Merge branch 'main' into colab_template_iam

GoogleCloudPlatform · Jan 13, 2025 · ea23082 · ea23082
2 parents 0f06f32 + 9549e70
commit ea23082
Show file tree

Hide file tree

Showing 42 changed files with 3,310 additions and 31 deletions.
diff --git a/mmv1/api/async.go b/mmv1/api/async.go
@@ -58,6 +58,7 @@ func NewOperation() *Operation {
 	return op
 }
 
+// It is only used in openapi-generate
 func NewAsync() *Async {
 	oa := &Async{
 		Actions:   []string{"create", "delete", "update"},
@@ -150,6 +151,9 @@ func (a *Async) UnmarshalYAML(unmarshal func(any) error) error {
 		return err
 	}
 
+	if a.Type == "" {
+		a.Type = "OpAsync"
+	}
 	if a.Type == "PollAsync" && a.TargetOccurrences == 0 {
 		a.TargetOccurrences = 1
 	}

diff --git a/mmv1/products/accesscontextmanager/ServicePerimeterResource.yaml b/mmv1/products/accesscontextmanager/ServicePerimeterResource.yaml
@@ -43,7 +43,7 @@ create_verb: 'PATCH'
 update_mask: true
 delete_verb: 'PATCH'
 immutable: true
-mutex: '{{perimeter_name}}'
+mutex: '{{access_policy_id}}'
 import_format:
   - '{{perimeter_name}}/{{resource}}'
 timeouts:
@@ -67,6 +67,7 @@ nested_query:
   is_list_of_ids: true
   modify_by_patch: true
 custom_code:
+  encoder: 'templates/terraform/encoders/access_context_manager_service_perimeter_resource.go.tmpl'
   custom_import: 'templates/terraform/custom_import/access_context_manager_service_perimeter_resource.go.tmpl'
   post_read: 'templates/terraform/post_read/access_context_manager_service_perimeter_resource.go.tmpl'
 exclude_tgc: true
@@ -97,3 +98,10 @@ properties:
       Format: projects/{project_number}
     required: true
     immutable: true
+  - name: 'accessPolicyId'
+    type: String
+    description: |
+      The name of the Access Policy this resource belongs to.
+    ignore_read: true
+    immutable: true
+    output: true
diff --git a/mmv1/products/chronicle/DataAccessLabel.yaml b/mmv1/products/chronicle/DataAccessLabel.yaml
@@ -55,9 +55,9 @@ parameters:
     type: String
     description: |-
       Required. The ID to use for the data access label, which will become the label's
-      display name and the final component of the label's resource name. It must
-      only contain ASCII lowercase letters, numbers, and dashes; it must begin
-      with a letter, and it must not exceed 1000 characters.
+      display name and the final component of the label's resource name. The
+      maximum number of characters should be 63. Regex pattern is as per AIP:
+      https://google.aip.dev/122#resource-id-segments
     immutable: true
     url_param_only: true
     required: true

diff --git a/mmv1/products/chronicle/ReferenceList.yaml b/mmv1/products/chronicle/ReferenceList.yaml
@@ -0,0 +1,141 @@
+# Copyright 2025 Google Inc.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+name: ReferenceList
+description: Reference lists are user-defined lists of values which users can use in multiple Rules.
+min_version: 'beta'
+references:
+  guides:
+    'Google SecOps Guides': 'https://cloud.google.com/chronicle/docs/secops/secops-overview'
+  api: 'https://cloud.google.com/chronicle/docs/reference/rest/v1alpha/projects.locations.instances.referenceLists'
+base_url: projects/{{project}}/locations/{{location}}/instances/{{instance}}/referenceLists
+self_link: projects/{{project}}/locations/{{location}}/instances/{{instance}}/referenceLists/{{reference_list_id}}
+create_url: projects/{{project}}/locations/{{location}}/instances/{{instance}}/referenceLists?referenceListId={{reference_list_id}}
+id_format: projects/{{project}}/locations/{{location}}/instances/{{instance}}/referenceLists/{{reference_list_id}}
+import_format:
+  - projects/{{project}}/locations/{{location}}/instances/{{instance}}/referenceLists/{{reference_list_id}}
+update_verb: PATCH
+update_mask: true
+exclude_delete: true
+
+examples:
+  - name: 'chronicle_referencelist_basic'
+    primary_resource_id: 'example'
+    min_version: 'beta'
+    vars:
+      reference_list_id: reference_list_id
+    test_env_vars:
+      chronicle_id: 'CHRONICLE_ID'
+
+parameters:
+  - name: location
+    type: String
+    description: The location of the resource. This is the geographical region where the Chronicle instance resides, such as "us" or "europe-west2".
+    immutable: true
+    url_param_only: true
+    required: true
+  - name: instance
+    type: String
+    description: The unique identifier for the Chronicle instance, which is the same as the customer ID.
+    immutable: true
+    url_param_only: true
+    required: true
+  - name: referenceListId
+    type: String
+    description: |-
+      Required. The ID to use for the reference list. This is also the display name for
+      the reference list. It must satisfy the following requirements:
+      - Starts with letter.
+      - Contains only letters, numbers and underscore.
+      - Has length < 256.
+      - Must be unique.
+    immutable: true
+    url_param_only: true
+    required: true
+properties:
+  - name: name
+    type: String
+    description: |-
+      Output only. The resource name of the reference list.
+      Format:
+      projects/{project}/locations/{location}/instances/{instance}/referenceLists/{reference_list}
+    output: true
+  - name: description
+    type: String
+    description: Required. A user-provided description of the reference list.
+    required: true
+  - name: entries
+    type: Array
+    description: |-
+      Required. The entries of the reference list.
+      When listed, they are returned in the order that was specified at creation
+      or update. The combined size of the values of the reference list may not
+      exceed 6MB.
+      This is returned only when the view is REFERENCE_LIST_VIEW_FULL.
+    required: true
+    item_type:
+      type: NestedObject
+      properties:
+        - name: value
+          type: String
+          description: Required. The value of the entry. Maximum length is 512 characters.
+          required: true
+  - name: scopeInfo
+    type: NestedObject
+    output: true
+    description: ScopeInfo specifies the scope info of the reference list.
+    properties:
+      - name: referenceListScope
+        type: NestedObject
+        description: ReferenceListScope specifies the list of scope names of the reference list.
+        required: true
+        properties:
+          - name: scopeNames
+            type: Array
+            description: |-
+              Optional. The list of scope names of the reference list. The scope names should be
+              full resource names and should be of the format:
+              "projects/{project}/locations/{location}/instances/{instance}/dataAccessScopes/{scope_name}".
+            item_type:
+              type: String
+  - name: displayName
+    type: String
+    description: Output only. The unique display name of the reference list.
+    output: true
+  - name: revisionCreateTime
+    type: String
+    description: Output only. The timestamp when the reference list was last updated.
+    output: true
+  - name: rules
+    type: Array
+    description: |-
+      Output only. The resource names for the associated self-authored Rules that use this
+      reference list.
+      This is returned only when the view is REFERENCE_LIST_VIEW_FULL.
+    output: true
+    item_type:
+      type: String
+  - name: syntaxType
+    type: String
+    description: |2-
+
+      Possible values:
+      REFERENCE_LIST_SYNTAX_TYPE_PLAIN_TEXT_STRING
+      REFERENCE_LIST_SYNTAX_TYPE_REGEX
+      REFERENCE_LIST_SYNTAX_TYPE_CIDR
+    required: true
+  - name: ruleAssociationsCount
+    type: Integer
+    description: Output only. The count of self-authored rules using the reference list.
+    output: true
diff --git a/mmv1/products/chronicle/RuleDeployment.yaml b/mmv1/products/chronicle/RuleDeployment.yaml
@@ -0,0 +1,135 @@
+# Copyright 2025 Google Inc.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+name: RuleDeployment
+description: The RuleDeployment resource represents the deployment state of a Rule.
+min_version: 'beta'
+references:
+  guides:
+    'Google SecOps Guides': 'https://cloud.google.com/chronicle/docs/secops/secops-overview'
+  api: 'https://cloud.google.com/chronicle/docs/reference/rest/v1alpha/RuleDeployment'
+base_url: projects/{{project}}/locations/{{location}}/instances/{{instance}}/rules/{{rules}}/deployments
+self_link: projects/{{project}}/locations/{{location}}/instances/{{instance}}/rules/{{rule}}/deployment
+create_url: projects/{{project}}/locations/{{location}}/instances/{{instance}}/rules/{{rule}}/deployment?updateMask=enabled,alerting,archived,runFrequency
+id_format: projects/{{project}}/locations/{{location}}/instances/{{instance}}/rules/{{rule}}/deployment
+import_format:
+  - projects/{{project}}/locations/{{location}}/instances/{{instance}}/rules/{{rule}}/deployment
+create_verb: PATCH
+update_verb: PATCH
+update_mask: true
+exclude_delete: true
+
+examples:
+  - name: 'chronicle_ruledeployment_basic'
+    primary_resource_id: 'example'
+    min_version: 'beta'
+    test_env_vars:
+      chronicle_id: 'CHRONICLE_ID'
+
+parameters:
+  - name: location
+    type: String
+    description: The location of the resource. This is the geographical region where the Chronicle instance resides, such as "us" or "europe-west2".
+    immutable: true
+    url_param_only: true
+    required: true
+  - name: instance
+    type: String
+    description: The unique identifier for the Chronicle instance, which is the same as the customer ID.
+    immutable: true
+    url_param_only: true
+    required: true
+  - name: rule
+    type: String
+    description: The Rule ID of the rule.
+    immutable: true
+    url_param_only: true
+    required: true
+properties:
+  - name: name
+    type: String
+    description: |-
+      The resource name of the rule deployment.
+      Note that RuleDeployment is a child of the overall Rule, not any individual
+      revision, so the resource ID segment for the Rule resource must not
+      reference a specific revision.
+      Format:
+      projects/{project}/locations/{location}/instances/{instance}/rules/{rule}/deployment
+    output: true
+  - name: enabled
+    type: Boolean
+    description: Whether the rule is currently deployed continuously against incoming data.
+  - name: alerting
+    type: Boolean
+    description: |-
+      Whether detections resulting from this deployment should be considered
+      alerts.
+  - name: archived
+    type: Boolean
+    description: |-
+      The archive state of the rule deployment.
+      Cannot be set to true unless enabled is set to false.
+      If set to true, alerting will automatically be set to false.
+      If currently set to true, enabled, alerting, and run_frequency cannot be
+      updated.
+  - name: archiveTime
+    type: String
+    description: Output only. The timestamp when the rule deployment archive state was last set to true.
+      If the rule deployment's current archive state is not set to true, the field will be empty.
+    output: true
+  - name: runFrequency
+    type: String
+    description: |2-
+
+      The run frequency of the rule deployment.
+      Possible values:
+      LIVE
+      HOURLY
+      DAILY
+  - name: executionState
+    type: String
+    description: |2-
+
+      The execution state of the rule deployment.
+      Possible values:
+      DEFAULT
+      LIMITED
+      PAUSED
+    output: true
+  - name: producerRules
+    type: Array
+    description: |2-
+      Output only. The names of the associated/chained producer rules. Rules are considered
+      producers for this rule if this rule explicitly filters on their ruleid.
+      Format:
+      projects/{project}/locations/{location}/instances/{instance}/rules/{rule}
+    output: true
+    item_type:
+      type: String
+  - name: consumerRules
+    type: Array
+    description: |2-
+      Output only. The names of the associated/chained consumer rules. Rules are considered
+      consumers of this rule if their rule text explicitly filters on this rule's ruleid.
+      Format:
+      projects/{project}/locations/{location}/instances/{instance}/rules/{rule}
+    output: true
+    item_type:
+      type: String
+  - name: lastAlertStatusChangeTime
+    type: String
+    description: Output only. The timestamp when the rule deployment alert state was lastly changed.
+      This is filled regardless of the current alert state.E.g. if the current alert status is false,
+      this timestamp will be the timestamp when the alert status was changed to false.
+    output: true
diff --git a/mmv1/products/compute/InterconnectAttachment.yaml b/mmv1/products/compute/InterconnectAttachment.yaml
@@ -130,6 +130,7 @@ properties:
       - 'BPS_10G'
       - 'BPS_20G'
       - 'BPS_50G'
+      - 'BPS_100G'
   - name: 'edgeAvailabilityDomain'
     type: String
     description: |

diff --git a/mmv1/products/compute/UrlMap.yaml b/mmv1/products/compute/UrlMap.yaml
@@ -19,6 +19,7 @@ description: |
   that you define for the host and path of an incoming URL.
 references:
   guides:
+    'Official Documentation': 'https://cloud.google.com/load-balancing/docs/url-map-concepts'
   api: 'https://cloud.google.com/compute/docs/reference/rest/v1/urlMaps'
 docs:
 base_url: 'projects/{{project}}/global/urlMaps'

diff --git a/mmv1/products/gemini/CodeRepositoryIndex.yaml b/mmv1/products/gemini/CodeRepositoryIndex.yaml
@@ -51,9 +51,18 @@ async:
   result:
     resource_inside_response: true
   include_project: false
+custom_code:
+  pre_delete: templates/terraform/pre_delete/code_repository_index_force_delete.go.tmpl
 error_retry_predicates:
   - 'transport_tpg.IsCodeRepositoryIndexUnreadyError'
   - 'transport_tpg.IsRepositoryGroupQueueError'
+virtual_fields:
+  - name: 'force_destroy'
+    description:
+      If set to true, will allow deletion of the CodeRepositoryIndex even if there are existing
+      RepositoryGroups for the resource. These RepositoryGroups will also be deleted.
+    type: Boolean
+    default_value: false
 parameters:
   - name: location
     type: String