspectionPolicy has no rules.)",
-"location": "query",
-"type": "boolean"
-},
 "name": {
-"description": "Required. A name of the TlsInspectionPolicy to delete. Must be in the format `projects/{project}/locations/{location}/tlsInspectionPolicies/{tls_inspection_policy}`.",
+"description": "Required. Full resource name of the association to get, e.g. projects/123456789/locations/global/mirroringEndpointGroupAssociations/my-eg-association.",
 "location": "path",
-"pattern": "^projects/[^/]+/locations/[^/]+/tlsInspectionPolicies/[^/]+$",
+"pattern": "^projects/[^/]+/locations/[^/]+/mirroringEndpointGroupAssociations/[^/]+$",
 "required": true,
 "type": "string"
 }
 },
 "path": "v1/{+name}",
 "response": {
-"$ref": "Operation"
+"$ref": "MirroringEndpointGroupAssociation"
 },
 "scopes": [
 "https://www.googleapis.com/auth/cloud-platform"
 ]
 },
-"get": {
-"description": "Gets details of a single TlsInspectionPolicy.",
-"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/tlsInspectionPolicies/{tlsInspectionPoliciesId}",
+"list": {
+"description": "Lists associations in a given project and location. See https://google.aip.dev/132.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/mirroringEndpointGroupAssociations",
 "httpMethod": "GET",
-"id": "networksecurity.projects.locations.tlsInspectionPolicies.get",
+"id": "networksecurity.projects.locations.mirroringEndpointGroupAssociations.list",
 "parameterOrder": [
-"name"
+"parent"
 ],
 "parameters": {
-"name": {
-"description": "Required. A name of the TlsInspectionPolicy to get. Must be in the format `projects/{project}/locations/{location}/tlsInspectionPolicies/{tls_inspection_policy}`.",
-"location": "path",
-"pattern": "^projects/[^/]+/locations/[^/]+/tlsInspectionPolicies/[^/]+$",
-"required": true,
+"filter": {
+"description": "Optional. A filter expression that filters the results listed in the response. See https://google.aip.dev/160.",
+"location": "query",
 "type": "string"
-}
 },
-"path": "v1/{+name}",
-"response": {
-"$ref": "TlsInspectionPolicy"
-},
-"scopes": [
-"https://www.googleapis.com/auth/cloud-platform"
-]
+"orderBy": {
+"description": "Optional. Hint for how to order the results",
+"location": "query",
+"type": "string"
 },
-"list": {
-"description": "Lists TlsInspectionPolicies in a given project and location.",
-"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/tlsInspectionPolicies",
-"httpMethod": "GET",
-"id": "networksecurity.projects.locations.tlsInspectionPolicies.list",
-"parameterOrder": [
-"parent"
-],
-"parameters": {
 "pageSize": {
-"description": "Maximum number of TlsInspectionPolicies to return per call.",
+"description": "Optional. Requested page size. Server may return fewer items than requested. If unspecified, server will pick an appropriate default. See https://google.aip.dev/158.",
 "format": "int32",
 "location": "query",
 "type": "integer"
 },
 "pageToken": {
-"description": "The value returned by the last 'ListTlsInspectionPoliciesResponse' Indicates that this is a continuation of a prior 'ListTlsInspectionPolicies' call, and that the system should return the next page of data.",
+"description": "Optional. A token identifying a page of results the server should return. See https://google.aip.dev/158.",
 "location": "query",
 "type": "string"
 },
 "parent": {
-"description": "Required. The project and location from which the TlsInspectionPolicies should be listed, specified in the format `projects/{project}/locations/{location}`.",
+"description": "Required. Parent container (project and location) of the associations to list, e.g. `projects/123456789/locations/global`.",
 "location": "path",
 "pattern": "^projects/[^/]+/locations/[^/]+$",
 "required": true,
 "type": "string"
 }
 },
-"path": "v1/{+parent}/tlsInspectionPolicies",
+"path": "v1/{+parent}/mirroringEndpointGroupAssociations",
 "response": {
-"$ref": "ListTlsInspectionPoliciesResponse"
+"$ref": "ListMirroringEndpointGroupAssociationsResponse"
 },
 "scopes": [
 "https://www.googleapis.com/auth/cloud-platform"
 ]
 },
 "patch": {
-"description": "Updates the parameters of a single TlsInspectionPolicy.",
-"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/tlsInspectionPolicies/{tlsInspectionPoliciesId}",
+"description": "Updates an association. See https://google.aip.dev/134.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/mirroringEndpointGroupAssociations/{mirroringEndpointGroupAssociationsId}",
 "httpMethod": "PATCH",
-"id": "networksecurity.projects.locations.tlsInspectionPolicies.patch",
+"id": "networksecurity.projects.locations.mirroringEndpointGroupAssociations.patch",
 "parameterOrder": [
 "name"
 ],
 "parameters": {
 "name": {
-"description": "Required. Name of the resource. Name is of the form projects/{project}/locations/{location}/tlsInspectionPolicies/{tls_inspection_policy} tls_inspection_policy should match the pattern:(^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$).",
+"description": "Immutable. Identifier. The resource name of this endpoint group association, for example: `projects/123456789/locations/global/mirroringEndpointGroupAssociations/my-eg-association`. See https://google.aip.dev/122 for more details.",
 "location": "path",
-"pattern": "^projects/[^/]+/locations/[^/]+/tlsInspectionPolicies/[^/]+$",
+"pattern": "^projects/[^/]+/locations/[^/]+/mirroringEndpointGroupAssociations/[^/]+$",
 "required": true,
 "type": "string"
 },
+"requestId": {
+"description": "Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+"location": "query",
+"type": "string"
+},
 "updateMask": {
-"description": "Optional. Field mask is used to specify the fields to be overwritten in the TlsInspectionPolicy resource by the update. The fields specified in the update_mask are relative to the resource, not the full request. A field will be overwritten if it is in the mask. If the user does not provide a mask then all fields will be overwritten.",
+"description": "Optional. Field mask is used to specify the fields to be overwritten in the association by the update. See https://google.aip.dev/161.",
 "format": "google-fieldmask",
 "location": "query",
 "type": "string"
@@ -3258,7 +3275,7 @@
 },
 "path": "v1/{+name}",
 "request": {
-"$ref": "TlsInspectionPolicy"
+"$ref": "MirroringEndpointGroupAssociation"
 },
 "response": {
 "$ref": "Operation"
@@ -3269,33 +3286,38 @@
 }
 }
 },
-"urlLists": {
+"mirroringEndpointGroups": {
 "methods": {
 "create": {
-"description": "Creates a new UrlList in a given project and location.",
-"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/urlLists",
+"description": "Creates an endpoint group in a given project and location. See https://google.aip.dev/133.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/mirroringEndpointGroups",
 "httpMethod": "POST",
-"id": "networksecurity.projects.locations.urlLists.create",
+"id": "networksecurity.projects.locations.mirroringEndpointGroups.create",
 "parameterOrder": [
 "parent"
 ],
 "parameters": {
+"mirroringEndpointGroupId": {
+"description": "Required. Id of the requesting object If auto-generating Id server-side, remove this field and mirroring_endpoint_group_id from the method_signature of Create RPC",
+"location": "query",
+"type": "string"
+},
 "parent": {
-"description": "Required. The parent resource of the UrlList. Must be in the format `projects/*/locations/{location}`.",
+"description": "Required. Value for parent.",
 "location": "path",
 "pattern": "^projects/[^/]+/locations/[^/]+$",
 "required": true,
 "type": "string"
 },
-"urlListId": {
-"description": "Required. Short name of the UrlList resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. \"url_list\".",
+"requestId": {
+"description": "Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
 "location": "query",
 "type": "string"
 }
 },
-"path": "v1/{+parent}/urlLists",
+"path": "v1/{+parent}/mirroringEndpointGroups",
 "request": {
-"$ref": "UrlList"
+"$ref": "MirroringEndpointGroup"
 },
 "response": {
 "$ref": "Operation"
@@ -3305,20 +3327,25 @@
 ]
 },
 "delete": {
-"description": "Deletes a single UrlList.",
-"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/urlLists/{urlListsId}",
+"description": "Deletes an endpoint group. See https://google.aip.dev/135.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/mirroringEndpointGroups/{mirroringEndpointGroupsId}",
 "httpMethod": "DELETE",
-"id": "networksecurity.projects.locations.urlLists.delete",
+"id": "networksecurity.projects.locations.mirroringEndpointGroups.delete",
 "parameterOrder": [
 "name"
 ],
 "parameters": {
 "name": {
-"description": "Required. A name of the UrlList to delete. Must be in the format `projects/*/locations/{location}/urlLists/*`.",
+"description": "Required. Name of the resource",
 "location": "path",
-"pattern": "^projects/[^/]+/locations/[^/]+/urlLists/[^/]+$",
+"pattern": "^projects/[^/]+/locations/[^/]+/mirroringEndpointGroups/[^/]+$",
 "required": true,
 "type": "string"
+},
+"requestId": {
+"description": "Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+"location": "query",
+"type": "string"
 }
 },
 "path": "v1/{+name}",
@@ -3330,84 +3357,99 @@
 ]
 },
 "get": {
-"description": "Gets details of a single UrlList.",
-"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/urlLists/{urlListsId}",
+"description": "Gets a specific endpoint group. See https://google.aip.dev/131.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/mirroringEndpointGroups/{mirroringEndpointGroupsId}",
 "httpMethod": "GET",
-"id": "networksecurity.projects.locations.urlLists.get",
+"id": "networksecurity.projects.locations.mirroringEndpointGroups.get",
 "parameterOrder": [
 "name"
 ],
 "parameters": {
 "name": {
-"description": "Required. A name of the UrlList to get. Must be in the format `projects/*/locations/{location}/urlLists/*`.",
+"description": "Required. Name of the resource",
 "location": "path",
-"pattern": "^projects/[^/]+/locations/[^/]+/urlLists/[^/]+$",
+"pattern": "^projects/[^/]+/locations/[^/]+/mirroringEndpointGroups/[^/]+$",
 "required": true,
 "type": "string"
 }
 },
 "path": "v1/{+name}",
 "response": {
-"$ref": "UrlList"
+"$ref": "MirroringEndpointGroup"
 },
 "scopes": [
 "https://www.googleapis.com/auth/cloud-platform"
 ]
 },
 "list": {
-"description": "Lists UrlLists in a given project and location.",
-"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/urlLists",
+"description": "Lists endpoint groups in a given project and location. See https://google.aip.dev/132.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/mirroringEndpointGroups",
 "httpMethod": "GET",
-"id": "networksecurity.projects.locations.urlLists.list",
+"id": "networksecurity.projects.locations.mirroringEndpointGroups.list",
 "parameterOrder": [
 "parent"
 ],
 "parameters": {
+"filter": {
+"description": "Optional. Filtering results",
+"location": "query",
+"type": "string"
+},
+"orderBy": {
+"description": "Optional. Hint for how to order the results",
+"location": "query",
+"type": "string"
+},
 "pageSize": {
-"description": "Maximum number of UrlLists to return per call.",
+"description": "Optional. Requested page size. Server may return fewer items than requested. If unspecified, server will pick an appropriate default.",
 "format": "int32",
 "location": "query",
 "type": "integer"
 },
 "pageToken": {
-"description": "The value returned by the last `ListUrlListsResponse` Indicates that this is a continuation of a prior `ListUrlLists` call, and that the system should return the next page of data.",
+"description": "Optional. A token identifying a page of results the server should return.",
 "location": "query",
 "type": "string"
 },
 "parent": {
-"description": "Required. The project and location from which the UrlLists should be listed, specified in the format `projects/{project}/locations/{location}`.",
+"description": "Required. Parent value for ListMirroringEndpointGroupsRequest",
 "location": "path",
 "pattern": "^projects/[^/]+/locations/[^/]+$",
 "required": true,
 "type": "string"
 }
 },
-"path": "v1/{+parent}/urlLists",
+"path": "v1/{+parent}/mirroringEndpointGroups",
 "response": {
-"$ref": "ListUrlListsResponse"
+"$ref": "ListMirroringEndpointGroupsResponse"
 },
 "scopes": [
 "https://www.googleapis.com/auth/cloud-platform"
 ]
 },
 "patch": {
-"description": "Updates the parameters of a single UrlList.",
-"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/urlLists/{urlListsId}",
+"description": "Updates an endpoint group. See https://google.aip.dev/134.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/mirroringEndpointGroups/{mirroringEndpointGroupsId}",
 "httpMethod": "PATCH",
-"id": "networksecurity.projects.locations.urlLists.patch",
+"id": "networksecurity.projects.locations.mirroringEndpointGroups.patch",
 "parameterOrder": [
 "name"
 ],
 "parameters": {
 "name": {
-"description": "Required. Name of the resource provided by the user. Name is of the form projects/{project}/locations/{location}/urlLists/{url_list} url_list should match the pattern:(^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$).",
+"description": "Immutable. Identifier. The resource name of this endpoint group, for example: `projects/123456789/locations/global/mirroringEndpointGroups/my-eg`. See https://google.aip.dev/122 for more details.",
 "location": "path",
-"pattern": "^projects/[^/]+/locations/[^/]+/urlLists/[^/]+$",
+"pattern": "^projects/[^/]+/locations/[^/]+/mirroringEndpointGroups/[^/]+$",
 "required": true,
 "type": "string"
 },
+"requestId": {
+"description": "Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+"location": "query",
+"type": "string"
+},
 "updateMask": {
-"description": "Optional. Field mask is used to specify the fields to be overwritten in the UrlList resource by the update. The fields specified in the update_mask are relative to the resource, not the full request. A field will be overwritten if it is in the mask. If the user does not provide a mask then all fields will be overwritten.",
+"description": "Required. Field mask is used to specify the fields to be overwritten in the MirroringEndpointGroup resource by the update. The fields specified in the update_mask are relative to the resource, not the full request. A field will be overwritten if it is in the mask. If the user does not provide a mask then all fields will be overwritten.",
 "format": "google-fieldmask",
 "location": "query",
 "type": "string"
@@ -3415,7 +3457,7 @@
 },
 "path": "v1/{+name}",
 "request": {
-"$ref": "UrlList"
+"$ref": "MirroringEndpointGroup"
 },
 "response": {
 "$ref": "Operation"
@@ -3425,55 +3467,741 @@
 ]
 }
 }
-}
-}
-}
-}
-}
 },
-"revision": "20241202",
-"rootUrl": "https://networksecurity.googleapis.com/",
-"schemas": {
-"AddAddressGroupItemsRequest": {
-"description": "Request used by the AddAddressGroupItems method.",
-"id": "AddAddressGroupItemsRequest",
-"properties": {
-"items": {
-"description": "Required. List of items to add.",
-"items": {
+"operations": {
+"methods": {
+"cancel": {
+"description": "Starts asynchronous cancellation on a long-running operation. The server makes a best effort to cancel the operation, but success is not guaranteed. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation or other methods to check whether the cancellation succeeded or whether the operation completed despite cancellation. On successful cancellation, the operation is not deleted; instead, it becomes an operation with an Operation.error value with a google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel",
+"httpMethod": "POST",
+"id": "networksecurity.projects.locations.operations.cancel",
+"parameterOrder": [
+"name"
+],
+"parameters": {
+"name": {
+"description": "The name of the operation resource to be cancelled.",
+"location": "path",
+"pattern": "^projects/[^/]+/locations/[^/]+/operations/[^/]+$",
+"required": true,
 "type": "string"
+}
 },
-"type": "array"
+"path": "v1/{+name}:cancel",
+"request": {
+"$ref": "CancelOperationRequest"
 },
-"requestId": {
-"description": "Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+"response": {
+"$ref": "Empty"
+},
+"scopes": [
+"https://www.googleapis.com/auth/cloud-platform"
+]
+},
+"delete": {
+"description": "Deletes a long-running operation. This method indicates that the client is no longer interested in the operation result. It does not cancel the operation. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}",
+"httpMethod": "DELETE",
+"id": "networksecurity.projects.locations.operations.delete",
+"parameterOrder": [
+"name"
+],
+"parameters": {
+"name": {
+"description": "The name of the operation resource to be deleted.",
+"location": "path",
+"pattern": "^projects/[^/]+/locations/[^/]+/operations/[^/]+$",
+"required": true,
 "type": "string"
 }
 },
-"type": "object"
+"path": "v1/{+name}",
+"response": {
+"$ref": "Empty"
 },
-"AddressGroup": {
-"description": "AddressGroup is a resource that specifies how a collection of IP/DNS used in Firewall Policy.",
-"id": "AddressGroup",
-"properties": {
-"capacity": {
-"description": "Required. Capacity of the Address Group",
-"format": "int32",
-"type": "integer"
+"scopes": [
+"https://www.googleapis.com/auth/cloud-platform"
+]
 },
-"createTime": {
-"description": "Output only. The timestamp when the resource was created.",
-"format": "google-datetime",
-"readOnly": true,
+"get": {
+"description": "Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}",
+"httpMethod": "GET",
+"id": "networksecurity.projects.locations.operations.get",
+"parameterOrder": [
+"name"
+],
+"parameters": {
+"name": {
+"description": "The name of the operation resource.",
+"location": "path",
+"pattern": "^projects/[^/]+/locations/[^/]+/operations/[^/]+$",
+"required": true,
 "type": "string"
+}
 },
-"description": {
-"description": "Optional. Free-text description of the resource.",
-"type": "string"
+"path": "v1/{+name}",
+"response": {
+"$ref": "Operation"
 },
-"items": {
-"description": "Optional. List of items.",
-"items": {
+"scopes": [
+"https://www.googleapis.com/auth/cloud-platform"
+]
+},
+"list": {
+"description": "Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns `UNIMPLEMENTED`.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/operations",
+"httpMethod": "GET",
+"id": "networksecurity.projects.locations.operations.list",
+"parameterOrder": [
+"name"
+],
+"parameters": {
+"filter": {
+"description": "The standard list filter.",
+"location": "query",
+"type": "string"
+},
+"name": {
+"description": "The name of the operation's parent resource.",
+"location": "path",
+"pattern": "^projects/[^/]+/locations/[^/]+$",
+"required": true,
+"type": "string"
+},
+"pageSize": {
+"description": "The standard list page size.",
+"format": "int32",
+"location": "query",
+"type": "integer"
+},
+"pageToken": {
+"description": "The standard list page token.",
+"location": "query",
+"type": "string"
+}
+},
+"path": "v1/{+name}/operations",
+"response": {
+"$ref": "ListOperationsResponse"
+},
+"scopes": [
+"https://www.googleapis.com/auth/cloud-platform"
+]
+}
+}
+},
+"serverTlsPolicies": {
+"methods": {
+"create": {
+"description": "Creates a new ServerTlsPolicy in a given project and location.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/serverTlsPolicies",
+"httpMethod": "POST",
+"id": "networksecurity.projects.locations.serverTlsPolicies.create",
+"parameterOrder": [
+"parent"
+],
+"parameters": {
+"parent": {
+"description": "Required. The parent resource of the ServerTlsPolicy. Must be in the format `projects/*/locations/{location}`.",
+"location": "path",
+"pattern": "^projects/[^/]+/locations/[^/]+$",
+"required": true,
+"type": "string"
+},
+"serverTlsPolicyId": {
+"description": "Required. Short name of the ServerTlsPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. \"server_mtls_policy\".",
+"location": "query",
+"type": "string"
+}
+},
+"path": "v1/{+parent}/serverTlsPolicies",
+"request": {
+"$ref": "ServerTlsPolicy"
+},
+"response": {
+"$ref": "Operation"
+},
+"scopes": [
+"https://www.googleapis.com/auth/cloud-platform"
+]
+},
+"delete": {
+"description": "Deletes a single ServerTlsPolicy.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/serverTlsPolicies/{serverTlsPoliciesId}",
+"httpMethod": "DELETE",
+"id": "networksecurity.projects.locations.serverTlsPolicies.delete",
+"parameterOrder": [
+"name"
+],
+"parameters": {
+"name": {
+"description": "Required. A name of the ServerTlsPolicy to delete. Must be in the format `projects/*/locations/{location}/serverTlsPolicies/*`.",
+"location": "path",
+"pattern": "^projects/[^/]+/locations/[^/]+/serverTlsPolicies/[^/]+$",
+"required": true,
+"type": "string"
+}
+},
+"path": "v1/{+name}",
+"response": {
+"$ref": "Operation"
+},
+"scopes": [
+"https://www.googleapis.com/auth/cloud-platform"
+]
+},
+"get": {
+"description": "Gets details of a single ServerTlsPolicy.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/serverTlsPolicies/{serverTlsPoliciesId}",
+"httpMethod": "GET",
+"id": "networksecurity.projects.locations.serverTlsPolicies.get",
+"parameterOrder": [
+"name"
+],
+"parameters": {
+"name": {
+"description": "Required. A name of the ServerTlsPolicy to get. Must be in the format `projects/*/locations/{location}/serverTlsPolicies/*`.",
+"location": "path",
+"pattern": "^projects/[^/]+/locations/[^/]+/serverTlsPolicies/[^/]+$",
+"required": true,
+"type": "string"
+}
+},
+"path": "v1/{+name}",
+"response": {
+"$ref": "ServerTlsPolicy"
+},
+"scopes": [
+"https://www.googleapis.com/auth/cloud-platform"
+]
+},
+"getIamPolicy": {
+"description": "Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/serverTlsPolicies/{serverTlsPoliciesId}:getIamPolicy",
+"httpMethod": "GET",
+"id": "networksecurity.projects.locations.serverTlsPolicies.getIamPolicy",
+"parameterOrder": [
+"resource"
+],
+"parameters": {
+"options.requestedPolicyVersion": {
+"description": "Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).",
+"format": "int32",
+"location": "query",
+"type": "integer"
+},
+"resource": {
+"description": "REQUIRED: The resource for which the policy is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.",
+"location": "path",
+"pattern": "^projects/[^/]+/locations/[^/]+/serverTlsPolicies/[^/]+$",
+"required": true,
+"type": "string"
+}
+},
+"path": "v1/{+resource}:getIamPolicy",
+"response": {
+"$ref": "GoogleIamV1Policy"
+},
+"scopes": [
+"https://www.googleapis.com/auth/cloud-platform"
+]
+},
+"list": {
+"description": "Lists ServerTlsPolicies in a given project and location.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/serverTlsPolicies",
+"httpMethod": "GET",
+"id": "networksecurity.projects.locations.serverTlsPolicies.list",
+"parameterOrder": [
+"parent"
+],
+"parameters": {
+"pageSize": {
+"description": "Maximum number of ServerTlsPolicies to return per call.",
+"format": "int32",
+"location": "query",
+"type": "integer"
+},
+"pageToken": {
+"description": "The value returned by the last `ListServerTlsPoliciesResponse` Indicates that this is a continuation of a prior `ListServerTlsPolicies` call, and that the system should return the next page of data.",
+"location": "query",
+"type": "string"
+},
+"parent": {
+"description": "Required. The project and location from which the ServerTlsPolicies should be listed, specified in the format `projects/*/locations/{location}`.",
+"location": "path",
+"pattern": "^projects/[^/]+/locations/[^/]+$",
+"required": true,
+"type": "string"
+}
+},
+"path": "v1/{+parent}/serverTlsPolicies",
+"response": {
+"$ref": "ListServerTlsPoliciesResponse"
+},
+"scopes": [
+"https://www.googleapis.com/auth/cloud-platform"
+]
+},
+"patch": {
+"description": "Updates the parameters of a single ServerTlsPolicy.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/serverTlsPolicies/{serverTlsPoliciesId}",
+"httpMethod": "PATCH",
+"id": "networksecurity.projects.locations.serverTlsPolicies.patch",
+"parameterOrder": [
+"name"
+],
+"parameters": {
+"name": {
+"description": "Required. Name of the ServerTlsPolicy resource. It matches the pattern `projects/*/locations/{location}/serverTlsPolicies/{server_tls_policy}`",
+"location": "path",
+"pattern": "^projects/[^/]+/locations/[^/]+/serverTlsPolicies/[^/]+$",
+"required": true,
+"type": "string"
+},
+"updateMask": {
+"description": "Optional. Field mask is used to specify the fields to be overwritten in the ServerTlsPolicy resource by the update. The fields specified in the update_mask are relative to the resource, not the full request. A field will be overwritten if it is in the mask. If the user does not provide a mask then all fields will be overwritten.",
+"format": "google-fieldmask",
+"location": "query",
+"type": "string"
+}
+},
+"path": "v1/{+name}",
+"request": {
+"$ref": "ServerTlsPolicy"
+},
+"response": {
+"$ref": "Operation"
+},
+"scopes": [
+"https://www.googleapis.com/auth/cloud-platform"
+]
+},
+"setIamPolicy": {
+"description": "Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/serverTlsPolicies/{serverTlsPoliciesId}:setIamPolicy",
+"httpMethod": "POST",
+"id": "networksecurity.projects.locations.serverTlsPolicies.setIamPolicy",
+"parameterOrder": [
+"resource"
+],
+"parameters": {
+"resource": {
+"description": "REQUIRED: The resource for which the policy is being specified. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.",
+"location": "path",
+"pattern": "^projects/[^/]+/locations/[^/]+/serverTlsPolicies/[^/]+$",
+"required": true,
+"type": "string"
+}
+},
+"path": "v1/{+resource}:setIamPolicy",
+"request": {
+"$ref": "GoogleIamV1SetIamPolicyRequest"
+},
+"response": {
+"$ref": "GoogleIamV1Policy"
+},
+"scopes": [
+"https://www.googleapis.com/auth/cloud-platform"
+]
+},
+"testIamPermissions": {
+"description": "Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may \"fail open\" without warning.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/serverTlsPolicies/{serverTlsPoliciesId}:testIamPermissions",
+"httpMethod": "POST",
+"id": "networksecurity.projects.locations.serverTlsPolicies.testIamPermissions",
+"parameterOrder": [
+"resource"
+],
+"parameters": {
+"resource": {
+"description": "REQUIRED: The resource for which the policy detail is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.",
+"location": "path",
+"pattern": "^projects/[^/]+/locations/[^/]+/serverTlsPolicies/[^/]+$",
+"required": true,
+"type": "string"
+}
+},
+"path": "v1/{+resource}:testIamPermissions",
+"request": {
+"$ref": "GoogleIamV1TestIamPermissionsRequest"
+},
+"response": {
+"$ref": "GoogleIamV1TestIamPermissionsResponse"
+},
+"scopes": [
+"https://www.googleapis.com/auth/cloud-platform"
+]
+}
+}
+},
+"tlsInspectionPolicies": {
+"methods": {
+"create": {
+"description": "Creates a new TlsInspectionPolicy in a given project and location.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/tlsInspectionPolicies",
+"httpMethod": "POST",
+"id": "networksecurity.projects.locations.tlsInspectionPolicies.create",
+"parameterOrder": [
+"parent"
+],
+"parameters": {
+"parent": {
+"description": "Required. The parent resource of the TlsInspectionPolicy. Must be in the format `projects/{project}/locations/{location}`.",
+"location": "path",
+"pattern": "^projects/[^/]+/locations/[^/]+$",
+"required": true,
+"type": "string"
+},
+"tlsInspectionPolicyId": {
+"description": "Required. Short name of the TlsInspectionPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. \"tls_inspection_policy1\".",
+"location": "query",
+"type": "string"
+}
+},
+"path": "v1/{+parent}/tlsInspectionPolicies",
+"request": {
+"$ref": "TlsInspectionPolicy"
+},
+"response": {
+"$ref": "Operation"
+},
+"scopes": [
+"https://www.googleapis.com/auth/cloud-platform"
+]
+},
+"delete": {
+"description": "Deletes a single TlsInspectionPolicy.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/tlsInspectionPolicies/{tlsInspectionPoliciesId}",
+"httpMethod": "DELETE",
+"id": "networksecurity.projects.locations.tlsInspectionPolicies.delete",
+"parameterOrder": [
+"name"
+],
+"parameters": {
+"force": {
+"description": "If set to true, any rules for this TlsInspectionPolicy will also be deleted. (Otherwise, the request will only work if the TlsInspectionPolicy has no rules.)",
+"location": "query",
+"type": "boolean"
+},
+"name": {
+"description": "Required. A name of the TlsInspectionPolicy to delete. Must be in the format `projects/{project}/locations/{location}/tlsInspectionPolicies/{tls_inspection_policy}`.",
+"location": "path",
+"pattern": "^projects/[^/]+/locations/[^/]+/tlsInspectionPolicies/[^/]+$",
+"required": true,
+"type": "string"
+}
+},
+"path": "v1/{+name}",
+"response": {
+"$ref": "Operation"
+},
+"scopes": [
+"https://www.googleapis.com/auth/cloud-platform"
+]
+},
+"get": {
+"description": "Gets details of a single TlsInspectionPolicy.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/tlsInspectionPolicies/{tlsInspectionPoliciesId}",
+"httpMethod": "GET",
+"id": "networksecurity.projects.locations.tlsInspectionPolicies.get",
+"parameterOrder": [
+"name"
+],
+"parameters": {
+"name": {
+"description": "Required. A name of the TlsInspectionPolicy to get. Must be in the format `projects/{project}/locations/{location}/tlsInspectionPolicies/{tls_inspection_policy}`.",
+"location": "path",
+"pattern": "^projects/[^/]+/locations/[^/]+/tlsInspectionPolicies/[^/]+$",
+"required": true,
+"type": "string"
+}
+},
+"path": "v1/{+name}",
+"response": {
+"$ref": "TlsInspectionPolicy"
+},
+"scopes": [
+"https://www.googleapis.com/auth/cloud-platform"
+]
+},
+"list": {
+"description": "Lists TlsInspectionPolicies in a given project and location.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/tlsInspectionPolicies",
+"httpMethod": "GET",
+"id": "networksecurity.projects.locations.tlsInspectionPolicies.list",
+"parameterOrder": [
+"parent"
+],
+"parameters": {
+"pageSize": {
+"description": "Maximum number of TlsInspectionPolicies to return per call.",
+"format": "int32",
+"location": "query",
+"type": "integer"
+},
+"pageToken": {
+"description": "The value returned by the last 'ListTlsInspectionPoliciesResponse' Indicates that this is a continuation of a prior 'ListTlsInspectionPolicies' call, and that the system should return the next page of data.",
+"location": "query",
+"type": "string"
+},
+"parent": {
+"description": "Required. The project and location from which the TlsInspectionPolicies should be listed, specified in the format `projects/{project}/locations/{location}`.",
+"location": "path",
+"pattern": "^projects/[^/]+/locations/[^/]+$",
+"required": true,
+"type": "string"
+}
+},
+"path": "v1/{+parent}/tlsInspectionPolicies",
+"response": {
+"$ref": "ListTlsInspectionPoliciesResponse"
+},
+"scopes": [
+"https://www.googleapis.com/auth/cloud-platform"
+]
+},
+"patch": {
+"description": "Updates the parameters of a single TlsInspectionPolicy.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/tlsInspectionPolicies/{tlsInspectionPoliciesId}",
+"httpMethod": "PATCH",
+"id": "networksecurity.projects.locations.tlsInspectionPolicies.patch",
+"parameterOrder": [
+"name"
+],
+"parameters": {
+"name": {
+"description": "Required. Name of the resource. Name is of the form projects/{project}/locations/{location}/tlsInspectionPolicies/{tls_inspection_policy} tls_inspection_policy should match the pattern:(^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$).",
+"location": "path",
+"pattern": "^projects/[^/]+/locations/[^/]+/tlsInspectionPolicies/[^/]+$",
+"required": true,
+"type": "string"
+},
+"updateMask": {
+"description": "Optional. Field mask is used to specify the fields to be overwritten in the TlsInspectionPolicy resource by the update. The fields specified in the update_mask are relative to the resource, not the full request. A field will be overwritten if it is in the mask. If the user does not provide a mask then all fields will be overwritten.",
+"format": "google-fieldmask",
+"location": "query",
+"type": "string"
+}
+},
+"path": "v1/{+name}",
+"request": {
+"$ref": "TlsInspectionPolicy"
+},
+"response": {
+"$ref": "Operation"
+},
+"scopes": [
+"https://www.googleapis.com/auth/cloud-platform"
+]
+}
+}
+},
+"urlLists": {
+"methods": {
+"create": {
+"description": "Creates a new UrlList in a given project and location.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/urlLists",
+"httpMethod": "POST",
+"id": "networksecurity.projects.locations.urlLists.create",
+"parameterOrder": [
+"parent"
+],
+"parameters": {
+"parent": {
+"description": "Required. The parent resource of the UrlList. Must be in the format `projects/*/locations/{location}`.",
+"location": "path",
+"pattern": "^projects/[^/]+/locations/[^/]+$",
+"required": true,
+"type": "string"
+},
+"urlListId": {
+"description": "Required. Short name of the UrlList resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. \"url_list\".",
+"location": "query",
+"type": "string"
+}
+},
+"path": "v1/{+parent}/urlLists",
+"request": {
+"$ref": "UrlList"
+},
+"response": {
+"$ref": "Operation"
+},
+"scopes": [
+"https://www.googleapis.com/auth/cloud-platform"
+]
+},
+"delete": {
+"description": "Deletes a single UrlList.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/urlLists/{urlListsId}",
+"httpMethod": "DELETE",
+"id": "networksecurity.projects.locations.urlLists.delete",
+"parameterOrder": [
+"name"
+],
+"parameters": {
+"name": {
+"description": "Required. A name of the UrlList to delete. Must be in the format `projects/*/locations/{location}/urlLists/*`.",
+"location": "path",
+"pattern": "^projects/[^/]+/locations/[^/]+/urlLists/[^/]+$",
+"required": true,
+"type": "string"
+}
+},
+"path": "v1/{+name}",
+"response": {
+"$ref": "Operation"
+},
+"scopes": [
+"https://www.googleapis.com/auth/cloud-platform"
+]
+},
+"get": {
+"description": "Gets details of a single UrlList.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/urlLists/{urlListsId}",
+"httpMethod": "GET",
+"id": "networksecurity.projects.locations.urlLists.get",
+"parameterOrder": [
+"name"
+],
+"parameters": {
+"name": {
+"description": "Required. A name of the UrlList to get. Must be in the format `projects/*/locations/{location}/urlLists/*`.",
+"location": "path",
+"pattern": "^projects/[^/]+/locations/[^/]+/urlLists/[^/]+$",
+"required": true,
+"type": "string"
+}
+},
+"path": "v1/{+name}",
+"response": {
+"$ref": "UrlList"
+},
+"scopes": [
+"https://www.googleapis.com/auth/cloud-platform"
+]
+},
+"list": {
+"description": "Lists UrlLists in a given project and location.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/urlLists",
+"httpMethod": "GET",
+"id": "networksecurity.projects.locations.urlLists.list",
+"parameterOrder": [
+"parent"
+],
+"parameters": {
+"pageSize": {
+"description": "Maximum number of UrlLists to return per call.",
+"format": "int32",
+"location": "query",
+"type": "integer"
+},
+"pageToken": {
+"description": "The value returned by the last `ListUrlListsResponse` Indicates that this is a continuation of a prior `ListUrlLists` call, and that the system should return the next page of data.",
+"location": "query",
+"type": "string"
+},
+"parent": {
+"description": "Required. The project and location from which the UrlLists should be listed, specified in the format `projects/{project}/locations/{location}`.",
+"location": "path",
+"pattern": "^projects/[^/]+/locations/[^/]+$",
+"required": true,
+"type": "string"
+}
+},
+"path": "v1/{+parent}/urlLists",
+"response": {
+"$ref": "ListUrlListsResponse"
+},
+"scopes": [
+"https://www.googleapis.com/auth/cloud-platform"
+]
+},
+"patch": {
+"description": "Updates the parameters of a single UrlList.",
+"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/urlLists/{urlListsId}",
+"httpMethod": "PATCH",
+"id": "networksecurity.projects.locations.urlLists.patch",
+"parameterOrder": [
+"name"
+],
+"parameters": {
+"name": {
+"description": "Required. Name of the resource provided by the user. Name is of the form projects/{project}/locations/{location}/urlLists/{url_list} url_list should match the pattern:(^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$).",
+"location": "path",
+"pattern": "^projects/[^/]+/locations/[^/]+/urlLists/[^/]+$",
+"required": true,
+"type": "string"
+},
+"updateMask": {
+"description": "Optional. Field mask is used to specify the fields to be overwritten in the UrlList resource by the update. The fields specified in the update_mask are relative to the resource, not the full request. A field will be overwritten if it is in the mask. If the user does not provide a mask then all fields will be overwritten.",
+"format": "google-fieldmask",
+"location": "query",
+"type": "string"
+}
+},
+"path": "v1/{+name}",
+"request": {
+"$ref": "UrlList"
+},
+"response": {
+"$ref": "Operation"
+},
+"scopes": [
+"https://www.googleapis.com/auth/cloud-platform"
+]
+}
+}
+}
+}
+}
+}
+}
+},
+"revision": "20250211",
+"rootUrl": "https://networksecurity.googleapis.com/",
+"schemas": {
+"AddAddressGroupItemsRequest": {
+"description": "Request used by the AddAddressGroupItems method.",
+"id": "AddAddressGroupItemsRequest",
+"properties": {
+"items": {
+"description": "Required. List of items to add.",
+"items": {
+"type": "string"
+},
+"type": "array"
+},
+"requestId": {
+"description": "Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+"type": "string"
+}
+},
+"type": "object"
+},
+"AddressGroup": {
+"description": "AddressGroup is a resource that specifies how a collection of IP/DNS used in Firewall Policy.",
+"id": "AddressGroup",
+"properties": {
+"capacity": {
+"description": "Required. Capacity of the Address Group",
+"format": "int32",
+"type": "integer"
+},
+"createTime": {
+"description": "Output only. The timestamp when the resource was created.",
+"format": "google-datetime",
+"readOnly": true,
+"type": "string"
+},
+"description": {
+"description": "Optional. Free-text description of the resource.",
+"type": "string"
+},
+"items": {
+"description": "Optional. List of items.",
+"items": {
 "type": "string"
 },
 "type": "array"
@@ -3534,6 +4262,55 @@
 },
 "type": "object"
 },
+"AntivirusOverride": {
+"description": "Defines what action to take for antivirus threats per protocol.",
+"id": "AntivirusOverride",
+"properties": {
+"action": {
+"description": "Required. Threat action override. For some threat types, only a subset of actions applies.",
+"enum": [
+"THREAT_ACTION_UNSPECIFIED",
+"DEFAULT_ACTION",
+"ALLOW",
+"ALERT",
+"DENY"
+],
+"enumDescriptions": [
+"Threat action not specified.",
+"The default action (as specified by the vendor) is taken.",
+"The packet matching this rule will be allowed to transmit.",
+"The packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.",
+"The packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project."
+],
+"type": "string"
+},
+"protocol": {
+"description": "Required. Protocol to match.",
+"enum": [
+"PROTOCOL_UNSPECIFIED",
+"SMTP",
+"SMB",
+"POP3",
+"IMAP",
+"HTTP2",
+"HTTP",
+"FTP"
+],
+"enumDescriptions": [
+"Protocol not specified.",
+"SMTP prtocol",
+"SMB protocol",
+"POP3 protocol",
+"IMAP protocol",
+"HTTP2 protocol",
+"HTTP protocol",
+"FTP protocol"
+],
+"type": "string"
+}
+},
+"type": "object"
+},
 "AuthorizationPolicy": {
 "description": "AuthorizationPolicy is a resource that specifies how a server should authorize incoming connections. This resource in itself does not change the configuration unless it's attached to a target https proxy or endpoint config selector resource.",
 "id": "AuthorizationPolicy",
@@ -4001,22 +4778,22 @@
 "type": "object"
 },
 "CustomInterceptProfile": {
-"description": "CustomInterceptProfile defines the Packet Intercept Endpoint Group used to intercept traffic to a third-party firewall in a Firewall rule.",
+"description": "CustomInterceptProfile defines in-band integration behavior (intercept). It is used by firewall rules with an APPLY_SECURITY_PROFILE_GROUP action.",
 "id": "CustomInterceptProfile",
 "properties": {
 "interceptEndpointGroup": {
-"description": "Required. The InterceptEndpointGroup to which traffic associated with the SP should be mirrored.",
+"description": "Required. The target InterceptEndpointGroup. When a firewall rule with this security profile attached matches a packet, the packet will be intercepted to the location-local target in this group.",
 "type": "string"
 }
 },
 "type": "object"
 },
 "CustomMirroringProfile": {
-"description": "CustomMirroringProfile defines an action for mirroring traffic to a collector's EndpointGroup",
+"description": "CustomMirroringProfile defines out-of-band integration behavior (mirroring). It is used by mirroring rules with a MIRROR action.",
 "id": "CustomMirroringProfile",
 "properties": {
 "mirroringEndpointGroup": {
-"description": "Required. The MirroringEndpointGroup to which traffic associated with the SP should be mirrored.",
+"description": "Required. The target MirroringEndpointGroup. When a mirroring rule with this security profile attached matches a packet, a replica will be mirrored to the location-local target in this group.",
 "type": "string"
 }
 },
@@ -4135,6 +4912,16 @@
 "readOnly": true,
 "type": "boolean"
 },
+"satisfiesPzi": {
+"description": "Output only. [Output Only] Reserved for future use.",
+"readOnly": true,
+"type": "boolean"
+},
+"satisfiesPzs": {
+"description": "Output only. [Output Only] Reserved for future use.",
+"readOnly": true,
+"type": "boolean"
+},
 "state": {
 "description": "Output only. Current state of the endpoint.",
 "enum": [
@@ -4562,62 +5349,241 @@
 "format": "int32",
 "type": "integer"
 },
-"securityPolicy": {
-"description": "Cloud Armor SecurityPolicy that is using the Address Group.",
+"securityPolicy": {
+"description": "Cloud Armor SecurityPolicy that is using the Address Group.",
+"type": "string"
+}
+},
+"type": "object"
+},
+"ListAddressGroupsResponse": {
+"description": "Response returned by the ListAddressGroups method.",
+"id": "ListAddressGroupsResponse",
+"properties": {
+"addressGroups": {
+"description": "List of AddressGroups resources.",
+"items": {
+"$ref": "AddressGroup"
+},
+"type": "array"
+},
+"nextPageToken": {
+"description": "If there might be more results than those appearing in this response, then `next_page_token` is included. To get the next set of results, call this method again using the value of `next_page_token` as `page_token`.",
+"type": "string"
+}
+},
+"type": "object"
+},
+"ListAuthorizationPoliciesResponse": {
+"description": "Response returned by the ListAuthorizationPolicies method.",
+"id": "ListAuthorizationPoliciesResponse",
+"properties": {
+"authorizationPolicies": {
+"description": "List of AuthorizationPolicies resources.",
+"items": {
+"$ref": "AuthorizationPolicy"
+},
+"type": "array"
+},
+"nextPageToken": {
+"description": "If there might be more results than those appearing in this response, then `next_page_token` is included. To get the next set of results, call this method again using the value of `next_page_token` as `page_token`.",
+"type": "string"
+}
+},
+"type": "object"
+},
+"ListAuthzPoliciesResponse": {
+"description": "Message for response to listing `AuthzPolicy` resources.",
+"id": "ListAuthzPoliciesResponse",
+"properties": {
+"authzPolicies": {
+"description": "The list of `AuthzPolicy` resources.",
+"items": {
+"$ref": "AuthzPolicy"
+},
+"type": "array"
+},
+"nextPageToken": {
+"description": "A token identifying a page of results that the server returns.",
+"type": "string"
+},
+"unreachable": {
+"description": "Locations that could not be reached.",
+"items": {
+"type": "string"
+},
+"type": "array"
+}
+},
+"type": "object"
+},
+"ListClientTlsPoliciesResponse": {
+"description": "Response returned by the ListClientTlsPolicies method.",
+"id": "ListClientTlsPoliciesResponse",
+"properties": {
+"clientTlsPolicies": {
+"description": "List of ClientTlsPolicy resources.",
+"items": {
+"$ref": "ClientTlsPolicy"
+},
+"type": "array"
+},
+"nextPageToken": {
+"description": "If there might be more results than those appearing in this response, then `next_page_token` is included. To get the next set of results, call this method again using the value of `next_page_token` as `page_token`.",
+"type": "string"
+}
+},
+"type": "object"
+},
+"ListFirewallEndpointAssociationsResponse": {
+"description": "Message for response to listing Associations",
+"id": "ListFirewallEndpointAssociationsResponse",
+"properties": {
+"firewallEndpointAssociations": {
+"description": "The list of Association",
+"items": {
+"$ref": "FirewallEndpointAssociation"
+},
+"type": "array"
+},
+"nextPageToken": {
+"description": "A token identifying a page of results the server should return.",
+"type": "string"
+},
+"unreachable": {
+"description": "Locations that could not be reached.",
+"items": {
+"type": "string"
+},
+"type": "array"
+}
+},
+"type": "object"
+},
+"ListFirewallEndpointsResponse": {
+"description": "Message for response to listing Endpoints",
+"id": "ListFirewallEndpointsResponse",
+"properties": {
+"firewallEndpoints": {
+"description": "The list of Endpoint",
+"items": {
+"$ref": "FirewallEndpoint"
+},
+"type": "array"
+},
+"nextPageToken": {
+"description": "A token identifying a page of results the server should return.",
+"type": "string"
+},
+"unreachable": {
+"description": "Locations that could not be reached.",
+"items": {
+"type": "string"
+},
+"type": "array"
+}
+},
+"type": "object"
+},
+"ListGatewaySecurityPoliciesResponse": {
+"description": "Response returned by the ListGatewaySecurityPolicies method.",
+"id": "ListGatewaySecurityPoliciesResponse",
+"properties": {
+"gatewaySecurityPolicies": {
+"description": "List of GatewaySecurityPolicies resources.",
+"items": {
+"$ref": "GatewaySecurityPolicy"
+},
+"type": "array"
+},
+"nextPageToken": {
+"description": "If there might be more results than those appearing in this response, then 'next_page_token' is included. To get the next set of results, call this method again using the value of 'next_page_token' as 'page_token'.",
+"type": "string"
+},
+"unreachable": {
+"description": "Locations that could not be reached.",
+"items": {
+"type": "string"
+},
+"type": "array"
+}
+},
+"type": "object"
+},
+"ListGatewaySecurityPolicyRulesResponse": {
+"description": "Response returned by the ListGatewaySecurityPolicyRules method.",
+"id": "ListGatewaySecurityPolicyRulesResponse",
+"properties": {
+"gatewaySecurityPolicyRules": {
+"description": "List of GatewaySecurityPolicyRule resources.",
+"items": {
+"$ref": "GatewaySecurityPolicyRule"
+},
+"type": "array"
+},
+"nextPageToken": {
+"description": "If there might be more results than those appearing in this response, then 'next_page_token' is included. To get the next set of results, call this method again using the value of 'next_page_token' as 'page_token'.",
+"type": "string"
+},
+"unreachable": {
+"description": "Locations that could not be reached.",
+"items": {
 "type": "string"
+},
+"type": "array"
 }
 },
 "type": "object"
 },
-"ListAddressGroupsResponse": {
-"description": "Response returned by the ListAddressGroups method.",
-"id": "ListAddressGroupsResponse",
+"ListLocationsResponse": {
+"description": "The response message for Locations.ListLocations.",
+"id": "ListLocationsResponse",
 "properties": {
-"addressGroups": {
-"description": "List of AddressGroups resources.",
+"locations": {
+"description": "A list of locations that matches the specified filter in the request.",
 "items": {
-"$ref": "AddressGroup"
+"$ref": "Location"
 },
 "type": "array"
 },
 "nextPageToken": {
-"description": "If there might be more results than those appearing in this response, then `next_page_token` is included. To get the next set of results, call this method again using the value of `next_page_token` as `page_token`.",
+"description": "The standard List next-page token.",
 "type": "string"
 }
 },
 "type": "object"
 },
-"ListAuthorizationPoliciesResponse": {
-"description": "Response returned by the ListAuthorizationPolicies method.",
-"id": "ListAuthorizationPoliciesResponse",
+"ListMirroringDeploymentGroupsResponse": {
+"description": "Message for response to listing MirroringDeploymentGroups",
+"id": "ListMirroringDeploymentGroupsResponse",
 "properties": {
-"authorizationPolicies": {
-"description": "List of AuthorizationPolicies resources.",
+"mirroringDeploymentGroups": {
+"description": "The list of MirroringDeploymentGroup",
 "items": {
-"$ref": "AuthorizationPolicy"
+"$ref": "MirroringDeploymentGroup"
 },
 "type": "array"
 },
 "nextPageToken": {
-"description": "If there might be more results than those appearing in this response, then `next_page_token` is included. To get the next set of results, call this method again using the value of `next_page_token` as `page_token`.",
+"description": "A token identifying a page of results the server should return.",
 "type": "string"
 }
 },
 "type": "object"
 },
-"ListAuthzPoliciesResponse": {
-"description": "Message for response to listing `AuthzPolicy` resources.",
-"id": "ListAuthzPoliciesResponse",
+"ListMirroringDeploymentsResponse": {
+"description": "Message for response to listing MirroringDeployments",
+"id": "ListMirroringDeploymentsResponse",
 "properties": {
-"authzPolicies": {
-"description": "The list of `AuthzPolicy` resources.",
+"mirroringDeployments": {
+"description": "The list of MirroringDeployment",
 "items": {
-"$ref": "AuthzPolicy"
+"$ref": "MirroringDeployment"
 },
 "type": "array"
 },
 "nextPageToken": {
-"description": "A token identifying a page of results that the server returns.",
+"description": "A token identifying a page of results the server should return.",
 "type": "string"
 },
 "unreachable": {
@@ -4630,89 +5596,129 @@
 },
 "type": "object"
 },
-"ListClientTlsPoliciesResponse": {
-"description": "Response returned by the ListClientTlsPolicies method.",
-"id": "ListClientTlsPoliciesResponse",
+"ListMirroringEndpointGroupAssociationsResponse": {
+"description": "Response message for listing associations.",
+"id": "ListMirroringEndpointGroupAssociationsResponse",
 "properties": {
-"clientTlsPolicies": {
-"description": "List of ClientTlsPolicy resources.",
+"mirroringEndpointGroupAssociations": {
+"description": "The list of associations returned.",
 "items": {
-"$ref": "ClientTlsPolicy"
+"$ref": "MirroringEndpointGroupAssociation"
 },
 "type": "array"
 },
 "nextPageToken": {
-"description": "If there might be more results than those appearing in this response, then `next_page_token` is included. To get the next set of results, call this method again using the value of `next_page_token` as `page_token`.",
+"description": "A token identifying a page of results the server should return. See https://google.aip.dev/158.",
 "type": "string"
 }
 },
 "type": "object"
 },
-"ListFirewallEndpointAssociationsResponse": {
-"description": "Message for response to listing Associations",
-"id": "ListFirewallEndpointAssociationsResponse",
+"ListMirroringEndpointGroupsResponse": {
+"description": "Message for response to listing MirroringEndpointGroups",
+"id": "ListMirroringEndpointGroupsResponse",
 "properties": {
-"firewallEndpointAssociations": {
-"description": "The list of Association",
+"mirroringEndpointGroups": {
+"description": "The list of MirroringEndpointGroup",
 "items": {
-"$ref": "FirewallEndpointAssociation"
+"$ref": "MirroringEndpointGroup"
 },
 "type": "array"
 },
 "nextPageToken": {
 "description": "A token identifying a page of results the server should return.",
 "type": "string"
+}
 },
-"unreachable": {
-"description": "Locations that could not be reached.",
-"items": {
+"type": "object"
+},
+"ListOperationsResponse": {
+"description": "The response message for Operations.ListOperations.",
+"id": "ListOperationsResponse",
+"properties": {
+"nextPageToken": {
+"description": "The standard List next-page token.",
 "type": "string"
 },
+"operations": {
+"description": "A list of operations that matches the specified filter in the request.",
+"items": {
+"$ref": "Operation"
+},
 "type": "array"
 }
 },
 "type": "object"
 },
-"ListFirewallEndpointsResponse": {
-"description": "Message for response to listing Endpoints",
-"id": "ListFirewallEndpointsResponse",
+"ListSecurityProfileGroupsResponse": {
+"description": "Response returned by the ListSecurityProfileGroups method.",
+"id": "ListSecurityProfileGroupsResponse",
 "properties": {
-"firewallEndpoints": {
-"description": "The list of Endpoint",
+"nextPageToken": {
+"description": "If there might be more results than those appearing in this response, then `next_page_token` is included. To get the next set of results, call this method again using the value of `next_page_token` as `page_token`.",
+"type": "string"
+},
+"securityProfileGroups": {
+"description": "List of SecurityProfileGroups resources.",
 "items": {
-"$ref": "FirewallEndpoint"
+"$ref": "SecurityProfileGroup"
 },
 "type": "array"
+}
+},
+"type": "object"
 },
+"ListSecurityProfilesResponse": {
+"description": "Response returned by the ListSecurityProfiles method.",
+"id": "ListSecurityProfilesResponse",
+"properties": {
 "nextPageToken": {
-"description": "A token identifying a page of results the server should return.",
+"description": "If there might be more results than those appearing in this response, then `next_page_token` is included. To get the next set of results, call this method again using the value of `next_page_token` as `page_token`.",
 "type": "string"
 },
-"unreachable": {
-"description": "Locations that could not be reached.",
+"securityProfiles": {
+"description": "List of SecurityProfile resources.",
 "items": {
-"type": "string"
+"$ref": "SecurityProfile"
 },
 "type": "array"
 }
 },
 "type": "object"
 },
-"ListGatewaySecurityPoliciesResponse": {
-"description": "Response returned by the ListGatewaySecurityPolicies method.",
-"id": "ListGatewaySecurityPoliciesResponse",
+"ListServerTlsPoliciesResponse": {
+"description": "Response returned by the ListServerTlsPolicies method.",
+"id": "ListServerTlsPoliciesResponse",
 "properties": {
-"gatewaySecurityPolicies": {
-"description": "List of GatewaySecurityPolicies resources.",
+"nextPageToken": {
+"description": "If there might be more results than those appearing in this response, then `next_page_token` is included. To get the next set of results, call this method again using the value of `next_page_token` as `page_token`.",
+"type": "string"
+},
+"serverTlsPolicies": {
+"description": "List of ServerTlsPolicy resources.",
 "items": {
-"$ref": "GatewaySecurityPolicy"
+"$ref": "ServerTlsPolicy"
 },
 "type": "array"
+}
+},
+"type": "object"
 },
+"ListTlsInspectionPoliciesResponse": {
+"description": "Response returned by the ListTlsInspectionPolicies method.",
+"id": "ListTlsInspectionPoliciesResponse",
+"properties": {
 "nextPageToken": {
 "description": "If there might be more results than those appearing in this response, then 'next_page_token' is included. To get the next set of results, call this method again using the value of 'next_page_token' as 'page_token'.",
 "type": "string"
 },
+"tlsInspectionPolicies": {
+"description": "List of TlsInspectionPolicies resources.",
+"items": {
+"$ref": "TlsInspectionPolicy"
+},
+"type": "array"
+},
 "unreachable": {
 "description": "Locations that could not be reached.",
 "items": {
@@ -4723,19 +5729,12 @@
 },
 "type": "object"
 },
-"ListGatewaySecurityPolicyRulesResponse": {
-"description": "Response returned by the ListGatewaySecurityPolicyRules method.",
-"id": "ListGatewaySecurityPolicyRulesResponse",
+"ListUrlListsResponse": {
+"description": "Response returned by the ListUrlLists method.",
+"id": "ListUrlListsResponse",
 "properties": {
-"gatewaySecurityPolicyRules": {
-"description": "List of GatewaySecurityPolicyRule resources.",
-"items": {
-"$ref": "GatewaySecurityPolicyRule"
-},
-"type": "array"
-},
 "nextPageToken": {
-"description": "If there might be more results than those appearing in this response, then 'next_page_token' is included. To get the next set of results, call this method again using the value of 'next_page_token' as 'page_token'.",
+"description": "If there might be more results than those appearing in this response, then `next_page_token` is included. To get the next set of results, call this method again using the value of `next_page_token` as `page_token`.",
 "type": "string"
 },
 "unreachable": {
@@ -4744,211 +5743,441 @@
 "type": "string"
 },
 "type": "array"
+},
+"urlLists": {
+"description": "List of UrlList resources.",
+"items": {
+"$ref": "UrlList"
+},
+"type": "array"
 }
 },
 "type": "object"
 },
-"ListLocationsResponse": {
-"description": "The response message for Locations.ListLocations.",
-"id": "ListLocationsResponse",
+"Location": {
+"description": "A resource that represents a Google Cloud location.",
+"id": "Location",
 "properties": {
-"locations": {
-"description": "A list of locations that matches the specified filter in the request.",
+"displayName": {
+"description": "The friendly name for this location, typically a nearby city name. For example, \"Tokyo\".",
+"type": "string"
+},
+"labels": {
+"additionalProperties": {
+"type": "string"
+},
+"description": "Cross-service attributes for the location. For example {\"cloud.googleapis.com/region\": \"us-east1\"}",
+"type": "object"
+},
+"locationId": {
+"description": "The canonical id for this location. For example: `\"us-east1\"`.",
+"type": "string"
+},
+"metadata": {
+"additionalProperties": {
+"description": "Properties of the object. Contains field @type with type URL.",
+"type": "any"
+},
+"description": "Service-specific metadata. For example the available capacity at the given location.",
+"type": "object"
+},
+"name": {
+"description": "Resource name for the location, which may vary between implementations. For example: `\"projects/example-project/locations/us-east1\"`",
+"type": "string"
+}
+},
+"type": "object"
+},
+"MTLSPolicy": {
+"description": "Specification of the MTLSPolicy.",
+"id": "MTLSPolicy",
+"properties": {
+"clientValidationCa": {
+"description": "Required if the policy is to be used with Traffic Director. For Application Load Balancers it must be empty. Defines the mechanism to obtain the Certificate Authority certificate to validate the client certificate.",
 "items": {
-"$ref": "Location"
+"$ref": "ValidationCA"
 },
 "type": "array"
 },
-"nextPageToken": {
-"description": "The standard List next-page token.",
+"clientValidationMode": {
+"description": "When the client presents an invalid certificate or no certificate to the load balancer, the `client_validation_mode` specifies how the client connection is handled. Required if the policy is to be used with the Application Load Balancers. For Traffic Director it must be empty.",
+"enum": [
+"CLIENT_VALIDATION_MODE_UNSPECIFIED",
+"ALLOW_INVALID_OR_MISSING_CLIENT_CERT",
+"REJECT_INVALID"
+],
+"enumDescriptions": [
+"Not allowed.",
+"Allow connection even if certificate chain validation of the client certificate failed or no client certificate was presented. The proof of possession of the private key is always checked if client certificate was presented. This mode requires the backend to implement processing of data extracted from a client certificate to authenticate the peer, or to reject connections if the client certificate fingerprint is missing.",
+"Require a client certificate and allow connection to the backend only if validation of the client certificate passed. If set, requires a reference to non-empty TrustConfig specified in `client_validation_trust_config`."
+],
+"type": "string"
+},
+"clientValidationTrustConfig": {
+"description": "Reference to the TrustConfig from certificatemanager.googleapis.com namespace. If specified, the chain validation will be performed against certificates configured in the given TrustConfig. Allowed only if the policy is to be used with Application Load Balancers.",
+"type": "string"
+}
+},
+"type": "object"
+},
+"MirroringDeployment": {
+"description": "A deployment represents a zonal mirroring backend ready to accept GENEVE-encapsulated replica traffic, e.g. a zonal instance group fronted by an internal passthrough load balancer. Deployments are always part of a global deployment group which represents a global mirroring service.",
+"id": "MirroringDeployment",
+"properties": {
+"createTime": {
+"description": "Output only. The timestamp when the resource was created. See https://google.aip.dev/148#timestamps.",
+"format": "google-datetime",
+"readOnly": true,
+"type": "string"
+},
+"description": {
+"description": "Optional. User-provided description of the deployment. Used as additional context for the deployment.",
+"type": "string"
+},
+"forwardingRule": {
+"description": "Required. Immutable. The regional forwarding rule that fronts the mirroring collectors, for example: `projects/123456789/regions/us-central1/forwardingRules/my-rule`. See https://google.aip.dev/124.",
+"type": "string"
+},
+"labels": {
+"additionalProperties": {
+"type": "string"
+},
+"description": "Optional. Labels are key/value pairs that help to organize and filter resources.",
+"type": "object"
+},
+"mirroringDeploymentGroup": {
+"description": "Required. Immutable. The deployment group that this deployment is a part of, for example: `projects/123456789/locations/global/mirroringDeploymentGroups/my-dg`. See https://google.aip.dev/124.",
+"type": "string"
+},
+"name": {
+"description": "Immutable. Identifier. The resource name of this deployment, for example: `projects/123456789/locations/us-central1-a/mirroringDeployments/my-dep`. See https://google.aip.dev/122 for more details.",
+"type": "string"
+},
+"reconciling": {
+"description": "Output only. The current state of the resource does not match the user's intended state, and the system is working to reconcile them. This part of the normal operation (e.g. linking a new association to the parent group). See https://google.aip.dev/128.",
+"readOnly": true,
+"type": "boolean"
+},
+"state": {
+"description": "Output only. The current state of the deployment. See https://google.aip.dev/216.",
+"enum": [
+"STATE_UNSPECIFIED",
+"ACTIVE",
+"CREATING",
+"DELETING",
+"OUT_OF_SYNC",
+"DELETE_FAILED"
+],
+"enumDescriptions": [
+"State not set (this is not a valid state).",
+"The deployment is ready and in sync with the parent group.",
+"The deployment is being created.",
+"The deployment is being deleted.",
+"The deployment is out of sync with the parent group. In most cases, this is a result of a transient issue within the system (e.g. a delayed data-path config) and the system is expected to recover automatically. See the parent deployment group's state for more details.",
+"An attempt to delete the deployment has failed. This is a terminal state and the deployment is not expected to recover. The only permitted operation is to retry deleting the deployment."
+],
+"readOnly": true,
+"type": "string"
+},
+"updateTime": {
+"description": "Output only. The timestamp when the resource was most recently updated. See https://google.aip.dev/148#timestamps.",
+"format": "google-datetime",
+"readOnly": true,
 "type": "string"
 }
 },
 "type": "object"
 },
-"ListOperationsResponse": {
-"description": "The response message for Operations.ListOperations.",
-"id": "ListOperationsResponse",
+"MirroringDeploymentGroup": {
+"description": "A deployment group aggregates many zonal mirroring backends (deployments) into a single global mirroring service. Consumers can connect this service using an endpoint group.",
+"id": "MirroringDeploymentGroup",
 "properties": {
-"nextPageToken": {
-"description": "The standard List next-page token.",
-"type": "string"
-},
-"operations": {
-"description": "A list of operations that matches the specified filter in the request.",
+"connectedEndpointGroups": {
+"description": "Output only. The list of endpoint groups that are connected to this resource.",
 "items": {
-"$ref": "Operation"
+"$ref": "MirroringDeploymentGroupConnectedEndpointGroup"
 },
+"readOnly": true,
 "type": "array"
-}
-},
-"type": "object"
 },
-"ListSecurityProfileGroupsResponse": {
-"description": "Response returned by the ListSecurityProfileGroups method.",
-"id": "ListSecurityProfileGroupsResponse",
-"properties": {
-"nextPageToken": {
-"description": "If there might be more results than those appearing in this response, then `next_page_token` is included. To get the next set of results, call this method again using the value of `next_page_token` as `page_token`.",
+"createTime": {
+"description": "Output only. The timestamp when the resource was created. See https://google.aip.dev/148#timestamps.",
+"format": "google-datetime",
+"readOnly": true,
 "type": "string"
 },
-"securityProfileGroups": {
-"description": "List of SecurityProfileGroups resources.",
-"items": {
-"$ref": "SecurityProfileGroup"
+"description": {
+"description": "Optional. User-provided description of the deployment group. Used as additional context for the deployment group.",
+"type": "string"
 },
-"type": "array"
-}
+"labels": {
+"additionalProperties": {
+"type": "string"
 },
+"description": "Optional. Labels are key/value pairs that help to organize and filter resources.",
 "type": "object"
 },
-"ListSecurityProfilesResponse": {
-"description": "Response returned by the ListSecurityProfiles method.",
-"id": "ListSecurityProfilesResponse",
-"properties": {
-"nextPageToken": {
-"description": "If there might be more results than those appearing in this response, then `next_page_token` is included. To get the next set of results, call this method again using the value of `next_page_token` as `page_token`.",
+"name": {
+"description": "Immutable. Identifier. The resource name of this deployment group, for example: `projects/123456789/locations/global/mirroringDeploymentGroups/my-dg`. See https://google.aip.dev/122 for more details.",
 "type": "string"
 },
-"securityProfiles": {
-"description": "List of SecurityProfile resources.",
-"items": {
-"$ref": "SecurityProfile"
+"network": {
+"description": "Required. Immutable. The network that will be used for all child deployments, for example: `projects/{project}/global/networks/{network}`. See https://google.aip.dev/124.",
+"type": "string"
 },
-"type": "array"
+"reconciling": {
+"description": "Output only. The current state of the resource does not match the user's intended state, and the system is working to reconcile them. This is part of the normal operation (e.g. adding a new deployment to the group) See https://google.aip.dev/128.",
+"readOnly": true,
+"type": "boolean"
+},
+"state": {
+"description": "Output only. The current state of the deployment group. See https://google.aip.dev/216.",
+"enum": [
+"STATE_UNSPECIFIED",
+"ACTIVE",
+"CREATING",
+"DELETING"
+],
+"enumDescriptions": [
+"State not set (this is not a valid state).",
+"The deployment group is ready.",
+"The deployment group is being created.",
+"The deployment group is being deleted."
+],
+"readOnly": true,
+"type": "string"
+},
+"updateTime": {
+"description": "Output only. The timestamp when the resource was most recently updated. See https://google.aip.dev/148#timestamps.",
+"format": "google-datetime",
+"readOnly": true,
+"type": "string"
 }
 },
 "type": "object"
 },
-"ListServerTlsPoliciesResponse": {
-"description": "Response returned by the ListServerTlsPolicies method.",
-"id": "ListServerTlsPoliciesResponse",
+"MirroringDeploymentGroupConnectedEndpointGroup": {
+"description": "An endpoint group connected to this deployment group.",
+"id": "MirroringDeploymentGroupConnectedEndpointGroup",
 "properties": {
-"nextPageToken": {
-"description": "If there might be more results than those appearing in this response, then `next_page_token` is included. To get the next set of results, call this method again using the value of `next_page_token` as `page_token`.",
+"name": {
+"description": "Output only. The connected endpoint group's resource name, for example: `projects/123456789/locations/global/mirroringEndpointGroups/my-eg`. See https://google.aip.dev/124.",
+"readOnly": true,
 "type": "string"
-},
-"serverTlsPolicies": {
-"description": "List of ServerTlsPolicy resources.",
-"items": {
-"$ref": "ServerTlsPolicy"
-},
-"type": "array"
 }
 },
 "type": "object"
 },
-"ListTlsInspectionPoliciesResponse": {
-"description": "Response returned by the ListTlsInspectionPolicies method.",
-"id": "ListTlsInspectionPoliciesResponse",
+"MirroringEndpointGroup": {
+"description": "An endpoint group is a consumer frontend for a deployment group (backend). In order to configure mirroring for a network, consumers must create: - An association between their network and the endpoint group. - A security profile that points to the endpoint group. - A mirroring rule that references the security profile (group).",
+"id": "MirroringEndpointGroup",
 "properties": {
-"nextPageToken": {
-"description": "If there might be more results than those appearing in this response, then 'next_page_token' is included. To get the next set of results, call this method again using the value of 'next_page_token' as 'page_token'.",
-"type": "string"
-},
-"tlsInspectionPolicies": {
-"description": "List of TlsInspectionPolicies resources.",
+"associations": {
+"description": "Output only. List of associations to this endpoint group.",
 "items": {
-"$ref": "TlsInspectionPolicy"
+"$ref": "MirroringEndpointGroupAssociationDetails"
 },
+"readOnly": true,
 "type": "array"
 },
-"unreachable": {
-"description": "Locations that could not be reached.",
-"items": {
+"createTime": {
+"description": "Output only. The timestamp when the resource was created. See https://google.aip.dev/148#timestamps.",
+"format": "google-datetime",
+"readOnly": true,
 "type": "string"
 },
-"type": "array"
-}
+"description": {
+"description": "Optional. User-provided description of the endpoint group. Used as additional context for the endpoint group.",
+"type": "string"
+},
+"labels": {
+"additionalProperties": {
+"type": "string"
 },
+"description": "Optional. Labels are key/value pairs that help to organize and filter resources.",
 "type": "object"
 },
-"ListUrlListsResponse": {
-"description": "Response returned by the ListUrlLists method.",
-"id": "ListUrlListsResponse",
-"properties": {
-"nextPageToken": {
-"description": "If there might be more results than those appearing in this response, then `next_page_token` is included. To get the next set of results, call this method again using the value of `next_page_token` as `page_token`.",
+"mirroringDeploymentGroup": {
+"description": "Immutable. The deployment group that this DIRECT endpoint group is connected to, for example: `projects/123456789/locations/global/mirroringDeploymentGroups/my-dg`. See https://google.aip.dev/124.",
 "type": "string"
 },
-"unreachable": {
-"description": "Locations that could not be reached.",
-"items": {
+"name": {
+"description": "Immutable. Identifier. The resource name of this endpoint group, for example: `projects/123456789/locations/global/mirroringEndpointGroups/my-eg`. See https://google.aip.dev/122 for more details.",
 "type": "string"
 },
-"type": "array"
+"reconciling": {
+"description": "Output only. The current state of the resource does not match the user's intended state, and the system is working to reconcile them. This is part of the normal operation (e.g. adding a new association to the group). See https://google.aip.dev/128.",
+"readOnly": true,
+"type": "boolean"
 },
-"urlLists": {
-"description": "List of UrlList resources.",
-"items": {
-"$ref": "UrlList"
+"state": {
+"description": "Output only. The current state of the endpoint group. See https://google.aip.dev/216.",
+"enum": [
+"STATE_UNSPECIFIED",
+"ACTIVE",
+"CLOSED",
+"CREATING",
+"DELETING",
+"OUT_OF_SYNC",
+"DELETE_FAILED"
+],
+"enumDescriptions": [
+"State not set (this is not a valid state).",
+"The endpoint group is ready and in sync with the target deployment group.",
+"The deployment group backing this endpoint group has been force-deleted. This endpoint group cannot be used and mirroring is effectively disabled.",
+"The endpoint group is being created.",
+"The endpoint group is being deleted.",
+"The endpoint group is out of sync with the backing deployment group. In most cases, this is a result of a transient issue within the system (e.g. an inaccessible location) and the system is expected to recover automatically. See the associations field for details per network and location.",
+"An attempt to delete the endpoint group has failed. This is a terminal state and the endpoint group is not expected to recover. The only permitted operation is to retry deleting the endpoint group."
+],
+"readOnly": true,
+"type": "string"
 },
-"type": "array"
+"updateTime": {
+"description": "Output only. The timestamp when the resource was most recently updated. See https://google.aip.dev/148#timestamps.",
+"format": "google-datetime",
+"readOnly": true,
+"type": "string"
 }
 },
 "type": "object"
 },
-"Location": {
-"description": "A resource that represents a Google Cloud location.",
-"id": "Location",
+"MirroringEndpointGroupAssociation": {
+"description": "An endpoint group association represents a link between a network and an endpoint group in the organization. Creating an association creates the networking infrastructure linking the network to the endpoint group, but does not enable mirroring by itself. To enable mirroring, the user must also create a network firewall policy containing mirroring rules and associate it with the network.",
+"id": "MirroringEndpointGroupAssociation",
 "properties": {
-"displayName": {
-"description": "The friendly name for this location, typically a nearby city name. For example, \"Tokyo\".",
+"createTime": {
+"description": "Output only. The timestamp when the resource was created. See https://google.aip.dev/148#timestamps.",
+"format": "google-datetime",
+"readOnly": true,
 "type": "string"
 },
 "labels": {
 "additionalProperties": {
 "type": "string"
 },
-"description": "Cross-service attributes for the location. For example {\"cloud.googleapis.com/region\": \"us-east1\"}",
+"description": "Optional. Labels are key/value pairs that help to organize and filter resources.",
 "type": "object"
 },
-"locationId": {
-"description": "The canonical id for this location. For example: `\"us-east1\"`.",
-"type": "string"
+"locationsDetails": {
+"description": "Output only. The list of locations where the association is present. This information is retrieved from the linked endpoint group, and not configured as part of the association itself.",
+"items": {
+"$ref": "MirroringEndpointGroupAssociationLocationDetails"
 },
-"metadata": {
-"additionalProperties": {
-"description": "Properties of the object. Contains field @type with type URL.",
-"type": "any"
+"readOnly": true,
+"type": "array"
 },
-"description": "Service-specific metadata. For example the available capacity at the given location.",
-"type": "object"
+"mirroringEndpointGroup": {
+"description": "Immutable. The endpoint group that this association is connected to, for example: `projects/123456789/locations/global/mirroringEndpointGroups/my-eg`. See https://google.aip.dev/124.",
+"type": "string"
 },
 "name": {
-"description": "Resource name for the location, which may vary between implementations. For example: `\"projects/example-project/locations/us-east1\"`",
+"description": "Immutable. Identifier. The resource name of this endpoint group association, for example: `projects/123456789/locations/global/mirroringEndpointGroupAssociations/my-eg-association`. See https://google.aip.dev/122 for more details.",
+"type": "string"
+},
+"network": {
+"description": "Immutable. The VPC network that is associated. for example: `projects/123456789/global/networks/my-network`. See https://google.aip.dev/124.",
+"type": "string"
+},
+"reconciling": {
+"description": "Output only. The current state of the resource does not match the user's intended state, and the system is working to reconcile them. This part of the normal operation (e.g. adding a new location to the target deployment group). See https://google.aip.dev/128.",
+"readOnly": true,
+"type": "boolean"
+},
+"state": {
+"description": "Output only. Current state of the endpoint group association.",
+"enum": [
+"STATE_UNSPECIFIED",
+"ACTIVE",
+"CREATING",
+"DELETING",
+"CLOSED",
+"OUT_OF_SYNC",
+"DELETE_FAILED"
+],
+"enumDescriptions": [
+"Not set.",
+"The association is ready and in sync with the linked endpoint group.",
+"Being created.",
+"Being deleted.",
+"Mirroring is disabled due to an operation on another resource.",
+"The association is out of sync with the linked endpoint group. In most cases, this is a result of a transient issue within the system (e.g. an inaccessible location) and the system is expected to recover automatically. Check the `locations_details` field for more details.",
+"An attempt to delete the association has failed. This is a terminal state and the association is not expected to be usable as some of its resources have been deleted. The only permitted operation is to retry deleting the association."
+],
+"readOnly": true,
+"type": "string"
+},
+"updateTime": {
+"description": "Output only. The timestamp when the resource was most recently updated. See https://google.aip.dev/148#timestamps.",
+"format": "google-datetime",
+"readOnly": true,
 "type": "string"
 }
 },
 "type": "object"
 },
-"MTLSPolicy": {
-"description": "Specification of the MTLSPolicy.",
-"id": "MTLSPolicy",
+"MirroringEndpointGroupAssociationDetails": {
+"description": "The endpoint group's view of a connected association.",
+"id": "MirroringEndpointGroupAssociationDetails",
 "properties": {
-"clientValidationCa": {
-"description": "Required if the policy is to be used with Traffic Director. For Application Load Balancers it must be empty. Defines the mechanism to obtain the Certificate Authority certificate to validate the client certificate.",
-"items": {
-"$ref": "ValidationCA"
+"name": {
+"description": "Output only. The connected association's resource name, for example: `projects/123456789/locations/global/mirroringEndpointGroupAssociations/my-ega`. See https://google.aip.dev/124.",
+"readOnly": true,
+"type": "string"
 },
-"type": "array"
+"network": {
+"description": "Output only. The associated network, for example: projects/123456789/global/networks/my-network. See https://google.aip.dev/124.",
+"readOnly": true,
+"type": "string"
 },
-"clientValidationMode": {
-"description": "When the client presents an invalid certificate or no certificate to the load balancer, the `client_validation_mode` specifies how the client connection is handled. Required if the policy is to be used with the Application Load Balancers. For Traffic Director it must be empty.",
+"state": {
+"description": "Output only. Most recent known state of the association.",
 "enum": [
-"CLIENT_VALIDATION_MODE_UNSPECIFIED",
-"ALLOW_INVALID_OR_MISSING_CLIENT_CERT",
-"REJECT_INVALID"
+"STATE_UNSPECIFIED",
+"ACTIVE",
+"CREATING",
+"DELETING",
+"CLOSED",
+"OUT_OF_SYNC",
+"DELETE_FAILED"
 ],
 "enumDescriptions": [
-"Not allowed.",
-"Allow connection even if certificate chain validation of the client certificate failed or no client certificate was presented. The proof of possession of the private key is always checked if client certificate was presented. This mode requires the backend to implement processing of data extracted from a client certificate to authenticate the peer, or to reject connections if the client certificate fingerprint is missing.",
-"Require a client certificate and allow connection to the backend only if validation of the client certificate passed. If set, requires a reference to non-empty TrustConfig specified in `client_validation_trust_config`."
+"Not set.",
+"The association is ready and in sync with the linked endpoint group.",
+"Being created.",
+"Being deleted.",
+"Mirroring is disabled due to an operation on another resource.",
+"The association is out of sync with the linked endpoint group. In most cases, this is a result of a transient issue within the system (e.g. an inaccessible location) and the system is expected to recover automatically. Check the `locations_details` field for more details.",
+"An attempt to delete the association has failed. This is a terminal state and the association is not expected to be usable as some of its resources have been deleted. The only permitted operation is to retry deleting the association."
 ],
+"readOnly": true,
 "type": "string"
+}
 },
-"clientValidationTrustConfig": {
-"description": "Reference to the TrustConfig from certificatemanager.googleapis.com namespace. If specified, the chain validation will be performed against certificates configured in the given TrustConfig. Allowed only if the policy is to be used with Application Load Balancers.",
+"type": "object"
+},
+"MirroringEndpointGroupAssociationLocationDetails": {
+"description": "Contains details about the state of an association in a specific cloud location.",
+"id": "MirroringEndpointGroupAssociationLocationDetails",
+"properties": {
+"location": {
+"description": "Output only. The cloud location, e.g. \"us-central1-a\" or \"asia-south1\".",
+"readOnly": true,
+"type": "string"
+},
+"state": {
+"description": "Output only. The current state of the association in this location.",
+"enum": [
+"STATE_UNSPECIFIED",
+"ACTIVE",
+"OUT_OF_SYNC"
+],
+"enumDescriptions": [
+"Not set.",
+"The association is ready and in sync with the linked endpoint group.",
+"The association is out of sync with the linked endpoint group. In most cases, this is a result of a transient issue within the system (e.g. an inaccessible location) and the system is expected to recover automatically."
+],
+"readOnly": true,
 "type": "string"
 }
 },
@@ -5157,6 +6386,12 @@
 "description": "Optional. Reference to a SecurityProfile with the CustomMirroring configuration.",
 "type": "string"
 },
+"dataPathId": {
+"description": "Output only. Identifier used by the data-path. Unique within {container, location}.",
+"format": "uint64",
+"readOnly": true,
+"type": "string"
+},
 "description": {
 "description": "Optional. An optional description of the profile group. Max length 2048 characters.",
 "type": "string"
@@ -5383,6 +6618,13 @@
 "description": "ThreatPreventionProfile defines an action for specific threat signatures or severity levels.",
 "id": "ThreatPreventionProfile",
 "properties": {
+"antivirusOverrides": {
+"description": "Optional. Configuration for overriding antivirus actions per protocol.",
+"items": {
+"$ref": "AntivirusOverride"
+},
+"type": "array"
+},
 "severityOverrides": {
 "description": "Optional. Configuration for overriding threats actions by severity match.",
 "items": {